Trojaner-Board
Seite 3 von 4 12 3 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe (https://www.trojaner-board.de/125606-fehlermeldung-beim-neustart-c-users-user-appdata-local-temp-wgsdgsdgdsgsd-exe.html)

Cellar Door 17.10.2012 21:48
Hab sie gelöscht

cosinus 17.10.2012 22:03
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

Cellar Door 17.10.2012 22:21
Kaspersky Log:

Code:
23:18:42.0925 2332  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
23:18:43.0113 2332  ============================================================
23:18:43.0113 2332  Current date / time: 2012/10/17 23:18:43.0113
23:18:43.0113 2332  SystemInfo:
23:18:43.0113 2332 
23:18:43.0113 2332  OS Version: 6.1.7601 ServicePack: 1.0
23:18:43.0113 2332  Product type: Workstation
23:18:43.0113 2332  ComputerName: NATALIE-HP
23:18:43.0113 2332  UserName: Natalie
23:18:43.0113 2332  Windows directory: C:\Windows
23:18:43.0113 2332  System windows directory: C:\Windows
23:18:43.0113 2332  Running under WOW64
23:18:43.0113 2332  Processor architecture: Intel x64
23:18:43.0113 2332  Number of processors: 2
23:18:43.0113 2332  Page size: 0x1000
23:18:43.0113 2332  Boot type: Normal boot
23:18:43.0113 2332  ============================================================
23:18:44.0860 2332  BG loaded
23:18:45.0375 2332  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:18:45.0390 2332  ============================================================
23:18:45.0390 2332  \Device\Harddisk0\DR0:
23:18:45.0390 2332  MBR partitions:
23:18:45.0390 2332  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:18:45.0390 2332  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48098800
23:18:45.0390 2332  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x480FC800, BlocksNum 0x1F6B800
23:18:45.0390 2332  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A068000, BlocksNum 0x7EFAB0
23:18:45.0390 2332  ============================================================
23:18:45.0421 2332  C: <-> \Device\Harddisk0\DR0\Partition2
23:18:45.0453 2332  D: <-> \Device\Harddisk0\DR0\Partition3
23:18:45.0468 2332  E: <-> \Device\Harddisk0\DR0\Partition4
23:18:45.0468 2332  ============================================================
23:18:45.0468 2332  Initialize success
23:18:45.0468 2332  ============================================================
Ich hatte jetzt der Anweisung auf der Seite befolgt mit dem löschen und den Hinweis erst gerade gesehen, ich hoffe ich habe jetzt nichts verschlimmert

cosinus 18.10.2012 09:26
Log wurde falsch erstellt, bitte nochmal richtig machen

Cellar Door 18.10.2012 16:52
Log Kaspersky Part 1

Musste den Log aufteilen da die Zeichen begrenzt sind.

Code:
17:44:02.0217 3628  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
17:44:02.0337 3628  ============================================================
17:44:02.0337 3628  Current date / time: 2012/10/18 17:44:02.0337
17:44:02.0337 3628  SystemInfo:
17:44:02.0337 3628 
17:44:02.0337 3628  OS Version: 6.1.7601 ServicePack: 1.0
17:44:02.0337 3628  Product type: Workstation
17:44:02.0337 3628  ComputerName: NATALIE-HP
17:44:02.0337 3628  UserName: Natalie
17:44:02.0337 3628  Windows directory: C:\Windows
17:44:02.0337 3628  System windows directory: C:\Windows
17:44:02.0337 3628  Running under WOW64
17:44:02.0337 3628  Processor architecture: Intel x64
17:44:02.0337 3628  Number of processors: 2
17:44:02.0337 3628  Page size: 0x1000
17:44:02.0337 3628  Boot type: Normal boot
17:44:02.0337 3628  ============================================================
17:44:03.0807 3628  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:44:03.0807 3628  ============================================================
17:44:03.0807 3628  \Device\Harddisk0\DR0:
17:44:03.0807 3628  MBR partitions:
17:44:03.0807 3628  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:44:03.0807 3628  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48098800
17:44:03.0807 3628  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x480FC800, BlocksNum 0x1F6B800
17:44:03.0807 3628  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A068000, BlocksNum 0x7EFAB0
17:44:03.0807 3628  ============================================================
17:44:03.0827 3628  C: <-> \Device\Harddisk0\DR0\Partition2
17:44:03.0867 3628  D: <-> \Device\Harddisk0\DR0\Partition3
17:44:03.0877 3628  E: <-> \Device\Harddisk0\DR0\Partition4
17:44:03.0877 3628  ============================================================
17:44:03.0877 3628  Initialize success
17:44:03.0877 3628  ============================================================
17:45:13.0347 6840  ============================================================
17:45:13.0347 6840  Scan started
17:45:13.0347 6840  Mode: Manual; SigCheck; TDLFS;
17:45:13.0347 6840  ============================================================
17:45:17.0177 6840  ================ Scan system memory ========================
17:45:17.0177 6840  System memory - ok
17:45:17.0177 6840  ================ Scan services =============================
17:45:17.0487 6840  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:45:17.0657 6840  1394ohci - ok
17:45:17.0677 6840  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:45:17.0697 6840  ACPI - ok
17:45:17.0737 6840  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
17:45:17.0857 6840  AcpiPmi - ok
17:45:17.0987 6840  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:45:17.0997 6840  AdobeARMservice - ok
17:45:18.0147 6840  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:45:18.0167 6840  AdobeFlashPlayerUpdateSvc - ok
17:45:18.0227 6840  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
17:45:18.0247 6840  adp94xx - ok
17:45:18.0287 6840  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
17:45:18.0307 6840  adpahci - ok
17:45:18.0377 6840  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
17:45:18.0387 6840  adpu320 - ok
17:45:18.0427 6840  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
17:45:18.0617 6840  AeLookupSvc - ok
17:45:18.0757 6840  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
17:45:18.0817 6840  AFD - ok
17:45:18.0857 6840  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:45:18.0877 6840  agp440 - ok
17:45:18.0907 6840  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
17:45:19.0007 6840  ALG - ok
17:45:19.0127 6840  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:45:19.0137 6840  aliide - ok
17:45:19.0207 6840  [ 715B02B892C5BA46471EFC8DCD2AE934 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:45:19.0387 6840  AMD External Events Utility - ok
17:45:19.0507 6840  AMD FUEL Service - ok
17:45:19.0567 6840  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:45:19.0607 6840  amdide - ok
17:45:19.0667 6840  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
17:45:19.0687 6840  amdiox64 - ok
17:45:19.0737 6840  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
17:45:19.0787 6840  AmdK8 - ok
17:45:20.0157 6840  [ 7054D5D028B6CA727D0575192D633FA9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:45:20.0527 6840  amdkmdag - ok
17:45:20.0567 6840  [ 1CD2BC11467FD5FC7BE9827A9F3D8566 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:45:20.0637 6840  amdkmdap - ok
17:45:20.0757 6840  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:45:20.0787 6840  AmdPPM - ok
17:45:20.0887 6840  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
17:45:20.0907 6840  amdsata - ok
17:45:20.0927 6840  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:45:20.0947 6840  amdsbs - ok
17:45:20.0967 6840  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
17:45:20.0987 6840  amdxata - ok
17:45:21.0027 6840  [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
17:45:21.0037 6840  amd_sata - ok
17:45:21.0057 6840  [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
17:45:21.0067 6840  amd_xata - ok
17:45:21.0097 6840  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
17:45:21.0227 6840  AppID - ok
17:45:21.0257 6840  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:45:21.0307 6840  AppIDSvc - ok
17:45:21.0347 6840  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo        C:\Windows\System32\appinfo.dll
17:45:21.0387 6840  Appinfo - ok
17:45:21.0437 6840  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\drivers\arc.sys
17:45:21.0457 6840  arc - ok
17:45:21.0487 6840  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:45:21.0527 6840  arcsas - ok
17:45:21.0677 6840  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:45:21.0747 6840  aspnet_state - ok
17:45:21.0767 6840  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:45:21.0827 6840  AsyncMac - ok
17:45:21.0867 6840  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
17:45:21.0887 6840  atapi - ok
17:45:21.0957 6840  [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:45:21.0967 6840  AtiHDAudioService - ok
17:45:22.0007 6840  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:45:22.0087 6840  AudioEndpointBuilder - ok
17:45:22.0107 6840  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:45:22.0157 6840  AudioSrv - ok
17:45:22.0607 6840  [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent    C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
17:45:22.0727 6840  AVGIDSAgent - ok
17:45:22.0797 6840  [ F1A99DA71E6549D7D944596E15142866 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:45:22.0827 6840  AVGIDSDriver - ok
17:45:22.0857 6840  [ E6CB84918C1ABE84AAAF749D2EA4E764 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
17:45:22.0877 6840  AVGIDSHA - ok
17:45:22.0907 6840  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
17:45:22.0917 6840  Avgldx64 - ok
17:45:22.0947 6840  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga        C:\Windows\system32\DRIVERS\avgloga.sys
17:45:22.0957 6840  Avgloga - ok
17:45:22.0977 6840  [ EAFF19168F26FA225EB679547B718051 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
17:45:22.0997 6840  Avgmfx64 - ok
17:45:23.0027 6840  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
17:45:23.0037 6840  Avgrkx64 - ok
17:45:23.0097 6840  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia        C:\Windows\system32\DRIVERS\avgtdia.sys
17:45:23.0127 6840  Avgtdia - ok
17:45:23.0187 6840  [ A3B21D3CD9185734698AB4C5D7D8F182 ] avgtp          C:\Windows\system32\drivers\avgtpx64.sys
17:45:23.0207 6840  avgtp - ok
17:45:23.0237 6840  [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd          C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
17:45:23.0257 6840  avgwd - ok
17:45:23.0317 6840  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:45:23.0407 6840  AxInstSV - ok
17:45:23.0477 6840  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
17:45:23.0537 6840  b06bdrv - ok
17:45:23.0587 6840  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:45:23.0627 6840  b57nd60a - ok
17:45:23.0797 6840  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX        C:\Windows\system32\DRIVERS\bcmwl664.sys
17:45:23.0907 6840  BCM43XX - ok
17:45:23.0937 6840  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:45:23.0987 6840  BDESVC - ok
17:45:24.0037 6840  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:45:24.0087 6840  Beep - ok
17:45:24.0147 6840  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
17:45:24.0307 6840  BFE - ok
17:45:24.0367 6840  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:45:24.0467 6840  BITS - ok
17:45:24.0507 6840  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
17:45:24.0547 6840  blbdrive - ok
17:45:24.0577 6840  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:45:24.0607 6840  bowser - ok
17:45:24.0647 6840  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:45:24.0687 6840  BrFiltLo - ok
17:45:24.0797 6840  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:45:24.0837 6840  BrFiltUp - ok
17:45:24.0877 6840  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
17:45:24.0917 6840  Browser - ok
17:45:24.0987 6840  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
17:45:25.0067 6840  Brserid - ok
17:45:25.0107 6840  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:45:25.0147 6840  BrSerWdm - ok
17:45:25.0187 6840  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:45:25.0217 6840  BrUsbMdm - ok
17:45:25.0227 6840  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:45:25.0267 6840  BrUsbSer - ok
17:45:25.0287 6840  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:45:25.0317 6840  BTHMODEM - ok
17:45:25.0357 6840  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
17:45:25.0397 6840  bthserv - ok
17:45:25.0437 6840  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:45:25.0497 6840  cdfs - ok
17:45:25.0547 6840  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
17:45:25.0567 6840  cdrom - ok
17:45:25.0597 6840  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
17:45:25.0637 6840  CertPropSvc - ok
17:45:25.0677 6840  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
17:45:25.0707 6840  circlass - ok
17:45:25.0777 6840  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:45:25.0827 6840  CLFS - ok
17:45:26.0047 6840  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:45:26.0077 6840  clr_optimization_v2.0.50727_32 - ok
17:45:26.0187 6840  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:45:26.0217 6840  clr_optimization_v2.0.50727_64 - ok
17:45:26.0307 6840  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:45:26.0387 6840  clr_optimization_v4.0.30319_32 - ok
17:45:26.0437 6840  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:45:26.0447 6840  clr_optimization_v4.0.30319_64 - ok
17:45:26.0487 6840  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd          C:\Windows\system32\DRIVERS\clwvd.sys
17:45:26.0497 6840  clwvd - ok
17:45:26.0547 6840  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:45:26.0577 6840  CmBatt - ok
