Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Browser öffnet neue Fenster mit Werbung und Outlook stürzt ab (https://www.trojaner-board.de/117624-browser-oeffnet-neue-fenster-werbung-outlook-stuerzt-ab.html)

gofurther 19.06.2012 20:28
Browser öffnet neue Fenster mit Werbung und Outlook stürzt ab
 
Hallo Zusammen,

ich habe seit zwei Tagen das Problem, dass sich zusätzliche Fenster im Browser öffnen mit Werbung.

Habe zunächst Flshplayer und Browser deinstaliert und neu instaliert.

Habe Logfiles nach euren Vorgaben erstellt, bis auf gmer (ist immer abgestürzt).

Jetzt ist der Seitenaufbau extrem langsam und Outlook stürzt ab.

Hoffe auf Hilfe ;-) Schon mal besten Dank im Voraus.

Hier die Logfiles:

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.18.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
JPMK :: JPMK-PC [Administrator]

Schutz: Aktiviert

18.06.2012 11:43:15
mbam-log-2012-06-18 (11-54-53).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 198278
Laufzeit: 10 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Daten: C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\n. -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 1
HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32| (Trojan.Zaccess) -> Bösartig: (\\.\globalroot\systemroot\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\n.) Gut: (%systemroot%\system32\wbem\wbemess.dll) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Windows\assembly\GAC\Desktop.ini (Trojan.0access) -> Keine Aktion durchgeführt.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\n (Trojan.Agent.MRGGen) -> Keine Aktion durchgeführt.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Keine Aktion durchgeführt.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\80000000.@ (Trojan.Sirefef) -> Keine Aktion durchgeführt.

(Ende)



XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

OTL logfile created on: 18.06.2012 12:35:22 - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\JPMK\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,99 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 64,07% Memory free
3,98 Gb Paging File | 3,14 Gb Available in Paging File | 78,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 252,35 Gb Free Space | 84,68% Space Free | Partition Type: NTFS

Computer Name: JPMK-PC | User Name: JPMK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.06.18 12:31:06 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\JPMK\Downloads\OTL.exe
PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\JPMK\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.10.26 20:48:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Winamp\winampa.exe
PRC - [2011.08.01 15:56:42 | 001,821,576 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe
PRC - [2011.07.13 09:38:22 | 000,224,680 | ---- | M] () -- C:\Windows\System32\AsusService.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.04.08 14:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Programme\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 23:31:10 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.08.12 19:25:56 | 001,807,240 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Programme\Elantech\ETDCtrl.exe
PRC - [2010.08.12 19:25:48 | 001,599,368 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Programme\Elantech\ETDCtrlHelper.exe
PRC - [2010.02.23 12:01:28 | 000,329,168 | ---- | M] () -- C:\Programme\Verbindungsassistent\WTGService.exe
PRC - [2009.10.16 21:43:28 | 001,021,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\EeePC\HotkeyService\HotkeyService.exe
PRC - [2009.09.11 11:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\EeePC\HotkeyService\HotKeyMon.exe
PRC - [2009.09.09 11:15:12 | 000,413,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\EeePC\SHE\SuperHybridEngine.exe
PRC - [2009.09.05 17:29:06 | 000,385,024 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2009.07.14 03:14:28 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE


========== Modules (No Company Name) ==========

MOD - [2011.05.26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.11.20 23:31:05 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.DLL
MOD - [2010.11.20 23:31:05 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll


========== Win32 Services (SafeList) ==========

SRV - [2012.06.15 00:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.07.13 09:38:22 | 000,224,680 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2011.06.12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.02.23 12:01:28 | 000,329,168 | ---- | M] () [Auto | Running] -- C:\Programme\Verbindungsassistent\WTGService.exe -- (WTGService)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)


========== Driver Services (SafeList) ==========

DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.03.20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.12.12 10:52:59 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2011.12.12 10:52:59 | 000,100,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewsercd.sys -- (ewsercd)
DRV - [2011.09.20 14:13:46 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011.09.20 12:18:27 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2011.02.09 15:03:00 | 000,011,832 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2010.11.20 23:31:16 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:30:52 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:30:52 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:30:52 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:30:52 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:30:52 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:30:52 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.11.20 23:30:51 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:30:51 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009.08.04 10:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009.07.14 00:02:47 | 000,047,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E62x86.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV - [2008.12.13 12:27:50 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.04.08 15:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASUSACPI.SYS -- (AsusACPI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E B2 5C 1B 2C 4D CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.jpmk.de"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.30 18:08:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.18 11:08:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.11 18:58:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.30 18:08:28 | 000,000,000 | ---D | M]

[2011.09.20 10:22:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JPMK\AppData\Roaming\mozilla\Extensions
[2012.05.03 20:32:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JPMK\AppData\Roaming\mozilla\Firefox\Profiles\0ykb3sya.default\extensions
[2012.06.18 11:08:56 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.26 20:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HotkeyMon] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SuperHybridEngine] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - Startup: C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\JPMK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2839927-8A4B-4CDC-92A1-DD32A7D2AB7D}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4e7e2553-249e-11e1-b190-002243aec6fd}\Shell - "" = AutoRun
O33 - MountPoints2\{4e7e2553-249e-11e1-b190-002243aec6fd}\Shell\AutoRun\command - "" = D:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell - "" = AutoRun
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell\install\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.06.18 11:40:41 | 000,000,000 | ---D | C] -- C:\Users\JPMK\AppData\Roaming\Malwarebytes
[2012.06.18 11:39:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.18 11:39:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.18 11:39:54 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.18 11:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.06.18 11:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.06.18 10:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.06.18 10:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.06.17 02:17:48 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012.06.15 10:40:53 | 000,000,000 | ---D | C] -- C:\Users\JPMK\AppData\Local\Macromedia
[2012.06.14 11:40:45 | 000,000,000 | ---D | C] -- C:\Users\JPMK\AppData\Local\ElevatedDiagnostics
[2012.06.08 20:31:21 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.05.31 19:20:07 | 000,000,000 | ---D | C] -- C:\Users\JPMK\AppData\Roaming\PhonerLite
[2012.05.31 19:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhonerLite

========== Files - Modified Within 30 Days ==========

[2012.06.18 12:30:14 | 000,019,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.18 12:30:14 | 000,019,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.18 12:22:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.18 12:22:39 | 1603,723,264 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.18 12:21:11 | 000,000,176 | ---- | M] () -- C:\Users\JPMK\Desktop\defogger_reenable
[2012.06.18 11:39:59 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.18 11:09:05 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.15 22:28:12 | 000,389,622 | ---- | M] () -- C:\Users\JPMK\Desktop\rkw-kreativ_juergen_preiss.pdf
[2012.06.15 11:00:21 | 000,000,375 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012.06.14 14:17:36 | 000,659,776 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.14 14:17:36 | 000,621,012 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.14 14:17:36 | 000,132,016 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.14 14:17:36 | 000,108,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.14 14:12:19 | 000,405,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.08 20:31:18 | 189,177,005 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.06.05 09:38:31 | 000,001,010 | ---- | M] () -- C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.06.05 09:38:05 | 000,000,976 | ---- | M] () -- C:\Users\JPMK\Desktop\Dropbox.lnk
[2012.05.31 19:20:08 | 000,000,993 | ---- | M] () -- C:\Users\JPMK\Desktop\PhonerLite.lnk
[2012.05.31 19:20:07 | 000,000,028 | ---- | M] () -- C:\Users\JPMK\AppData\Roaming\PhonerLitesettings.ini

========== Files Created - No Company Name ==========

[2012.06.18 12:20:30 | 000,000,176 | ---- | C] () -- C:\Users\JPMK\Desktop\defogger_reenable
[2012.06.18 11:39:59 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.18 11:09:05 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.06.18 11:09:05 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.17 02:05:23 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\00000008.@
[2012.06.17 02:05:23 | 000,093,696 | ---- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\80000032.@
[2012.06.17 02:05:23 | 000,000,773 | ---- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\L\00000004.@
[2012.06.17 02:05:22 | 000,012,288 | ---- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\80000000.@
[2012.06.17 02:05:21 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\00000004.@
[2012.06.17 02:05:21 | 000,001,584 | ---- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\000000cb.@
[2012.06.15 22:15:15 | 000,389,622 | ---- | C] () -- C:\Users\JPMK\Desktop\rkw-kreativ_juergen_preiss.pdf
[2012.06.08 20:31:18 | 189,177,005 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.05.31 19:20:08 | 000,000,993 | ---- | C] () -- C:\Users\JPMK\Desktop\PhonerLite.lnk
[2012.05.12 21:38:50 | 000,000,028 | ---- | C] () -- C:\Users\JPMK\AppData\Roaming\PhonerLitesettings.ini
[2012.01.12 12:58:49 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\@
[2012.01.12 12:58:49 | 000,002,048 | -HS- | C] () -- C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\@
[2011.09.30 17:56:24 | 000,218,965 | ---- | C] () -- C:\Windows\hpoins47.dat
[2011.09.30 17:56:24 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl47.dat
[2011.09.20 12:55:33 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.09.20 12:34:29 | 000,021,864 | ---- | C] () -- C:\Windows\AsAcpiSvrLang.ini
[2011.09.20 11:22:11 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2011.09.20 11:22:11 | 000,011,296 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2011.09.20 10:24:45 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011.09.20 10:24:45 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2011.09.19 20:48:10 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsUpIO.sys
[2011.09.19 20:48:09 | 000,224,680 | ---- | C] () -- C:\Windows\System32\AsusService.exe
[2011.04.12 04:17:18 | 000,659,776 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.04.12 04:17:18 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.04.12 04:17:18 | 000,132,016 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.04.12 04:17:18 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.11.20 23:31:17 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== LOP Check ==========

[2012.05.19 15:11:31 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\BatteryBar
[2011.09.20 14:21:21 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\DAEMON Tools Lite
[2012.06.18 12:24:14 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Dropbox
[2011.09.20 13:57:35 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Notepad++
[2012.05.31 19:20:07 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\PhonerLite
[2012.03.13 15:36:28 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Verbindungsassistent
[2012.06.14 11:25:26 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >



XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX


OTL Extras logfile created on: 18.06.2012 12:35:22 - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\JPMK\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,99 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 64,07% Memory free
3,98 Gb Paging File | 3,14 Gb Available in Paging File | 78,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 252,35 Gb Free Space | 84,68% Space Free | Partition Type: NTFS

Computer Name: JPMK-PC | User Name: JPMK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{014E482A-0C27-47E3-BA82-307E9DCA2F47}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{05D08C4D-58A2-438B-A419-EE994E64E15D}" = B110
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C3D2E25-D221-4109-85DB-DE290DE9C9DA}" = sipgate Faxdrucker
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E4B1BE8-DCF3-4B90-A726-B28107442623}" = SolutionCenter
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBFB2E59-B0DB-42C8-8F4D-CF4E85471667}" = Toolbox
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F80BD4BC-06B8-488E-A62E-C4755013DD71}" = Network
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.0.2
"Elantech" = ETDWare PS/2-X86 7.0.5.14_WHQL
"FreePDF_XP" = FreePDF (Remove only)
"Google Calendar Sync" = Google Calendar Sync
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PhonerLite_is1" = PhonerLite 1.95
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Shop for HP Supplies" = Shop for HP Supplies
"Verbindungsassistent" = Verbindungsassistent
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Erkennungs-Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12.06.2012 11:41:41 | Computer Name = JPMK-PC | Source = WinMgmt | ID = 10
Description =

Error - 12.06.2012 12:19:45 | Computer Name = JPMK-PC | Source = RasClient | ID = 20227
Description =

Error - 12.06.2012 12:20:02 | Computer Name = JPMK-PC | Source = RasClient | ID = 20227
Description =

Error - 12.06.2012 12:20:08 | Computer Name = JPMK-PC | Source = RasClient | ID = 20227
Description =

Error - 12.06.2012 12:20:09 | Computer Name = JPMK-PC | Source = RasClient | ID = 20227
Description =

Error - 12.06.2012 12:20:09 | Computer Name = JPMK-PC | Source = RasClient | ID = 20227
Description =

Error - 12.06.2012 12:25:32 | Computer Name = JPMK-PC | Source = WinMgmt | ID = 10
Description =

Error - 12.06.2012 14:30:49 | Computer Name = JPMK-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) !=
mDNS_reentrancy (0)

Error - 12.06.2012 14:30:49 | Computer Name = JPMK-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1)
!= mDNS_reentrancy (0)

Error - 14.06.2012 02:18:22 | Computer Name = JPMK-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 08.06.2012 14:50:26 | Computer Name = JPMK-PC | Source = DCOM | ID = 10010
Description =

Error - 10.06.2012 10:19:56 | Computer Name = JPMK-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.

Error - 12.06.2012 11:41:58 | Computer Name = JPMK-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "iPod-Dienst" wurde mit folgendem Fehler beendet: %%-2147417831

Error - 12.06.2012 11:42:30 | Computer Name = JPMK-PC | Source = DCOM | ID = 10010
Description =

Error - 12.06.2012 14:15:33 | Computer Name = JPMK-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Wlansvc erreicht.

Error - 14.06.2012 05:27:56 | Computer Name = JPMK-PC | Source = DCOM | ID = 10010
Description =

Error - 14.06.2012 05:50:06 | Computer Name = JPMK-PC | Source = ipnathlp | ID = 31004
Description =

Error - 14.06.2012 05:50:14 | Computer Name = JPMK-PC | Source = ipnathlp | ID = 31004
Description =

Error - 14.06.2012 05:51:24 | Computer Name = JPMK-PC | Source = ipnathlp | ID = 31004
Description =

Error - 14.06.2012 07:47:38 | Computer Name = JPMK-PC | Source = ipnathlp | ID = 31004
Description =


< End of report >



XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX


Dank im Voraus!!!

cosinus 21.06.2012 20:58
Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

gofurther 23.06.2012 11:54
Hallo Arne,

erstmal herzlichen Dank, dass Du Dir die Zeit nimmst, Dich um mein Problem zu kümmern.

Ich habe die Scans durchgeführt und hier nun die Daten:

Code:
  mbam-log-2012-06-22 (12-58-55)

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.22.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
JPMK :: JPMK-PC [Administrator]

Schutz: Aktiviert

22.06.2012 12:58:55
mbam-log-2012-06-22 (12-58-55).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 299857
Laufzeit: 1 Stunde(n), 44 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Daten: C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\n. -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 1
HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32| (Trojan.Zaccess) -> Bösartig: (\\.\globalroot\systemroot\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\n.) Gut: (wbemess.dll) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\n (Trojan.Agent.MRGGen) -> Löschen bei Neustart.
C:\Windows\assembly\GAC\Desktop.ini (Trojan.0access) -> Löschen bei Neustart.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\n (Trojan.Agent.MRGGen) -> Löschen bei Neustart.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\80000000.@ (Trojan.Sirefef) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Code:
mbam-log-2012-06-22 (14-46-18)

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.22.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
JPMK :: JPMK-PC [Administrator]

Schutz: Aktiviert

22.06.2012 12:58:55
mbam-log-2012-06-22 (14-46-18).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 299857
Laufzeit: 1 Stunde(n), 44 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Daten: C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\n. -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 1
HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32| (Trojan.Zaccess) -> Bösartig: (\\.\globalroot\systemroot\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\n.) Gut: (wbemess.dll) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\n (Trojan.Agent.MRGGen) -> Keine Aktion durchgeführt.
C:\Windows\assembly\GAC\Desktop.ini (Trojan.0access) -> Keine Aktion durchgeführt.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\n (Trojan.Agent.MRGGen) -> Keine Aktion durchgeführt.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Keine Aktion durchgeführt.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\80000000.@ (Trojan.Sirefef) -> Keine Aktion durchgeführt.

(Ende)
und noch ein älters log

Code:
mbam-log-2012-06-18 (11-54-53)
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.18.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
JPMK :: JPMK-PC [Administrator]

Schutz: Aktiviert

18.06.2012 11:43:15
mbam-log-2012-06-18 (11-54-53).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 198278
Laufzeit: 10 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Daten: C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\n. -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 1
HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32| (Trojan.Zaccess) -> Bösartig: (\\.\globalroot\systemroot\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\n.) Gut: (%systemroot%\system32\wbem\wbemess.dll) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Windows\assembly\GAC\Desktop.ini (Trojan.0access) -> Keine Aktion durchgeführt.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\n (Trojan.Agent.MRGGen) -> Keine Aktion durchgeführt.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Keine Aktion durchgeführt.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\80000000.@ (Trojan.Sirefef) -> Keine Aktion durchgeführt.

(Ende)
Code:
C:\Users\JPMK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHKHO1QR\speedupmypc.exe        Win32/SpeedUpMyPC application

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=7b185b6f30f7b3429812c1d2fef38265
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-22 04:15:14
# local_time=2012-06-22 06:15:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 94 23864418 92001355 0 0
# compatibility_mode=8192 67108863 100 0 224 224 0 0
# scanned=111348
# found=1
# cleaned=0
# scan_time=11551
C:\Users\JPMK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHKHO1QR\speedupmypc.exe        Win32/SpeedUpMyPC application (unable to clean)        00000000000000000000000000000000        I
hoffe ich habe mich nicht zu doof angestellt und freue mich auf Deine Diagnose und Instruktionen.

Beste Grüße

Jürgen

cosinus 24.06.2012 16:18
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

gofurther 29.06.2012 19:19
Hallo Arne,

sorry für die späte Rückmeldung.

Im Moment läuft alles reibungslos, soweit ich das sehen kann. Vermissen tue ich auch nichts.

Und jetzt?

Danke für Deine Geduld.

Gruß

Jürgen

cosinus 01.07.2012 14:27
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

gofurther 02.07.2012 19:12
Hallo Arne,

ich hoffe ich hab's richtig gemacht.

OTL Logfile:
Code:
OTL logfile created on: 02.07.2012 17:45:06 - Run 2
OTL by OldTimer - Version 3.2.53.1    Folder = C:\Users\JPMK\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,81% Memory free
3,98 Gb Paging File | 3,18 Gb Available in Paging File | 79,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 253,23 Gb Free Space | 84,98% Space Free | Partition Type: NTFS
 
Computer Name: JPMK-PC | User Name: JPMK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\JPMK\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Users\JPMK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Windows\System32\AsusService.exe ()
PRC - C:\Programme\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
PRC - C:\Programme\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.)
PRC - C:\Programme\Verbindungsassistent\WTGService.exe ()
PRC - C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\EeePC\HotkeyService\HotkeyService.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\EeePC\HotkeyService\HotKeyMon.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\EeePC\SHE\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Notepad++\NppShell_04.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AsusService) -- C:\Windows\System32\AsusService.exe ()
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (WTGService) -- C:\Programme\Verbindungsassistent\WTGService.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (ewsercd) -- C:\Windows\System32\drivers\ewsercd.sys (Huawei Technologies Co., Ltd.)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (AsUpIO) -- C:\Windows\System32\drivers\AsUpIO.sys ()
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\System32\drivers\L1E62x86.sys (Atheros Communications, Inc.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (AsusACPI) -- C:\Windows\System32\drivers\ASUSACPI.SYS (ASUSTeK Computer Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2802431009-2721445263-3219878338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2802431009-2721445263-3219878338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2802431009-2721445263-3219878338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E B2 5C 1B 2C 4D CD 01  [binary data]
IE - HKU\S-1-5-21-2802431009-2721445263-3219878338-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2802431009-2721445263-3219878338-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2802431009-2721445263-3219878338-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.jpmk.de"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.30 18:08:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.18 11:08:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.11 18:58:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.30 18:08:28 | 000,000,000 | ---D | M]
 
[2011.09.20 10:22:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JPMK\AppData\Roaming\mozilla\Extensions
[2012.05.03 20:32:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JPMK\AppData\Roaming\mozilla\Firefox\Profiles\0ykb3sya.default\extensions
[2012.06.18 11:08:56 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.26 20:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4 - HKLM..\Run: [HotkeyMon] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SuperHybridEngine] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\JPMK\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2802431009-2721445263-3219878338-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\system32\wshbth.dll File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2839927-8A4B-4CDC-92A1-DD32A7D2AB7D}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4e7e2553-249e-11e1-b190-002243aec6fd}\Shell - "" = AutoRun
O33 - MountPoints2\{4e7e2553-249e-11e1-b190-002243aec6fd}\Shell\AutoRun\command - "" = D:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell - "" = AutoRun
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell\install\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Sharedaccess -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: FreePDF Assistant - hkey= - key= - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: MsMpSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SharedAccess -  File not found
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0EDD8613-FF41-8848-8021-7CFD41E1E3E7} - Microsoft Windows Media Player 12.0
ActiveX: {1F53441A-A3D7-5D8D-A7ED-E30B33FBF10C} - Microsoft Windows Media Player 12.0
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.02 17:32:47 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\JPMK\Desktop\OTL(1).exe
[2012.06.23 15:14:13 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.06.22 14:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.06.22 14:58:09 | 002,322,184 | ---- | C] (ESET) -- C:\Users\JPMK\Desktop\esetsmartinstaller_enu.exe
[2012.06.18 11:40:41 | 000,000,000 | ---D | C] -- C:\Users\JPMK\AppData\Roaming\Malwarebytes
[2012.06.18 11:39:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.18 11:39:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.18 11:39:54 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.18 11:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.06.18 11:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.06.18 10:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.06.18 10:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.06.17 02:17:48 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012.06.15 10:40:53 | 000,000,000 | ---D | C] -- C:\Users\JPMK\AppData\Local\Macromedia
[2012.06.14 11:40:45 | 000,000,000 | ---D | C] -- C:\Users\JPMK\AppData\Local\ElevatedDiagnostics
[2012.06.08 20:31:21 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.02 17:43:10 | 000,019,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.02 17:43:10 | 000,019,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.02 17:32:48 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\JPMK\Desktop\OTL(1).exe
[2012.07.02 17:15:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.02 17:15:13 | 1603,723,264 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.22 14:58:12 | 002,322,184 | ---- | M] (ESET) -- C:\Users\JPMK\Desktop\esetsmartinstaller_enu.exe
[2012.06.18 12:21:11 | 000,000,176 | ---- | M] () -- C:\Users\JPMK\Desktop\defogger_reenable
[2012.06.18 12:06:20 | 000,050,477 | ---- | M] () -- C:\Users\JPMK\Desktop\Defogger.exe
[2012.06.18 11:39:59 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.18 11:09:05 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.15 11:00:21 | 000,000,375 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012.06.14 14:17:36 | 000,659,776 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.14 14:17:36 | 000,621,012 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.14 14:17:36 | 000,132,016 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.14 14:17:36 | 000,108,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.14 14:12:19 | 000,405,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.05 09:38:31 | 000,001,010 | ---- | M] () -- C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.06.05 09:38:05 | 000,000,976 | ---- | M] () -- C:\Users\JPMK\Desktop\Dropbox.lnk
 