17:45:26.0587 6840  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:45:26.0607 6840  cmdide - ok
17:45:26.0647 6840  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\Windows\system32\Drivers\cng.sys
17:45:26.0677 6840  CNG - ok
17:45:26.0817 6840  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:45:26.0847 6840  Compbatt - ok
17:45:26.0917 6840  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:45:26.0967 6840  CompositeBus - ok
17:45:26.0987 6840  COMSysApp - ok
17:45:27.0047 6840  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
17:45:27.0077 6840  crcdisk - ok
17:45:27.0147 6840  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:45:27.0197 6840  CryptSvc - ok
17:45:27.0397 6840  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:45:27.0487 6840  cvhsvc - ok
17:45:27.0547 6840  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:45:27.0617 6840  DcomLaunch - ok
17:45:27.0647 6840  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
17:45:27.0707 6840  defragsvc - ok
17:45:27.0757 6840  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:45:27.0817 6840  DfsC - ok
17:45:27.0867 6840  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:45:27.0917 6840  Dhcp - ok
17:45:27.0937 6840  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:45:28.0007 6840  discache - ok
17:45:28.0077 6840  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
17:45:28.0097 6840  Disk - ok
17:45:28.0127 6840  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:45:28.0177 6840  Dnscache - ok
17:45:28.0207 6840  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
17:45:28.0267 6840  dot3svc - ok
17:45:28.0317 6840  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
17:45:28.0367 6840  DPS - ok
17:45:28.0407 6840  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
17:45:28.0437 6840  drmkaud - ok
17:45:28.0527 6840  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
17:45:28.0567 6840  DXGKrnl - ok
17:45:28.0607 6840  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
17:45:28.0677 6840  EapHost - ok
17:45:29.0117 6840  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\drivers\evbda.sys
17:45:29.0287 6840  ebdrv - ok
17:45:29.0357 6840  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
17:45:29.0557 6840  EFS - ok
17:45:29.0677 6840  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
17:45:29.0747 6840  ehRecvr - ok
17:45:29.0787 6840  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
17:45:29.0827 6840  ehSched - ok
17:45:29.0977 6840  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
17:45:30.0057 6840  elxstor - ok
17:45:30.0167 6840  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:45:30.0197 6840  ErrDev - ok
17:45:30.0277 6840  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
17:45:30.0337 6840  EventSystem - ok
17:45:30.0407 6840  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
17:45:30.0487 6840  exfat - ok
17:45:30.0527 6840  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
17:45:30.0597 6840  fastfat - ok
17:45:30.0657 6840  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
17:45:30.0727 6840  Fax - ok
17:45:30.0757 6840  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\drivers\fdc.sys
17:45:30.0797 6840  fdc - ok
17:45:30.0827 6840  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
17:45:30.0867 6840  fdPHost - ok
17:45:30.0887 6840  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:45:30.0947 6840  FDResPub - ok
17:45:31.0007 6840  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:45:31.0017 6840  FileInfo - ok
17:45:31.0047 6840  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
17:45:31.0117 6840  Filetrace - ok
17:45:31.0157 6840  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:45:31.0167 6840  flpydisk - ok
17:45:31.0237 6840  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:45:31.0257 6840  FltMgr - ok
17:45:31.0367 6840  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache      C:\Windows\system32\FntCache.dll
17:45:31.0507 6840  FontCache - ok
17:45:31.0577 6840  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:45:31.0607 6840  FontCache3.0.0.0 - ok
17:45:31.0667 6840  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
17:45:31.0707 6840  FsDepends - ok
17:45:31.0747 6840  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:45:31.0757 6840  Fs_Rec - ok
17:45:31.0817 6840  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:45:31.0847 6840  fvevol - ok
17:45:31.0877 6840  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:45:31.0897 6840  gagp30kx - ok
17:45:31.0937 6840  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:45:31.0957 6840  GamesAppService - ok
17:45:31.0997 6840  [ A4198F2BD8AA592CB90476277A81B5E1 ] ggflt          C:\Windows\system32\DRIVERS\ggflt.sys
17:45:32.0037 6840  ggflt - ok
17:45:32.0057 6840  [ D266350BDAAB9EB6C1AEC370EEAAFF3A ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
17:45:32.0077 6840  ggsemc - ok
17:45:32.0117 6840  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
17:45:32.0167 6840  gpsvc - ok
17:45:32.0217 6840  [ C1B577B2169900F4CF7190C39F085794 ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:45:32.0237 6840  gusvc - ok
17:45:32.0277 6840  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:45:32.0307 6840  hcw85cir - ok
17:45:32.0337 6840  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:45:32.0377 6840  HdAudAddService - ok
17:45:32.0407 6840  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:45:32.0447 6840  HDAudBus - ok
17:45:32.0457 6840  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
17:45:32.0487 6840  HidBatt - ok
17:45:32.0517 6840  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:45:32.0547 6840  HidBth - ok
17:45:32.0567 6840  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\drivers\hidir.sys
17:45:32.0587 6840  HidIr - ok
17:45:32.0617 6840  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
17:45:32.0677 6840  hidserv - ok
17:45:32.0717 6840  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:45:32.0737 6840  HidUsb - ok
17:45:32.0747 6840  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:45:32.0817 6840  hkmsvc - ok
17:45:32.0867 6840  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:45:32.0927 6840  HomeGroupListener - ok
17:45:32.0967 6840  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:45:32.0997 6840  HomeGroupProvider - ok
17:45:33.0107 6840  [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:45:33.0137 6840  HP Support Assistant Service - ok
17:45:33.0197 6840  [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:45:33.0217 6840  HPClientSvc - ok
17:45:33.0347 6840  [ 02CE63D8DD5E6DD5CEFF336191C0859E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:45:33.0367 6840  HPDrvMntSvc.exe - ok
17:45:33.0557 6840  [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:45:33.0587 6840  hpqcxs08 - ok
17:45:33.0617 6840  [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:45:33.0627 6840  hpqddsvc - ok
17:45:33.0717 6840  [ E7C7829BA0395E48F8C8FE16B8832344 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:45:33.0767 6840  hpqwmiex - ok
17:45:33.0807 6840  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:45:33.0817 6840  HpSAMD - ok
17:45:33.0887 6840  [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:45:33.0897 6840  HPWMISVC - ok
17:45:33.0947 6840  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:45:34.0017 6840  HTTP - ok
17:45:34.0037 6840  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:45:34.0047 6840  hwpolicy - ok
17:45:34.0097 6840  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:45:34.0117 6840  i8042prt - ok
17:45:34.0147 6840  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
17:45:34.0167 6840  iaStorV - ok
17:45:34.0357 6840  [ 2C3CC41FEFCB77E2826886E6B7EF93AE ] IconMan_R      C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
17:45:34.0407 6840  IconMan_R - ok
17:45:34.0497 6840  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:45:34.0547 6840  idsvc - ok
17:45:34.0577 6840  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
17:45:34.0587 6840  iirsp - ok
17:45:34.0647 6840  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:45:34.0727 6840  IKEEXT - ok
17:45:34.0757 6840  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:45:34.0777 6840  intelide - ok
17:45:34.0817 6840  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
17:45:34.0847 6840  intelppm - ok
17:45:34.0867 6840  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
17:45:34.0927 6840  IPBusEnum - ok
17:45:34.0947 6840  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:45:34.0987 6840  IpFilterDriver - ok
17:45:35.0077 6840  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:45:35.0187 6840  iphlpsvc - ok
17:45:35.0207 6840  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
17:45:35.0237 6840  IPMIDRV - ok
17:45:35.0247 6840  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
17:45:35.0307 6840  IPNAT - ok
17:45:35.0337 6840  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:45:35.0357 6840  IRENUM - ok
17:45:35.0367 6840  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:45:35.0377 6840  isapnp - ok
17:45:35.0447 6840  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:45:35.0497 6840  iScsiPrt - ok
17:45:35.0547 6840  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:45:35.0557 6840  kbdclass - ok
17:45:35.0577 6840  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:45:35.0607 6840  kbdhid - ok
17:45:35.0627 6840  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:45:35.0637 6840  KeyIso - ok
17:45:35.0697 6840  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:45:35.0717 6840  KSecDD - ok
17:45:35.0777 6840  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
17:45:35.0817 6840  KSecPkg - ok
17:45:35.0847 6840  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
17:45:35.0887 6840  ksthunk - ok
17:45:35.0927 6840  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
17:45:35.0987 6840  KtmRm - ok
17:45:36.0027 6840  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:45:36.0077 6840  LanmanServer - ok
17:45:36.0107 6840  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:45:36.0177 6840  LanmanWorkstation - ok
17:45:36.0197 6840  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:45:36.0257 6840  lltdio - ok
17:45:36.0297 6840  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
17:45:36.0367 6840  lltdsvc - ok
17:45:36.0387 6840  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
17:45:36.0437 6840  lmhosts - ok
17:45:36.0477 6840  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:45:36.0487 6840  LSI_FC - ok
17:45:36.0507 6840  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
17:45:36.0517 6840  LSI_SAS - ok
17:45:36.0557 6840  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:45:36.0567 6840  LSI_SAS2 - ok
17:45:36.0597 6840  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:45:36.0617 6840  LSI_SCSI - ok
17:45:36.0637 6840  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
17:45:36.0687 6840  luafv - ok
17:45:36.0747 6840  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
17:45:36.0767 6840  MBAMProtector - ok
17:45:36.0827 6840  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:45:36.0847 6840  MBAMScheduler - ok
17:45:36.0887 6840  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:45:36.0917 6840  MBAMService - ok
17:45:36.0977 6840  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
17:45:37.0007 6840  Mcx2Svc - ok
17:45:37.0027 6840  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\drivers\megasas.sys
17:45:37.0047 6840  megasas - ok
17:45:37.0087 6840  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:45:37.0117 6840  MegaSR - ok
17:45:37.0147 6840  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
17:45:37.0227 6840  MMCSS - ok
17:45:37.0247 6840  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
17:45:37.0327 6840  Modem - ok
17:45:37.0367 6840  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
17:45:37.0417 6840  monitor - ok
17:45:37.0427 6840  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:45:37.0447 6840  mouclass - ok
17:45:37.0477 6840  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
17:45:37.0507 6840  mouhid - ok
17:45:37.0537 6840  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:45:37.0547 6840  mountmgr - ok
17:45:37.0617 6840  [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:45:37.0627 6840  MozillaMaintenance - ok
17:45:37.0677 6840  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:45:37.0707 6840  mpio - ok
17:45:37.0727 6840  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:45:37.0777 6840  mpsdrv - ok
17:45:37.0837 6840  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:45:37.0907 6840  MpsSvc - ok
17:45:37.0947 6840  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:45:37.0987 6840  MRxDAV - ok
17:45:38.0007 6840  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:45:38.0057 6840  mrxsmb - ok
17:45:38.0097 6840  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:45:38.0147 6840  mrxsmb10 - ok
17:45:38.0177 6840  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:45:38.0197 6840  mrxsmb20 - ok
17:45:38.0217 6840  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:45:38.0237 6840  msahci - ok
17:45:38.0297 6840  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
17:45:38.0317 6840  msdsm - ok
17:45:38.0347 6840  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
17:45:38.0397 6840  MSDTC - ok
17:45:38.0447 6840  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:45:38.0497 6840  Msfs - ok
17:45:38.0517 6840  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
17:45:38.0577 6840  mshidkmdf - ok
17:45:38.0607 6840  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:45:38.0627 6840  msisadrv - ok