========== Files Created - No Company Name ==========
 
[2012.06.18 12:20:30 | 000,000,176 | ---- | C] () -- C:\Users\JPMK\Desktop\defogger_reenable
[2012.06.18 12:06:18 | 000,050,477 | ---- | C] () -- C:\Users\JPMK\Desktop\Defogger.exe
[2012.06.18 11:39:59 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.18 11:09:05 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.06.18 11:09:05 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.17 02:05:23 | 000,088,064 | ---- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\80000032.@
[2012.06.17 02:05:23 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\L\00000004.@
[2012.06.17 02:05:21 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\00000004.@
[2012.06.17 02:05:21 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\000000cb.@
[2012.05.12 21:38:50 | 000,000,028 | ---- | C] () -- C:\Users\JPMK\AppData\Roaming\PhonerLitesettings.ini
[2012.01.12 12:58:49 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\@
[2012.01.12 12:58:49 | 000,002,048 | -HS- | C] () -- C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\@
[2011.09.30 17:56:24 | 000,218,965 | ---- | C] () -- C:\Windows\hpoins47.dat
[2011.09.30 17:56:24 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl47.dat
[2011.09.20 12:55:33 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.09.20 12:34:29 | 000,021,864 | ---- | C] () -- C:\Windows\AsAcpiSvrLang.ini
[2011.09.20 11:22:11 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2011.09.20 11:22:11 | 000,011,296 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2011.09.20 10:24:45 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011.09.20 10:24:45 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2011.09.19 20:48:10 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsUpIO.sys
[2011.09.19 20:48:09 | 000,224,680 | ---- | C] () -- C:\Windows\System32\AsusService.exe
[2011.04.12 04:17:18 | 000,659,776 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.04.12 04:17:18 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.04.12 04:17:18 | 000,132,016 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.04.12 04:17:18 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.11.20 23:31:17 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
 
========== LOP Check ==========
 
[2012.05.19 15:11:31 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\BatteryBar
[2011.09.20 14:21:21 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\DAEMON Tools Lite
[2012.07.02 17:58:52 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Dropbox
[2011.09.20 13:57:35 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Notepad++
[2012.05.31 19:20:07 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\PhonerLite
[2012.03.13 15:36:28 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Verbindungsassistent
[2012.06.14 11:25:26 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.09.30 16:19:18 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Adobe
[2011.10.01 13:36:11 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Apple Computer
[2012.05.19 15:11:31 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\BatteryBar
[2011.09.20 14:21:21 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\DAEMON Tools Lite
[2012.07.02 17:58:52 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Dropbox
[2011.09.30 18:22:52 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\HP
[2011.10.08 20:13:56 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\HpUpdate
[2011.09.19 20:36:13 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Identities
[2011.09.19 20:43:10 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Macromedia
[2012.06.18 11:40:41 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Malwarebytes
[2012.05.16 11:18:08 | 000,000,000 | --SD | M] -- C:\Users\JPMK\AppData\Roaming\Microsoft
[2011.09.20 10:22:13 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Mozilla
[2011.09.20 13:57:35 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Notepad++
[2012.05.31 19:20:07 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\PhonerLite
[2012.03.13 15:36:28 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Verbindungsassistent
[2011.11.14 22:49:12 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\vlc
[2012.06.23 16:07:17 | 000,000,000 | ---D | M] -- C:\Users\JPMK\AppData\Roaming\Winamp
 
< %APPDATA%\*.exe /s >
[2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\JPMK\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.05.24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\JPMK\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\JPMK\AppData\Roaming\Dropbox\bin\Uninstall.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2010.11.20 23:30:52 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 23:30:52 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 23:31:06 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 23:31:06 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2010.11.20 23:30:52 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 23:30:52 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.20 23:30:56 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:30:56 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 23:31:11 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 23:31:11 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 23:30:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:30:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 23:30:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 23:30:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
--- --- ---



Beste Grüße

Jürgen

cosinus 03.07.2012 12:12
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
O4 - HKLM..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2802431009-2721445263-3219878338-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\system32\wshbth.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4e7e2553-249e-11e1-b190-002243aec6fd}\Shell - "" = AutoRun
O33 - MountPoints2\{4e7e2553-249e-11e1-b190-002243aec6fd}\Shell\AutoRun\command - "" = D:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell - "" = AutoRun
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\Shell\install\command - "" = E:\SETUP.EXE
:Files
C:\Windows\assembly\GAC\Desktop.ini
C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\n
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\L
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\n
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\@
C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\@
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

gofurther 05.07.2012 15:11
Hallo Arne,

hier das Log

Code:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2802431009-2721445263-3219878338-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000024\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000025\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000026\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000027\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000028\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000029\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4e7e2553-249e-11e1-b190-002243aec6fd}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4e7e2553-249e-11e1-b190-002243aec6fd}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4e7e2553-249e-11e1-b190-002243aec6fd}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4e7e2553-249e-11e1-b190-002243aec6fd}\ not found.
File D:\.\Autorun.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e53985c-e382-11e0-b0f5-002243aec6fd}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e53985c-e382-11e0-b0f5-002243aec6fd}\ not found.
File E:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e53985c-e382-11e0-b0f5-002243aec6fd}\ not found.
File E:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e53985c-e382-11e0-b0f5-002243aec6fd}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e53985c-e382-11e0-b0f5-002243aec6fd}\ not found.
File E:\SETUP.EXE not found.
========== FILES ==========
File\Folder C:\Windows\assembly\GAC\Desktop.ini not found.
File\Folder C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\n not found.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U folder moved successfully.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\L folder moved successfully.
File\Folder C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\n not found.
C:\Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\@ moved successfully.
C:\Users\JPMK\AppData\Local\{05173853-bdba-7e93-ce4c-b002cfc95882}\@ moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: JPMK
->Temp folder emptied: 6291534 bytes
->Temporary Internet Files folder emptied: 115418225 bytes
->Java cache emptied: 92673 bytes
->FireFox cache emptied: 765710545 bytes
->Google Chrome cache emptied: 6327376 bytes
->Flash cache emptied: 19853 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 94754055 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 943,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: JPMK
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.53.1 log created on 07052012_145804

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Jetzt sind aber leider keine INternetverbindungen mehr verfügbar. Ich komme mit dem Rechner also gerade nicht ins Netz und sende von einem anderen Rechner.

Womit hängt das zusammen? Was ist zu tun?

Confused greetings

Jürgen

cosinus 05.07.2012 16:10
Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung?



Abgesicherter Modus zur Bereinigung
  • Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
  • Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

    Windows im abgesicherten Modusstarten

gofurther 05.07.2012 16:22
abgesicherter Modus geht.

Internet nicht

cosinus 05.07.2012 16:29
Zitat:
abgesicherter Modus geht.
Internet nicht
Deswegen sollst du ja auch den abgesicherten Modus mit Netzwerktreibern probieren
Das sind zwei paar Schuhe abgesicherter Modus und abgesicherte Modus mit Netzwerktreibern!

gofurther 05.07.2012 16:33
Sorry, ich war etwas ungenau.

Ja abgesicherter Modus mit netzwerktreibern geht.

Internet geht nicht.

tut mir leid.

Gruß

Jürgen

Hallo Arne,

ich hoffe Du nimmst es mir nicht übel, dass ich nicht so genau mit meiner Antwort war uund hoffe weiter sehr auf Deine Hilfe.

Übrigens ist es ein Netbook und ich bin über W-lan ins Netz gegangen.

gruß

Jürgen

gofurther 09.07.2012 11:52
Hallo Arne,

kannst Du mir weiter helfen oder einen Tipp geben, was ich jetzt machen soll?

Bin gerade ziemlich ratlos.

Gruß

Jürgen

cosinus 09.07.2012 13:03
Die Internetverbindung via WLAN geht jetzt also mit beiden Modu nicht?
Wenn beides nicht geht musst du mal genauer nachsehen ob dein WLAN-Adapter überhaupt noch erkennt wird, ob du die Verbindung ner herstellen musst, WLAN_Schlüssel neu eingeben etc. pp

gofurther 09.07.2012 14:20
Hallo Arne,

toll, dass Du dich noch darum kümmerst.

Internetverbindung via WLAN geht mit beiden Modi nicht

Außerdem startet der Rechner jetzt extrem langsam und zeigt dann folgenden Text.

Es konnte keine Verbindung mit einem Windows-Dienst gergestellt

Es konnte keine Verbindung mit dem Dienst "Benachrichtigung für Systemereignisse" hergestellt werden.....

Wie sehe ich den nach, ob der WLAN Adapter erkannt wird?

Wenn ich eine neue Verbindung herstellen möchte, zeigt er mir keine Netze oder Router an. Vorher standen da immer gleich mehrere zur Auswahl. Jetzt zeigt sich gar nichts.

Wenn ich unter "Netzwerk und Internet" / Netzwerkverbindungen versuche eine Drathlosnetzwerkverbindung aufzubauen, heißt es "ES sind keine Verbindungen verfügbar"

Gehe ich mit rechtsklick auf Eigenschaften wird meine 802.11n-Drathlos-Lan-Karte angezeigt. Gerätestatus "Das Gerät funktioniert einwandfrei"

Bei meinen Recherchen habe ich häufiger gelesen, dass es zu ähnlichen Problemen durch Soundkarten oder Antivierensoftware gekommen ist, die nach der Deinstalation dieser Software weg waren.

Was soll ich machen?

Gruß

Jürgen

cosinus 09.07.2012 14:21
Ist das ein Notebook?
Da hat man Schalter bzw. Tastenkombinationen um den WLAN-Adapter ein- und auszuschalten
Lies bitte im Handbuch nach

gofurther 09.07.2012 16:16
Hallo Arne,

ja es ist ein Netbook

Asus EeePC 1000h

Habe alle WLan-Funktionen über Tastenkombination (Fn / F2) aktiviert, leider bleibt alles wie vorher, mit den gleichen Meldungen.

Gruß

Jürgen

cosinus 09.07.2012 18:54
Probier mal Folgendes:
  • Klick mit rechts auf einen freien Bereich auf dem Desktop und sag "Neu, Verknüpfung erstellen"

  • Tipp als Ziel cmd.exe ein und bestätige mit OK, eine neue Verknüpfung zur Konsole auf dem Desktop müsste sich nun befinden

  • Falls dem so ist, diese neue Verknüpfung rechtsklicken => Als Administrator ausführen => Sicherheitsabfrage der Benutzerkontensteuerung ggf. bestätigen => schwarze Eingabeaufforderung öffnet sich

  • Tipp dort ein:
    Code:
    netsh winsock reset catalog
    und bestätige mit enter.

Schau mal ob das Zurücksetzen hilft, wenn es nicht sofort hilft, starte Windows bitte vorher neu und schau dann nochmal ob du eine Verbindung hast

gofurther 09.07.2012 19:33
Lieber Arne,

ich bin tief beeindruckt (auch wenn das wahrscheinlich bei meinem Wissenstand, nicht so schwer ist). Toll, bin wieder im Netz. Puh. Für mich ist das Hexerei. Nun denn. Wie geht es jetzt weiter?

Anyway tausend Dank für Deinen Support und Deine Geduld.

Herzliche Grüße

Jürgen
:singsing: :applaus:

cosinus 10.07.2012 10:54
Lag vermutlich an diesen Einträgen die ich mit OTL gefixt hab

Code:
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\wshbth.dll File not found
Der letzte Befehl also "netsh winsock reset catalog" hat das sog. winsock glattgezogen und wir hatten damit Erfolg :)
Ehrlich gesagt wüsste ich aber nicht was wir nun gemacht hätten wenn das auch nicht geklappt hätte :wtf:

Mal so als Zwischenstand gefragt, öffent der Browser noch neue Fesnter und stürut Otlook noch ab?

Egal ob ja oder nein, downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

gofurther 10.07.2012 14:37
Hallo Arne,

ich bin trotzdem super happy :singsing:

Es öffnen sich keine Browserfenster und outlook stürzt auch nicht mehr ab.

Code:
# AdwCleaner v1.701 - Logfile created 07/10/2012 at 15:32:03
# Updated 02/07/2012 by Xplode
# Operating system : Windows 7 Professional N Service Pack 1 (32 bits)
# User : JPMK - JPMK-PC
# Running from : C:\Users\JPMK\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\JPMK\AppData\Roaming\Mozilla\Firefox\Profiles\0ykb3sya.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\JPMK\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [938 octets] - [10/07/2012 15:32:03]

########## EOF - C:\AdwCleaner[R1].txt - [1065 octets] ##########
Was mache ich eigentlich mit den ganzen Logfiles? Soll ich die noch aufheben?

Gruß

Jürgen

cosinus 10.07.2012 20:25
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

gofurther 13.07.2012 13:52
Hi Arne,

Code:
14:40:35.0580 3664        TDSS rootkit removing tool 2.7.45.0 Jul  9 2012 12:46:35
14:40:35.0953 3664        ============================================================
14:40:35.0953 3664        Current date / time: 2012/07/13 14:40:35.0953
14:40:35.0953 3664        SystemInfo:
14:40:35.0953 3664       
14:40:35.0954 3664        OS Version: 6.1.7601 ServicePack: 1.0
14:40:35.0954 3664        Product type: Workstation
14:40:35.0954 3664        ComputerName: JPMK-PC
14:40:35.0958 3664        UserName: JPMK
14:40:35.0958 3664        Windows directory: C:\Windows
14:40:35.0958 3664        System windows directory: C:\Windows
14:40:35.0958 3664        Processor architecture: Intel x86
14:40:35.0958 3664        Number of processors: 2
14:40:35.0958 3664        Page size: 0x1000
14:40:35.0958 3664        Boot type: Normal boot
14:40:35.0958 3664        ============================================================
14:40:37.0994 3664        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x312B6F, SectorsPerTrack: 0x2, TracksPerCylinder: 0x61, Type 'K0', Flags 0x00000050
14:40:38.0013 3664        ============================================================
14:40:38.0013 3664        \Device\Harddisk0\DR0:
14:40:38.0043 3664        MBR partitions:
14:40:38.0043 3664        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:40:38.0043 3664        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
14:40:38.0043 3664        ============================================================
14:40:38.0135 3664        C: <-> \Device\Harddisk0\DR0\Partition1
14:40:38.0135 3664        ============================================================
14:40:38.0135 3664        Initialize success
14:40:38.0135 3664        ============================================================
14:42:32.0542 2188        ============================================================
14:42:32.0542 2188        Scan started
14:42:32.0542 2188        Mode: Manual;
14:42:32.0542 2188        ============================================================
14:42:33.0446 2188        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
14:42:33.0462 2188        1394ohci - ok
14:42:33.0524 2188        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
14:42:33.0556 2188        ACPI - ok
14:42:33.0602 2188        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
14:42:33.0602 2188        AcpiPmi - ok
14:42:33.0696 2188        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:42:33.0712 2188        AdobeARMservice - ok
14:42:33.0805 2188        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
14:42:33.0821 2188        adp94xx - ok
14:42:33.0914 2188        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
14:42:33.0914 2188        adpahci - ok
14:42:33.0961 2188        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
14:42:33.0961 2188        adpu320 - ok
14:42:34.0039 2188        AeLookupSvc    (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
14:42:34.0039 2188        AeLookupSvc - ok
14:42:34.0133 2188        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
14:42:34.0133 2188        AFD - ok
14:42:34.0195 2188        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
14:42:34.0211 2188        agp440 - ok
14:42:34.0242 2188        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
14:42:34.0242 2188        aic78xx - ok
14:42:34.0304 2188        ALG            (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
14:42:34.0304 2188        ALG - ok
14:42:34.0336 2188        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
14:42:34.0351 2188        aliide - ok
14:42:34.0382 2188        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
14:42:34.0398 2188        amdagp - ok
14:42:34.0414 2188        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
14:42:34.0414 2188        amdide - ok
14:42:34.0460 2188        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
14:42:34.0476 2188        AmdK8 - ok
14:42:34.0507 2188        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
14:42:34.0538 2188        AmdPPM - ok
14:42:34.0585 2188        amdsata        (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
14:42:34.0601 2188        amdsata - ok
14:42:34.0648 2188        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
14:42:34.0663 2188        amdsbs - ok
14:42:34.0679 2188        amdxata        (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
14:42:34.0679 2188        amdxata - ok
14:42:34.0726 2188        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
14:42:34.0726 2188        AppID - ok
14:42:34.0788 2188        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
14:42:34.0788 2188        AppIDSvc - ok
14:42:34.0819 2188        Appinfo        (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
14:42:34.0819 2188        Appinfo - ok
14:42:34.0882 2188        AppMgmt        (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
14:42:34.0897 2188        AppMgmt - ok
14:42:34.0928 2188        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
14:42:34.0944 2188        arc - ok
14:42:34.0975 2188        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
14:42:34.0991 2188        arcsas - ok
14:42:35.0038 2188        AsIO            (9d8cb58b9a9e177ddd599791a58a654d) C:\Windows\system32\drivers\AsIO.sys
14:42:35.0038 2188        AsIO - ok
14:42:35.0084 2188        AsUpIO          (a9a565c669786c402752f609afdd0dd5) C:\Windows\system32\drivers\AsUpIO.sys
14:42:35.0084 2188        AsUpIO - ok
14:42:35.0131 2188        AsusACPI        (12415a4b61ded200fe9932b47a35fa42) C:\Windows\system32\DRIVERS\ASUSACPI.sys
14:42:35.0131 2188        AsusACPI - ok
14:42:35.0194 2188        AsusService    (f8259f0802d1a68324ca909e898d6d68) C:\Windows\System32\AsusService.exe
14:42:35.0209 2188        AsusService - ok
14:42:35.0256 2188        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
14:42:35.0256 2188        AsyncMac - ok
14:42:35.0287 2188        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
14:42:35.0287 2188        atapi - ok
14:42:35.0365 2188        AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
14:42:35.0381 2188        AudioEndpointBuilder - ok
14:42:35.0412 2188        Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
14:42:35.0428 2188        Audiosrv - ok
14:42:35.0474 2188        AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
14:42:35.0490 2188        AxInstSV - ok
14:42:35.0568 2188        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
14:42:35.0599 2188        b06bdrv - ok
14:42:35.0646 2188        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
14:42:35.0662 2188        b57nd60x - ok
14:42:35.0740 2188        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
14:42:35.0740 2188        BDESVC - ok
14:42:35.0771 2188        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
14:42:35.0771 2188        Beep - ok
14:42:35.0864 2188        BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
14:42:35.0911 2188        BITS - ok
14:42:35.0942 2188        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
14:42:35.0942 2188        blbdrive - ok
14:42:36.0005 2188        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
14:42:36.0005 2188        bowser - ok
14:42:36.0036 2188        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
14:42:36.0052 2188        BrFiltLo - ok
14:42:36.0067 2188        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
14:42:36.0067 2188        BrFiltUp - ok
14:42:36.0098 2188        Browser        (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
14:42:36.0114 2188        Browser - ok
14:42:36.0161 2188        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
14:42:36.0176 2188        Brserid - ok
14:42:36.0208 2188        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
14:42:36.0208 2188        BrSerWdm - ok
14:42:36.0239 2188        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:42:36.0239 2188        BrUsbMdm - ok
14:42:36.0270 2188        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
14:42:36.0270 2188        BrUsbSer - ok
14:42:36.0317 2188        BthEnum        (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
14:42:36.0317 2188        BthEnum - ok
14:42:36.0348 2188        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
14:42:36.0348 2188        BTHMODEM - ok
14:42:36.0410 2188        BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
14:42:36.0426 2188        BthPan - ok
14:42:36.0488 2188        BTHPORT        (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\system32\Drivers\BTHport.sys
14:42:36.0520 2188        BTHPORT - ok
14:42:36.0582 2188        bthserv        (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
14:42:36.0582 2188        bthserv - ok
14:42:36.0629 2188        BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\system32\Drivers\BTHUSB.sys
14:42:36.0629 2188        BTHUSB - ok
14:42:36.0676 2188        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
14:42:36.0691 2188        cdfs - ok
14:42:36.0722 2188        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
14:42:36.0738 2188        cdrom - ok
14:42:36.0785 2188        CertPropSvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
14:42:36.0800 2188        CertPropSvc - ok
14:42:36.0832 2188        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
14:42:36.0832 2188        circlass - ok
14:42:36.0894 2188        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
14:42:36.0894 2188        CLFS - ok
14:42:36.0956 2188        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:42:36.0972 2188        clr_optimization_v2.0.50727_32 - ok
14:42:37.0050 2188        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:42:37.0066 2188        clr_optimization_v4.0.30319_32 - ok
14:42:37.0112 2188        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
14:42:37.0112 2188        CmBatt - ok
14:42:37.0144 2188        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
14:42:37.0159 2188        cmdide - ok
14:42:37.0222 2188        CNG            (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
14:42:37.0268 2188        CNG - ok
14:42:37.0409 2188        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
14:42:37.0409 2188        Compbatt - ok
14:42:37.0456 2188        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:42:37.0456 2188        CompositeBus - ok
14:42:37.0471 2188        COMSysApp - ok
14:42:37.0518 2188        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
14:42:37.0518 2188        crcdisk - ok
14:42:37.0580 2188        CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
14:42:37.0596 2188        CryptSvc - ok
14:42:37.0674 2188        CSC            (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
14:42:37.0705 2188        CSC - ok
14:42:37.0783 2188        CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
14:42:37.0814 2188        CscService - ok
14:42:37.0908 2188        DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
14:42:37.0924 2188        DcomLaunch - ok
14:42:37.0970 2188        defragsvc      (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
14:42:37.0986 2188        defragsvc - ok
14:42:38.0064 2188        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
14:42:38.0064 2188        DfsC - ok
14:42:38.0158 2188        Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
14:42:38.0158 2188        Dhcp - ok
14:42:38.0189 2188        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
14:42:38.0189 2188        discache - ok
14:42:38.0251 2188        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
14:42:38.0267 2188        Disk - ok
14:42:38.0298 2188        dmvsc          (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys
14:42:38.0314 2188        dmvsc - ok
14:42:38.0376 2188        Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
14:42:38.0376 2188        Dnscache - ok
14:42:38.0454 2188        dot3svc        (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
14:42:38.0470 2188        dot3svc - ok
14:42:38.0516 2188        DPS            (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
14:42:38.0532 2188        DPS - ok
14:42:38.0563 2188        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
14:42:38.0579 2188        drmkaud - ok
14:42:38.0641 2188        DrvAgent32      (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys
14:42:38.0657 2188        DrvAgent32 - ok
14:42:38.0766 2188        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
14:42:38.0782 2188        DXGKrnl - ok
14:42:38.0828 2188        EapHost        (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
14:42:38.0844 2188        EapHost - ok
14:42:39.0140 2188        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
14:42:39.0265 2188        ebdrv - ok
14:42:39.0406 2188        EFS            (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
14:42:39.0421 2188        EFS - ok
14:42:39.0562 2188        ehRecvr        (3a74a6e33685662b125a3269b1f2114f) C:\Windows\ehome\ehRecvr.exe
14:42:39.0593 2188        ehRecvr - ok
14:42:39.0655 2188        ehSched        (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
14:42:39.0671 2188        ehSched - ok
14:42:39.0780 2188        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
14:42:39.0811 2188        elxstor - ok
14:42:39.0827 2188        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
14:42:39.0827 2188        ErrDev - ok
14:42:39.0905 2188        ETD            (fbffa0089056a7bb8355ee89f49e336d) C:\Windows\system32\DRIVERS\ETD.sys
14:42:39.0905 2188        ETD - ok
14:42:39.0998 2188        EventSystem    (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
14:42:40.0014 2188        EventSystem - ok
14:42:40.0061 2188        ewsercd        (e66710639a292f6341d63b01ee8e8037) C:\Windows\system32\DRIVERS\ewsercd.sys
14:42:40.0061 2188        ewsercd - ok
14:42:40.0123 2188        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
14:42:40.0139 2188        exfat - ok
14:42:40.0170 2188        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
14:42:40.0170 2188        fastfat - ok
14:42:40.0248 2188        Fax            (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
14:42:40.0279 2188        Fax - ok
14:42:40.0310 2188        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys
14:42:40.0310 2188        fdc - ok
14:42:40.0357 2188        fdPHost        (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
14:42:40.0357 2188        fdPHost - ok
14:42:40.0388 2188        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
14:42:40.0388 2188        FDResPub - ok
14:42:40.0420 2188        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
14:42:40.0420 2188        FileInfo - ok
14:42:40.0451 2188        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
14:42:40.0451 2188        Filetrace - ok
14:42:40.0498 2188        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys
14:42:40.0498 2188        flpydisk - ok
14:42:40.0544 2188        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
14:42:40.0560 2188        FltMgr - ok
14:42:40.0638 2188        FontCache      (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
14:42:40.0669 2188        FontCache - ok
14:42:40.0747 2188        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:42:40.0763 2188        FontCache3.0.0.0 - ok
14:42:40.0825 2188        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
14:42:40.0825 2188        FsDepends - ok
14:42:40.0856 2188        Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
14:42:40.0856 2188        Fs_Rec - ok
14:42:40.0919 2188        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
14:42:40.0934 2188        fvevol - ok
14:42:40.0966 2188        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
14:42:40.0966 2188        gagp30kx - ok
14:42:41.0059 2188        gpsvc          (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
14:42:41.0090 2188        gpsvc - ok
14:42:41.0122 2188        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
14:42:41.0122 2188        hcw85cir - ok
14:42:41.0200 2188        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
14:42:41.0231 2188        HdAudAddService - ok
14:42:41.0293 2188        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:42:41.0293 2188        HDAudBus - ok
14:42:41.0324 2188        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
14:42:41.0340 2188        HidBatt - ok
14:42:41.0371 2188        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
14:42:41.0387 2188        HidBth - ok
14:42:41.0418 2188        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
14:42:41.0418 2188        HidIr - ok
14:42:41.0449 2188        hidserv        (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
14:42:41.0465 2188        hidserv - ok
14:42:41.0496 2188        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
14:42:41.0496 2188        HidUsb - ok
14:42:41.0543 2188        hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
14:42:41.0558 2188        hkmsvc - ok
14:42:41.0605 2188        HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
14:42:41.0621 2188        HomeGroupListener - ok
14:42:41.0699 2188        HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
14:42:41.0699 2188        HomeGroupProvider - ok
14:42:41.0855 2188        hpqcxs08        (5da42d24712e00728cea2342a65009b2) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:42:41.0870 2188        hpqcxs08 - ok
14:42:41.0917 2188        hpqddsvc        (d86a39bf100069444d026d22d9a6e555) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:42:41.0933 2188        hpqddsvc - ok
14:42:41.0980 2188        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
14:42:41.0980 2188        HpSAMD - ok
14:42:42.0120 2188        HPSLPSVC        (9d23402d305869844bc6004a05cc74ba) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
14:42:42.0151 2188        HPSLPSVC - ok
14:42:42.0245 2188        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
14:42:42.0260 2188        HTTP - ok
14:42:42.0307 2188        hwdatacard      (92ca47da32009ccc00a5aded04abbd78) C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:42:42.0323 2188        hwdatacard - ok
14:42:42.0354 2188        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
14:42:42.0354 2188        hwpolicy - ok
14:42:42.0479 2188        hwusbfake      (1d4d6d24256f61e6b08a3cf8184a78b8) C:\Windows\system32\DRIVERS\ewusbfake.sys
14:42:42.0479 2188        hwusbfake - ok
14:42:42.0541 2188        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
14:42:42.0541 2188        i8042prt - ok
14:42:42.0650 2188        iaStorV        (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
14:42:42.0666 2188        iaStorV - ok
14:42:42.0822 2188        idsvc          (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:42:42.0869 2188        idsvc - ok
14:42:43.0493 2188        igfx            (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:42:43.0680 2188        igfx - ok
14:42:43.0852 2188        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
14:42:43.0852 2188        iirsp - ok
14:42:43.0992 2188        IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
14:42:44.0023 2188        IKEEXT - ok
14:42:44.0086 2188        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
14:42:44.0086 2188        intelide - ok
14:42:44.0132 2188        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
14:42:44.0148 2188        intelppm - ok
14:42:44.0179 2188        IPBusEnum      (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
14:42:44.0179 2188        IPBusEnum - ok
14:42:44.0242 2188        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:42:44.0242 2188        IpFilterDriver - ok
14:42:44.0273 2188        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
14:42:44.0273 2188        IPMIDRV - ok
14:42:44.0320 2188        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
14:42:44.0320 2188        IPNAT - ok
14:42:44.0366 2188        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
14:42:44.0382 2188        IRENUM - ok
14:42:44.0413 2188        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
14:42:44.0413 2188        isapnp - ok
14:42:44.0460 2188        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
14:42:44.0476 2188        iScsiPrt - ok
14:42:44.0522 2188        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:42:44.0538 2188        kbdclass - ok
14:42:44.0569 2188        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
14:42:44.0569 2188        kbdhid - ok
14:42:44.0616 2188        kbfiltr        (3eb803312987ff44265c87cb960df6ab) C:\Windows\system32\DRIVERS\kbfiltr.sys
14:42:44.0616 2188        kbfiltr - ok
14:42:44.0663 2188        KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:42:44.0663 2188        KeyIso - ok
14:42:44.0694 2188        KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
14:42:44.0710 2188        KSecDD - ok
14:42:44.0741 2188        KSecPkg        (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
14:42:44.0756 2188        KSecPkg - ok
14:42:44.0834 2188        KtmRm          (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
14:42:44.0850 2188        KtmRm - ok
14:42:44.0897 2188        L1E            (8c804b1ffad1efa952b747e8285c3b76) C:\Windows\system32\DRIVERS\L1E62x86.sys
14:42:44.0912 2188        L1E - ok
14:42:44.0990 2188        LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
14:42:45.0022 2188        LanmanServer - ok
14:42:45.0084 2188        LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
14:42:45.0100 2188        LanmanWorkstation - ok
14:42:45.0146 2188        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
14:42:45.0162 2188        lltdio - ok
14:42:45.0209 2188        lltdsvc        (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
14:42:45.0224 2188        lltdsvc - ok
14:42:45.0256 2188        lmhosts        (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
14:42:45.0256 2188        lmhosts - ok
14:42:45.0302 2188        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
14:42:45.0302 2188        LSI_FC - ok
14:42:45.0349 2188        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
14:42:45.0365 2188        LSI_SAS - ok
14:42:45.0380 2188        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
14:42:45.0396 2188        LSI_SAS2 - ok
14:42:45.0427 2188        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
14:42:45.0458 2188        LSI_SCSI - ok
14:42:45.0490 2188        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
14:42:45.0505 2188        luafv - ok
14:42:45.0552 2188        Mcx2Svc        (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
14:42:45.0568 2188        Mcx2Svc - ok
14:42:45.0599 2188        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
14:42:45.0599 2188        megasas - ok
14:42:45.0661 2188        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
14:42:45.0677 2188        MegaSR - ok
14:42:45.0755 2188        Microsoft SharePoint Workspace Audit Service - ok
14:42:45.0833 2188        MMCSS          (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
14:42:45.0833 2188        MMCSS - ok
14:42:45.0864 2188        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
14:42:45.0864 2188        Modem - ok
14:42:45.0911 2188        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
14:42:45.0911 2188        monitor - ok
14:42:45.0942 2188        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
14:42:45.0942 2188        mouclass - ok
14:42:45.0973 2188        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
14:42:45.0989 2188        mouhid - ok
14:42:46.0020 2188        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
14:42:46.0020 2188        mountmgr - ok
14:42:46.0098 2188        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:42:46.0098 2188        MozillaMaintenance - ok
14:42:46.0160 2188        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
14:42:46.0176 2188        mpio - ok
14:42:46.0192 2188        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
14:42:46.0207 2188        mpsdrv - ok
14:42:46.0238 2188        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
14:42:46.0238 2188        MRxDAV - ok
14:42:46.0301 2188        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:42:46.0301 2188        mrxsmb - ok
14:42:46.0348 2188        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:42:46.0363 2188        mrxsmb10 - ok
14:42:46.0394 2188        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:42:46.0410 2188        mrxsmb20 - ok
14:42:46.0472 2188        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
14:42:46.0472 2188        msahci - ok
14:42:46.0504 2188        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
14:42:46.0504 2188        msdsm - ok
14:42:46.0566 2188        MSDTC          (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
14:42:46.0597 2188        MSDTC - ok
14:42:46.0644 2188        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
14:42:46.0644 2188        Msfs - ok
14:42:46.0675 2188        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
14:42:46.0691 2188        mshidkmdf - ok
14:42:46.0706 2188        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
14:42:46.0706 2188        msisadrv - ok
14:42:46.0769 2188        MSiSCSI        (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
14:42:46.0769 2188        MSiSCSI - ok
14:42:46.0784 2188        msiserver - ok
14:42:46.0831 2188        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
14:42:46.0831 2188        MSKSSRV - ok
14:42:46.0862 2188        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
14:42:46.0862 2188        MSPCLOCK - ok
14:42:46.0894 2188        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
14:42:46.0894 2188        MSPQM - ok
14:42:46.0940 2188        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
14:42:46.0956 2188        MsRPC - ok
14:42:47.0003 2188        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
14:42:47.0003 2188        mssmbios - ok
14:42:47.0034 2188        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
14:42:47.0050 2188        MSTEE - ok
14:42:47.0065 2188        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
14:42:47.0065 2188        MTConfig - ok
14:42:47.0112 2188        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
14:42:47.0112 2188        Mup - ok
14:42:47.0159 2188        napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
14:42:47.0190 2188        napagent - ok
14:42:47.0268 2188        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
14:42:47.0284 2188        NativeWifiP - ok
14:42:47.0377 2188        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
14:42:47.0408 2188        NDIS - ok
14:42:47.0455 2188        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
14:42:47.0455 2188        NdisCap - ok
14:42:47.0518 2188        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
14:42:47.0518 2188        NdisTapi - ok
14:42:47.0564 2188        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
14:42:47.0564 2188        Ndisuio - ok
14:42:47.0611 2188        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
14:42:47.0611 2188        NdisWan - ok
14:42:47.0642 2188        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
14:42:47.0658 2188        NDProxy - ok
14:42:47.0705 2188        Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll
14:42:47.0705 2188        Net Driver HPZ12 - ok
14:42:47.0752 2188        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
14:42:47.0767 2188        NetBIOS - ok
14:42:47.0814 2188        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
14:42:47.0814 2188        NetBT - ok
14:42:47.0861 2188        Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:42:47.0876 2188        Netlogon - ok
14:42:47.0954 2188        Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
14:42:47.0986 2188        Netman - ok
14:42:48.0032 2188        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
14:42:48.0048 2188        netprofm - ok
14:42:48.0142 2188        netr28          (652881f65b35564575255a0e05e23c55) C:\Windows\system32\DRIVERS\netr28.sys
14:42:48.0157 2188        netr28 - ok
14:42:48.0251 2188        NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:42:48.0266 2188        NetTcpPortSharing - ok
14:42:48.0313 2188        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
14:42:48.0329 2188        nfrd960 - ok
14:42:48.0391 2188        NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
14:42:48.0407 2188        NlaSvc - ok
14:42:48.0438 2188        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
14:42:48.0438 2188        Npfs - ok
14:42:48.0469 2188        nsi            (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
14:42:48.0485 2188        nsi - ok
14:42:48.0500 2188        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
14:42:48.0516 2188        nsiproxy - ok
14:42:48.0656 2188        Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
14:42:48.0719 2188        Ntfs - ok
14:42:48.0766 2188        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
14:42:48.0766 2188        Null - ok
14:42:48.0844 2188        nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
14:42:48.0844 2188        nvraid - ok
14:42:48.0890 2188        nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
14:42:48.0890 2188        nvstor - ok
14:42:48.0922 2188        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
14:42:48.0937 2188        nv_agp - ok
14:42:48.0953 2188        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
14:42:48.0968 2188        ohci1394 - ok
14:42:49.0031 2188        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:42:49.0046 2188        ose - ok
14:42:49.0624 2188        osppsvc        (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:42:49.0795 2188        osppsvc - ok
14:42:49.0967 2188        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
14:42:49.0998 2188        p2pimsvc - ok
14:42:50.0060 2188        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
14:42:50.0092 2188        p2psvc - ok
14:42:50.0154 2188        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys
14:42:50.0170 2188        Parport - ok
14:42:50.0216 2188        partmgr        (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
14:42:50.0216 2188        partmgr - ok
14:42:50.0248 2188        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys
14:42:50.0248 2188        Parvdm - ok
14:42:50.0310 2188        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
14:42:50.0326 2188        PcaSvc - ok
14:42:50.0357 2188        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
14:42:50.0388 2188        pci - ok
14:42:50.0419 2188        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
14:42:50.0419 2188        pciide - ok
14:42:50.0466 2188        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
14:42:50.0482 2188        pcmcia - ok
14:42:50.0513 2188        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
14:42:50.0513 2188        pcw - ok
14:42:50.0606 2188        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
14:42:50.0653 2188        PEAUTH - ok
14:42:50.0825 2188        PeerDistSvc    (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
14:42:50.0872 2188        PeerDistSvc - ok
14:42:51.0106 2188        pla            (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
14:42:51.0168 2188        pla - ok
14:42:51.0340 2188        PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
14:42:51.0355 2188        PlugPlay - ok
14:42:51.0433 2188        Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll
14:42:51.0449 2188        Pml Driver HPZ12 - ok
14:42:51.0480 2188        PNRPAutoReg    (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
14:42:51.0496 2188        PNRPAutoReg - ok
14:42:51.0558 2188        PNRPsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
14:42:51.0558 2188        PNRPsvc - ok
14:42:51.0636 2188        Point32        (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
14:42:51.0652 2188        Point32 - ok
14:42:51.0714 2188        PolicyAgent    (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
14:42:51.0730 2188        PolicyAgent - ok
14:42:51.0823 2188        Power          (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
14:42:51.0839 2188        Power - ok
14:42:51.0886 2188        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
14:42:51.0901 2188        PptpMiniport - ok
14:42:51.0948 2188        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
14:42:51.0948 2188        Processor - ok
14:42:52.0010 2188        ProfSvc        (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
14:42:52.0026 2188        ProfSvc - ok
14:42:52.0088 2188        ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:42:52.0088 2188        ProtectedStorage - ok
14:42:52.0151 2188        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
14:42:52.0151 2188        Psched - ok
14:42:52.0338 2188        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
14:42:52.0432 2188        ql2300 - ok
14:42:52.0603 2188        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
14:42:52.0603 2188        ql40xx - ok
14:42:52.0697 2188        QWAVE          (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
14:42:52.0712 2188        QWAVE - ok
14:42:52.0744 2188        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
14:42:52.0744 2188        QWAVEdrv - ok
14:42:52.0790 2188        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
14:42:52.0790 2188        RasAcd - ok
14:42:52.0853 2188        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:42:52.0868 2188        RasAgileVpn - ok
14:42:52.0915 2188        RasAuto        (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
14:42:52.0931 2188        RasAuto - ok
14:42:52.0962 2188        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:42:52.0978 2188        Rasl2tp - ok
14:42:53.0056 2188        RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
14:42:53.0071 2188        RasMan - ok
14:42:53.0118 2188        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
14:42:53.0118 2188        RasPppoe - ok
14:42:53.0180 2188        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
14:42:53.0180 2188        RasSstp - ok
14:42:53.0227 2188        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
14:42:53.0258 2188        rdbss - ok
14:42:53.0274 2188        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
14:42:53.0290 2188        rdpbus - ok
14:42:53.0321 2188        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:42:53.0321 2188        RDPCDD - ok
14:42:53.0399 2188        RDPDR          (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
14:42:53.0414 2188        RDPDR - ok
14:42:53.0461 2188        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
14:42:53.0477 2188        RDPENCDD - ok
14:42:53.0508 2188        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
14:42:53.0508 2188        RDPREFMP - ok
14:42:53.0570 2188        RDPWD          (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
14:42:53.0586 2188        RDPWD - ok
14:42:53.0633 2188        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
14:42:53.0648 2188        rdyboost - ok
14:42:53.0695 2188        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
14:42:53.0711 2188        RemoteAccess - ok
14:42:53.0773 2188        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
14:42:53.0789 2188        RemoteRegistry - ok
14:42:53.0836 2188        RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
14:42:53.0836 2188        RFCOMM - ok
14:42:53.0882 2188        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
14:42:53.0882 2188        RpcEptMapper - ok
14:42:53.0929 2188        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
14:42:53.0945 2188        RpcLocator - ok
14:42:54.0007 2188        RpcSs          (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
14:42:54.0007 2188        RpcSs - ok
14:42:54.0054 2188        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
14:42:54.0070 2188        rspndr - ok
14:42:54.0101 2188        s3cap          (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
14:42:54.0101 2188        s3cap - ok
14:42:54.0148 2188        SamSs          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:42:54.0148 2188        SamSs - ok
14:42:54.0210 2188        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
14:42:54.0210 2188        sbp2port - ok
14:42:54.0272 2188        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
14:42:54.0288 2188        SCardSvr - ok
14:42:54.0319 2188        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
14:42:54.0319 2188        scfilter - ok
14:42:54.0397 2188        Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
14:42:54.0460 2188        Schedule - ok
14:42:54.0506 2188        SCPolicySvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
14:42:54.0506 2188        SCPolicySvc - ok
14:42:54.0553 2188        SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
14:42:54.0569 2188        SDRSVC - ok
14:42:54.0616 2188        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:42:54.0616 2188        secdrv - ok
14:42:54.0647 2188        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
14:42:54.0662 2188        seclogon - ok
14:42:54.0709 2188        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
14:42:54.0725 2188        SENS - ok
14:42:54.0772 2188        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
14:42:54.0772 2188        SensrSvc - ok
14:42:54.0803 2188        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\drivers\serenum.sys
14:42:54.0818 2188        Serenum - ok
14:42:54.0850 2188        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\drivers\serial.sys
14:42:54.0850 2188        Serial - ok
14:42:54.0881 2188        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
14:42:54.0896 2188        sermouse - ok
14:42:54.0974 2188        SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
14:42:54.0990 2188        SessionEnv - ok
14:42:55.0021 2188        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
14:42:55.0021 2188        sffdisk - ok
14:42:55.0052 2188        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
14:42:55.0052 2188        sffp_mmc - ok
14:42:55.0084 2188        sffp_sd        (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
14:42:55.0084 2188        sffp_sd - ok
14:42:55.0115 2188        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
14:42:55.0115 2188        sfloppy - ok
14:42:55.0193 2188        ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
14:42:55.0208 2188        ShellHWDetection - ok
14:42:55.0240 2188        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
14:42:55.0255 2188        sisagp - ok
14:42:55.0302 2188        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
14:42:55.0302 2188        SiSRaid2 - ok
14:42:55.0333 2188        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
14:42:55.0349 2188        SiSRaid4 - ok
14:42:55.0380 2188        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
14:42:55.0380 2188        Smb - ok
14:42:55.0458 2188        SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
14:42:55.0458 2188        SNMPTRAP - ok
14:42:55.0505 2188        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
14:42:55.0505 2188        spldr - ok
14:42:55.0583 2188        Spooler        (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
14:42:55.0598 2188        Spooler - ok
14:42:55.0879 2188        sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
14:42:56.0004 2188        sppsvc - ok
14:42:56.0113 2188        sppuinotify    (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
14:42:56.0144 2188        sppuinotify - ok
14:42:56.0316 2188        sptd            (cdddec541bc3c96f91ecb48759673505) C:\Windows\System32\Drivers\sptd.sys
14:42:56.0347 2188        sptd - ok
14:42:56.0410 2188        srv            (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
14:42:56.0456 2188        srv - ok
14:42:56.0534 2188        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
14:42:56.0566 2188        srv2 - ok
14:42:56.0612 2188        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
14:42:56.0628 2188        srvnet - ok
14:42:56.0690 2188        SSDPSRV        (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
14:42:56.0706 2188        SSDPSRV - ok
14:42:56.0737 2188        SstpSvc        (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
14:42:56.0753 2188        SstpSvc - ok
14:42:56.0800 2188        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
14:42:56.0800 2188        stexstor - ok
14:42:56.0846 2188        StillCam        (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
14:42:56.0846 2188        StillCam - ok
14:42:56.0924 2188        StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
14:42:56.0956 2188        StiSvc - ok
14:42:56.0987 2188        storflt        (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
14:42:56.0987 2188        storflt - ok
14:42:57.0034 2188        StorSvc        (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
14:42:57.0034 2188        StorSvc - ok
14:42:57.0065 2188        storvsc        (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
14:42:57.0080 2188        storvsc - ok
14:42:57.0127 2188        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
14:42:57.0127 2188        swenum - ok
14:42:57.0205 2188        swprv          (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
14:42:57.0221 2188        swprv - ok
14:42:57.0314 2188        SysMain        (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
14:42:57.0346 2188        SysMain - ok
14:42:57.0392 2188        TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
14:42:57.0424 2188        TabletInputService - ok
14:42:57.0455 2188        TapiSrv        (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
14:42:57.0486 2188        TapiSrv - ok
14:42:57.0517 2188        TBS            (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
14:42:57.0533 2188        TBS - ok
14:42:57.0704 2188        Tcpip          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
14:42:57.0751 2188        Tcpip - ok
14:42:57.0814 2188        TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
14:42:57.0845 2188        TCPIP6 - ok
14:42:57.0892 2188        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
14:42:57.0923 2188        tcpipreg - ok
14:42:57.0970 2188        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
14:42:57.0970 2188        TDPIPE - ok
14:42:58.0001 2188        TDTCP          (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
14:42:58.0016 2188        TDTCP - ok
14:42:58.0048 2188        tdx            (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
14:42:58.0063 2188        tdx - ok
14:42:58.0094 2188        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
14:42:58.0094 2188        TermDD - ok
14:42:58.0172 2188        TermService    (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
14:42:58.0204 2188        TermService - ok
14:42:58.0235 2188        Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
14:42:58.0250 2188        Themes - ok
14:42:58.0297 2188        THREADORDER    (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
14:42:58.0313 2188        THREADORDER - ok
14:42:58.0360 2188        TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
14:42:58.0360 2188        TrkWks - ok
14:42:58.0438 2188        TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
14:42:58.0453 2188        TrustedInstaller - ok
14:42:58.0500 2188        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:42:58.0516 2188        tssecsrv - ok
14:42:58.0547 2188        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
14:42:58.0547 2188        TsUsbFlt - ok
14:42:58.0578 2188        TsUsbGD        (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
14:42:58.0578 2188        TsUsbGD - ok
14:42:58.0625 2188        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
14:42:58.0640 2188        tunnel - ok
14:42:58.0656 2188        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
14:42:58.0672 2188        uagp35 - ok
14:42:58.0734 2188        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
14:42:58.0734 2188        udfs - ok
14:42:58.0796 2188        UI0Detect      (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
14:42:58.0812 2188        UI0Detect - ok
14:42:58.0843 2188        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
14:42:58.0843 2188        uliagpkx - ok
14:42:58.0890 2188        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
14:42:58.0890 2188        umbus - ok
14:42:58.0937 2188        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
14:42:58.0937 2188        UmPass - ok
14:42:58.0999 2188        UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
14:42:59.0015 2188        UmRdpService - ok
14:42:59.0077 2188        upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
14:42:59.0093 2188        upnphost - ok
14:42:59.0155 2188        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:42:59.0155 2188        USBAAPL - ok
14:42:59.0233 2188        usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
14:42:59.0233 2188        usbaudio - ok
14:42:59.0296 2188        usbccgp        (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
14:42:59.0296 2188        usbccgp - ok
14:42:59.0358 2188        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
14:42:59.0374 2188        usbcir - ok
14:42:59.0405 2188        usbehci        (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
14:42:59.0405 2188        usbehci - ok
14:42:59.0483 2188        usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
14:42:59.0498 2188        usbhub - ok
14:42:59.0530 2188        usbohci        (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
14:42:59.0530 2188        usbohci - ok
14:42:59.0576 2188        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\drivers\usbprint.sys
14:42:59.0576 2188        usbprint - ok
14:42:59.0639 2188        USBSTOR        (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:42:59.0639 2188        USBSTOR - ok
14:42:59.0670 2188        usbuhci        (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:42:59.0686 2188        usbuhci - ok
14:42:59.0732 2188        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
14:42:59.0732 2188        usbvideo - ok
14:42:59.0795 2188        UxSms          (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
14:42:59.0810 2188        UxSms - ok
14:42:59.0857 2188        VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:42:59.0857 2188        VaultSvc - ok
14:42:59.0904 2188        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
14:42:59.0904 2188        vdrvroot - ok
14:42:59.0998 2188        vds            (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
14:43:00.0044 2188        vds - ok
14:43:00.0076 2188        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
14:43:00.0091 2188        vga - ok
14:43:00.0122 2188        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
14:43:00.0122 2188        VgaSave - ok
14:43:00.0185 2188        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
14:43:00.0185 2188        vhdmp - ok
14:43:00.0216 2188        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
14:43:00.0232 2188        viaagp - ok
14:43:00.0263 2188        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
14:43:00.0263 2188        ViaC7 - ok
14:43:00.0294 2188        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
14:43:00.0294 2188        viaide - ok
14:43:00.0341 2188        vmbus          (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
14:43:00.0356 2188        vmbus - ok
14:43:00.0372 2188        VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
14:43:00.0388 2188        VMBusHID - ok
14:43:00.0434 2188        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
14:43:00.0434 2188        volmgr - ok
14:43:00.0481 2188        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
14:43:00.0497 2188        volmgrx - ok
14:43:00.0544 2188        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
14:43:00.0559 2188        volsnap - ok
14:43:00.0622 2188        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
14:43:00.0622 2188        vsmraid - ok
14:43:00.0762 2188        VSS            (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
14:43:00.0793 2188        VSS - ok
14:43:00.0824 2188        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
14:43:00.0824 2188        vwifibus - ok
14:43:00.0887 2188        vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
14:43:00.0887 2188        vwififlt - ok
14:43:00.0934 2188        W32Time        (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
14:43:00.0965 2188        W32Time - ok
14:43:01.0012 2188        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
14:43:01.0012 2188        WacomPen - ok
14:43:01.0043 2188        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:43:01.0043 2188        WANARP - ok
14:43:01.0058 2188        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:43:01.0074 2188        Wanarpv6 - ok
14:43:01.0199 2188        wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
14:43:01.0261 2188        wbengine - ok
14:43:01.0308 2188        WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
14:43:01.0339 2188        WbioSrvc - ok
14:43:01.0402 2188        wcncsvc        (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
14:43:01.0433 2188        wcncsvc - ok
14:43:01.0448 2188        WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
14:43:01.0464 2188        WcsPlugInService - ok
14:43:01.0526 2188        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
14:43:01.0526 2188        Wd - ok
14:43:01.0589 2188        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:43:01.0604 2188        Wdf01000 - ok
14:43:01.0651 2188        WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
14:43:01.0667 2188        WdiServiceHost - ok
14:43:01.0682 2188        WdiSystemHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
14:43:01.0698 2188        WdiSystemHost - ok
14:43:01.0760 2188        WebClient      (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
14:43:01.0776 2188        WebClient - ok
14:43:01.0823 2188        Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
14:43:01.0838 2188        Wecsvc - ok
14:43:01.0870 2188        wercplsupport  (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
14:43:01.0885 2188        wercplsupport - ok
14:43:01.0932 2188        WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
14:43:01.0948 2188        WerSvc - ok
14:43:01.0994 2188        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
14:43:01.0994 2188        WfpLwf - ok
14:43:02.0026 2188        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
14:43:02.0026 2188        WIMMount - ok
14:43:02.0057 2188        WinHttpAutoProxySvc - ok
14:43:02.0135 2188        Winmgmt        (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
14:43:02.0150 2188        Winmgmt - ok
14:43:02.0338 2188        WinRM          (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
14:43:02.0431 2188        WinRM - ok
14:43:02.0540 2188        WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
14:43:02.0556 2188        WinUsb - ok
14:43:02.0681 2188        Wlansvc        (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
14:43:02.0743 2188        Wlansvc - ok
14:43:02.0806 2188        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:43:02.0806 2188        WmiAcpi - ok
14:43:02.0899 2188        wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
14:43:02.0915 2188        wmiApSrv - ok
14:43:03.0118 2188        WMPNetworkSvc  (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:43:03.0164 2188        WMPNetworkSvc - ok
14:43:03.0211 2188        WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
14:43:03.0227 2188        WPCSvc - ok
14:43:03.0289 2188        WPDBusEnum      (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
14:43:03.0305 2188        WPDBusEnum - ok
14:43:03.0367 2188        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
14:43:03.0367 2188        ws2ifsl - ok
14:43:03.0398 2188        WSearch - ok
14:43:03.0508 2188        WTGService      (534c2d3d81b066fa24a075c224045654) C:\Program Files\Verbindungsassistent\WTGService.exe
14:43:03.0539 2188        WTGService - ok
14:43:03.0820 2188        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
14:43:03.0898 2188        wuauserv - ok
14:43:04.0085 2188        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
14:43:04.0100 2188        WudfPf - ok
14:43:04.0147 2188        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:43:04.0163 2188        WUDFRd - ok
14:43:04.0210 2188        wudfsvc        (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
14:43:04.0241 2188        wudfsvc - ok
14:43:04.0288 2188        WwanSvc        (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
14:43:04.0319 2188        WwanSvc - ok
14:43:04.0381 2188        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:43:04.0740 2188        \Device\Harddisk0\DR0 - ok
14:43:04.0756 2188        Boot (0x1200)  (862f690daf7406fe12e1e74105a3e036) \Device\Harddisk0\DR0\Partition0
14:43:04.0771 2188        \Device\Harddisk0\DR0\Partition0 - ok
14:43:04.0802 2188        Boot (0x1200)  (e331f12a58a92ccfac34356e15ed4822) \Device\Harddisk0\DR0\Partition1
14:43:04.0818 2188        \Device\Harddisk0\DR0\Partition1 - ok
14:43:04.0818 2188        ============================================================
14:43:04.0818 2188        Scan finished
14:43:04.0818 2188        ============================================================
14:43:04.0865 3748        Detected object count: 0
14:43:04.0865 3748        Actual detected object count: 0
Danke!