17:45:38.0657 6840  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
17:45:38.0737 6840  MSiSCSI - ok
17:45:38.0737 6840  msiserver - ok
17:45:38.0787 6840  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
17:45:38.0847 6840  MSKSSRV - ok
17:45:38.0867 6840  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:45:38.0917 6840  MSPCLOCK - ok
17:45:38.0957 6840  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
17:45:38.0997 6840  MSPQM - ok
17:45:39.0047 6840  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
17:45:39.0077 6840  MsRPC - ok
17:45:39.0097 6840  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:45:39.0117 6840  mssmbios - ok
17:45:39.0147 6840  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
17:45:39.0197 6840  MSTEE - ok
17:45:39.0217 6840  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:45:39.0237 6840  MTConfig - ok
17:45:39.0257 6840  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
17:45:39.0267 6840  Mup - ok
17:45:39.0307 6840  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:45:39.0367 6840  napagent - ok
17:45:39.0417 6840  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
17:45:39.0457 6840  NativeWifiP - ok
17:45:39.0507 6840  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:45:39.0577 6840  NDIS - ok
17:45:39.0617 6840  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
17:45:39.0667 6840  NdisCap - ok
17:45:39.0707 6840  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:45:39.0747 6840  NdisTapi - ok
17:45:39.0767 6840  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
17:45:39.0807 6840  Ndisuio - ok
17:45:39.0847 6840  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
17:45:39.0907 6840  NdisWan - ok
17:45:39.0937 6840  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
17:45:39.0967 6840  NDProxy - ok
17:45:40.0017 6840  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
17:45:40.0067 6840  NetBIOS - ok
17:45:40.0087 6840  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
17:45:40.0137 6840  NetBT - ok
17:45:40.0147 6840  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:45:40.0167 6840  Netlogon - ok
17:45:40.0207 6840  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:45:40.0277 6840  Netman - ok
17:45:40.0307 6840  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:40.0337 6840  NetMsmqActivator - ok
17:45:40.0357 6840  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:40.0377 6840  NetPipeActivator - ok
17:45:40.0417 6840  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:45:40.0487 6840  netprofm - ok
17:45:40.0517 6840  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:40.0527 6840  NetTcpActivator - ok
17:45:40.0537 6840  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:40.0547 6840  NetTcpPortSharing - ok
17:45:40.0587 6840  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
17:45:40.0607 6840  nfrd960 - ok
17:45:40.0667 6840  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:45:40.0727 6840  NlaSvc - ok
17:45:40.0767 6840  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:45:40.0837 6840  Npfs - ok
17:45:40.0887 6840  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
17:45:40.0927 6840  nsi - ok
17:45:40.0947 6840  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:45:41.0037 6840  nsiproxy - ok
17:45:41.0137 6840  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:45:41.0187 6840  Ntfs - ok
17:45:41.0207 6840  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:45:41.0257 6840  Null - ok
17:45:41.0287 6840  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
17:45:41.0327 6840  NVENETFD - ok
17:45:41.0357 6840  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:45:41.0367 6840  nvraid - ok
17:45:41.0427 6840  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:45:41.0457 6840  nvstor - ok
17:45:41.0487 6840  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:45:41.0507 6840  nv_agp - ok
17:45:41.0537 6840  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:45:41.0547 6840  ohci1394 - ok
17:45:41.0587 6840  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:45:41.0597 6840  ose - ok
17:45:41.0777 6840  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:45:41.0887 6840  osppsvc - ok
17:45:41.0937 6840  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:45:41.0977 6840  p2pimsvc - ok
17:45:42.0057 6840  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:45:42.0097 6840  p2psvc - ok
17:45:42.0127 6840  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\drivers\parport.sys
17:45:42.0147 6840  Parport - ok
17:45:42.0167 6840  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
17:45:42.0177 6840  partmgr - ok
17:45:42.0197 6840  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:45:42.0237 6840  PcaSvc - ok
17:45:42.0267 6840  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
17:45:42.0287 6840  pci - ok
17:45:42.0307 6840  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:45:42.0327 6840  pciide - ok
17:45:42.0357 6840  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:45:42.0377 6840  pcmcia - ok
17:45:42.0387 6840  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
17:45:42.0407 6840  pcw - ok
17:45:42.0477 6840  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:45:42.0557 6840  PEAUTH - ok
17:45:42.0677 6840  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:45:42.0707 6840  PerfHost - ok
17:45:42.0787 6840  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
17:45:42.0907 6840  pla - ok
17:45:42.0957 6840  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:45:42.0997 6840  PlugPlay - ok
17:45:43.0027 6840  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
17:45:43.0057 6840  PNRPAutoReg - ok
17:45:43.0127 6840  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
17:45:43.0137 6840  PNRPsvc - ok
17:45:43.0187 6840  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
17:45:43.0257 6840  PolicyAgent - ok
17:45:43.0297 6840  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
17:45:43.0357 6840  Power - ok
17:45:43.0397 6840  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:45:43.0447 6840  PptpMiniport - ok
17:45:43.0477 6840  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\drivers\processr.sys
17:45:43.0497 6840  Processor - ok
17:45:43.0547 6840  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
17:45:43.0577 6840  ProfSvc - ok
17:45:43.0607 6840  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:45:43.0617 6840  ProtectedStorage - ok
17:45:43.0637 6840  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:45:43.0687 6840  Psched - ok
17:45:43.0827 6840  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:45:43.0907 6840  ql2300 - ok
17:45:43.0947 6840  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:45:43.0957 6840  ql40xx - ok
17:45:43.0987 6840  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
17:45:44.0007 6840  QWAVE - ok
17:45:44.0037 6840  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:45:44.0057 6840  QWAVEdrv - ok
17:45:44.0077 6840  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:45:44.0127 6840  RasAcd - ok
17:45:44.0167 6840  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
17:45:44.0207 6840  RasAgileVpn - ok
17:45:44.0237 6840  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
17:45:44.0307 6840  RasAuto - ok
17:45:44.0337 6840  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
17:45:44.0387 6840  Rasl2tp - ok
17:45:44.0417 6840  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:45:44.0467 6840  RasMan - ok
17:45:44.0477 6840  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:45:44.0527 6840  RasPppoe - ok
17:45:44.0567 6840  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
17:45:44.0617 6840  RasSstp - ok
17:45:44.0677 6840  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
17:45:44.0757 6840  rdbss - ok
17:45:44.0767 6840  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
17:45:44.0797 6840  rdpbus - ok
17:45:44.0817 6840  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:45:44.0867 6840  RDPCDD - ok
17:45:44.0887 6840  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:45:44.0937 6840  RDPENCDD - ok
17:45:44.0957 6840  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:45:45.0007 6840  RDPREFMP - ok
17:45:45.0047 6840  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
17:45:45.0077 6840  RDPWD - ok
17:45:45.0117 6840  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:45:45.0137 6840  rdyboost - ok
17:45:45.0167 6840  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:45:45.0227 6840  RemoteAccess - ok
17:45:45.0257 6840  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:45:45.0307 6840  RemoteRegistry - ok
17:45:45.0337 6840  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:45:45.0387 6840  RpcEptMapper - ok
17:45:45.0407 6840  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:45:45.0447 6840  RpcLocator - ok
17:45:45.0487 6840  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
17:45:45.0527 6840  RpcSs - ok
17:45:45.0567 6840  [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
17:45:45.0577 6840  RSPCIESTOR - ok
17:45:45.0617 6840  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:45:45.0667 6840  rspndr - ok
17:45:45.0707 6840  [ A73ED14670220307874AD6BC2F279349 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
17:45:45.0727 6840  RTL8167 - ok
17:45:45.0787 6840  [ 507B708A731DED6B992E3F664A93288B ] RTL8192Ce      C:\Windows\system32\DRIVERS\rtl8192Ce.sys
17:45:45.0817 6840  RTL8192Ce - ok
17:45:45.0867 6840  [ 0031DD0C5D4446DA0A3E02617DC6D642 ] s1039bus        C:\Windows\system32\DRIVERS\s1039bus.sys
17:45:45.0887 6840  s1039bus - ok
17:45:45.0917 6840  [ 98C7DBE2290D8CB0235E9528F6A1A53D ] s1039mdfl      C:\Windows\system32\DRIVERS\s1039mdfl.sys
17:45:45.0927 6840  s1039mdfl - ok
17:45:45.0997 6840  [ 7EF052A067D862ECD2A2335914611074 ] s1039mdm        C:\Windows\system32\DRIVERS\s1039mdm.sys
17:45:46.0017 6840  s1039mdm - ok
17:45:46.0087 6840  [ BCC3F31F1FE1E78A5BA2CD6A0E44BA64 ] s1039mgmt      C:\Windows\system32\DRIVERS\s1039mgmt.sys
17:45:46.0107 6840  s1039mgmt - ok
17:45:46.0167 6840  [ A0CF11BFFA41176CCD54E701CEB68921 ] s1039nd5        C:\Windows\system32\DRIVERS\s1039nd5.sys
17:45:46.0197 6840  s1039nd5 - ok
17:45:46.0237 6840  [ BD2DA968C5DCEF51BA8014FBAC7A0B6A ] s1039obex      C:\Windows\system32\DRIVERS\s1039obex.sys
17:45:46.0277 6840  s1039obex - ok
17:45:46.0327 6840  [ 96B4051B65C1974258A8A33A03C0B082 ] s1039unic      C:\Windows\system32\DRIVERS\s1039unic.sys
17:45:46.0347 6840  s1039unic - ok
17:45:46.0367 6840  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
17:45:46.0387 6840  SamSs - ok
17:45:46.0397 6840  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:45:46.0407 6840  sbp2port - ok
17:45:46.0437 6840  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:45:46.0487 6840  SCardSvr - ok
17:45:46.0537 6840  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:45:46.0607 6840  scfilter - ok
17:45:46.0657 6840  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:45:46.0727 6840  Schedule - ok
17:45:46.0767 6840  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
17:45:46.0807 6840  SCPolicySvc - ok
17:45:46.0847 6840  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus          C:\Windows\system32\DRIVERS\sdbus.sys
17:45:46.0877 6840  sdbus - ok
17:45:46.0907 6840  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:45:46.0967 6840  SDRSVC - ok
17:45:46.0997 6840  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:45:47.0037 6840  secdrv - ok
17:45:47.0067 6840  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:45:47.0107 6840  seclogon - ok
17:45:47.0127 6840  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:45:47.0187 6840  SENS - ok
17:45:47.0197 6840  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:45:47.0237 6840  SensrSvc - ok
17:45:47.0277 6840  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\drivers\serenum.sys
17:45:47.0287 6840  Serenum - ok
17:45:47.0307 6840  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
17:45:47.0337 6840  Serial - ok
17:45:47.0377 6840  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:45:47.0407 6840  sermouse - ok
17:45:47.0437 6840  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:45:47.0497 6840  SessionEnv - ok
17:45:47.0517 6840  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
17:45:47.0537 6840  sffdisk - ok
17:45:47.0547 6840  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:45:47.0587 6840  sffp_mmc - ok
17:45:47.0607 6840  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
17:45:47.0637 6840  sffp_sd - ok
17:45:47.0667 6840  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
17:45:47.0687 6840  sfloppy - ok
17:45:47.0737 6840  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs          C:\Windows\system32\DRIVERS\Sftfslh.sys
17:45:47.0757 6840  Sftfs - ok
17:45:47.0827 6840  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist        C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:45:47.0857 6840  sftlist - ok
17:45:47.0907 6840  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay        C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:45:47.0917 6840  Sftplay - ok
17:45:47.0947 6840  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:45:47.0957 6840  Sftredir - ok
17:45:48.0007 6840  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
17:45:48.0017 6840  Sftvol - ok
17:45:48.0037 6840  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:45:48.0057 6840  sftvsa - ok
17:45:48.0087 6840  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:45:48.0147 6840  SharedAccess - ok
17:45:48.0177 6840  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:45:48.0227 6840  ShellHWDetection - ok