Gruß

Jürgen

gofurther 13.07.2012 14:07
Hallo Arne,

habe einen Fehler bei den Killer-Settings gemacht.

hier der vollstäbdige LOg

Code:
14:40:35.0580 3664        TDSS rootkit removing tool 2.7.45.0 Jul  9 2012 12:46:35
14:40:35.0953 3664        ============================================================
14:40:35.0953 3664        Current date / time: 2012/07/13 14:40:35.0953
14:40:35.0953 3664        SystemInfo:
14:40:35.0953 3664       
14:40:35.0954 3664        OS Version: 6.1.7601 ServicePack: 1.0
14:40:35.0954 3664        Product type: Workstation
14:40:35.0954 3664        ComputerName: JPMK-PC
14:40:35.0958 3664        UserName: JPMK
14:40:35.0958 3664        Windows directory: C:\Windows
14:40:35.0958 3664        System windows directory: C:\Windows
14:40:35.0958 3664        Processor architecture: Intel x86
14:40:35.0958 3664        Number of processors: 2
14:40:35.0958 3664        Page size: 0x1000
14:40:35.0958 3664        Boot type: Normal boot
14:40:35.0958 3664        ============================================================
14:40:37.0994 3664        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x312B6F, SectorsPerTrack: 0x2, TracksPerCylinder: 0x61, Type 'K0', Flags 0x00000050
14:40:38.0013 3664        ============================================================
14:40:38.0013 3664        \Device\Harddisk0\DR0:
14:40:38.0043 3664        MBR partitions:
14:40:38.0043 3664        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:40:38.0043 3664        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
14:40:38.0043 3664        ============================================================
14:40:38.0135 3664        C: <-> \Device\Harddisk0\DR0\Partition1
14:40:38.0135 3664        ============================================================
14:40:38.0135 3664        Initialize success
14:40:38.0135 3664        ============================================================
14:42:32.0542 2188        ============================================================
14:42:32.0542 2188        Scan started
14:42:32.0542 2188        Mode: Manual;
14:42:32.0542 2188        ============================================================
14:42:33.0446 2188        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
14:42:33.0462 2188        1394ohci - ok
14:42:33.0524 2188        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
14:42:33.0556 2188        ACPI - ok
14:42:33.0602 2188        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
14:42:33.0602 2188        AcpiPmi - ok
14:42:33.0696 2188        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:42:33.0712 2188        AdobeARMservice - ok
14:42:33.0805 2188        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
14:42:33.0821 2188        adp94xx - ok
14:42:33.0914 2188        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
14:42:33.0914 2188        adpahci - ok
14:42:33.0961 2188        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
14:42:33.0961 2188        adpu320 - ok
14:42:34.0039 2188        AeLookupSvc    (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
14:42:34.0039 2188        AeLookupSvc - ok
14:42:34.0133 2188        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
14:42:34.0133 2188        AFD - ok
14:42:34.0195 2188        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
14:42:34.0211 2188        agp440 - ok
14:42:34.0242 2188        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
14:42:34.0242 2188        aic78xx - ok
14:42:34.0304 2188        ALG            (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
14:42:34.0304 2188        ALG - ok
14:42:34.0336 2188        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
14:42:34.0351 2188        aliide - ok
14:42:34.0382 2188        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
14:42:34.0398 2188        amdagp - ok
14:42:34.0414 2188        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
14:42:34.0414 2188        amdide - ok
14:42:34.0460 2188        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
14:42:34.0476 2188        AmdK8 - ok
14:42:34.0507 2188        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
14:42:34.0538 2188        AmdPPM - ok
14:42:34.0585 2188        amdsata        (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
14:42:34.0601 2188        amdsata - ok
14:42:34.0648 2188        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
14:42:34.0663 2188        amdsbs - ok
14:42:34.0679 2188        amdxata        (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
14:42:34.0679 2188        amdxata - ok
14:42:34.0726 2188        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
14:42:34.0726 2188        AppID - ok
14:42:34.0788 2188        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
14:42:34.0788 2188        AppIDSvc - ok
14:42:34.0819 2188        Appinfo        (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
14:42:34.0819 2188        Appinfo - ok
14:42:34.0882 2188        AppMgmt        (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
14:42:34.0897 2188        AppMgmt - ok
14:42:34.0928 2188        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
14:42:34.0944 2188        arc - ok
14:42:34.0975 2188        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
14:42:34.0991 2188        arcsas - ok
14:42:35.0038 2188        AsIO            (9d8cb58b9a9e177ddd599791a58a654d) C:\Windows\system32\drivers\AsIO.sys
14:42:35.0038 2188        AsIO - ok
14:42:35.0084 2188        AsUpIO          (a9a565c669786c402752f609afdd0dd5) C:\Windows\system32\drivers\AsUpIO.sys
14:42:35.0084 2188        AsUpIO - ok
14:42:35.0131 2188        AsusACPI        (12415a4b61ded200fe9932b47a35fa42) C:\Windows\system32\DRIVERS\ASUSACPI.sys
14:42:35.0131 2188        AsusACPI - ok
14:42:35.0194 2188        AsusService    (f8259f0802d1a68324ca909e898d6d68) C:\Windows\System32\AsusService.exe
14:42:35.0209 2188        AsusService - ok
14:42:35.0256 2188        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
14:42:35.0256 2188        AsyncMac - ok
14:42:35.0287 2188        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
14:42:35.0287 2188        atapi - ok
14:42:35.0365 2188        AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
14:42:35.0381 2188        AudioEndpointBuilder - ok
14:42:35.0412 2188        Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
14:42:35.0428 2188        Audiosrv - ok
14:42:35.0474 2188        AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
14:42:35.0490 2188        AxInstSV - ok
14:42:35.0568 2188        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
14:42:35.0599 2188        b06bdrv - ok
14:42:35.0646 2188        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
14:42:35.0662 2188        b57nd60x - ok
14:42:35.0740 2188        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
14:42:35.0740 2188        BDESVC - ok
14:42:35.0771 2188        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
14:42:35.0771 2188        Beep - ok
14:42:35.0864 2188        BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
14:42:35.0911 2188        BITS - ok
14:42:35.0942 2188        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
14:42:35.0942 2188        blbdrive - ok
14:42:36.0005 2188        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
14:42:36.0005 2188        bowser - ok
14:42:36.0036 2188        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
14:42:36.0052 2188        BrFiltLo - ok
14:42:36.0067 2188        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
14:42:36.0067 2188        BrFiltUp - ok
14:42:36.0098 2188        Browser        (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
14:42:36.0114 2188        Browser - ok
14:42:36.0161 2188        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
14:42:36.0176 2188        Brserid - ok
14:42:36.0208 2188        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
14:42:36.0208 2188        BrSerWdm - ok
14:42:36.0239 2188        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:42:36.0239 2188        BrUsbMdm - ok
14:42:36.0270 2188        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
14:42:36.0270 2188        BrUsbSer - ok
14:42:36.0317 2188        BthEnum        (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
14:42:36.0317 2188        BthEnum - ok
14:42:36.0348 2188        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
14:42:36.0348 2188        BTHMODEM - ok
14:42:36.0410 2188        BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
14:42:36.0426 2188        BthPan - ok
14:42:36.0488 2188        BTHPORT        (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\system32\Drivers\BTHport.sys
14:42:36.0520 2188        BTHPORT - ok
14:42:36.0582 2188        bthserv        (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
14:42:36.0582 2188        bthserv - ok
14:42:36.0629 2188        BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\system32\Drivers\BTHUSB.sys
14:42:36.0629 2188        BTHUSB - ok
14:42:36.0676 2188        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
14:42:36.0691 2188        cdfs - ok
14:42:36.0722 2188        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
14:42:36.0738 2188        cdrom - ok
14:42:36.0785 2188        CertPropSvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
14:42:36.0800 2188        CertPropSvc - ok
14:42:36.0832 2188        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
14:42:36.0832 2188        circlass - ok
14:42:36.0894 2188        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
14:42:36.0894 2188        CLFS - ok
14:42:36.0956 2188        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:42:36.0972 2188        clr_optimization_v2.0.50727_32 - ok
14:42:37.0050 2188        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:42:37.0066 2188        clr_optimization_v4.0.30319_32 - ok
14:42:37.0112 2188        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
14:42:37.0112 2188        CmBatt - ok
14:42:37.0144 2188        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
14:42:37.0159 2188        cmdide - ok
14:42:37.0222 2188        CNG            (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
14:42:37.0268 2188        CNG - ok
14:42:37.0409 2188        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
14:42:37.0409 2188        Compbatt - ok
14:42:37.0456 2188        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:42:37.0456 2188        CompositeBus - ok
14:42:37.0471 2188        COMSysApp - ok
14:42:37.0518 2188        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
14:42:37.0518 2188        crcdisk - ok
14:42:37.0580 2188        CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
14:42:37.0596 2188        CryptSvc - ok
14:42:37.0674 2188        CSC            (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
14:42:37.0705 2188        CSC - ok
14:42:37.0783 2188        CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
14:42:37.0814 2188        CscService - ok
14:42:37.0908 2188        DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
14:42:37.0924 2188        DcomLaunch - ok
14:42:37.0970 2188        defragsvc      (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
14:42:37.0986 2188        defragsvc - ok
14:42:38.0064 2188        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
14:42:38.0064 2188        DfsC - ok
14:42:38.0158 2188        Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
14:42:38.0158 2188        Dhcp - ok
14:42:38.0189 2188        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
14:42:38.0189 2188        discache - ok
14:42:38.0251 2188        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
14:42:38.0267 2188        Disk - ok
14:42:38.0298 2188        dmvsc          (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys
14:42:38.0314 2188        dmvsc - ok
14:42:38.0376 2188        Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
14:42:38.0376 2188        Dnscache - ok
14:42:38.0454 2188        dot3svc        (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
14:42:38.0470 2188        dot3svc - ok
14:42:38.0516 2188        DPS            (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
14:42:38.0532 2188        DPS - ok
14:42:38.0563 2188        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
14:42:38.0579 2188        drmkaud - ok
14:42:38.0641 2188        DrvAgent32      (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys
14:42:38.0657 2188        DrvAgent32 - ok
14:42:38.0766 2188        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
14:42:38.0782 2188        DXGKrnl - ok
14:42:38.0828 2188        EapHost        (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
14:42:38.0844 2188        EapHost - ok
14:42:39.0140 2188        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
14:42:39.0265 2188        ebdrv - ok
14:42:39.0406 2188        EFS            (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
14:42:39.0421 2188        EFS - ok
14:42:39.0562 2188        ehRecvr        (3a74a6e33685662b125a3269b1f2114f) C:\Windows\ehome\ehRecvr.exe
14:42:39.0593 2188        ehRecvr - ok
14:42:39.0655 2188        ehSched        (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
14:42:39.0671 2188        ehSched - ok
14:42:39.0780 2188        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
14:42:39.0811 2188        elxstor - ok
14:42:39.0827 2188        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
14:42:39.0827 2188        ErrDev - ok
14:42:39.0905 2188        ETD            (fbffa0089056a7bb8355ee89f49e336d) C:\Windows\system32\DRIVERS\ETD.sys
14:42:39.0905 2188        ETD - ok
14:42:39.0998 2188        EventSystem    (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
14:42:40.0014 2188        EventSystem - ok
14:42:40.0061 2188        ewsercd        (e66710639a292f6341d63b01ee8e8037) C:\Windows\system32\DRIVERS\ewsercd.sys
14:42:40.0061 2188        ewsercd - ok
14:42:40.0123 2188        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
14:42:40.0139 2188        exfat - ok
14:42:40.0170 2188        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
14:42:40.0170 2188        fastfat - ok
14:42:40.0248 2188        Fax            (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
14:42:40.0279 2188        Fax - ok
14:42:40.0310 2188        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys
14:42:40.0310 2188        fdc - ok
14:42:40.0357 2188        fdPHost        (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
14:42:40.0357 2188        fdPHost - ok
14:42:40.0388 2188        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
14:42:40.0388 2188        FDResPub - ok
14:42:40.0420 2188        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
14:42:40.0420 2188        FileInfo - ok
14:42:40.0451 2188        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
14:42:40.0451 2188        Filetrace - ok
14:42:40.0498 2188        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys
14:42:40.0498 2188        flpydisk - ok
14:42:40.0544 2188        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
14:42:40.0560 2188        FltMgr - ok
14:42:40.0638 2188        FontCache      (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
14:42:40.0669 2188        FontCache - ok
14:42:40.0747 2188        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:42:40.0763 2188        FontCache3.0.0.0 - ok
14:42:40.0825 2188        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
14:42:40.0825 2188        FsDepends - ok
14:42:40.0856 2188        Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
14:42:40.0856 2188        Fs_Rec - ok
14:42:40.0919 2188        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
14:42:40.0934 2188        fvevol - ok
14:42:40.0966 2188        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
14:42:40.0966 2188        gagp30kx - ok
14:42:41.0059 2188        gpsvc          (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
14:42:41.0090 2188        gpsvc - ok
14:42:41.0122 2188        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
14:42:41.0122 2188        hcw85cir - ok
14:42:41.0200 2188        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
14:42:41.0231 2188        HdAudAddService - ok
14:42:41.0293 2188        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:42:41.0293 2188        HDAudBus - ok
14:42:41.0324 2188        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
14:42:41.0340 2188        HidBatt - ok
14:42:41.0371 2188        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
14:42:41.0387 2188        HidBth - ok
14:42:41.0418 2188        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
14:42:41.0418 2188        HidIr - ok
14:42:41.0449 2188        hidserv        (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
14:42:41.0465 2188        hidserv - ok
14:42:41.0496 2188        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
14:42:41.0496 2188        HidUsb - ok
14:42:41.0543 2188        hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
14:42:41.0558 2188        hkmsvc - ok
14:42:41.0605 2188        HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
14:42:41.0621 2188        HomeGroupListener - ok
14:42:41.0699 2188        HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
14:42:41.0699 2188        HomeGroupProvider - ok
14:42:41.0855 2188        hpqcxs08        (5da42d24712e00728cea2342a65009b2) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:42:41.0870 2188        hpqcxs08 - ok
14:42:41.0917 2188        hpqddsvc        (d86a39bf100069444d026d22d9a6e555) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:42:41.0933 2188        hpqddsvc - ok
14:42:41.0980 2188        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
14:42:41.0980 2188        HpSAMD - ok
14:42:42.0120 2188        HPSLPSVC        (9d23402d305869844bc6004a05cc74ba) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
14:42:42.0151 2188        HPSLPSVC - ok
14:42:42.0245 2188        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
14:42:42.0260 2188        HTTP - ok
14:42:42.0307 2188        hwdatacard      (92ca47da32009ccc00a5aded04abbd78) C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:42:42.0323 2188        hwdatacard - ok
14:42:42.0354 2188        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
14:42:42.0354 2188        hwpolicy - ok
14:42:42.0479 2188        hwusbfake      (1d4d6d24256f61e6b08a3cf8184a78b8) C:\Windows\system32\DRIVERS\ewusbfake.sys
14:42:42.0479 2188        hwusbfake - ok
14:42:42.0541 2188        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
14:42:42.0541 2188        i8042prt - ok
14:42:42.0650 2188        iaStorV        (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
14:42:42.0666 2188        iaStorV - ok
14:42:42.0822 2188        idsvc          (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:42:42.0869 2188        idsvc - ok
14:42:43.0493 2188        igfx            (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:42:43.0680 2188        igfx - ok
14:42:43.0852 2188        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
14:42:43.0852 2188        iirsp - ok
14:42:43.0992 2188        IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
14:42:44.0023 2188        IKEEXT - ok
14:42:44.0086 2188        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
14:42:44.0086 2188        intelide - ok
14:42:44.0132 2188        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
14:42:44.0148 2188        intelppm - ok
14:42:44.0179 2188        IPBusEnum      (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
14:42:44.0179 2188        IPBusEnum - ok
14:42:44.0242 2188        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:42:44.0242 2188        IpFilterDriver - ok
14:42:44.0273 2188        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
14:42:44.0273 2188        IPMIDRV - ok
14:42:44.0320 2188        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
14:42:44.0320 2188        IPNAT - ok
14:42:44.0366 2188        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
14:42:44.0382 2188        IRENUM - ok
14:42:44.0413 2188        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
14:42:44.0413 2188        isapnp - ok
14:42:44.0460 2188        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
14:42:44.0476 2188        iScsiPrt - ok
14:42:44.0522 2188        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:42:44.0538 2188        kbdclass - ok
14:42:44.0569 2188        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
14:42:44.0569 2188        kbdhid - ok
14:42:44.0616 2188        kbfiltr        (3eb803312987ff44265c87cb960df6ab) C:\Windows\system32\DRIVERS\kbfiltr.sys
14:42:44.0616 2188        kbfiltr - ok
14:42:44.0663 2188        KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:42:44.0663 2188        KeyIso - ok
14:42:44.0694 2188        KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
14:42:44.0710 2188        KSecDD - ok
14:42:44.0741 2188        KSecPkg        (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
14:42:44.0756 2188        KSecPkg - ok
14:42:44.0834 2188        KtmRm          (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
14:42:44.0850 2188        KtmRm - ok
14:42:44.0897 2188        L1E            (8c804b1ffad1efa952b747e8285c3b76) C:\Windows\system32\DRIVERS\L1E62x86.sys
14:42:44.0912 2188        L1E - ok
14:42:44.0990 2188        LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
14:42:45.0022 2188        LanmanServer - ok
14:42:45.0084 2188        LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
14:42:45.0100 2188        LanmanWorkstation - ok
14:42:45.0146 2188        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
14:42:45.0162 2188        lltdio - ok
14:42:45.0209 2188        lltdsvc        (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
14:42:45.0224 2188        lltdsvc - ok
14:42:45.0256 2188        lmhosts        (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
14:42:45.0256 2188        lmhosts - ok
14:42:45.0302 2188        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
14:42:45.0302 2188        LSI_FC - ok
14:42:45.0349 2188        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
14:42:45.0365 2188        LSI_SAS - ok
14:42:45.0380 2188        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
14:42:45.0396 2188        LSI_SAS2 - ok
14:42:45.0427 2188        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
14:42:45.0458 2188        LSI_SCSI - ok
14:42:45.0490 2188        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
14:42:45.0505 2188        luafv - ok
14:42:45.0552 2188        Mcx2Svc        (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
14:42:45.0568 2188        Mcx2Svc - ok
14:42:45.0599 2188        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
14:42:45.0599 2188        megasas - ok
14:42:45.0661 2188        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
14:42:45.0677 2188        MegaSR - ok
14:42:45.0755 2188        Microsoft SharePoint Workspace Audit Service - ok
14:42:45.0833 2188        MMCSS          (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
14:42:45.0833 2188        MMCSS - ok
14:42:45.0864 2188        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
14:42:45.0864 2188        Modem - ok
14:42:45.0911 2188        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
14:42:45.0911 2188        monitor - ok
14:42:45.0942 2188        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
14:42:45.0942 2188        mouclass - ok
14:42:45.0973 2188        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
14:42:45.0989 2188        mouhid - ok
14:42:46.0020 2188        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
14:42:46.0020 2188        mountmgr - ok
14:42:46.0098 2188        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:42:46.0098 2188        MozillaMaintenance - ok
14:42:46.0160 2188        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
14:42:46.0176 2188        mpio - ok
14:42:46.0192 2188        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
14:42:46.0207 2188        mpsdrv - ok
14:42:46.0238 2188        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
14:42:46.0238 2188        MRxDAV - ok
14:42:46.0301 2188        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:42:46.0301 2188        mrxsmb - ok
14:42:46.0348 2188        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:42:46.0363 2188        mrxsmb10 - ok
14:42:46.0394 2188        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:42:46.0410 2188        mrxsmb20 - ok
14:42:46.0472 2188        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
14:42:46.0472 2188        msahci - ok
14:42:46.0504 2188        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
14:42:46.0504 2188        msdsm - ok
14:42:46.0566 2188        MSDTC          (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
14:42:46.0597 2188        MSDTC - ok
14:42:46.0644 2188        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
14:42:46.0644 2188        Msfs - ok
14:42:46.0675 2188        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
14:42:46.0691 2188        mshidkmdf - ok
14:42:46.0706 2188        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
14:42:46.0706 2188        msisadrv - ok
14:42:46.0769 2188        MSiSCSI        (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
14:42:46.0769 2188        MSiSCSI - ok
14:42:46.0784 2188        msiserver - ok
14:42:46.0831 2188        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
14:42:46.0831 2188        MSKSSRV - ok
14:42:46.0862 2188        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
14:42:46.0862 2188        MSPCLOCK - ok
14:42:46.0894 2188        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
14:42:46.0894 2188        MSPQM - ok
14:42:46.0940 2188        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
14:42:46.0956 2188        MsRPC - ok
14:42:47.0003 2188        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
14:42:47.0003 2188        mssmbios - ok
14:42:47.0034 2188        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
14:42:47.0050 2188        MSTEE - ok
14:42:47.0065 2188        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
14:42:47.0065 2188        MTConfig - ok
14:42:47.0112 2188        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
14:42:47.0112 2188        Mup - ok
14:42:47.0159 2188        napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
14:42:47.0190 2188        napagent - ok
14:42:47.0268 2188        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
14:42:47.0284 2188        NativeWifiP - ok
14:42:47.0377 2188        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
14:42:47.0408 2188        NDIS - ok
14:42:47.0455 2188        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
14:42:47.0455 2188        NdisCap - ok
14:42:47.0518 2188        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
14:42:47.0518 2188        NdisTapi - ok
14:42:47.0564 2188        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
14:42:47.0564 2188        Ndisuio - ok
14:42:47.0611 2188        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
14:42:47.0611 2188        NdisWan - ok
14:42:47.0642 2188        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
14:42:47.0658 2188        NDProxy - ok
14:42:47.0705 2188        Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll
14:42:47.0705 2188        Net Driver HPZ12 - ok
14:42:47.0752 2188        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
14:42:47.0767 2188        NetBIOS - ok
14:42:47.0814 2188        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
14:42:47.0814 2188        NetBT - ok
14:42:47.0861 2188        Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:42:47.0876 2188        Netlogon - ok
14:42:47.0954 2188        Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
14:42:47.0986 2188        Netman - ok
14:42:48.0032 2188        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
14:42:48.0048 2188        netprofm - ok
14:42:48.0142 2188        netr28          (652881f65b35564575255a0e05e23c55) C:\Windows\system32\DRIVERS\netr28.sys
14:42:48.0157 2188        netr28 - ok
14:42:48.0251 2188        NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:42:48.0266 2188        NetTcpPortSharing - ok
14:42:48.0313 2188        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
14:42:48.0329 2188        nfrd960 - ok
14:42:48.0391 2188        NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
14:42:48.0407 2188        NlaSvc - ok
14:42:48.0438 2188        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
14:42:48.0438 2188        Npfs - ok
14:42:48.0469 2188        nsi            (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
14:42:48.0485 2188        nsi - ok
14:42:48.0500 2188        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
14:42:48.0516 2188        nsiproxy - ok
14:42:48.0656 2188        Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
14:42:48.0719 2188        Ntfs - ok
14:42:48.0766 2188        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
14:42:48.0766 2188        Null - ok
14:42:48.0844 2188        nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
14:42:48.0844 2188        nvraid - ok
14:42:48.0890 2188        nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
14:42:48.0890 2188        nvstor - ok
14:42:48.0922 2188        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
14:42:48.0937 2188        nv_agp - ok
14:42:48.0953 2188        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
14:42:48.0968 2188        ohci1394 - ok
14:42:49.0031 2188        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:42:49.0046 2188        ose - ok
14:42:49.0624 2188        osppsvc        (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:42:49.0795 2188        osppsvc - ok
14:42:49.0967 2188        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
14:42:49.0998 2188        p2pimsvc - ok
14:42:50.0060 2188        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
14:42:50.0092 2188        p2psvc - ok
14:42:50.0154 2188        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys
14:42:50.0170 2188        Parport - ok
14:42:50.0216 2188        partmgr        (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
14:42:50.0216 2188        partmgr - ok
14:42:50.0248 2188        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys
14:42:50.0248 2188        Parvdm - ok
14:42:50.0310 2188        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
14:42:50.0326 2188        PcaSvc - ok
14:42:50.0357 2188        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
14:42:50.0388 2188        pci - ok
14:42:50.0419 2188        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
14:42:50.0419 2188        pciide - ok
14:42:50.0466 2188        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
14:42:50.0482 2188        pcmcia - ok
14:42:50.0513 2188        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
14:42:50.0513 2188        pcw - ok
14:42:50.0606 2188        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
14:42:50.0653 2188        PEAUTH - ok
14:42:50.0825 2188        PeerDistSvc    (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
14:42:50.0872 2188        PeerDistSvc - ok
14:42:51.0106 2188        pla            (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
14:42:51.0168 2188        pla - ok
14:42:51.0340 2188        PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
14:42:51.0355 2188        PlugPlay - ok
14:42:51.0433 2188        Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll
14:42:51.0449 2188        Pml Driver HPZ12 - ok
14:42:51.0480 2188        PNRPAutoReg    (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
14:42:51.0496 2188        PNRPAutoReg - ok
14:42:51.0558 2188        PNRPsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
14:42:51.0558 2188        PNRPsvc - ok
14:42:51.0636 2188        Point32        (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
14:42:51.0652 2188        Point32 - ok
14:42:51.0714 2188        PolicyAgent    (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
14:42:51.0730 2188        PolicyAgent - ok
14:42:51.0823 2188        Power          (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
14:42:51.0839 2188        Power - ok
14:42:51.0886 2188        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
14:42:51.0901 2188        PptpMiniport - ok
14:42:51.0948 2188        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
14:42:51.0948 2188        Processor - ok
14:42:52.0010 2188        ProfSvc        (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
14:42:52.0026 2188        ProfSvc - ok
14:42:52.0088 2188        ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:42:52.0088 2188        ProtectedStorage - ok
14:42:52.0151 2188        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
14:42:52.0151 2188        Psched - ok
14:42:52.0338 2188        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
14:42:52.0432 2188        ql2300 - ok
14:42:52.0603 2188        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
14:42:52.0603 2188        ql40xx - ok
14:42:52.0697 2188        QWAVE          (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
14:42:52.0712 2188        QWAVE - ok
14:42:52.0744 2188        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
14:42:52.0744 2188        QWAVEdrv - ok
14:42:52.0790 2188        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
14:42:52.0790 2188        RasAcd - ok
14:42:52.0853 2188        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:42:52.0868 2188        RasAgileVpn - ok
14:42:52.0915 2188        RasAuto        (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
14:42:52.0931 2188        RasAuto - ok
14:42:52.0962 2188        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:42:52.0978 2188        Rasl2tp - ok
14:42:53.0056 2188        RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
14:42:53.0071 2188        RasMan - ok
14:42:53.0118 2188        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
14:42:53.0118 2188        RasPppoe - ok
14:42:53.0180 2188        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
14:42:53.0180 2188        RasSstp - ok
14:42:53.0227 2188        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
14:42:53.0258 2188        rdbss - ok
14:42:53.0274 2188        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
14:42:53.0290 2188        rdpbus - ok
14:42:53.0321 2188        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:42:53.0321 2188        RDPCDD - ok
14:42:53.0399 2188        RDPDR          (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
14:42:53.0414 2188        RDPDR - ok
14:42:53.0461 2188        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
14:42:53.0477 2188        RDPENCDD - ok
14:42:53.0508 2188        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
14:42:53.0508 2188        RDPREFMP - ok
14:42:53.0570 2188        RDPWD          (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
14:42:53.0586 2188        RDPWD - ok
14:42:53.0633 2188        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
14:42:53.0648 2188        rdyboost - ok
14:42:53.0695 2188        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
14:42:53.0711 2188        RemoteAccess - ok
14:42:53.0773 2188        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
14:42:53.0789 2188        RemoteRegistry - ok
14:42:53.0836 2188        RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
14:42:53.0836 2188        RFCOMM - ok
14:42:53.0882 2188        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
14:42:53.0882 2188        RpcEptMapper - ok
14:42:53.0929 2188        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
14:42:53.0945 2188        RpcLocator - ok
14:42:54.0007 2188        RpcSs          (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
14:42:54.0007 2188        RpcSs - ok
14:42:54.0054 2188        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
14:42:54.0070 2188        rspndr - ok
14:42:54.0101 2188        s3cap          (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
14:42:54.0101 2188        s3cap - ok
14:42:54.0148 2188        SamSs          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:42:54.0148 2188        SamSs - ok
14:42:54.0210 2188        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
14:42:54.0210 2188        sbp2port - ok
14:42:54.0272 2188        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
14:42:54.0288 2188        SCardSvr - ok
14:42:54.0319 2188        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
14:42:54.0319 2188        scfilter - ok
14:42:54.0397 2188        Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
14:42:54.0460 2188        Schedule - ok
14:42:54.0506 2188        SCPolicySvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
14:42:54.0506 2188        SCPolicySvc - ok
14:42:54.0553 2188        SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
14:42:54.0569 2188        SDRSVC - ok
14:42:54.0616 2188        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:42:54.0616 2188        secdrv - ok
14:42:54.0647 2188        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
14:42:54.0662 2188        seclogon - ok
14:42:54.0709 2188        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
14:42:54.0725 2188        SENS - ok
14:42:54.0772 2188        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
14:42:54.0772 2188        SensrSvc - ok
14:42:54.0803 2188        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\drivers\serenum.sys
14:42:54.0818 2188        Serenum - ok
14:42:54.0850 2188        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\drivers\serial.sys
14:42:54.0850 2188        Serial - ok
14:42:54.0881 2188        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
14:42:54.0896 2188        sermouse - ok
14:42:54.0974 2188        SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
14:42:54.0990 2188        SessionEnv - ok
14:42:55.0021 2188        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
14:42:55.0021 2188        sffdisk - ok
14:42:55.0052 2188        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
14:42:55.0052 2188        sffp_mmc - ok
14:42:55.0084 2188        sffp_sd        (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
14:42:55.0084 2188        sffp_sd - ok
14:42:55.0115 2188        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
14:42:55.0115 2188        sfloppy - ok
14:42:55.0193 2188        ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
14:42:55.0208 2188        ShellHWDetection - ok
14:42:55.0240 2188        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
14:42:55.0255 2188        sisagp - ok
14:42:55.0302 2188        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
14:42:55.0302 2188        SiSRaid2 - ok
14:42:55.0333 2188        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
14:42:55.0349 2188        SiSRaid4 - ok
14:42:55.0380 2188        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
14:42:55.0380 2188        Smb - ok
14:42:55.0458 2188        SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
14:42:55.0458 2188        SNMPTRAP - ok
14:42:55.0505 2188        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
14:42:55.0505 2188        spldr - ok
14:42:55.0583 2188        Spooler        (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
14:42:55.0598 2188        Spooler - ok
14:42:55.0879 2188        sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
14:42:56.0004 2188        sppsvc - ok
14:42:56.0113 2188        sppuinotify    (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
14:42:56.0144 2188        sppuinotify - ok
14:42:56.0316 2188        sptd            (cdddec541bc3c96f91ecb48759673505) C:\Windows\System32\Drivers\sptd.sys
14:42:56.0347 2188        sptd - ok
14:42:56.0410 2188        srv            (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
14:42:56.0456 2188        srv - ok
14:42:56.0534 2188        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
14:42:56.0566 2188        srv2 - ok
14:42:56.0612 2188        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
14:42:56.0628 2188        srvnet - ok
14:42:56.0690 2188        SSDPSRV        (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
14:42:56.0706 2188        SSDPSRV - ok
14:42:56.0737 2188        SstpSvc        (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
14:42:56.0753 2188        SstpSvc - ok
14:42:56.0800 2188        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
14:42:56.0800 2188        stexstor - ok
14:42:56.0846 2188        StillCam        (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
14:42:56.0846 2188        StillCam - ok
14:42:56.0924 2188        StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
14:42:56.0956 2188        StiSvc - ok
14:42:56.0987 2188        storflt        (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
14:42:56.0987 2188        storflt - ok
14:42:57.0034 2188        StorSvc        (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
14:42:57.0034 2188        StorSvc - ok
14:42:57.0065 2188        storvsc        (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
14:42:57.0080 2188        storvsc - ok
14:42:57.0127 2188        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
14:42:57.0127 2188        swenum - ok
14:42:57.0205 2188        swprv          (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
14:42:57.0221 2188        swprv - ok
14:42:57.0314 2188        SysMain        (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
14:42:57.0346 2188        SysMain - ok
14:42:57.0392 2188        TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
14:42:57.0424 2188        TabletInputService - ok
14:42:57.0455 2188        TapiSrv        (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
14:42:57.0486 2188        TapiSrv - ok
14:42:57.0517 2188        TBS            (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
14:42:57.0533 2188        TBS - ok
14:42:57.0704 2188        Tcpip          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
14:42:57.0751 2188        Tcpip - ok
14:42:57.0814 2188        TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
14:42:57.0845 2188        TCPIP6 - ok
14:42:57.0892 2188        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
14:42:57.0923 2188        tcpipreg - ok
14:42:57.0970 2188        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
14:42:57.0970 2188        TDPIPE - ok
14:42:58.0001 2188        TDTCP          (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
14:42:58.0016 2188        TDTCP - ok
14:42:58.0048 2188        tdx            (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
14:42:58.0063 2188        tdx - ok
14:42:58.0094 2188        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
14:42:58.0094 2188        TermDD - ok
14:42:58.0172 2188        TermService    (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
14:42:58.0204 2188        TermService - ok
14:42:58.0235 2188        Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
14:42:58.0250 2188        Themes - ok
14:42:58.0297 2188        THREADORDER    (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
14:42:58.0313 2188        THREADORDER - ok
14:42:58.0360 2188        TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
14:42:58.0360 2188        TrkWks - ok
14:42:58.0438 2188        TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
14:42:58.0453 2188        TrustedInstaller - ok
14:42:58.0500 2188        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:42:58.0516 2188        tssecsrv - ok
14:42:58.0547 2188        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
14:42:58.0547 2188        TsUsbFlt - ok
14:42:58.0578 2188        TsUsbGD        (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
14:42:58.0578 2188        TsUsbGD - ok
14:42:58.0625 2188        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
14:42:58.0640 2188        tunnel - ok
14:42:58.0656 2188        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
14:42:58.0672 2188        uagp35 - ok
14:42:58.0734 2188        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
14:42:58.0734 2188        udfs - ok
14:42:58.0796 2188        UI0Detect      (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
14:42:58.0812 2188        UI0Detect - ok
14:42:58.0843 2188        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
14:42:58.0843 2188        uliagpkx - ok
14:42:58.0890 2188        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
14:42:58.0890 2188        umbus - ok
14:42:58.0937 2188        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
14:42:58.0937 2188        UmPass - ok
14:42:58.0999 2188        UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
14:42:59.0015 2188        UmRdpService - ok
14:42:59.0077 2188        upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
14:42:59.0093 2188        upnphost - ok
14:42:59.0155 2188        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:42:59.0155 2188        USBAAPL - ok
14:42:59.0233 2188        usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
14:42:59.0233 2188        usbaudio - ok
14:42:59.0296 2188        usbccgp        (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
14:42:59.0296 2188        usbccgp - ok
14:42:59.0358 2188        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
14:42:59.0374 2188        usbcir - ok
14:42:59.0405 2188        usbehci        (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
14:42:59.0405 2188        usbehci - ok
14:42:59.0483 2188        usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
14:42:59.0498 2188        usbhub - ok
14:42:59.0530 2188        usbohci        (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
14:42:59.0530 2188        usbohci - ok
14:42:59.0576 2188        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\drivers\usbprint.sys
14:42:59.0576 2188        usbprint - ok
14:42:59.0639 2188        USBSTOR        (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:42:59.0639 2188        USBSTOR - ok
14:42:59.0670 2188        usbuhci        (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:42:59.0686 2188        usbuhci - ok
14:42:59.0732 2188        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
14:42:59.0732 2188        usbvideo - ok
14:42:59.0795 2188        UxSms          (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
14:42:59.0810 2188        UxSms - ok
14:42:59.0857 2188        VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:42:59.0857 2188        VaultSvc - ok
14:42:59.0904 2188        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
14:42:59.0904 2188        vdrvroot - ok
14:42:59.0998 2188        vds            (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
14:43:00.0044 2188        vds - ok
14:43:00.0076 2188        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
14:43:00.0091 2188        vga - ok
14:43:00.0122 2188        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
14:43:00.0122 2188        VgaSave - ok
14:43:00.0185 2188        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
14:43:00.0185 2188        vhdmp - ok
14:43:00.0216 2188        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
14:43:00.0232 2188        viaagp - ok
14:43:00.0263 2188        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
14:43:00.0263 2188        ViaC7 - ok
14:43:00.0294 2188        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
14:43:00.0294 2188        viaide - ok
14:43:00.0341 2188        vmbus          (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
14:43:00.0356 2188        vmbus - ok
14:43:00.0372 2188        VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
14:43:00.0388 2188        VMBusHID - ok
14:43:00.0434 2188        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
14:43:00.0434 2188        volmgr - ok
14:43:00.0481 2188        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
14:43:00.0497 2188        volmgrx - ok
14:43:00.0544 2188        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
14:43:00.0559 2188        volsnap - ok
14:43:00.0622 2188        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
14:43:00.0622 2188        vsmraid - ok
14:43:00.0762 2188        VSS            (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
14:43:00.0793 2188        VSS - ok
14:43:00.0824 2188        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
14:43:00.0824 2188        vwifibus - ok
14:43:00.0887 2188        vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
14:43:00.0887 2188        vwififlt - ok
14:43:00.0934 2188        W32Time        (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
14:43:00.0965 2188        W32Time - ok
14:43:01.0012 2188        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
14:43:01.0012 2188        WacomPen - ok
14:43:01.0043 2188        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:43:01.0043 2188        WANARP - ok
14:43:01.0058 2188        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:43:01.0074 2188        Wanarpv6 - ok
14:43:01.0199 2188        wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
14:43:01.0261 2188        wbengine - ok
14:43:01.0308 2188        WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
14:43:01.0339 2188        WbioSrvc - ok
14:43:01.0402 2188        wcncsvc        (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
14:43:01.0433 2188        wcncsvc - ok
14:43:01.0448 2188        WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
14:43:01.0464 2188        WcsPlugInService - ok
14:43:01.0526 2188        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
14:43:01.0526 2188        Wd - ok
14:43:01.0589 2188        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:43:01.0604 2188        Wdf01000 - ok
14:43:01.0651 2188        WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
14:43:01.0667 2188        WdiServiceHost - ok
14:43:01.0682 2188        WdiSystemHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
14:43:01.0698 2188        WdiSystemHost - ok
14:43:01.0760 2188        WebClient      (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
14:43:01.0776 2188        WebClient - ok
14:43:01.0823 2188        Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
14:43:01.0838 2188        Wecsvc - ok
14:43:01.0870 2188        wercplsupport  (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
14:43:01.0885 2188        wercplsupport - ok
14:43:01.0932 2188        WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
14:43:01.0948 2188        WerSvc - ok
14:43:01.0994 2188        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
14:43:01.0994 2188        WfpLwf - ok
14:43:02.0026 2188        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
14:43:02.0026 2188        WIMMount - ok
14:43:02.0057 2188        WinHttpAutoProxySvc - ok
14:43:02.0135 2188        Winmgmt        (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
14:43:02.0150 2188        Winmgmt - ok
14:43:02.0338 2188        WinRM          (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
14:43:02.0431 2188        WinRM - ok
14:43:02.0540 2188        WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
14:43:02.0556 2188        WinUsb - ok
14:43:02.0681 2188        Wlansvc        (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
14:43:02.0743 2188        Wlansvc - ok
14:43:02.0806 2188        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:43:02.0806 2188        WmiAcpi - ok
14:43:02.0899 2188        wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
14:43:02.0915 2188        wmiApSrv - ok
14:43:03.0118 2188        WMPNetworkSvc  (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:43:03.0164 2188        WMPNetworkSvc - ok
14:43:03.0211 2188        WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
14:43:03.0227 2188        WPCSvc - ok
14:43:03.0289 2188        WPDBusEnum      (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
14:43:03.0305 2188        WPDBusEnum - ok
14:43:03.0367 2188        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
14:43:03.0367 2188        ws2ifsl - ok
14:43:03.0398 2188        WSearch - ok
14:43:03.0508 2188        WTGService      (534c2d3d81b066fa24a075c224045654) C:\Program Files\Verbindungsassistent\WTGService.exe
14:43:03.0539 2188        WTGService - ok
14:43:03.0820 2188        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
14:43:03.0898 2188        wuauserv - ok
14:43:04.0085 2188        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
14:43:04.0100 2188        WudfPf - ok
14:43:04.0147 2188        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:43:04.0163 2188        WUDFRd - ok
14:43:04.0210 2188        wudfsvc        (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
14:43:04.0241 2188        wudfsvc - ok
14:43:04.0288 2188        WwanSvc        (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
14:43:04.0319 2188        WwanSvc - ok
14:43:04.0381 2188        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:43:04.0740 2188        \Device\Harddisk0\DR0 - ok
14:43:04.0756 2188        Boot (0x1200)  (862f690daf7406fe12e1e74105a3e036) \Device\Harddisk0\DR0\Partition0
14:43:04.0771 2188        \Device\Harddisk0\DR0\Partition0 - ok
14:43:04.0802 2188        Boot (0x1200)  (e331f12a58a92ccfac34356e15ed4822) \Device\Harddisk0\DR0\Partition1
14:43:04.0818 2188        \Device\Harddisk0\DR0\Partition1 - ok
14:43:04.0818 2188        ============================================================
14:43:04.0818 2188        Scan finished
14:43:04.0818 2188        ============================================================
14:43:04.0865 3748        Detected object count: 0
14:43:04.0865 3748        Actual detected object count: 0
14:53:50.0883 2724        ============================================================
14:53:50.0883 2724        Scan started
14:53:50.0884 2724        Mode: Manual; SigCheck; TDLFS;
14:53:50.0884 2724        ============================================================
14:53:51.0723 2724        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
14:53:51.0951 2724        1394ohci - ok
14:53:52.0146 2724        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
14:53:52.0230 2724        ACPI - ok
14:53:52.0260 2724        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
14:53:52.0331 2724        AcpiPmi - ok
14:53:52.0418 2724        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:53:52.0463 2724        AdobeARMservice - ok
14:53:52.0523 2724        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
14:53:52.0584 2724        adp94xx - ok
14:53:52.0650 2724        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
14:53:52.0719 2724        adpahci - ok
14:53:52.0837 2724        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
14:53:52.0900 2724        adpu320 - ok
14:53:52.0954 2724        AeLookupSvc    (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
14:53:53.0163 2724        AeLookupSvc - ok
14:53:53.0383 2724        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
14:53:53.0501 2724        AFD - ok
14:53:53.0559 2724        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
14:53:53.0601 2724        agp440 - ok
14:53:53.0633 2724        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
14:53:53.0677 2724        aic78xx - ok
14:53:53.0724 2724        ALG            (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
14:53:53.0812 2724        ALG - ok
14:53:53.0851 2724        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
14:53:53.0896 2724        aliide - ok
14:53:53.0916 2724        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
14:53:53.0966 2724        amdagp - ok
14:53:53.0983 2724        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
14:53:54.0033 2724        amdide - ok
14:53:54.0065 2724        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
14:53:54.0138 2724        AmdK8 - ok
14:53:54.0161 2724        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
14:53:54.0225 2724        AmdPPM - ok
14:53:54.0267 2724        amdsata        (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
14:53:54.0329 2724        amdsata - ok
14:53:54.0495 2724        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
14:53:54.0569 2724        amdsbs - ok
14:53:54.0612 2724        amdxata        (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
14:53:54.0653 2724        amdxata - ok
14:53:54.0674 2724        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
14:53:54.0802 2724        AppID - ok
14:53:54.0870 2724        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
14:53:54.0997 2724        AppIDSvc - ok
14:53:55.0027 2724        Appinfo        (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
14:53:55.0142 2724        Appinfo - ok
14:53:55.0212 2724        AppMgmt        (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
14:53:55.0317 2724        AppMgmt - ok
14:53:55.0350 2724        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
14:53:55.0397 2724        arc - ok
14:53:55.0435 2724        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
14:53:55.0481 2724        arcsas - ok
14:53:55.0524 2724        AsIO            (9d8cb58b9a9e177ddd599791a58a654d) C:\Windows\system32\drivers\AsIO.sys
14:53:55.0577 2724        AsIO - ok
14:53:55.0628 2724        AsUpIO          (a9a565c669786c402752f609afdd0dd5) C:\Windows\system32\drivers\AsUpIO.sys
14:53:55.0664 2724        AsUpIO - ok
14:53:55.0697 2724        AsusACPI        (12415a4b61ded200fe9932b47a35fa42) C:\Windows\system32\DRIVERS\ASUSACPI.sys
14:53:55.0764 2724        AsusACPI - ok
14:53:55.0821 2724        AsusService    (f8259f0802d1a68324ca909e898d6d68) C:\Windows\System32\AsusService.exe
14:53:55.0874 2724        AsusService - ok
14:53:55.0896 2724        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
14:53:56.0099 2724        AsyncMac - ok
14:53:56.0146 2724        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
14:53:56.0191 2724        atapi - ok
14:53:56.0374 2724        AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
14:53:56.0503 2724        AudioEndpointBuilder - ok
14:53:56.0526 2724        Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
14:53:56.0645 2724        Audiosrv - ok
14:53:56.0775 2724        AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
14:53:56.0922 2724        AxInstSV - ok
14:53:56.0986 2724        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
14:53:57.0059 2724        b06bdrv - ok
14:53:57.0107 2724        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
14:53:57.0185 2724        b57nd60x - ok
14:53:57.0247 2724        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
14:53:57.0362 2724        BDESVC - ok
14:53:57.0443 2724        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
14:53:57.0542 2724        Beep - ok
14:53:57.0627 2724        BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
14:53:57.0755 2724        BITS - ok
14:53:57.0784 2724        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
14:53:57.0850 2724        blbdrive - ok
14:53:57.0918 2724        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
14:53:57.0987 2724        bowser - ok
14:53:58.0028 2724        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
14:53:58.0113 2724        BrFiltLo - ok
14:53:58.0129 2724        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
14:53:58.0212 2724        BrFiltUp - ok
14:53:58.0257 2724        Browser        (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
14:53:58.0359 2724        Browser - ok
14:53:58.0415 2724        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
14:53:58.0505 2724        Brserid - ok
14:53:58.0540 2724        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
14:53:58.0625 2724        BrSerWdm - ok
14:53:58.0641 2724        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:53:58.0739 2724        BrUsbMdm - ok
14:53:58.0765 2724        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
14:53:58.0837 2724        BrUsbSer - ok
14:53:58.0879 2724        BthEnum        (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
14:53:58.0962 2724        BthEnum - ok
14:53:59.0039 2724        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
14:53:59.0112 2724        BTHMODEM - ok
14:53:59.0150 2724        BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
14:53:59.0210 2724        BthPan - ok
14:53:59.0309 2724        BTHPORT        (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\system32\Drivers\BTHport.sys
14:53:59.0402 2724        BTHPORT - ok
14:53:59.0445 2724        bthserv        (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
14:53:59.0563 2724        bthserv - ok
14:53:59.0593 2724        BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\system32\Drivers\BTHUSB.sys
14:53:59.0650 2724        BTHUSB - ok
14:53:59.0678 2724        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
14:53:59.0869 2724        cdfs - ok
14:54:00.0055 2724        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
14:54:00.0130 2724        cdrom - ok
14:54:00.0314 2724        CertPropSvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
14:54:00.0424 2724        CertPropSvc - ok
14:54:00.0452 2724        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
14:54:00.0511 2724        circlass - ok
14:54:00.0556 2724        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
14:54:00.0611 2724        CLFS - ok
14:54:00.0675 2724        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:54:00.0716 2724        clr_optimization_v2.0.50727_32 - ok
14:54:00.0809 2724        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:54:00.0858 2724        clr_optimization_v4.0.30319_32 - ok
14:54:00.0927 2724        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
14:54:00.0985 2724        CmBatt - ok
14:54:01.0005 2724        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
14:54:01.0056 2724        cmdide - ok
14:54:01.0143 2724        CNG            (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
14:54:01.0440 2724        CNG - ok
14:54:01.0519 2724        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
14:54:01.0596 2724        Compbatt - ok
14:54:01.0656 2724        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:54:01.0745 2724        CompositeBus - ok
14:54:01.0773 2724        COMSysApp - ok
14:54:01.0834 2724        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
14:54:02.0003 2724        crcdisk - ok
14:54:02.0116 2724        CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
14:54:02.0258 2724        CryptSvc - ok
14:54:02.0352 2724        CSC            (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
14:54:02.0547 2724        CSC - ok
14:54:03.0118 2724        CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
14:54:03.0221 2724        CscService - ok
14:54:03.0369 2724        DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
14:54:03.0520 2724        DcomLaunch - ok
14:54:03.0848 2724        defragsvc      (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
14:54:04.0025 2724        defragsvc - ok
14:54:04.0114 2724        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
14:54:04.0344 2724        DfsC - ok
14:54:04.0544 2724        Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
14:54:04.0690 2724        Dhcp - ok
14:54:04.0730 2724        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
14:54:04.0863 2724        discache - ok
14:54:04.0890 2724        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
14:54:04.0939 2724        Disk - ok
14:54:04.0975 2724        dmvsc          (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys
14:54:05.0040 2724        dmvsc - ok
14:54:05.0090 2724        Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
14:54:05.0155 2724        Dnscache - ok
14:54:05.0202 2724        dot3svc        (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
14:54:05.0533 2724        dot3svc - ok
14:54:05.0593 2724        DPS            (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
14:54:05.0795 2724        DPS - ok
14:54:05.0848 2724        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
14:54:06.0017 2724        drmkaud - ok
14:54:06.0067 2724        DrvAgent32      (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys
14:54:06.0114 2724        DrvAgent32 ( UnsignedFile.Multi.Generic ) - warning
14:54:06.0115 2724        DrvAgent32 - detected UnsignedFile.Multi.Generic (1)
14:54:06.0238 2724        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
14:54:06.0359 2724        DXGKrnl - ok
14:54:06.0416 2724        EapHost        (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
14:54:06.0616 2724        EapHost - ok
14:54:07.0036 2724        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
14:54:07.0284 2724        ebdrv - ok
14:54:07.0440 2724        EFS            (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
14:54:07.0534 2724        EFS - ok
14:54:07.0643 2724        ehRecvr        (3a74a6e33685662b125a3269b1f2114f) C:\Windows\ehome\ehRecvr.exe
14:54:07.0768 2724        ehRecvr - ok
14:54:07.0799 2724        ehSched        (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
14:54:07.0877 2724        ehSched - ok
14:54:07.0986 2724        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
14:54:08.0048 2724        elxstor - ok
14:54:08.0064 2724        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
14:54:08.0126 2724        ErrDev - ok
14:54:08.0189 2724        ETD            (fbffa0089056a7bb8355ee89f49e336d) C:\Windows\system32\DRIVERS\ETD.sys
14:54:08.0236 2724        ETD - ok
14:54:08.0360 2724        EventSystem    (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
14:54:08.0485 2724        EventSystem - ok
14:54:08.0532 2724        ewsercd        (e66710639a292f6341d63b01ee8e8037) C:\Windows\system32\DRIVERS\ewsercd.sys
14:54:08.0610 2724        ewsercd - ok
14:54:08.0657 2724        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
14:54:08.0782 2724        exfat - ok
14:54:08.0828 2724        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
14:54:08.0953 2724        fastfat - ok
14:54:09.0031 2724        Fax            (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
14:54:09.0125 2724        Fax - ok
14:54:09.0172 2724        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys
14:54:09.0234 2724        fdc - ok
14:54:09.0265 2724        fdPHost        (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
14:54:09.0374 2724        fdPHost - ok
14:54:09.0421 2724        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
14:54:09.0530 2724        FDResPub - ok
14:54:09.0562 2724        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
14:54:09.0608 2724        FileInfo - ok
14:54:09.0655 2724        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
14:54:09.0842 2724        Filetrace - ok
14:54:09.0874 2724        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys
14:54:09.0936 2724        flpydisk - ok
14:54:09.0998 2724        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
14:54:10.0045 2724        FltMgr - ok
14:54:10.0123 2724        FontCache      (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
14:54:10.0201 2724        FontCache - ok
14:54:10.0264 2724        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:54:10.0310 2724        FontCache3.0.0.0 - ok
14:54:10.0342 2724        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
14:54:10.0388 2724        FsDepends - ok
14:54:10.0420 2724        Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
14:54:10.0466 2724        Fs_Rec - ok
14:54:10.0513 2724        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
14:54:10.0576 2724        fvevol - ok
14:54:10.0607 2724        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
14:54:10.0654 2724        gagp30kx - ok
14:54:10.0732 2724        gpsvc          (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
14:54:10.0856 2724        gpsvc - ok
14:54:10.0888 2724        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
14:54:10.0966 2724        hcw85cir - ok
14:54:11.0028 2724        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
14:54:11.0106 2724        HdAudAddService - ok
14:54:11.0153 2724        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:54:11.0215 2724        HDAudBus - ok
14:54:11.0246 2724        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
14:54:11.0293 2724        HidBatt - ok
14:54:11.0324 2724        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
14:54:11.0387 2724        HidBth - ok
14:54:11.0418 2724        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
14:54:11.0480 2724        HidIr - ok
14:54:11.0527 2724        hidserv        (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
14:54:11.0636 2724        hidserv - ok
14:54:11.0668 2724        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
14:54:11.0714 2724        HidUsb - ok
14:54:11.0761 2724        hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
14:54:11.0870 2724        hkmsvc - ok
14:54:11.0917 2724        HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
14:54:11.0995 2724        HomeGroupListener - ok
14:54:12.0058 2724        HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
14:54:12.0104 2724        HomeGroupProvider - ok
14:54:12.0260 2724        hpqcxs08        (5da42d24712e00728cea2342a65009b2) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:54:27.0392 2724        hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:54:27.0392 2724        hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:54:27.0486 2724        hpqddsvc        (d86a39bf100069444d026d22d9a6e555) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:54:27.0533 2724        hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
14:54:27.0533 2724        hpqddsvc - detected UnsignedFile.Multi.Generic (1)
14:54:27.0564 2724        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
14:54:27.0611 2724        HpSAMD - ok
14:54:27.0689 2724        HPSLPSVC        (9d23402d305869844bc6004a05cc74ba) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
14:54:27.0751 2724        HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
14:54:27.0751 2724        HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
14:54:27.0798 2724        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
14:54:27.0907 2724        HTTP - ok
14:54:27.0954 2724        hwdatacard      (92ca47da32009ccc00a5aded04abbd78) C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:54:28.0016 2724        hwdatacard - ok
14:54:28.0063 2724        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
14:54:28.0094 2724        hwpolicy - ok
14:54:28.0126 2724        hwusbfake      (1d4d6d24256f61e6b08a3cf8184a78b8) C:\Windows\system32\DRIVERS\ewusbfake.sys
14:54:28.0204 2724        hwusbfake - ok
14:54:28.0235 2724        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
14:54:28.0297 2724        i8042prt - ok
14:54:28.0375 2724        iaStorV        (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
14:54:28.0422 2724        iaStorV - ok
14:54:28.0828 2724        idsvc          (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:54:28.0890 2724        idsvc - ok
14:54:29.0452 2724        igfx            (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:54:29.0686 2724        igfx - ok
14:54:29.0873 2724        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
14:54:29.0935 2724        iirsp - ok
14:54:30.0122 2724        IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
14:54:30.0232 2724        IKEEXT - ok
14:54:30.0278 2724        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
14:54:30.0310 2724        intelide - ok