17:45:48.0267 6840  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:45:48.0287 6840  SiSRaid2 - ok
17:45:48.0317 6840  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:45:48.0327 6840  SiSRaid4 - ok
17:45:48.0357 6840  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
17:45:48.0417 6840  Smb - ok
17:45:48.0447 6840  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:45:48.0477 6840  SNMPTRAP - ok
17:45:48.0507 6840  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
17:45:48.0517 6840  spldr - ok
17:45:48.0557 6840  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
17:45:48.0597 6840  Spooler - ok
17:45:48.0717 6840  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:45:48.0817 6840  sppsvc - ok
17:45:48.0857 6840  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
17:45:48.0897 6840  sppuinotify - ok
17:45:48.0927 6840  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
17:45:48.0967 6840  srv - ok
17:45:49.0047 6840  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:45:49.0097 6840  srv2 - ok
17:45:49.0137 6840  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA      C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:45:49.0157 6840  SrvHsfHDA - ok
17:45:49.0267 6840  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92      C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:45:49.0347 6840  SrvHsfV92 - ok
17:45:49.0427 6840  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac    C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:45:49.0477 6840  SrvHsfWinac - ok
17:45:49.0537 6840  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:45:49.0577 6840  srvnet - ok
17:45:49.0607 6840  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
17:45:49.0667 6840  SSDPSRV - ok
17:45:49.0687 6840  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
17:45:49.0727 6840  SstpSvc - ok
17:45:49.0787 6840  [ 293A556E04F815477AE93E07B35065E6 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
17:45:49.0827 6840  STacSV - ok
17:45:49.0847 6840  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:45:49.0867 6840  stexstor - ok
17:45:49.0917 6840  [ AA3C0336514C239A171F00A6902B59B8 ] STHDA          C:\Windows\system32\DRIVERS\stwrt64.sys
17:45:49.0947 6840  STHDA - ok
17:45:49.0987 6840  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
17:45:50.0027 6840  StillCam - ok
17:45:50.0067 6840  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:45:50.0177 6840  stisvc - ok
17:45:50.0197 6840  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:45:50.0207 6840  swenum - ok
17:45:50.0237 6840  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
17:45:50.0297 6840  swprv - ok
17:45:50.0347 6840  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
17:45:50.0367 6840  SynTP - ok
17:45:50.0427 6840  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
17:45:50.0517 6840  SysMain - ok
17:45:50.0547 6840  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:45:50.0577 6840  TabletInputService - ok
17:45:50.0647 6840  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
17:45:50.0697 6840  TapiSrv - ok
17:45:50.0737 6840  [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd          C:\Windows\system32\drivers\tbhsd.sys
17:45:50.0747 6840  tbhsd - ok
17:45:50.0777 6840  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
17:45:50.0827 6840  TBS - ok
17:45:50.0907 6840  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
17:45:50.0987 6840  Tcpip - ok
17:45:51.0047 6840  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:45:51.0097 6840  TCPIP6 - ok
17:45:51.0127 6840  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:45:51.0187 6840  tcpipreg - ok
17:45:51.0197 6840  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:45:51.0237 6840  TDPIPE - ok
17:45:51.0257 6840  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
17:45:51.0267 6840  TDTCP - ok
17:45:51.0287 6840  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
17:45:51.0347 6840  tdx - ok
17:45:51.0377 6840  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:45:51.0397 6840  TermDD - ok
17:45:51.0467 6840  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
17:45:51.0567 6840  TermService - ok
17:45:51.0607 6840  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:45:51.0627 6840  Themes - ok
17:45:51.0667 6840  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
17:45:51.0707 6840  THREADORDER - ok
17:45:51.0747 6840  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:45:51.0797 6840  TrkWks - ok
17:45:51.0847 6840  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:45:51.0907 6840  TrustedInstaller - ok
17:45:51.0937 6840  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:45:51.0987 6840  tssecsrv - ok
17:45:52.0007 6840  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:45:52.0037 6840  TsUsbFlt - ok
17:45:52.0067 6840  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
17:45:52.0107 6840  TsUsbGD - ok
17:45:52.0147 6840  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:45:52.0207 6840  tunnel - ok
17:45:52.0237 6840  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:45:52.0247 6840  uagp35 - ok
17:45:52.0317 6840  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:45:52.0397 6840  udfs - ok
17:45:52.0427 6840  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
17:45:52.0437 6840  UI0Detect - ok
17:45:52.0457 6840  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:45:52.0477 6840  uliagpkx - ok
17:45:52.0507 6840  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
17:45:52.0537 6840  umbus - ok
17:45:52.0547 6840  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:45:52.0577 6840  UmPass - ok
17:45:52.0627 6840  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:45:52.0687 6840  upnphost - ok
17:45:52.0717 6840  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
17:45:52.0787 6840  usbccgp - ok
17:45:52.0817 6840  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:45:52.0837 6840  usbcir - ok
17:45:52.0867 6840  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
17:45:52.0897 6840  usbehci - ok
17:45:52.0917 6840  [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter      C:\Windows\system32\DRIVERS\usbfilter.sys
17:45:52.0927 6840  usbfilter - ok
17:45:52.0947 6840  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:45:52.0977 6840  usbhub - ok
17:45:52.0997 6840  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
17:45:53.0017 6840  usbohci - ok
17:45:53.0057 6840  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
17:45:53.0077 6840  usbprint - ok
17:45:53.0097 6840  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:45:53.0137 6840  USBSTOR - ok
17:45:53.0157 6840  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
17:45:53.0177 6840  usbuhci - ok
17:45:53.0207 6840  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
17:45:53.0227 6840  usbvideo - ok
17:45:53.0257 6840  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
17:45:53.0287 6840  usb_rndisx - ok
17:45:53.0307 6840  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
17:45:53.0377 6840  UxSms - ok
17:45:53.0397 6840  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:45:53.0407 6840  VaultSvc - ok
17:45:53.0427 6840  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:45:53.0447 6840  vdrvroot - ok
17:45:53.0477 6840  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
17:45:53.0557 6840  vds - ok
17:45:53.0597 6840  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
17:45:53.0617 6840  vga - ok
17:45:53.0637 6840  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
17:45:53.0697 6840  VgaSave - ok
17:45:53.0717 6840  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
17:45:53.0737 6840  vhdmp - ok
17:45:53.0757 6840  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:45:53.0787 6840  viaide - ok
17:45:53.0827 6840  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:45:53.0837 6840  volmgr - ok
17:45:53.0857 6840  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
17:45:53.0877 6840  volmgrx - ok
17:45:53.0917 6840  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
17:45:53.0937 6840  volsnap - ok
17:45:53.0977 6840  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
17:45:53.0997 6840  vsmraid - ok
17:45:54.0087 6840  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
17:45:54.0207 6840  VSS - ok
17:45:54.0297 6840  [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
17:45:54.0327 6840  vToolbarUpdater12.2.6 - ok
17:45:54.0377 6840  [ F117D00BBB401C61CE3E9F3B846D0821 ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
17:45:54.0407 6840  vToolbarUpdater13.2.0 - ok
17:45:54.0417 6840  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:45:54.0447 6840  vwifibus - ok
17:45:54.0477 6840  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:45:54.0497 6840  vwififlt - ok
17:45:54.0527 6840  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
17:45:54.0577 6840  W32Time - ok
17:45:54.0607 6840  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:45:54.0647 6840  WacomPen - ok
17:45:54.0697 6840  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:45:54.0737 6840  WANARP - ok
17:45:54.0747 6840  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:45:54.0787 6840  Wanarpv6 - ok
17:45:54.0857 6840  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:45:54.0957 6840  wbengine - ok
17:45:54.0987 6840  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:45:55.0017 6840  WbioSrvc - ok
17:45:55.0067 6840  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
17:45:55.0117 6840  wcncsvc - ok
17:45:55.0127 6840  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:45:55.0157 6840  WcsPlugInService - ok
17:45:55.0187 6840  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
17:45:55.0197 6840  Wd - ok
17:45:55.0237 6840  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:45:55.0257 6840  Wdf01000 - ok
17:45:55.0297 6840  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:45:55.0387 6840  WdiServiceHost - ok
17:45:55.0397 6840  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
17:45:55.0417 6840  WdiSystemHost - ok
17:45:55.0447 6840  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
17:45:55.0497 6840  WebClient - ok
17:45:55.0557 6840  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:45:55.0627 6840  Wecsvc - ok
17:45:55.0647 6840  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
17:45:55.0687 6840  wercplsupport - ok
17:45:55.0707 6840  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:45:55.0747 6840  WerSvc - ok
17:45:55.0787 6840  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:45:55.0827 6840  WfpLwf - ok
17:45:55.0847 6840  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:45:55.0857 6840  WIMMount - ok
17:45:55.0897 6840  WinDefend - ok
17:45:55.0907 6840  WinHttpAutoProxySvc - ok
17:45:55.0977 6840  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
17:45:56.0047 6840  Winmgmt - ok
17:45:56.0127 6840  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
17:45:56.0237 6840  WinRM - ok
17:45:56.0287 6840  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:45:56.0317 6840  WinUsb - ok
17:45:56.0357 6840  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
17:45:56.0407 6840  Wlansvc - ok
17:45:56.0457 6840  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:45:56.0467 6840  wlcrasvc - ok
17:45:56.0707 6840  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:45:56.0797 6840  wlidsvc - ok
17:45:56.0837 6840  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
17:45:56.0857 6840  WmiAcpi - ok
17:45:56.0887 6840  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:45:56.0937 6840  wmiApSrv - ok
17:45:56.0967 6840  WMPNetworkSvc - ok
17:45:56.0987 6840  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:45:57.0017 6840  WPCSvc - ok
17:45:57.0027 6840  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:45:57.0047 6840  WPDBusEnum - ok
17:45:57.0077 6840  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
17:45:57.0137 6840  ws2ifsl - ok
17:45:57.0167 6840  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:45:57.0197 6840  wscsvc - ok
17:45:57.0257 6840  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
17:45:57.0287 6840  WSDPrintDevice - ok
17:45:57.0297 6840  WSearch - ok
17:45:57.0417 6840  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:45:57.0517 6840  wuauserv - ok
17:45:57.0547 6840  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:45:57.0597 6840  WudfPf - ok
17:45:57.0647 6840  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:45:57.0707 6840  WUDFRd - ok
17:45:57.0727 6840  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
17:45:57.0767 6840  wudfsvc - ok
17:45:57.0807 6840  [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc        C:\Windows\System32\wwansvc.dll
17:45:57.0857 6840  WwanSvc - ok
17:45:57.0887 6840  ================ Scan global ===============================
17:45:57.0917 6840  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:45:57.0957 6840  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:45:57.0967 6840  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:45:57.0997 6840  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:45:58.0027 6840  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:45:58.0027 6840  [Global] - ok
17:45:58.0027 6840  ================ Scan MBR ==================================
17:45:58.0037 6840  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:46:00.0317 6840  \Device\Harddisk0\DR0 - ok
17:46:00.0317 6840  ================ Scan VBR ==================================
17:46:00.0337 6840  [ 36CA5B3828452A54C26591083E50DAEA ] \Device\Harddisk0\DR0\Partition1
17:46:00.0367 6840  \Device\Harddisk0\DR0\Partition1 - ok
17:46:00.0377 6840  [ A31ECB611B7EB1CE3426DBE05B5C864E ] \Device\Harddisk0\DR0\Partition2
17:46:00.0387 6840  \Device\Harddisk0\DR0\Partition2 - ok
17:46:00.0417 6840  [ E8C8D218B33D85140C04804829E23F62 ] \Device\Harddisk0\DR0\Partition3
17:46:00.0417 6840  \Device\Harddisk0\DR0\Partition3 - ok
17:46:00.0477 6840  [ 7D1A8692A9F14A8006184433C8AE8FDC ] \Device\Harddisk0\DR0\Partition4
17:46:00.0477 6840  \Device\Harddisk0\DR0\Partition4 - ok
17:46:00.0487 6840  ============================================================
17:46:00.0487 6840  Scan finished
17:46:00.0487 6840  ============================================================
17:46:00.0507 3224  Detected object count: 0
17:46:00.0507 3224  Actual detected object count: 0
17:46:12.0527 6756  ============================================================
17:46:12.0527 6756  Scan started
17:46:12.0527 6756  Mode: Manual; SigCheck; TDLFS;
17:46:12.0527 6756  ============================================================
17:46:13.0157 6756  ================ Scan system memory ========================
17:46:13.0157 6756  System memory - ok
17:46:13.0167 6756  ================ Scan services =============================
17:46:14.0057 6756  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:46:14.0097 6756  1394ohci - ok
17:46:14.0137 6756  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:46:14.0157 6756  ACPI - ok
17:46:14.0197 6756  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
17:46:14.0217 6756  AcpiPmi - ok
17:46:14.0417 6756  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:46:14.0437 6756  AdobeARMservice - ok
17:46:15.0107 6756  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:46:15.0137 6756  AdobeFlashPlayerUpdateSvc - ok
17:46:15.0187 6756  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
17:46:15.0217 6756  adp94xx - ok
17:46:15.0267 6756  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
17:46:15.0297 6756  adpahci - ok
17:46:15.0327 6756  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
17:46:15.0337 6756  adpu320 - ok
17:46:15.0397 6756  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
17:46:15.0447 6756  AeLookupSvc - ok
17:46:15.0497 6756  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
17:46:15.0517 6756  AFD - ok
17:46:15.0577 6756  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:46:15.0597 6756  agp440 - ok
17:46:15.0627 6756  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
17:46:15.0647 6756  ALG - ok
17:46:15.0677 6756  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:46:15.0707 6756  aliide - ok
17:46:15.0747 6756  [ 715B02B892C5BA46471EFC8DCD2AE934 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:46:15.0767 6756  AMD External Events Utility - ok
17:46:15.0847 6756  AMD FUEL Service - ok
17:46:15.0907 6756  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:46:15.0917 6756  amdide - ok
17:46:15.0937 6756  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
17:46:15.0947 6756  amdiox64 - ok
17:46:15.0967 6756  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
17:46:15.0977 6756  AmdK8 - ok
17:46:16.0387 6756  [ 7054D5D028B6CA727D0575192D633FA9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:46:16.0537 6756  amdkmdag - ok
17:46:16.0587 6756  [ 1CD2BC11467FD5FC7BE9827A9F3D8566 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:46:16.0617 6756  amdkmdap - ok
17:46:16.0647 6756  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:46:16.0657 6756  AmdPPM - ok
17:46:16.0687 6756  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
17:46:16.0697 6756  amdsata - ok
17:46:16.0727 6756  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:46:16.0747 6756  amdsbs - ok
17:46:16.0777 6756  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
17:46:16.0787 6756  amdxata - ok
17:46:16.0827 6756  [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
17:46:16.0837 6756  amd_sata - ok
17:46:16.0867 6756  [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
17:46:16.0877 6756  amd_xata - ok
17:46:16.0907 6756  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
17:46:16.0947 6756  AppID - ok
17:46:16.0987 6756  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:46:17.0027 6756  AppIDSvc - ok
17:46:17.0037 6756  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo        C:\Windows\System32\appinfo.dll
17:46:17.0077 6756  Appinfo - ok
17:46:17.0107 6756  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\drivers\arc.sys
17:46:17.0117 6756  arc - ok
17:46:17.0147 6756  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:46:17.0167 6756  arcsas - ok
17:46:17.0247 6756  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:46:17.0277 6756  aspnet_state - ok
17:46:17.0297 6756  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:46:17.0327 6756  AsyncMac - ok
17:46:17.0357 6756  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
17:46:17.0377 6756  atapi - ok
17:46:17.0407 6756  [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:46:17.0427 6756  AtiHDAudioService - ok
17:46:17.0457 6756  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:46:17.0497 6756  AudioEndpointBuilder - ok
17:46:17.0527 6756  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:46:17.0577 6756  AudioSrv - ok
17:46:17.0977 6756  [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent    C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
17:46:18.0087 6756  AVGIDSAgent - ok
17:46:18.0157 6756  [ F1A99DA71E6549D7D944596E15142866 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:46:18.0177 6756  AVGIDSDriver - ok
17:46:18.0207 6756  [ E6CB84918C1ABE84AAAF749D2EA4E764 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
17:46:18.0217 6756  AVGIDSHA - ok
17:46:18.0247 6756  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
17:46:18.0267 6756  Avgldx64 - ok
17:46:18.0327 6756  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga        C:\Windows\system32\DRIVERS\avgloga.sys
17:46:18.0357 6756  Avgloga - ok
17:46:18.0387 6756  [ EAFF19168F26FA225EB679547B718051 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
17:46:18.0397 6756  Avgmfx64 - ok
17:46:18.0457 6756  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
17:46:18.0487 6756  Avgrkx64 - ok
17:46:18.0517 6756  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia        C:\Windows\system32\DRIVERS\avgtdia.sys
17:46:18.0537 6756  Avgtdia - ok
17:46:18.0567 6756  [ A3B21D3CD9185734698AB4C5D7D8F182 ] avgtp          C:\Windows\system32\drivers\avgtpx64.sys
17:46:18.0597 6756  avgtp - ok
17:46:18.0657 6756  [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd          C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
17:46:18.0667 6756  avgwd - ok
17:46:18.0737 6756  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:46:18.0767 6756  AxInstSV - ok
17:46:18.0837 6756  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
17:46:18.0857 6756  b06bdrv - ok
17:46:18.0907 6756  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:46:18.0927 6756  b57nd60a - ok
17:46:19.0007 6756  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX        C:\Windows\system32\DRIVERS\bcmwl664.sys
17:46:19.0047 6756  BCM43XX - ok
17:46:19.0087 6756  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:46:19.0097 6756  BDESVC - ok
17:46:19.0137 6756  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:46:19.0177 6756  Beep - ok
17:46:19.0247 6756  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
17:46:19.0307 6756  BFE - ok
17:46:19.0357 6756  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:46:19.0407 6756  BITS - ok
17:46:19.0477 6756  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
17:46:19.0497 6756  blbdrive - ok
17:46:19.0547 6756  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:46:19.0567 6756  bowser - ok
17:46:19.0587 6756  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:46:19.0597 6756  BrFiltLo - ok
17:46:19.0627 6756  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:46:19.0657 6756  BrFiltUp - ok
17:46:19.0717 6756  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
17:46:19.0737 6756  Browser - ok
17:46:19.0777 6756  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
17:46:19.0807 6756  Brserid - ok
17:46:19.0887 6756  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:46:19.0907 6756  BrSerWdm - ok
17:46:19.0937 6756  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:46:19.0947 6756  BrUsbMdm - ok
17:46:19.0967 6756  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:46:19.0977 6756  BrUsbSer - ok
17:46:19.0997 6756  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:46:20.0017 6756  BTHMODEM - ok
17:46:20.0067 6756  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
17:46:20.0107 6756  bthserv - ok
17:46:20.0157 6756  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:46:20.0197 6756  cdfs - ok
17:46:20.0267 6756  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
17:46:20.0287 6756  cdrom - ok
17:46:20.0347 6756  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
17:46:20.0407 6756  CertPropSvc - ok
17:46:20.0457 6756  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
17:46:20.0487 6756  circlass - ok
17:46:20.0557 6756  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:46:20.0577 6756  CLFS - ok
17:46:20.0657 6756  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:46:20.0687 6756  clr_optimization_v2.0.50727_32 - ok
17:46:20.0747 6756  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:46:20.0757 6756  clr_optimization_v2.0.50727_64 - ok
17:46:20.0917 6756  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:46:20.0927 6756  clr_optimization_v4.0.30319_32 - ok
17:46:21.0007 6756  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:46:21.0017 6756  clr_optimization_v4.0.30319_64 - ok
17:46:21.0057 6756  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd          C:\Windows\system32\DRIVERS\clwvd.sys
17:46:21.0067 6756  clwvd - ok
17:46:21.0097 6756  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:46:21.0117 6756  CmBatt - ok
17:46:21.0127 6756  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:46:21.0137 6756  cmdide - ok
17:46:21.0197 6756  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\Windows\system32\Drivers\cng.sys
17:46:21.0217 6756  CNG - ok
17:46:21.0237 6756  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:46:21.0247 6756  Compbatt - ok
17:46:21.0287 6756  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:46:21.0307 6756  CompositeBus - ok
17:46:21.0307 6756  COMSysApp - ok
17:46:21.0337 6756  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
17:46:21.0347 6756  crcdisk - ok
17:46:21.0397 6756  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:46:21.0407 6756  CryptSvc - ok
17:46:21.0517 6756  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:46:21.0547 6756  cvhsvc - ok
17:46:21.0587 6756  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:46:21.0627 6756  DcomLaunch - ok
17:46:21.0657 6756  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
17:46:21.0697 6756  defragsvc - ok
17:46:21.0737 6756  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:46:21.0767 6756  DfsC - ok
17:46:21.0797 6756  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:46:21.0837 6756  Dhcp - ok
17:46:21.0847 6756  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:46:21.0887 6756  discache - ok
17:46:21.0907 6756  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
17:46:21.0917 6756  Disk - ok
17:46:21.0967 6756  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:46:21.0977 6756  Dnscache - ok
17:46:22.0017 6756  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
17:46:22.0067 6756  dot3svc - ok
17:46:22.0087 6756  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
17:46:22.0127 6756  DPS - ok
17:46:22.0187 6756  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
17:46:22.0197 6756  drmkaud - ok
17:46:22.0287 6756  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
17:46:22.0317 6756  DXGKrnl - ok
17:46:22.0357 6756  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
17:46:22.0397 6756  EapHost - ok
17:46:22.0547 6756  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\drivers\evbda.sys
17:46:22.0607 6756  ebdrv - ok
17:46:22.0667 6756  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
17:46:22.0687 6756  EFS - ok
17:46:22.0827 6756  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
17:46:22.0857 6756  ehRecvr - ok
17:46:22.0887 6756  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
17:46:22.0907 6756  ehSched - ok
17:46:22.0937 6756  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
17:46:22.0967 6756  elxstor - ok
17:46:22.0997 6756  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:46:23.0007 6756  ErrDev - ok
17:46:23.0077 6756  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
17:46:23.0137 6756  EventSystem - ok
17:46:23.0177 6756  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
17:46:23.0217 6756  exfat - ok
17:46:23.0247 6756  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
17:46:23.0287 6756  fastfat - ok
17:46:23.0337 6756  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
17:46:23.0377 6756  Fax - ok
17:46:23.0397 6756  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\drivers\fdc.sys
17:46:23.0417 6756  fdc - ok
17:46:23.0437 6756  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
17:46:23.0477 6756  fdPHost - ok
17:46:23.0497 6756  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:46:23.0537 6756  FDResPub - ok
17:46:23.0587 6756  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:46:23.0597 6756  FileInfo - ok
17:46:23.0617 6756  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
17:46:23.0657 6756  Filetrace - ok
17:46:23.0687 6756  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:46:23.0717 6756  flpydisk - ok
17:46:23.0747 6756  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:46:23.0767 6756  FltMgr - ok
17:46:23.0847 6756  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache      C:\Windows\system32\FntCache.dll