14:54:30.0356 2724        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
14:54:30.0403 2724        intelppm - ok
14:54:30.0434 2724        IPBusEnum      (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
14:54:30.0544 2724        IPBusEnum - ok
14:54:30.0575 2724        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:54:30.0668 2724        IpFilterDriver - ok
14:54:30.0700 2724        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
14:54:30.0746 2724        IPMIDRV - ok
14:54:30.0778 2724        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
14:54:30.0902 2724        IPNAT - ok
14:54:30.0918 2724        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
14:54:30.0980 2724        IRENUM - ok
14:54:31.0012 2724        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
14:54:31.0043 2724        isapnp - ok
14:54:31.0090 2724        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
14:54:31.0152 2724        iScsiPrt - ok
14:54:31.0183 2724        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:54:31.0214 2724        kbdclass - ok
14:54:31.0230 2724        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
14:54:31.0324 2724        kbdhid - ok
14:54:31.0355 2724        kbfiltr        (3eb803312987ff44265c87cb960df6ab) C:\Windows\system32\DRIVERS\kbfiltr.sys
14:54:31.0386 2724        kbfiltr - ok
14:54:31.0448 2724        KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:54:31.0495 2724        KeyIso - ok
14:54:31.0526 2724        KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
14:54:31.0573 2724        KSecDD - ok
14:54:31.0604 2724        KSecPkg        (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
14:54:31.0636 2724        KSecPkg - ok
14:54:31.0714 2724        KtmRm          (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
14:54:31.0823 2724        KtmRm - ok
14:54:31.0870 2724        L1E            (8c804b1ffad1efa952b747e8285c3b76) C:\Windows\system32\DRIVERS\L1E62x86.sys
14:54:31.0932 2724        L1E - ok
14:54:31.0994 2724        LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
14:54:32.0088 2724        LanmanServer - ok
14:54:32.0119 2724        LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
14:54:32.0228 2724        LanmanWorkstation - ok
14:54:32.0291 2724        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
14:54:32.0369 2724        lltdio - ok
14:54:32.0431 2724        lltdsvc        (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
14:54:32.0556 2724        lltdsvc - ok
14:54:32.0587 2724        lmhosts        (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
14:54:32.0681 2724        lmhosts - ok
14:54:32.0728 2724        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
14:54:32.0774 2724        LSI_FC - ok
14:54:32.0806 2724        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
14:54:32.0852 2724        LSI_SAS - ok
14:54:32.0884 2724        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
14:54:32.0915 2724        LSI_SAS2 - ok
14:54:32.0946 2724        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
14:54:32.0993 2724        LSI_SCSI - ok
14:54:33.0024 2724        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
14:54:33.0133 2724        luafv - ok
14:54:33.0180 2724        Mcx2Svc        (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
14:54:33.0227 2724        Mcx2Svc - ok
14:54:33.0258 2724        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
14:54:33.0320 2724        megasas - ok
14:54:33.0352 2724        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
14:54:33.0398 2724        MegaSR - ok
14:54:33.0476 2724        Microsoft SharePoint Workspace Audit Service - ok
14:54:33.0570 2724        MMCSS          (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
14:54:33.0695 2724        MMCSS - ok
14:54:33.0742 2724        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
14:54:33.0867 2724        Modem - ok
14:54:33.0913 2724        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
14:54:33.0976 2724        monitor - ok
14:54:34.0007 2724        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
14:54:34.0038 2724        mouclass - ok
14:54:34.0069 2724        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
14:54:34.0132 2724        mouhid - ok
14:54:34.0179 2724        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
14:54:34.0210 2724        mountmgr - ok
14:54:34.0288 2724        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:54:34.0350 2724        MozillaMaintenance - ok
14:54:34.0397 2724        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
14:54:34.0444 2724        mpio - ok
14:54:34.0475 2724        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
14:54:34.0569 2724        mpsdrv - ok
14:54:34.0600 2724        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
14:54:34.0678 2724        MRxDAV - ok
14:54:34.0725 2724        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:54:34.0849 2724        mrxsmb - ok
14:54:34.0881 2724        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:54:34.0959 2724        mrxsmb10 - ok
14:54:34.0990 2724        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:54:35.0037 2724        mrxsmb20 - ok
14:54:35.0068 2724        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
14:54:35.0115 2724        msahci - ok
14:54:35.0146 2724        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
14:54:35.0193 2724        msdsm - ok
14:54:35.0239 2724        MSDTC          (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
14:54:35.0317 2724        MSDTC - ok
14:54:35.0364 2724        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
14:54:35.0473 2724        Msfs - ok
14:54:35.0505 2724        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
14:54:35.0614 2724        mshidkmdf - ok
14:54:35.0629 2724        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
14:54:35.0676 2724        msisadrv - ok
14:54:35.0723 2724        MSiSCSI        (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
14:54:35.0817 2724        MSiSCSI - ok
14:54:35.0832 2724        msiserver - ok
14:54:35.0879 2724        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
14:54:35.0973 2724        MSKSSRV - ok
14:54:36.0004 2724        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
14:54:36.0097 2724        MSPCLOCK - ok
14:54:36.0113 2724        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
14:54:36.0222 2724        MSPQM - ok
14:54:36.0253 2724        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
14:54:36.0300 2724        MsRPC - ok
14:54:36.0347 2724        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
14:54:36.0394 2724        mssmbios - ok
14:54:36.0409 2724        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
14:54:36.0519 2724        MSTEE - ok
14:54:36.0534 2724        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
14:54:36.0597 2724        MTConfig - ok
14:54:36.0628 2724        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
14:54:36.0659 2724        Mup - ok
14:54:36.0721 2724        napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
14:54:36.0846 2724        napagent - ok
14:54:36.0909 2724        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
14:54:36.0987 2724        NativeWifiP - ok
14:54:37.0065 2724        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
14:54:37.0127 2724        NDIS - ok
14:54:37.0174 2724        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
14:54:37.0283 2724        NdisCap - ok
14:54:37.0299 2724        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
14:54:37.0423 2724        NdisTapi - ok
14:54:37.0455 2724        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
14:54:37.0548 2724        Ndisuio - ok
14:54:37.0595 2724        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
14:54:37.0689 2724        NdisWan - ok
14:54:37.0720 2724        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
14:54:37.0813 2724        NDProxy - ok
14:54:37.0860 2724        Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll
14:54:37.0891 2724        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:54:37.0891 2724        Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:54:37.0923 2724        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
14:54:38.0016 2724        NetBIOS - ok
14:54:38.0063 2724        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
14:54:38.0157 2724        NetBT - ok
14:54:38.0203 2724        Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:54:38.0250 2724        Netlogon - ok
14:54:38.0297 2724        Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
14:54:38.0422 2724        Netman - ok
14:54:38.0469 2724        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
14:54:38.0593 2724        netprofm - ok
14:54:38.0687 2724        netr28          (652881f65b35564575255a0e05e23c55) C:\Windows\system32\DRIVERS\netr28.sys
14:54:38.0765 2724        netr28 - ok
14:54:38.0827 2724        NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:54:38.0859 2724        NetTcpPortSharing - ok
14:54:38.0905 2724        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
14:54:38.0952 2724        nfrd960 - ok
14:54:39.0015 2724        NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
14:54:39.0108 2724        NlaSvc - ok
14:54:39.0139 2724        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
14:54:39.0249 2724        Npfs - ok
14:54:39.0295 2724        nsi            (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
14:54:39.0389 2724        nsi - ok
14:54:39.0405 2724        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
14:54:39.0514 2724        nsiproxy - ok
14:54:39.0639 2724        Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
14:54:39.0748 2724        Ntfs - ok
14:54:39.0779 2724        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
14:54:39.0888 2724        Null - ok
14:54:39.0935 2724        nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
14:54:39.0982 2724        nvraid - ok
14:54:40.0029 2724        nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
14:54:40.0060 2724        nvstor - ok
14:54:40.0091 2724        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
14:54:40.0138 2724        nv_agp - ok
14:54:40.0153 2724        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
14:54:40.0216 2724        ohci1394 - ok
14:54:40.0278 2724        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:54:40.0325 2724        ose - ok
14:54:40.0746 2724        osppsvc        (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:54:41.0027 2724        osppsvc - ok
14:54:41.0386 2724        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
14:54:41.0479 2724        p2pimsvc - ok
14:54:41.0526 2724        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
14:54:41.0573 2724        p2psvc - ok
14:54:41.0667 2724        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys
14:54:41.0713 2724        Parport - ok
14:54:41.0760 2724        partmgr        (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
14:54:41.0791 2724        partmgr - ok
14:54:41.0823 2724        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys
14:54:41.0885 2724        Parvdm - ok
14:54:41.0932 2724        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
14:54:41.0994 2724        PcaSvc - ok
14:54:42.0041 2724        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
14:54:42.0088 2724        pci - ok
14:54:42.0135 2724        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
14:54:42.0166 2724        pciide - ok
14:54:42.0213 2724        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
14:54:42.0259 2724        pcmcia - ok
14:54:42.0291 2724        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
14:54:42.0322 2724        pcw - ok
14:54:42.0400 2724        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
14:54:42.0525 2724        PEAUTH - ok
14:54:42.0618 2724        PeerDistSvc    (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
14:54:42.0727 2724        PeerDistSvc - ok
14:54:42.0946 2724        pla            (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
14:54:43.0102 2724        pla - ok
14:54:43.0273 2724        PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
14:54:43.0336 2724        PlugPlay - ok
14:54:43.0383 2724        Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll
14:54:43.0414 2724        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:54:43.0414 2724        Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:54:43.0445 2724        PNRPAutoReg    (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
14:54:43.0523 2724        PNRPAutoReg - ok
14:54:43.0570 2724        PNRPsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
14:54:43.0617 2724        PNRPsvc - ok
14:54:43.0679 2724        Point32        (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
14:54:43.0710 2724        Point32 - ok
14:54:43.0773 2724        PolicyAgent    (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
14:54:43.0882 2724        PolicyAgent - ok
14:54:43.0944 2724        Power          (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
14:54:44.0053 2724        Power - ok
14:54:44.0116 2724        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
14:54:44.0209 2724        PptpMiniport - ok
14:54:44.0241 2724        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
14:54:44.0303 2724        Processor - ok
14:54:44.0365 2724        ProfSvc        (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
14:54:44.0428 2724        ProfSvc - ok
14:54:44.0475 2724        ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:54:44.0521 2724        ProtectedStorage - ok
14:54:44.0553 2724        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
14:54:44.0677 2724        Psched - ok
14:54:44.0787 2724        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
14:54:44.0943 2724        ql2300 - ok
14:54:45.0083 2724        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
14:54:45.0130 2724        ql40xx - ok
14:54:45.0192 2724        QWAVE          (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
14:54:45.0255 2724        QWAVE - ok
14:54:45.0270 2724        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
14:54:45.0348 2724        QWAVEdrv - ok
14:54:45.0379 2724        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
14:54:45.0473 2724        RasAcd - ok
14:54:45.0520 2724        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:54:45.0613 2724        RasAgileVpn - ok
14:54:45.0660 2724        RasAuto        (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
14:54:45.0769 2724        RasAuto - ok
14:54:45.0801 2724        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:54:45.0910 2724        Rasl2tp - ok
14:54:45.0972 2724        RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
14:54:46.0066 2724        RasMan - ok
14:54:46.0097 2724        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
14:54:46.0206 2724        RasPppoe - ok
14:54:46.0253 2724        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
14:54:46.0347 2724        RasSstp - ok
14:54:46.0393 2724        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
14:54:46.0518 2724        rdbss - ok
14:54:46.0534 2724        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
14:54:46.0596 2724        rdpbus - ok
14:54:46.0612 2724        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:54:46.0721 2724        RDPCDD - ok
14:54:46.0783 2724        RDPDR          (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
14:54:46.0846 2724        RDPDR - ok
14:54:46.0877 2724        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
14:54:46.0986 2724        RDPENCDD - ok
14:54:47.0017 2724        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
14:54:47.0111 2724        RDPREFMP - ok
14:54:47.0173 2724        RDPWD          (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
14:54:47.0236 2724        RDPWD - ok
14:54:47.0283 2724        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
14:54:47.0329 2724        rdyboost - ok
14:54:47.0392 2724        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
14:54:47.0501 2724        RemoteAccess - ok
14:54:47.0548 2724        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
14:54:47.0657 2724        RemoteRegistry - ok
14:54:47.0719 2724        RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
14:54:47.0782 2724        RFCOMM - ok
14:54:47.0813 2724        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
14:54:47.0907 2724        RpcEptMapper - ok
14:54:47.0953 2724        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
14:54:48.0000 2724        RpcLocator - ok
14:54:48.0063 2724        RpcSs          (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
14:54:48.0156 2724        RpcSs - ok
14:54:48.0219 2724        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
14:54:48.0312 2724        rspndr - ok
14:54:48.0359 2724        s3cap          (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
14:54:48.0421 2724        s3cap - ok
14:54:48.0453 2724        SamSs          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:54:48.0499 2724        SamSs - ok
14:54:48.0546 2724        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
14:54:48.0593 2724        sbp2port - ok
14:54:48.0655 2724        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
14:54:48.0749 2724        SCardSvr - ok
14:54:48.0780 2724        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
14:54:48.0874 2724        scfilter - ok
14:54:48.0967 2724        Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
14:54:49.0123 2724        Schedule - ok
14:54:49.0186 2724        SCPolicySvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
14:54:49.0264 2724        SCPolicySvc - ok
14:54:49.0311 2724        SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
14:54:49.0389 2724        SDRSVC - ok
14:54:49.0420 2724        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:54:49.0513 2724        secdrv - ok
14:54:49.0545 2724        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
14:54:49.0654 2724        seclogon - ok
14:54:49.0685 2724        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
14:54:49.0794 2724        SENS - ok
14:54:49.0841 2724        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
14:54:49.0919 2724        SensrSvc - ok
14:54:49.0966 2724        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\drivers\serenum.sys
14:54:49.0997 2724        Serenum - ok
14:54:50.0028 2724        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\drivers\serial.sys
14:54:50.0091 2724        Serial - ok
14:54:50.0106 2724        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
14:54:50.0153 2724        sermouse - ok
14:54:50.0247 2724        SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
14:54:50.0340 2724        SessionEnv - ok
14:54:50.0371 2724        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
14:54:50.0434 2724        sffdisk - ok
14:54:50.0465 2724        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
14:54:50.0527 2724        sffp_mmc - ok
14:54:50.0559 2724        sffp_sd        (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
14:54:50.0637 2724        sffp_sd - ok
14:54:50.0668 2724        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
14:54:50.0730 2724        sfloppy - ok
14:54:50.0808 2724        ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
14:54:50.0917 2724        ShellHWDetection - ok
14:54:50.0933 2724        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
14:54:50.0980 2724        sisagp - ok
14:54:51.0027 2724        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
14:54:51.0058 2724        SiSRaid2 - ok
14:54:51.0089 2724        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
14:54:51.0136 2724        SiSRaid4 - ok
14:54:51.0167 2724        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
14:54:51.0276 2724        Smb - ok
14:54:51.0339 2724        SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
14:54:51.0385 2724        SNMPTRAP - ok
14:54:51.0417 2724        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
14:54:51.0463 2724        spldr - ok
14:54:51.0510 2724        Spooler        (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
14:54:51.0635 2724        Spooler - ok
14:54:51.0916 2724        sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
14:54:52.0134 2724        sppsvc - ok
14:54:52.0243 2724        sppuinotify    (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
14:54:52.0399 2724        sppuinotify - ok
14:54:52.0524 2724        sptd            (cdddec541bc3c96f91ecb48759673505) C:\Windows\System32\Drivers\sptd.sys
14:54:52.0602 2724        sptd - ok
14:54:52.0665 2724        srv            (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
14:54:52.0743 2724        srv - ok
14:54:52.0789 2724        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
14:54:52.0836 2724        srv2 - ok
14:54:52.0883 2724        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
14:54:52.0945 2724        srvnet - ok
14:54:52.0992 2724        SSDPSRV        (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
14:54:53.0101 2724        SSDPSRV - ok
14:54:53.0148 2724        SstpSvc        (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
14:54:53.0242 2724        SstpSvc - ok
14:54:53.0289 2724        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
14:54:53.0320 2724        stexstor - ok
14:54:53.0351 2724        StillCam        (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
14:54:53.0413 2724        StillCam - ok
14:54:53.0491 2724        StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
14:54:53.0569 2724        StiSvc - ok
14:54:53.0616 2724        storflt        (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
14:54:53.0663 2724        storflt - ok
14:54:53.0710 2724        StorSvc        (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
14:54:53.0757 2724        StorSvc - ok
14:54:53.0788 2724        storvsc        (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
14:54:53.0835 2724        storvsc - ok
14:54:53.0866 2724        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
14:54:53.0897 2724        swenum - ok
14:54:53.0959 2724        swprv          (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
14:54:54.0069 2724        swprv - ok
14:54:54.0162 2724        SysMain        (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
14:54:54.0287 2724        SysMain - ok
14:54:54.0318 2724        TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
14:54:54.0381 2724        TabletInputService - ok
14:54:54.0427 2724        TapiSrv        (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
14:54:54.0537 2724        TapiSrv - ok
14:54:54.0568 2724        TBS            (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
14:54:54.0677 2724        TBS - ok
14:54:54.0895 2724        Tcpip          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
14:54:55.0020 2724        Tcpip - ok
14:54:55.0067 2724        TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
14:54:55.0176 2724        TCPIP6 - ok
14:54:55.0223 2724        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
14:54:55.0317 2724        tcpipreg - ok
14:54:55.0363 2724        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
14:54:55.0426 2724        TDPIPE - ok
14:54:55.0473 2724        TDTCP          (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
14:54:55.0519 2724        TDTCP - ok
14:54:55.0566 2724        tdx            (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
14:54:55.0660 2724        tdx - ok
14:54:55.0691 2724        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
14:54:55.0722 2724        TermDD - ok
14:54:55.0800 2724        TermService    (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
14:54:55.0925 2724        TermService - ok
14:54:55.0956 2724        Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
14:54:56.0003 2724        Themes - ok
14:54:56.0050 2724        THREADORDER    (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
14:54:56.0143 2724        THREADORDER - ok
14:54:56.0175 2724        TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
14:54:56.0284 2724        TrkWks - ok
14:54:56.0346 2724        TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
14:54:56.0440 2724        TrustedInstaller - ok
14:54:56.0502 2724        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:54:56.0596 2724        tssecsrv - ok
14:54:56.0627 2724        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
14:54:56.0674 2724        TsUsbFlt - ok
14:54:56.0705 2724        TsUsbGD        (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
14:54:56.0752 2724        TsUsbGD - ok
14:54:56.0783 2724        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
14:54:56.0892 2724        tunnel - ok
14:54:56.0923 2724        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
14:54:56.0970 2724        uagp35 - ok
14:54:57.0017 2724        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
14:54:57.0126 2724        udfs - ok
14:54:57.0189 2724        UI0Detect      (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
14:54:57.0251 2724        UI0Detect - ok
14:54:57.0282 2724        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
14:54:57.0329 2724        uliagpkx - ok
14:54:57.0360 2724        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
14:54:57.0423 2724        umbus - ok
14:54:57.0438 2724        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
14:54:57.0501 2724        UmPass - ok
14:54:57.0547 2724        UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
14:54:57.0610 2724        UmRdpService - ok
14:54:57.0688 2724        upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
14:54:57.0781 2724        upnphost - ok
14:54:57.0828 2724        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:54:57.0844 2724        USBAAPL ( UnsignedFile.Multi.Generic ) - warning
14:54:57.0844 2724        USBAAPL - detected UnsignedFile.Multi.Generic (1)
14:54:57.0906 2724        usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
14:54:57.0984 2724        usbaudio - ok
14:54:58.0015 2724        usbccgp        (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
14:54:58.0078 2724        usbccgp - ok
14:54:58.0109 2724        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
14:54:58.0171 2724        usbcir - ok
14:54:58.0218 2724        usbehci        (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
14:54:58.0281 2724        usbehci - ok
14:54:58.0327 2724        usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
14:54:58.0390 2724        usbhub - ok
14:54:58.0405 2724        usbohci        (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
14:54:58.0452 2724        usbohci - ok
14:54:58.0499 2724        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\drivers\usbprint.sys
14:54:58.0561 2724        usbprint - ok
14:54:58.0608 2724        USBSTOR        (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:54:58.0655 2724        USBSTOR - ok
14:54:58.0702 2724        usbuhci        (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:54:58.0764 2724        usbuhci - ok
14:54:58.0811 2724        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
14:54:58.0858 2724        usbvideo - ok
14:54:58.0905 2724        UxSms          (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
14:54:59.0014 2724        UxSms - ok
14:54:59.0061 2724        VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
14:54:59.0092 2724        VaultSvc - ok
14:54:59.0123 2724        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
14:54:59.0170 2724        vdrvroot - ok
14:54:59.0232 2724        vds            (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
14:54:59.0357 2724        vds - ok
14:54:59.0388 2724        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
14:54:59.0435 2724        vga - ok
14:54:59.0466 2724        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
14:54:59.0575 2724        VgaSave - ok
14:54:59.0607 2724        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
14:54:59.0653 2724        vhdmp - ok
14:54:59.0685 2724        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
14:54:59.0731 2724        viaagp - ok
14:54:59.0763 2724        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
14:54:59.0825 2724        ViaC7 - ok
14:54:59.0856 2724        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
14:54:59.0919 2724        viaide - ok
14:54:59.0997 2724        vmbus          (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
14:55:00.0043 2724        vmbus - ok
14:55:00.0075 2724        VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
14:55:00.0121 2724        VMBusHID - ok
14:55:00.0168 2724        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
14:55:00.0215 2724        volmgr - ok
14:55:00.0262 2724        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
14:55:00.0309 2724        volmgrx - ok
14:55:00.0371 2724        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
14:55:00.0418 2724        volsnap - ok
14:55:00.0465 2724        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
14:55:00.0511 2724        vsmraid - ok
14:55:00.0621 2724        VSS            (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
14:55:00.0761 2724        VSS - ok
14:55:00.0792 2724        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
14:55:00.0855 2724        vwifibus - ok
14:55:00.0886 2724        vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
14:55:00.0948 2724        vwififlt - ok
14:55:00.0995 2724        W32Time        (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
14:55:01.0104 2724        W32Time - ok
14:55:01.0167 2724        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
14:55:01.0213 2724        WacomPen - ok
14:55:01.0245 2724        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:55:01.0338 2724        WANARP - ok
14:55:01.0354 2724        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:55:01.0447 2724        Wanarpv6 - ok
14:55:01.0635 2724        wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
14:55:01.0744 2724        wbengine - ok
14:55:01.0791 2724        WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
14:55:01.0853 2724        WbioSrvc - ok
14:55:01.0900 2724        wcncsvc        (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
14:55:01.0993 2724        wcncsvc - ok
14:55:02.0025 2724        WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
14:55:02.0134 2724        WcsPlugInService - ok
14:55:02.0181 2724        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
14:55:02.0227 2724        Wd - ok
14:55:02.0290 2724        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:55:02.0352 2724        Wdf01000 - ok
14:55:02.0383 2724        WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
14:55:02.0508 2724        WdiServiceHost - ok
14:55:02.0539 2724        WdiSystemHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
14:55:02.0602 2724        WdiSystemHost - ok
14:55:02.0649 2724        WebClient      (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
14:55:02.0727 2724        WebClient - ok
14:55:02.0773 2724        Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
14:55:02.0867 2724        Wecsvc - ok
14:55:02.0898 2724        wercplsupport  (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
14:55:02.0992 2724        wercplsupport - ok
14:55:03.0023 2724        WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
14:55:03.0132 2724        WerSvc - ok
14:55:03.0163 2724        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
14:55:03.0257 2724        WfpLwf - ok
14:55:03.0288 2724        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
14:55:03.0335 2724        WIMMount - ok
14:55:03.0366 2724        WinHttpAutoProxySvc - ok
14:55:03.0460 2724        Winmgmt        (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
14:55:03.0538 2724        Winmgmt - ok
14:55:03.0663 2724        WinRM          (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
14:55:03.0787 2724        WinRM - ok
14:55:03.0897 2724        WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
14:55:03.0959 2724        WinUsb - ok
14:55:04.0084 2724        Wlansvc        (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
14:55:04.0209 2724        Wlansvc - ok
14:55:04.0240 2724        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:55:04.0302 2724        WmiAcpi - ok
14:55:04.0380 2724        wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
14:55:04.0458 2724        wmiApSrv - ok
14:55:04.0677 2724        WMPNetworkSvc  (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:55:04.0786 2724        WMPNetworkSvc - ok
14:55:04.0833 2724        WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
14:55:04.0895 2724        WPCSvc - ok
14:55:04.0926 2724        WPDBusEnum      (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
14:55:05.0020 2724        WPDBusEnum - ok
14:55:05.0067 2724        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
14:55:05.0160 2724        ws2ifsl - ok
14:55:05.0176 2724        WSearch - ok
14:55:05.0269 2724        WTGService      (534c2d3d81b066fa24a075c224045654) C:\Program Files\Verbindungsassistent\WTGService.exe
14:55:05.0301 2724        WTGService - ok
14:55:05.0519 2724        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
14:55:05.0659 2724        wuauserv - ok
14:55:05.0862 2724        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
14:55:05.0987 2724        WudfPf - ok
14:55:06.0034 2724        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:55:06.0127 2724        WUDFRd - ok
14:55:06.0174 2724        wudfsvc        (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
14:55:06.0268 2724        wudfsvc - ok
14:55:06.0315 2724        WwanSvc        (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
14:55:06.0408 2724        WwanSvc - ok
14:55:06.0471 2724        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:55:07.0048 2724        \Device\Harddisk0\DR0 - ok
14:55:07.0063 2724        Boot (0x1200)  (862f690daf7406fe12e1e74105a3e036) \Device\Harddisk0\DR0\Partition0
14:55:07.0063 2724        \Device\Harddisk0\DR0\Partition0 - ok
14:55:07.0110 2724        Boot (0x1200)  (e331f12a58a92ccfac34356e15ed4822) \Device\Harddisk0\DR0\Partition1
14:55:07.0126 2724        \Device\Harddisk0\DR0\Partition1 - ok
14:55:07.0126 2724        ============================================================
14:55:07.0126 2724        Scan finished
14:55:07.0126 2724        ============================================================
14:55:07.0173 1888        Detected object count: 7
14:55:07.0173 1888        Actual detected object count: 7
14:58:04.0773 1888        DrvAgent32 ( UnsignedFile.Multi.Generic ) - skipped by user
14:58:04.0773 1888        DrvAgent32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:58:04.0783 1888        hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:58:04.0783 1888        hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:58:04.0783 1888        hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:58:04.0783 1888        hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:58:04.0813 1888        HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
14:58:04.0813 1888        HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:58:04.0823 1888        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:58:04.0823 1888        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:58:04.0823 1888        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:58:04.0823 1888        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:58:04.0843 1888        USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
14:58:04.0843 1888        USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
Liebe Grüße

Jürgen

cosinus 13.07.2012 20:48
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

gofurther 21.07.2012 23:07
Hallo Arne,

sorry hat ein wenig länger gedauert.

Hier das Log

Combofix Logfile:
Code:
ComboFix 12-07-21.01 - JPMK 21.07.2012  22:52:51.1.2 - x86
Microsoft Windows 7 Professional N  6.1.7601.1.1252.49.1031.18.2039.1376 [GMT 2:00]
ausgeführt von:: c:\users\JPMK\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-06-21 bis 2012-07-21  ))))))))))))))))))))))))))))))
.
.
2012-07-21 21:06 . 2012-07-21 21:06        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-07-14 01:13 . 2012-06-12 02:40        2345984        ----a-w-        c:\windows\system32\win32k.sys
2012-07-13 08:20 . 2012-06-02 04:45        67440        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2012-07-13 08:20 . 2012-06-02 04:45        134000        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2012-07-13 08:20 . 2012-06-02 04:40        369336        ----a-w-        c:\windows\system32\drivers\cng.sys
2012-07-13 08:20 . 2012-06-02 04:40        225280        ----a-w-        c:\windows\system32\schannel.dll
2012-07-13 08:20 . 2012-06-02 04:39        219136        ----a-w-        c:\windows\system32\ncrypt.dll
2012-07-13 08:20 . 2012-06-06 05:05        1390080        ----a-w-        c:\windows\system32\msxml6.dll
2012-07-13 08:20 . 2012-06-06 05:05        1236992        ----a-w-        c:\windows\system32\msxml3.dll
2012-07-13 08:20 . 2010-06-26 03:24        2048        ----a-w-        c:\windows\system32\msxml3r.dll
2012-07-13 08:19 . 2012-06-06 05:05        1019904        ----a-w-        c:\program files\Common Files\System\ado\msado15.dll
2012-07-13 08:19 . 2012-06-06 05:03        805376        ----a-w-        c:\windows\system32\cdosys.dll
2012-07-13 08:19 . 2012-06-06 05:05        143360        ----a-w-        c:\program files\Common Files\System\ado\msjro.dll
2012-07-13 08:19 . 2012-06-06 05:05        372736        ----a-w-        c:\program files\Common Files\System\ado\msadox.dll
2012-07-13 08:19 . 2012-06-06 05:05        57344        ----a-w-        c:\program files\Common Files\System\ado\msador15.dll
2012-07-13 08:19 . 2012-06-06 05:05        352256        ----a-w-        c:\program files\Common Files\System\ado\msadomd.dll
2012-07-13 08:19 . 2012-06-06 05:05        212992        ----a-w-        c:\program files\Common Files\System\msadc\msadco.dll
2012-07-11 09:25 . 2010-02-11 07:10        293376        ----a-w-        c:\windows\system32\browserchoice.exe
2012-07-06 11:33 . 2012-07-06 11:34        --------        d-----w-        c:\users\JPMK\AppData\Local\eSupport.com
2012-07-06 11:33 . 2012-07-06 11:33        23456        ----a-w-        c:\windows\system32\drivers\DrvAgent32.sys
2012-07-06 10:56 . 2012-07-06 10:56        --------        d-----w-        c:\program files\Lavalys
2012-07-05 13:18 . 2012-07-05 13:18        --------        d-----w-        c:\users\JPMK\AppData\Local\Diagnostics
2012-07-05 12:58 . 2012-07-05 12:58        --------        d-----w-        C:\_OTL
2012-06-24 12:09 . 2012-06-02 22:19        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-24 12:09 . 2012-06-02 22:19        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-24 12:09 . 2012-06-02 22:12        2422272        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-24 12:09 . 2012-06-02 22:19        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-24 12:09 . 2012-06-02 22:19        35864        ----a-w-        c:\windows\system32\wups.dll
2012-06-24 12:09 . 2012-06-02 22:19        577048        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-24 12:09 . 2012-06-02 22:12        88576        ----a-w-        c:\windows\system32\wudriver.dll
2012-06-24 12:08 . 2012-06-02 13:19        171904        ----a-w-        c:\windows\system32\wuwebv.dll
2012-06-24 12:08 . 2012-06-02 13:12        33792        ----a-w-        c:\windows\system32\wuapp.exe
2012-06-22 12:59 . 2012-06-22 12:59        --------        d-----w-        c:\program files\ESET
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-18 09:12 . 2012-06-18 07:59        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-18 09:12 . 2012-06-18 07:59        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-06-18 08:18 . 2012-06-18 08:19        772592        ----a-w-        c:\windows\system32\npDeployJava1.dll
2012-05-04 17:29 . 2011-09-20 08:00        687504        ----a-w-        c:\windows\system32\deployJava1.dll
2012-05-01 04:44 . 2012-06-14 09:56        164352        ----a-w-        c:\windows\system32\profsvc.dll
2012-04-28 03:17 . 2012-06-14 09:57        183808        ----a-w-        c:\windows\system32\drivers\rdpwd.sys
2012-04-26 04:45 . 2012-06-14 09:56        58880        ----a-w-        c:\windows\system32\rdpwsx.dll
2012-04-26 04:45 . 2012-06-14 09:56        129536        ----a-w-        c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41 . 2012-06-14 09:56        8192        ----a-w-        c:\windows\system32\rdrmemptylst.exe
2012-04-24 04:36 . 2012-06-14 09:58        1158656        ----a-w-        c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-14 09:58        140288        ----a-w-        c:\windows\system32\cryptsvc.dll
2012-04-24 04:36 . 2012-06-14 09:58        103936        ----a-w-        c:\windows\system32\cryptnet.dll
2012-06-14 22:19 . 2012-06-18 09:08        85472        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\JPMK\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\JPMK\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\JPMK\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\JPMK\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"HotkeyMon"="AsusSender.exe" [2011-07-13 34728]
"HotkeyService"="AsusSender.exe" [2011-07-13 34728]
"SuperHybridEngine"="AsusSender.exe" [2011-07-13 34728]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2010-08-12 1807240]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\JPMK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\JPMK\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37        843712        ----a-w-        c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreePDF Assistant]
2009-09-05 15:29        385024        ----a-w-        c:\program files\FreePDF_XP\fpassist.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-10-26 18:48        74752        ----a-w-        c:\program files\Winamp\winampa.exe
.
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [x]
R3 ewsercd;Huawei DataCard USB Serial Port;c:\windows\system32\DRIVERS\ewsercd.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]
S2 WTGService;WTGService;c:\program files\Verbindungsassistent\WTGService.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 netr28;Ralink 802.11n-Drahtlostreiber für Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation        REG_MULTI_SZ          SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
HPService        REG_MULTI_SZ          HPSLPSVC
HPZ12        REG_MULTI_SZ          Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
.
------- Zusätzlicher Suchlauf -------
.
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\JPMK\AppData\Roaming\Mozilla\Firefox\Profiles\0ykb3sya.default\
FF - prefs.js: browser.startup.homepage - www.jpmk.de
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1760)
c:\users\JPMK\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-21  23:18:04 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-07-21 21:18
.
Vor Suchlauf: 6 Verzeichnis(se), 274.147.090.432 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 274.070.659.072 Bytes frei
.
- - End Of File - - 24C47983AB0C650F19441F1D95CDDCFC
--- --- ---