17:46:23.0887 6756  FontCache - ok
17:46:23.0957 6756  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:46:23.0987 6756  FontCache3.0.0.0 - ok
17:46:24.0027 6756  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
17:46:24.0037 6756  FsDepends - ok
17:46:24.0077 6756  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:46:24.0087 6756  Fs_Rec - ok
17:46:24.0117 6756  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:46:24.0137 6756  fvevol - ok
17:46:24.0167 6756  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:46:24.0187 6756  gagp30kx - ok
17:46:24.0247 6756  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:46:24.0267 6756  GamesAppService - ok
17:46:24.0337 6756  [ A4198F2BD8AA592CB90476277A81B5E1 ] ggflt          C:\Windows\system32\DRIVERS\ggflt.sys
17:46:24.0357 6756  ggflt - ok
17:46:24.0377 6756  [ D266350BDAAB9EB6C1AEC370EEAAFF3A ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
17:46:24.0387 6756  ggsemc - ok
17:46:24.0437 6756  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
17:46:24.0487 6756  gpsvc - ok
17:46:24.0517 6756  [ C1B577B2169900F4CF7190C39F085794 ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:46:24.0537 6756  gusvc - ok
17:46:24.0567 6756  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:46:24.0577 6756  hcw85cir - ok
17:46:24.0597 6756  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:46:24.0617 6756  HdAudAddService - ok
17:46:24.0647 6756  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:46:24.0667 6756  HDAudBus - ok
17:46:24.0687 6756  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
17:46:24.0697 6756  HidBatt - ok
17:46:24.0737 6756  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:46:24.0777 6756  HidBth - ok
17:46:24.0807 6756  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\drivers\hidir.sys
17:46:24.0817 6756  HidIr - ok
17:46:24.0857 6756  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
17:46:24.0887 6756  hidserv - ok
17:46:24.0907 6756  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:46:24.0917 6756  HidUsb - ok
17:46:24.0967 6756  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:46:24.0997 6756  hkmsvc - ok
17:46:25.0047 6756  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:46:25.0067 6756  HomeGroupListener - ok
17:46:25.0097 6756  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:46:25.0137 6756  HomeGroupProvider - ok
17:46:25.0247 6756  [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:46:25.0267 6756  HP Support Assistant Service - ok
17:46:25.0327 6756  [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:46:25.0347 6756  HPClientSvc - ok
17:46:25.0457 6756  [ 02CE63D8DD5E6DD5CEFF336191C0859E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:46:25.0477 6756  HPDrvMntSvc.exe - ok
17:46:25.0647 6756  [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:46:25.0667 6756  hpqcxs08 - ok
17:46:25.0687 6756  [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:46:25.0697 6756  hpqddsvc - ok
17:46:25.0767 6756  [ E7C7829BA0395E48F8C8FE16B8832344 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:46:25.0807 6756  hpqwmiex - ok
17:46:25.0827 6756  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:46:25.0837 6756  HpSAMD - ok
17:46:25.0907 6756  [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:46:25.0927 6756  HPWMISVC - ok
17:46:25.0967 6756  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:46:26.0027 6756  HTTP - ok
17:46:26.0047 6756  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:46:26.0057 6756  hwpolicy - ok
17:46:26.0087 6756  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:46:26.0107 6756  i8042prt - ok
17:46:26.0147 6756  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
17:46:26.0167 6756  iaStorV - ok
17:46:26.0287 6756  [ 2C3CC41FEFCB77E2826886E6B7EF93AE ] IconMan_R      C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
17:46:26.0337 6756  IconMan_R - ok
17:46:26.0427 6756  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows

Cellar Door 18.10.2012 16:53
Part 2

Code:
Communication Foundation\infocard.exe
17:46:26.0457 6756  idsvc - ok
17:46:26.0477 6756  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
17:46:26.0497 6756  iirsp - ok
17:46:26.0547 6756  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:46:26.0597 6756  IKEEXT - ok
17:46:26.0627 6756  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:46:26.0647 6756  intelide - ok
17:46:26.0687 6756  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
17:46:26.0697 6756  intelppm - ok
17:46:26.0737 6756  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
17:46:26.0777 6756  IPBusEnum - ok
17:46:26.0787 6756  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:46:26.0827 6756  IpFilterDriver - ok
17:46:26.0887 6756  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:46:26.0937 6756  iphlpsvc - ok
17:46:26.0977 6756  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
17:46:26.0987 6756  IPMIDRV - ok
17:46:27.0007 6756  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
17:46:27.0047 6756  IPNAT - ok
17:46:27.0097 6756  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:46:27.0107 6756  IRENUM - ok
17:46:27.0137 6756  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:46:27.0147 6756  isapnp - ok
17:46:27.0197 6756  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:46:27.0217 6756  iScsiPrt - ok
17:46:27.0257 6756  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:46:27.0287 6756  kbdclass - ok
17:46:27.0307 6756  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:46:27.0317 6756  kbdhid - ok
17:46:27.0327 6756  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:46:27.0337 6756  KeyIso - ok
17:46:27.0417 6756  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:46:27.0447 6756  KSecDD - ok
17:46:27.0477 6756  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
17:46:27.0497 6756  KSecPkg - ok
17:46:27.0527 6756  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
17:46:27.0567 6756  ksthunk - ok
17:46:27.0617 6756  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
17:46:27.0677 6756  KtmRm - ok
17:46:27.0717 6756  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:46:27.0757 6756  LanmanServer - ok
17:46:27.0787 6756  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:46:27.0827 6756  LanmanWorkstation - ok
17:46:27.0857 6756  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:46:27.0897 6756  lltdio - ok
17:46:27.0917 6756  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
17:46:27.0967 6756  lltdsvc - ok
17:46:27.0977 6756  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
17:46:28.0017 6756  lmhosts - ok
17:46:28.0047 6756  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:46:28.0057 6756  LSI_FC - ok
17:46:28.0077 6756  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
17:46:28.0087 6756  LSI_SAS - ok
17:46:28.0137 6756  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:46:28.0147 6756  LSI_SAS2 - ok
17:46:28.0157 6756  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:46:28.0177 6756  LSI_SCSI - ok
17:46:28.0197 6756  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
17:46:28.0247 6756  luafv - ok
17:46:28.0287 6756  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
17:46:28.0297 6756  MBAMProtector - ok
17:46:28.0337 6756  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:46:28.0347 6756  MBAMScheduler - ok
17:46:28.0367 6756  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:46:28.0387 6756  MBAMService - ok
17:46:28.0447 6756  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
17:46:28.0467 6756  Mcx2Svc - ok
17:46:28.0497 6756  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\drivers\megasas.sys
17:46:28.0517 6756  megasas - ok
17:46:28.0587 6756  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:46:28.0637 6756  MegaSR - ok
17:46:28.0707 6756  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
17:46:28.0767 6756  MMCSS - ok
17:46:28.0817 6756  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
17:46:28.0867 6756  Modem - ok
17:46:28.0907 6756  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
17:46:28.0917 6756  monitor - ok
17:46:28.0957 6756  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:46:28.0967 6756  mouclass - ok
17:46:29.0027 6756  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
17:46:29.0037 6756  mouhid - ok
17:46:29.0067 6756  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:46:29.0087 6756  mountmgr - ok
17:46:29.0137 6756  [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:46:29.0167 6756  MozillaMaintenance - ok
17:46:29.0207 6756  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:46:29.0227 6756  mpio - ok
17:46:29.0247 6756  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:46:29.0287 6756  mpsdrv - ok
17:46:29.0317 6756  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:46:29.0367 6756  MpsSvc - ok
17:46:29.0407 6756  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:46:29.0427 6756  MRxDAV - ok
17:46:29.0477 6756  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:46:29.0497 6756  mrxsmb - ok
17:46:29.0547 6756  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:46:29.0567 6756  mrxsmb10 - ok
17:46:29.0607 6756  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:46:29.0637 6756  mrxsmb20 - ok
17:46:29.0677 6756  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:46:29.0697 6756  msahci - ok
17:46:29.0727 6756  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
17:46:29.0747 6756  msdsm - ok
17:46:29.0777 6756  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
17:46:29.0797 6756  MSDTC - ok
17:46:29.0837 6756  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:46:29.0877 6756  Msfs - ok
17:46:29.0897 6756  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
17:46:29.0937 6756  mshidkmdf - ok
17:46:29.0987 6756  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:46:30.0017 6756  msisadrv - ok
17:46:30.0057 6756  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
17:46:30.0097 6756  MSiSCSI - ok
17:46:30.0097 6756  msiserver - ok
17:46:30.0157 6756  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
17:46:30.0187 6756  MSKSSRV - ok
17:46:30.0207 6756  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:46:30.0247 6756  MSPCLOCK - ok
17:46:30.0257 6756  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
17:46:30.0297 6756  MSPQM - ok
17:46:30.0347 6756  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
17:46:30.0367 6756  MsRPC - ok
17:46:30.0407 6756  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:46:30.0417 6756  mssmbios - ok
17:46:30.0447 6756  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
17:46:30.0487 6756  MSTEE - ok
17:46:30.0507 6756  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:46:30.0517 6756  MTConfig - ok
17:46:30.0537 6756  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
17:46:30.0547 6756  Mup - ok
17:46:30.0617 6756  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:46:30.0687 6756  napagent - ok
17:46:30.0747 6756  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
17:46:30.0777 6756  NativeWifiP - ok
17:46:30.0927 6756  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:46:30.0967 6756  NDIS - ok
17:46:30.0987 6756  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
17:46:31.0027 6756  NdisCap - ok
17:46:31.0077 6756  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:46:31.0127 6756  NdisTapi - ok
17:46:31.0147 6756  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
17:46:31.0177 6756  Ndisuio - ok
17:46:31.0227 6756  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
17:46:31.0277 6756  NdisWan - ok
17:46:31.0457 6756  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
17:46:31.0507 6756  NDProxy - ok
17:46:31.0777 6756  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
17:46:31.0817 6756  NetBIOS - ok
17:46:31.0847 6756  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
17:46:31.0887 6756  NetBT - ok
17:46:31.0907 6756  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:46:31.0917 6756  Netlogon - ok
17:46:32.0007 6756  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:46:32.0067 6756  Netman - ok
17:46:32.0187 6756  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:32.0217 6756  NetMsmqActivator - ok
17:46:32.0247 6756  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:32.0267 6756  NetPipeActivator - ok
17:46:32.0397 6756  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:46:32.0467 6756  netprofm - ok
17:46:32.0507 6756  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:32.0517 6756  NetTcpActivator - ok
17:46:32.0557 6756  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:32.0567 6756  NetTcpPortSharing - ok
17:46:32.0607 6756  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
17:46:32.0617 6756  nfrd960 - ok
17:46:32.0717 6756  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:46:32.0777 6756  NlaSvc - ok
17:46:32.0817 6756  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:46:32.0867 6756  Npfs - ok
17:46:32.0887 6756  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
17:46:32.0927 6756  nsi - ok
17:46:32.0947 6756  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:46:32.0987 6756  nsiproxy - ok
17:46:33.0097 6756  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:46:33.0147 6756  Ntfs - ok
17:46:33.0177 6756  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:46:33.0217 6756  Null - ok
17:46:33.0247 6756  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
17:46:33.0267 6756  NVENETFD - ok
17:46:33.0287 6756  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:46:33.0307 6756  nvraid - ok
17:46:33.0327 6756  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:46:33.0347 6756  nvstor - ok