Besten Dank im Voraus

Gruß

Jürgen

cosinus 23.07.2012 14:19
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

gofurther 28.07.2012 20:24
Hi Arne,

hier erstmal der Log von gmer

GMER Logfile:
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-28 21:19:35
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9320325AS rev.0005HPM1
Running: zlzz4nlq.exe; Driver: C:\Users\JPMK\AppData\Local\Temp\kxldypoc.sys


---- Kernel code sections - GMER 1.0.15 ----

.text          ntkrnlpa.exe!ZwRollbackEnlistment + 140D                                                                            81A833C9 1 Byte  [06]
.text          ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                              81ABCD52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text          peauth.sys                                                                                                          A8420C9D 28 Bytes  [04, 09, BC, 71, E9, C7, 2B, ...]
.text          peauth.sys                                                                                                          A8420CC1 28 Bytes  [04, 09, BC, 71, E9, C7, 2B, ...]

---- User IAT/EAT - GMER 1.0.15 ----

IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                    [73BF24CB] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                [73BD562E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                              [73BD56EC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                      [73BF2546] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                            [73BE85AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                              [73BE4D5E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                            [73BE5105] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                            [73BE51DA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP]                  [73BE6707] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                            [73BE8301] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                        [73BE8850] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                      [73BE90B1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                            [73BEE254] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1524] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                [73BE4C90] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                              rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                              rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device          \Driver\BTHUSB \Device\00000075                                                                                    bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)
Device          \Driver\BTHUSB \Device\00000077                                                                                    bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)
Device          \Driver\ACPI_HAL \Device\0000004e                                                                                  halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg            HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002243aec6fd                                       
Reg            HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg            HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                C:\Program Files\DAEMON Tools Lite\
Reg            HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0x00 0x00 0x00 0x00 ...
Reg            HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg            HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0xAC 0x48 0x66 0x1D ...
Reg            HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg            HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg            HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0x16 0x92 0xA3 0xD4 ...
Reg            HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg            HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x63 0x5E 0xFF 0xB1 ...
Reg            HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002243aec6fd (not active ControlSet)                   
Reg            HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg            HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    C:\Program Files\DAEMON Tools Lite\
Reg            HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0x00 0x00 0x00 0x00 ...
Reg            HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg            HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0xAC 0x48 0x66 0x1D ...
Reg            HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg            HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg            HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0x16 0x92 0xA3 0xD4 ...
Reg            HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg            HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x63 0x5E 0xFF 0xB1 ...

---- Files - GMER 1.0.15 ----

File            C:\ProgramData\Microsoft\RAC\Temp\sqlE7A0.tmp                                                                      20480 bytes
File            C:\ProgramData\Microsoft\RAC\Temp\sqlE85D.tmp                                                                      20480 bytes

---- EOF - GMER 1.0.15 ----
--- --- ---
Rest folgt.

Gruß

Jürgen

Hier das OSAM Logfile

OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 21:35:20 on 28.07.2012

OS: Windows 7  Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 13.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLCFG32.CPL
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Apple Mobile USB Driver" (USBAAPL) - "Apple, Inc." - C:\Windows\System32\Drivers\usbaapl.sys
"AsIO" (AsIO) - ? - C:\Windows\System32\drivers\AsIO.sys  (File found, but it contains no detailed information)
"AsUpIO" (AsUpIO) - ? - C:\Windows\System32\drivers\AsUpIO.sys  (File found, but it contains no detailed information)
"catchme" (catchme) - ? - C:\Users\JPMK\AppData\Local\Temp\catchme.sys  (File not found)
"DrvAgent32" (DrvAgent32) - "Phoenix Technologies" - C:\Windows\system32\Drivers\DrvAgent32.sys
"kxldypoc" (kxldypoc) - ? - C:\Users\JPMK\AppData\Local\Temp\kxldypoc.sys  (Hidden registry entry, rootkit activity | File not found)

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{653DCCC2-13DB-45B2-A389-427885776CFE} "Activities Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplact.dll
{3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{124597D8-850A-41AE-849C-017A4FA99CA2} "Buttons Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplbtn.dll
{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL
{3BEABCC1-BF31-42df-88D9-A2955D6B8528} "IntelliPoint Sensitivity Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplsens.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLSHEXT.DLL
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL
{C533AB49-9805-4972-8326-A084696B00F0} "Touch Mouse Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcpltouchmouse.dll
{1184D0ED-DBCE-4170-8DBB-4D0C3905DA85} "Touch Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcpltouch.dll
{7834E880-F0CC-4FA7-B4F3-FDB0F4E816A5} "Touch Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcpltouchstrip.dll
{AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} "Wheel Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplwhl.dll
{20082881-FC36-4E47-9A7A-644C95FF749F} "Wireless Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplwir.dll

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
{DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Dropbox.lnk" - "Dropbox, Inc." - C:\Users\JPMK\AppData\Roaming\Dropbox\bin\Dropbox.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Google Calendar Sync.lnk" - "Google" - C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe  (Shortcut exists | File exists)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"BCSSync" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"HotkeyMon" - "ASUSTek Computer Inc." - AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
"HotkeyService" - "ASUSTek Computer Inc." - AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
"HP Software Update" - "Hewlett-Packard" - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
"IntelliPoint" - "Microsoft Corporation" - "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"SuperHybridEngine" - "ASUSTek Computer Inc." - AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"eDocPortMonitor" - "May Software" - C:\Windows\system32\eDocPort.dll
"Redirected Port" - ? - C:\Windows\system32\redmonnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"Asus Launcher Service" (AsusService) - ? - C:\Windows\System32\AsusService.exe  (File found, but it contains no detailed information)
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
"HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll
"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll
"WTGService" (WTGService) - ? - C:\Program Files\Verbindungsassistent\WTGService.exe  (File found, but it contains no detailed information)

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code]

und hier der rest

Code:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-28 22:23:38
-----------------------------
22:23:38.985    OS Version: Windows 6.1.7601 Service Pack 1
22:23:38.985    Number of processors: 2 586 0x1C02
22:23:38.995    ComputerName: JPMK-PC  UserName: JPMK
22:23:40.585    Initialize success
22:24:02.474    AVAST engine defs: 12072801
22:24:13.734    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:24:13.744    Disk 0 Vendor: ST9320325AS 0005HPM1 Size: 305245MB BusType: 3
22:24:13.814    Disk 0 MBR read successfully
22:24:13.834    Disk 0 MBR scan
22:24:13.864    Disk 0 Windows 7 default MBR code
22:24:13.884    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
22:24:13.914    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      305143 MB offset 206848
22:24:13.944    Disk 0 scanning sectors +625139712
22:24:14.064    Disk 0 scanning C:\Windows\system32\drivers
22:24:35.024    Service scanning
22:25:23.744    Modules scanning
22:25:36.334    Disk 0 trace - called modules:
22:25:36.374   
22:25:36.404    Scan finished successfully
22:29:44.345    Disk 0 MBR has been saved successfully to "C:\Users\JPMK\Desktop\MBR.dat"
22:29:44.385    The log file has been saved successfully to "C:\Users\JPMK\Desktop\aswMBR.txt"
besten Dank im voraus. Bin gespannt wie es weiter geht?

LG

Jürgen

cosinus 29.07.2012 01:15
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

gofurther 29.07.2012 20:17
Hi Arne,

danke für Deine Ausdauer und Geduld.

Hier erstmal der malwarebyte log

Code:

29.07.2012 16:57:18
mbam-log-2012-07-29 (16-57-18).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 268795
Laufzeit: 1 Stunde(n), 55 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\_OTL\MovedFiles\07052012_145804\C_Windows\Installer\{05173853-bdba-7e93-ce4c-b002cfc95882}\U\00000004.@ (Rootkit.Zaccess) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

cosinus 29.07.2012 20:44
Ist nur ein Schädling in der Q von OTL, das ist ok
Fehlt noch das SASW Log

gofurther 29.07.2012 22:33
Code:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 07/29/2012 at 11:16 PM

Application Version : 5.5.1012

Core Rules Database Version : 8977
Trace Rules Database Version: 6789

Scan type      : Complete Scan
Total Scan Time : 01:23:21

Operating System Information
Windows 7 Professional-N 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator

Memory items scanned      : 691
Memory threats detected  : 0
Registry items scanned    : 35084
Registry threats detected : 0
File items scanned        : 27874
File threats detected    : 634

Adware.Tracking Cookie
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\jpmk@ad.zanox[1].txt [ /ad.zanox ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\jpmk@adtech[1].txt [ /adtech ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\jpmk@collective-media[2].txt [ /collective-media ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\jpmk@mediaplex[1].txt [ /mediaplex ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\jpmk@specificclick[1].txt [ /specificclick ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\jpmk@tradedoubler[1].txt [ /tradedoubler ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\jpmk@zanox-affiliate[1].txt [ /zanox-affiliate ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\jpmk@zanox[2].txt [ /zanox ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\NP84DW2O.txt [ /serving-sys.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\Q1Q3SCST.txt [ /ad2.adfarm1.adition.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\USIBK2ZC.txt [ /ad.yieldmanager.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\51TP2L7G.txt [ /ads.creative-serving.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\LV8VXZGC.txt [ /ad.360yield.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\E3IE912I.txt [ /bs.serving-sys.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\G8GJODH1.txt [ /ad3.adfarm1.adition.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\JJVLPCCS.txt [ /fl01.ct2.comclick.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\9Y02LBWA.txt [ /atdmt.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\NNKOQJ2Y.txt [ /apmebf.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\J8RDEUY0.txt [ /atwola.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\184BCFMO.txt [ /webmasterplan.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\WWRL0Q4Z.txt [ /ar.atwola.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\A2ZRLS8I.txt [ /tacoda.at.atwola.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\A628PO5K.txt [ /revsci.net ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\WOQUSC7L.txt [ /c.atdmt.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\SV1GLDRC.txt [ /doubleclick.net ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\3K1Q517T.txt [ /overture.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\JKKRDRM8.txt [ /2o7.net ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\SIH910EI.txt [ /adx.chip.de ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\K60EMCWS.txt [ /at.atwola.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\I3TN14B9.txt [ /advertising.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\DOA0YG7K.txt [ /adfarm1.adition.com ]
        C:\Users\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\1HVKNCJY.txt [ /invitemedia.com ]
        C:\USERS\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\CSN61NIC.txt [ Cookie:jpmk@adsonar.com/adserving ]
        C:\USERS\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\Low\jpmk@atdmt[2].txt [ Cookie:jpmk@atdmt.com/ ]
        C:\USERS\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\Low\jpmk@doubleclick[1].txt [ Cookie:jpmk@doubleclick.net/ ]
        C:\USERS\JPMK\AppData\Roaming\Microsoft\Windows\Cookies\Low\jpmk@2o7[1].txt [ Cookie:jpmk@2o7.net/ ]
        C:\USERS\JPMK\Cookies\NP84DW2O.txt [ Cookie:jpmk@serving-sys.com/ ]
        C:\USERS\JPMK\Cookies\Q1Q3SCST.txt [ Cookie:jpmk@ad2.adfarm1.adition.com/ ]
        C:\USERS\JPMK\Cookies\jpmk@adtech[1].txt [ Cookie:jpmk@adtech.de/ ]
        C:\USERS\JPMK\Cookies\USIBK2ZC.txt [ Cookie:jpmk@ad.yieldmanager.com/ ]
        C:\USERS\JPMK\Cookies\E3IE912I.txt [ Cookie:jpmk@bs.serving-sys.com/ ]
        C:\USERS\JPMK\Cookies\JJVLPCCS.txt [ Cookie:jpmk@fl01.ct2.comclick.com/ ]
        C:\USERS\JPMK\Cookies\9Y02LBWA.txt [ Cookie:jpmk@atdmt.com/ ]
        C:\USERS\JPMK\Cookies\CSN61NIC.txt [ Cookie:jpmk@adsonar.com/adserving ]
        C:\USERS\JPMK\Cookies\NNKOQJ2Y.txt [ Cookie:jpmk@apmebf.com/ ]
        C:\USERS\JPMK\Cookies\jpmk@collective-media[2].txt [ Cookie:jpmk@collective-media.net/ ]
        C:\USERS\JPMK\Cookies\J8RDEUY0.txt [ Cookie:jpmk@atwola.com/ ]
        C:\USERS\JPMK\Cookies\184BCFMO.txt [ Cookie:jpmk@webmasterplan.com/ ]
        C:\USERS\JPMK\Cookies\jpmk@ad.zanox[1].txt [ Cookie:jpmk@ad.zanox.com/ ]
        C:\USERS\JPMK\Cookies\WWRL0Q4Z.txt [ Cookie:jpmk@ar.atwola.com/ ]
        C:\USERS\JPMK\Cookies\A2ZRLS8I.txt [ Cookie:jpmk@tacoda.at.atwola.com/ ]
        C:\USERS\JPMK\Cookies\jpmk@zanox-affiliate[1].txt [ Cookie:jpmk@zanox-affiliate.de/ ]
        C:\USERS\JPMK\Cookies\WOQUSC7L.txt [ Cookie:jpmk@c.atdmt.com/ ]
        C:\USERS\JPMK\Cookies\jpmk@mediaplex[1].txt [ Cookie:jpmk@mediaplex.com/ ]
        C:\USERS\JPMK\Cookies\SV1GLDRC.txt [ Cookie:jpmk@doubleclick.net/ ]
        C:\USERS\JPMK\Cookies\3K1Q517T.txt [ Cookie:jpmk@overture.com/ ]
        C:\USERS\JPMK\Cookies\JKKRDRM8.txt [ Cookie:jpmk@2o7.net/ ]
        C:\USERS\JPMK\Cookies\SIH910EI.txt [ Cookie:jpmk@adx.chip.de/ ]
        C:\USERS\JPMK\Cookies\I3TN14B9.txt [ Cookie:jpmk@advertising.com/ ]
        C:\USERS\JPMK\Cookies\DOA0YG7K.txt [ Cookie:jpmk@adfarm1.adition.com/ ]
        C:\USERS\JPMK\Cookies\1HVKNCJY.txt [ Cookie:jpmk@invitemedia.com/ ]
        delivery.ibanner.de [ C:\USERS\JPMK\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U49PNKLP ]
        de.sitestat.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .vodafonegroup.122.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .mediabiz.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .mediabiz.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        adserver.musikmarkt.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .247realmedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .xiti.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        fl01.ct2.comclick.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .eyewonder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .guj.122.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        accounts.youtube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .fastclick.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .getclicky.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .static.getclicky.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        in.getclicky.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad1.emediate.dk [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad1.emediate.dk [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        fl01.ct2.comclick.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        fl01.ct2.comclick.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        fl01.ct2.comclick.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .velmedia.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ad.velmedia.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .clickboothlnk.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        media.stage-entertainment.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .stepstone.112.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        wstat.wibiya.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .philips.112.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.strohmedia.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .deutschepostag.112.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tacoda.at.atwola.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tacoda.at.atwola.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .smoothjazz.huguesmedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .smoothjazz.huguesmedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        media.joggen-online.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .4stats.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .4stats.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .xm.xtendmedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        count.asnetworks.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        adserver2.interwall.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .htc.122.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .businessenhanced.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .businessenhanced.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .cpvadverts.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .cpvadverts.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .paypal.112.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .4stats.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .4stats.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        s4.trafficmaxx.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        7.rotator.wigetmedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .loyaltypartner.122.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .hightraffic.hugoboss.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        statse.webtrendslive.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .mm.chitika.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        banner.studenten.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ict.infinity-tracking.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ict.infinity-tracking.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        zbox.zanox.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ads7.wwe.biz [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ads20.wwe-media.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .j2global.122.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .rambler.ru [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .harrenmedianetwork.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        e2.emediate.se [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .banners.victor.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .bwincom.122.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wjkyqhczohp.stats.esomniture.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        stat.dealtime.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .unister-adservices.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .conrad.122.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        partners.webmasterplan.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .countomat.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .a.revenuemax.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        server.adformdsp.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adformdsp.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .track.senzapudore.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .track.senzapudore.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .track.right-ads.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ads.fulltraffic.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .game-advertising-online.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .de.partypoker.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .myroitracking.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .realmedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .realmedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .nextag.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .nextag.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .fastclick.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornmd.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornmd.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .judgeporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .judgeporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.judgeporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .maturetubeporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .maturetubeporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tribalfusion.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.sunporno.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sunporno.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sunporno.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sunporno.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sunporno.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornper.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornper.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        adserver.hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        dev.hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.hardsextube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ads2.zeusclicks.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .largeporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .largeporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .largeporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornper.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornper.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornper.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornper.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        count.video.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        count.video.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        server.adform.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornjoy.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornjoy.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornjoy.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornjoy.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornjoy.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornjoy.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexvideomix.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexvideomix.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexvideomix.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexvideomix.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexvideomix.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexvideomix.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexvideomix.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.sexvideomix.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        pornzeus.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornzeus.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .yadro.ru [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tubesexmovies.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tubesexmovies.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tubesexmovies.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tubesexmovies.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.tubesexmovies.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tubesexmovies.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tubesexmovies.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tubesexmovies.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.batporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .batporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .batporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .batporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .batporn.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornjoy.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .trafficholder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .trafficholder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornjoy.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .trafficholder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .trafficholder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        teen-tube.mobi [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .epicporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .epicporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .epicporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .epicporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .epicporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .epicporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .epicporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .epicporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.royalporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.royalporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.royalporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.royalporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.royalporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.royalporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .syndication.traffichaus.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .syndication.traffichaus.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .syndication.traffichaus.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ads.crakmedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        traffic.brokerbabe.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        traffic.brokerbabe.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.hdpornmobile.xxx [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.hdpornmobile.xxx [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .stats.paypal.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        pornsharia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornsharia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornsharia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornsharia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        pornsharia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        pornsharia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornofilmpjes.nl [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornofilmpjes.nl [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornofilmpjes.nl [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        pornsharia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .exoclick.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        pornsharia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .trafficholder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornmovieshere.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        sexybass.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexybass.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexybass.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexybass.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .longporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .longporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .longporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        longporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.goldporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.goldporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .goldporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .goldporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .goldporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.goldporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        go.trafficshop.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        go.trafficshop.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.goldporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.goldporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.goldporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.goldporntube.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        sexinary.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexinary.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexinary.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .sexinary.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ads7.complexadvertising.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ads.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .exoclick.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornerbros.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adxpansion.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .statcounter.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .mediatraffic.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .mediatraffic.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        server.adform.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .zanox-affiliate.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .autoscout24.112.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        etracker.ikanobank.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.usenext.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        tomtailor.dyntracker.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        rts.pgmediaserve.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        rts.pgmediaserve.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        rts.pgmediaserve.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .rotator.wigetmedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        stat.easydate.biz [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        stat.ed.cupidplc.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .unitymedia.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .unitymedia.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        7.rotator.wigetmedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adviva.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        reztrack.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        reztrack.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        reztrack.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        reztrack.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        reztrack.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        reztrack.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad1.adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        delivery.atkmedia.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornme.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.adition.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.adition.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .content.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ww251.smartadserver.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        tracking.mobile.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad4.adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .microsoftwlsearchcrm.112.2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .interclick.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .interclick.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornme.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornme.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .pornme.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornme.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        www.pornme.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ads.metricsmedia.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ads.metricsmedia.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ads.metricsmedia.de [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .interclick.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .content.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\JPMK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YKB3SYA.DEFAULT\COOKIES.SQLITE ]
Das Programm hat 634 Items (Adware Tracking Cookies) gefunden. Soll ich auf remove threads klicken?

Gruß

Jürgen

cosinus 30.07.2012 08:54
Sieht ok aus, da wurden nur Cookies gefunden.
Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )


Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

gofurther 30.07.2012 18:34
Hi Arne,

es gibt keine weiteren Probleme. Vielen vielen Dank für Deine Unterstützung, deine Geduld und die guten Tipps.

:dankeschoen::huepp::singsing:

Wie kann ich mich erkenntlich zeigen?

beste Grüße Jürgen

cosinus 30.07.2012 20:45
Deine Dankbarkeit ist mir Erkenntlichkeit genug ;) aber wenn du magst kannst du das Forum mit einer kleinen Spende unterstützen (siehe Signatur von mir ganz unten) :)

Dann wären wir durch! :abklatsch:

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen:

Starte bitte OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.


Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken.


Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks => Adobe Flash Player Distribution | Adobe

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:45 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131