17:46:33.0367 6756  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:46:33.0377 6756  nv_agp - ok
17:46:33.0427 6756  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:46:33.0447 6756  ohci1394 - ok
17:46:33.0487 6756  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:46:33.0507 6756  ose - ok
17:46:33.0767 6756  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:46:33.0867 6756  osppsvc - ok
17:46:33.0917 6756  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:46:33.0937 6756  p2pimsvc - ok
17:46:33.0967 6756  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:46:33.0987 6756  p2psvc - ok
17:46:34.0027 6756  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\drivers\parport.sys
17:46:34.0047 6756  Parport - ok
17:46:34.0077 6756  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
17:46:34.0087 6756  partmgr - ok
17:46:34.0137 6756  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:46:34.0157 6756  PcaSvc - ok
17:46:34.0217 6756  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
17:46:34.0227 6756  pci - ok
17:46:34.0267 6756  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:46:34.0277 6756  pciide - ok
17:46:34.0337 6756  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:46:34.0357 6756  pcmcia - ok
17:46:34.0397 6756  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
17:46:34.0407 6756  pcw - ok
17:46:34.0437 6756  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:46:34.0487 6756  PEAUTH - ok
17:46:34.0817 6756  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:46:34.0837 6756  PerfHost - ok
17:46:35.0037 6756  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
17:46:35.0117 6756  pla - ok
17:46:35.0157 6756  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:46:35.0197 6756  PlugPlay - ok
17:46:35.0227 6756  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
17:46:35.0237 6756  PNRPAutoReg - ok
17:46:35.0257 6756  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
17:46:35.0277 6756  PNRPsvc - ok
17:46:35.0337 6756  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
17:46:35.0397 6756  PolicyAgent - ok
17:46:35.0427 6756  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
17:46:35.0477 6756  Power - ok
17:46:35.0527 6756  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:46:35.0577 6756  PptpMiniport - ok
17:46:35.0627 6756  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\drivers\processr.sys
17:46:35.0637 6756  Processor - ok
17:46:35.0727 6756  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
17:46:35.0757 6756  ProfSvc - ok
17:46:35.0777 6756  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:46:35.0787 6756  ProtectedStorage - ok
17:46:35.0807 6756  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:46:35.0847 6756  Psched - ok
17:46:35.0927 6756  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:46:35.0977 6756  ql2300 - ok
17:46:36.0037 6756  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:46:36.0047 6756  ql40xx - ok
17:46:36.0077 6756  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
17:46:36.0097 6756  QWAVE - ok
17:46:36.0137 6756  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:46:36.0157 6756  QWAVEdrv - ok
17:46:36.0177 6756  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:46:36.0207 6756  RasAcd - ok
17:46:36.0257 6756  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
17:46:36.0297 6756  RasAgileVpn - ok
17:46:36.0317 6756  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
17:46:36.0367 6756  RasAuto - ok
17:46:36.0387 6756  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
17:46:36.0427 6756  Rasl2tp - ok
17:46:36.0467 6756  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:46:36.0507 6756  RasMan - ok
17:46:36.0537 6756  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:46:36.0577 6756  RasPppoe - ok
17:46:36.0617 6756  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
17:46:36.0657 6756  RasSstp - ok
17:46:36.0707 6756  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
17:46:36.0747 6756  rdbss - ok
17:46:36.0777 6756  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
17:46:36.0787 6756  rdpbus - ok
17:46:36.0817 6756  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:46:36.0857 6756  RDPCDD - ok
17:46:36.0897 6756  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:46:36.0937 6756  RDPENCDD - ok
17:46:36.0957 6756  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:46:36.0997 6756  RDPREFMP - ok
17:46:37.0037 6756  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
17:46:37.0057 6756  RDPWD - ok
17:46:37.0097 6756  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:46:37.0107 6756  rdyboost - ok
17:46:37.0157 6756  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:46:37.0197 6756  RemoteAccess - ok
17:46:37.0307 6756  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:46:37.0367 6756  RemoteRegistry - ok
17:46:37.0407 6756  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:46:37.0457 6756  RpcEptMapper - ok
17:46:37.0517 6756  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:46:37.0527 6756  RpcLocator - ok
17:46:37.0577 6756  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
17:46:37.0617 6756  RpcSs - ok
17:46:37.0687 6756  [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
17:46:37.0707 6756  RSPCIESTOR - ok
17:46:37.0737 6756  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:46:37.0777 6756  rspndr - ok
17:46:37.0817 6756  [ A73ED14670220307874AD6BC2F279349 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
17:46:37.0837 6756  RTL8167 - ok
17:46:37.0937 6756  [ 507B708A731DED6B992E3F664A93288B ] RTL8192Ce      C:\Windows\system32\DRIVERS\rtl8192Ce.sys
17:46:37.0997 6756  RTL8192Ce - ok
17:46:38.0037 6756  [ 0031DD0C5D4446DA0A3E02617DC6D642 ] s1039bus        C:\Windows\system32\DRIVERS\s1039bus.sys
17:46:38.0047 6756  s1039bus - ok
17:46:38.0087 6756  [ 98C7DBE2290D8CB0235E9528F6A1A53D ] s1039mdfl      C:\Windows\system32\DRIVERS\s1039mdfl.sys
17:46:38.0097 6756  s1039mdfl - ok
17:46:38.0167 6756  [ 7EF052A067D862ECD2A2335914611074 ] s1039mdm        C:\Windows\system32\DRIVERS\s1039mdm.sys
17:46:38.0197 6756  s1039mdm - ok
17:46:38.0257 6756  [ BCC3F31F1FE1E78A5BA2CD6A0E44BA64 ] s1039mgmt      C:\Windows\system32\DRIVERS\s1039mgmt.sys
17:46:38.0267 6756  s1039mgmt - ok
17:46:38.0297 6756  [ A0CF11BFFA41176CCD54E701CEB68921 ] s1039nd5        C:\Windows\system32\DRIVERS\s1039nd5.sys
17:46:38.0307 6756  s1039nd5 - ok
17:46:38.0317 6756  [ BD2DA968C5DCEF51BA8014FBAC7A0B6A ] s1039obex      C:\Windows\system32\DRIVERS\s1039obex.sys
17:46:38.0337 6756  s1039obex - ok
17:46:38.0347 6756  [ 96B4051B65C1974258A8A33A03C0B082 ] s1039unic      C:\Windows\system32\DRIVERS\s1039unic.sys
17:46:38.0367 6756  s1039unic - ok
17:46:38.0387 6756  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
17:46:38.0397 6756  SamSs - ok
17:46:38.0417 6756  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:46:38.0437 6756  sbp2port - ok
17:46:38.0467 6756  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:46:38.0507 6756  SCardSvr - ok
17:46:38.0537 6756  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:46:38.0577 6756  scfilter - ok
17:46:38.0627 6756  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:46:38.0677 6756  Schedule - ok
17:46:38.0717 6756  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
17:46:38.0747 6756  SCPolicySvc - ok
17:46:38.0777 6756  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus          C:\Windows\system32\DRIVERS\sdbus.sys
17:46:38.0797 6756  sdbus - ok
17:46:38.0827 6756  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:46:38.0837 6756  SDRSVC - ok
17:46:38.0877 6756  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:46:38.0907 6756  secdrv - ok
17:46:38.0927 6756  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:46:38.0967 6756  seclogon - ok
17:46:38.0987 6756  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:46:39.0027 6756  SENS - ok
17:46:39.0037 6756  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:46:39.0047 6756  SensrSvc - ok
17:46:39.0067 6756  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\drivers\serenum.sys
17:46:39.0077 6756  Serenum - ok
17:46:39.0097 6756  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
17:46:39.0107 6756  Serial - ok
17:46:39.0147 6756  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:46:39.0157 6756  sermouse - ok
17:46:39.0197 6756  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:46:39.0237 6756  SessionEnv - ok
17:46:39.0257 6756  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
17:46:39.0267 6756  sffdisk - ok
17:46:39.0287 6756  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:46:39.0307 6756  sffp_mmc - ok
17:46:39.0337 6756  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
17:46:39.0357 6756  sffp_sd - ok
17:46:39.0387 6756  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
17:46:39.0397 6756  sfloppy - ok
17:46:39.0457 6756  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs          C:\Windows\system32\DRIVERS\Sftfslh.sys
17:46:39.0487 6756  Sftfs - ok
17:46:39.0537 6756  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist        C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:46:39.0577 6756  sftlist - ok
17:46:39.0597 6756  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay        C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:46:39.0617 6756  Sftplay - ok
17:46:39.0657 6756  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:46:39.0667 6756  Sftredir - ok
17:46:39.0687 6756  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
17:46:39.0697 6756  Sftvol - ok
17:46:39.0717 6756  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:46:39.0737 6756  sftvsa - ok
17:46:39.0767 6756  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:46:39.0817 6756  SharedAccess - ok
17:46:39.0857 6756  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:46:39.0907 6756  ShellHWDetection - ok
17:46:39.0937 6756  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:46:39.0947 6756  SiSRaid2 - ok
17:46:39.0987 6756  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:46:39.0997 6756  SiSRaid4 - ok
17:46:40.0027 6756  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
17:46:40.0067 6756  Smb - ok
17:46:40.0097 6756  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:46:40.0117 6756  SNMPTRAP - ok
17:46:40.0157 6756  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
17:46:40.0167 6756  spldr - ok
17:46:40.0217 6756  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
17:46:40.0237 6756  Spooler - ok
17:46:40.0367 6756  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:46:40.0457 6756  sppsvc - ok
17:46:40.0487 6756  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
17:46:40.0537 6756  sppuinotify - ok
17:46:40.0577 6756  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
17:46:40.0597 6756  srv - ok
17:46:40.0617 6756  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:46:40.0627 6756  srv2 - ok
17:46:40.0687 6756  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA      C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:46:40.0717 6756  SrvHsfHDA - ok
17:46:40.0787 6756  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92      C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:46:40.0827 6756  SrvHsfV92 - ok
17:46:40.0867 6756  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac    C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:46:40.0887 6756  SrvHsfWinac - ok
17:46:40.0907 6756  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:46:40.0927 6756  srvnet - ok
17:46:40.0967 6756  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
17:46:41.0007 6756  SSDPSRV - ok
17:46:41.0047 6756  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
17:46:41.0087 6756  SstpSvc - ok
17:46:41.0177 6756  [ 293A556E04F815477AE93E07B35065E6 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
17:46:41.0197 6756  STacSV - ok
17:46:41.0217 6756  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:46:41.0227 6756  stexstor - ok
17:46:41.0267 6756  [ AA3C0336514C239A171F00A6902B59B8 ] STHDA          C:\Windows\system32\DRIVERS\stwrt64.sys
17:46:41.0287 6756  STHDA - ok
17:46:41.0337 6756  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
17:46:41.0357 6756  StillCam - ok
17:46:41.0427 6756  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:46:41.0467 6756  stisvc - ok
17:46:41.0527 6756  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:46:41.0547 6756  swenum - ok
17:46:41.0617 6756  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
17:46:41.0677 6756  swprv - ok
17:46:41.0747 6756  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
17:46:41.0777 6756  SynTP - ok
17:46:41.0897 6756  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
17:46:41.0937 6756  SysMain - ok
17:46:42.0007 6756  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:46:42.0037 6756  TabletInputService - ok
17:46:42.0107 6756  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
17:46:42.0167 6756  TapiSrv - ok
17:46:42.0227 6756  [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd          C:\Windows\system32\drivers\tbhsd.sys
17:46:42.0247 6756  tbhsd - ok
17:46:42.0307 6756  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
17:46:42.0347 6756  TBS - ok
17:46:42.0437 6756  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
17:46:42.0487 6756  Tcpip - ok
17:46:42.0567 6756  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:46:42.0617 6756  TCPIP6 - ok
17:46:42.0657 6756  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:46:42.0687 6756  tcpipreg - ok
17:46:42.0707 6756  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:46:42.0727 6756  TDPIPE - ok
17:46:42.0767 6756  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
17:46:42.0797 6756  TDTCP - ok
17:46:42.0857 6756  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
17:46:42.0917 6756  tdx - ok
17:46:42.0947 6756  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:46:42.0957 6756  TermDD - ok
17:46:43.0037 6756  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
17:46:43.0097 6756  TermService - ok
17:46:43.0137 6756  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:46:43.0167 6756  Themes - ok
17:46:43.0217 6756  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
17:46:43.0257 6756  THREADORDER - ok
17:46:43.0307 6756  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:46:43.0347 6756  TrkWks - ok
17:46:43.0427 6756  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:46:43.0477 6756  TrustedInstaller - ok
17:46:43.0527 6756  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:46:43.0577 6756  tssecsrv - ok
17:46:43.0597 6756  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:46:43.0607 6756  TsUsbFlt - ok
17:46:43.0657 6756  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
17:46:43.0687 6756  TsUsbGD - ok
17:46:43.0697 6756  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:46:43.0737 6756  tunnel - ok
17:46:43.0787 6756  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:46:43.0797 6756  uagp35 - ok
17:46:43.0837 6756  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:46:43.0877 6756  udfs - ok
17:46:43.0907 6756  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
17:46:43.0917 6756  UI0Detect - ok
17:46:43.0927 6756  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:46:43.0947 6756  uliagpkx - ok
17:46:43.0977 6756  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
17:46:43.0997 6756  umbus - ok
17:46:44.0007 6756  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:46:44.0017 6756  UmPass - ok
17:46:44.0057 6756  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:46:44.0107 6756  upnphost - ok
17:46:44.0147 6756  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
17:46:44.0157 6756  usbccgp - ok
17:46:44.0197 6756  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:46:44.0217 6756  usbcir - ok
17:46:44.0247 6756  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
17:46:44.0267 6756  usbehci - ok
17:46:44.0307 6756  [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter      C:\Windows\system32\DRIVERS\usbfilter.sys
17:46:44.0317 6756  usbfilter - ok
17:46:44.0347 6756  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:46:44.0367 6756  usbhub - ok
17:46:44.0417 6756  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
17:46:44.0427 6756  usbohci - ok
17:46:44.0457 6756  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
17:46:44.0477 6756  usbprint - ok
17:46:44.0547 6756  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:46:44.0557 6756  USBSTOR - ok
17:46:44.0597 6756  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
17:46:44.0617 6756  usbuhci - ok
17:46:44.0657 6756  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
17:46:44.0697 6756  usbvideo - ok
17:46:44.0737 6756  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
17:46:44.0757 6756  usb_rndisx - ok
17:46:44.0797 6756  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
17:46:44.0857 6756  UxSms - ok
17:46:44.0877 6756  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:46:44.0887 6756  VaultSvc - ok
17:46:44.0897 6756  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:46:44.0907 6756  vdrvroot - ok
17:46:44.0957 6756  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
17:46:45.0007 6756  vds - ok
17:46:45.0057 6756  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
17:46:45.0077 6756  vga - ok
17:46:45.0097 6756  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
17:46:45.0127 6756  VgaSave - ok
17:46:45.0167 6756  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
17:46:45.0187 6756  vhdmp - ok
17:46:45.0217 6756  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:46:45.0237 6756  viaide - ok
17:46:45.0257 6756  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:46:45.0277 6756  volmgr - ok
17:46:45.0327 6756  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
17:46:45.0347 6756  volmgrx - ok
17:46:45.0437 6756  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
17:46:45.0467 6756  volsnap - ok
17:46:45.0507 6756  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
17:46:45.0517 6756  vsmraid - ok
17:46:45.0597 6756  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
17:46:45.0657 6756  VSS - ok
17:46:45.0757 6756  [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
17:46:45.0787 6756  vToolbarUpdater12.2.6 - ok
17:46:45.0857 6756  [ F117D00BBB401C61CE3E9F3B846D0821 ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
17:46:45.0897 6756  vToolbarUpdater13.2.0 - ok
17:46:45.0907 6756  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:46:45.0927 6756  vwifibus - ok
17:46:45.0967 6756  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:46:45.0987 6756  vwififlt - ok
17:46:46.0037 6756  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
17:46:46.0087 6756  W32Time - ok
17:46:46.0147 6756  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:46:46.0177 6756  WacomPen - ok
17:46:46.0207 6756  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:46:46.0247 6756  WANARP - ok
17:46:46.0257 6756  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:46:46.0297 6756  Wanarpv6 - ok
17:46:46.0387 6756  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:46:46.0417 6756  wbengine - ok
17:46:46.0447 6756  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:46:46.0467 6756  WbioSrvc - ok
17:46:46.0507 6756  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
17:46:46.0537 6756  wcncsvc - ok
17:46:46.0577 6756  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:46:46.0587 6756  WcsPlugInService - ok
17:46:46.0637 6756  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
17:46:46.0647 6756  Wd - ok
17:46:46.0697 6756  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:46:46.0717 6756  Wdf01000 - ok
17:46:46.0757 6756  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:46:46.0777 6756  WdiServiceHost - ok
17:46:46.0787 6756  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
17:46:46.0807 6756  WdiSystemHost - ok
17:46:46.0827 6756  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
17:46:46.0857 6756  WebClient - ok
17:46:46.0887 6756  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:46:46.0927 6756  Wecsvc - ok
17:46:46.0957 6756  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
17:46:47.0007 6756  wercplsupport - ok
17:46:47.0027 6756  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:46:47.0067 6756  WerSvc - ok
17:46:47.0077 6756  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:46:47.0117 6756  WfpLwf - ok
17:46:47.0137 6756  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:46:47.0147 6756  WIMMount - ok
17:46:47.0177 6756  WinDefend - ok
17:46:47.0177 6756  WinHttpAutoProxySvc - ok
17:46:47.0247 6756  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
17:46:47.0307 6756  Winmgmt - ok
17:46:47.0357 6756  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
17:46:47.0427 6756  WinRM - ok
17:46:47.0457 6756  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:46:47.0477 6756  WinUsb - ok
17:46:47.0507 6756  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
17:46:47.0537 6756  Wlansvc - ok
17:46:47.0567 6756  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:46:47.0597 6756  wlcrasvc - ok
17:46:47.0767 6756  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:46:47.0827 6756  wlidsvc - ok
17:46:47.0857 6756  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
17:46:47.0877 6756  WmiAcpi - ok
17:46:47.0947 6756  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:46:47.0967 6756  wmiApSrv - ok
17:46:48.0017 6756  WMPNetworkSvc - ok
17:46:48.0067 6756  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:46:48.0087 6756  WPCSvc - ok
17:46:48.0097 6756  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:46:48.0107 6756  WPDBusEnum - ok
17:46:48.0167 6756  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
17:46:48.0207 6756  ws2ifsl - ok
17:46:48.0237 6756  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:46:48.0257 6756  wscsvc - ok
17:46:48.0327 6756  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
17:46:48.0357 6756  WSDPrintDevice - ok
17:46:48.0367 6756  WSearch - ok
17:46:48.0527 6756  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:46:48.0587 6756  wuauserv - ok
17:46:48.0617 6756  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:46:48.0657 6756  WudfPf - ok
17:46:48.0677 6756  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:46:48.0717 6756  WUDFRd - ok
17:46:48.0757 6756  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
17:46:48.0797 6756  wudfsvc - ok
17:46:48.0847 6756  [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc        C:\Windows\System32\wwansvc.dll
17:46:48.0877 6756  WwanSvc - ok
17:46:48.0897 6756  ================ Scan global ===============================
17:46:48.0917 6756  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:46:48.0977 6756  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:46:48.0987 6756  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:46:49.0037 6756  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:46:49.0087 6756  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:46:49.0087 6756  [Global] - ok
17:46:49.0087 6756  ================ Scan MBR ==================================
17:46:49.0107 6756  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:46:51.0537 6756  \Device\Harddisk0\DR0 - ok
17:46:51.0537 6756  ================ Scan VBR ==================================
17:46:51.0557 6756  [ 36CA5B3828452A54C26591083E50DAEA ] \Device\Harddisk0\DR0\Partition1
17:46:51.0577 6756  \Device\Harddisk0\DR0\Partition1 - ok
17:46:51.0587 6756  [ A31ECB611B7EB1CE3426DBE05B5C864E ] \Device\Harddisk0\DR0\Partition2
17:46:51.0627 6756  \Device\Harddisk0\DR0\Partition2 - ok
17:46:51.0657 6756  [ E8C8D218B33D85140C04804829E23F62 ] \Device\Harddisk0\DR0\Partition3
17:46:51.0707 6756  \Device\Harddisk0\DR0\Partition3 - ok
17:46:51.0747 6756  [ 7D1A8692A9F14A8006184433C8AE8FDC ] \Device\Harddisk0\DR0\Partition4
17:46:51.0787 6756  \Device\Harddisk0\DR0\Partition4 - ok
17:46:51.0797 6756  ============================================================
17:46:51.0797 6756  Scan finished
17:46:51.0797 6756  ============================================================
17:46:51.0817 6800  Detected object count: 0
17:46:51.0817 6800  Actual detected object count: 0

cosinus 18.10.2012 19:20
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Cellar Door 18.10.2012 21:02
Log ComboFix

Code:
ComboFix 12-10-18.03 - Natalie 18.10.2012  20:29:38.1.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.5611.3907 [GMT 2:00]
ausgeführt von:: c:\users\Natalie\Downloads\ComboFix.exe
AV: AVG Anti-Virus 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Natalie\AppData\Local\assembly\tmp
c:\windows\SysWow64\DEBUG.log
c:\windows\UA000096.DLL
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-09-18 bis 2012-10-18  ))))))))))))))))))))))))))))))
.
.
2012-10-18 19:27 . 2012-10-18 19:27        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-10-17 21:16 . 2012-10-17 21:16        --------        d-----w-        C:\TDSSKiller_Quarantine
2012-10-17 17:54 . 2012-10-17 17:55        --------        d-----w-        c:\programdata\WinZip
2012-10-17 17:54 . 2012-10-17 17:54        --------        d-----w-        c:\program files\WinZip
2012-10-17 17:52 . 2012-10-17 17:52        --------        d-----w-        c:\users\Natalie\AppData\Local\AVG Secure Search
2012-10-17 17:52 . 2012-10-17 17:52        --------        d-----w-        c:\programdata\AVG Secure Search
2012-10-17 17:52 . 2012-10-18 15:39        --------        d-----w-        c:\program files (x86)\AVG Secure Search
2012-10-17 16:00 . 2012-10-17 16:00        --------        d-----w-        C:\_OTL
2012-10-14 15:25 . 2012-10-14 15:25        --------        d-----w-        c:\program files (x86)\ESET
2012-10-13 08:19 . 2012-10-13 08:19        --------        d-----w-        c:\users\Default\AppData\Roaming\TuneUp Software
2012-10-13 08:17 . 2012-10-13 08:17        --------        d-----w-        c:\users\Natalie\AppData\Roaming\Malwarebytes
2012-10-13 08:17 . 2012-10-13 08:17        --------        d-----w-        c:\programdata\Malwarebytes
2012-10-13 08:17 . 2012-10-13 08:17        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-13 08:17 . 2012-09-07 15:04        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-10-12 18:39 . 2012-10-12 18:39        --------        d-----w-        c:\users\Natalie\AppData\Local\Windows Live Writer
2012-10-12 18:39 . 2012-10-12 18:39        --------        d-----w-        c:\users\Natalie\AppData\Roaming\Windows Live Writer
2012-10-10 17:32 . 2012-08-31 18:19        1659760        ----a-w-        c:\windows\system32\drivers\ntfs.sys
2012-10-10 17:32 . 2012-08-30 18:03        5559664        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-10-10 17:32 . 2012-08-30 17:12        3914096        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2012-10-10 17:32 . 2012-08-30 17:12        3968880        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2012-10-10 17:32 . 2012-08-20 18:48        424448        ----a-w-        c:\windows\system32\KernelBase.dll
2012-10-10 17:32 . 2012-08-20 18:48        215040        ----a-w-        c:\windows\system32\winsrv.dll
2012-10-10 17:32 . 2012-08-20 18:48        1162240        ----a-w-        c:\windows\system32\kernel32.dll
2012-10-10 17:32 . 2012-08-20 18:46        338432        ----a-w-        c:\windows\system32\conhost.exe
2012-10-07 14:31 . 2012-10-07 14:31        --------        d-----w-        c:\users\Natalie\AppData\Local\Macromedia
2012-10-07 13:37 . 2012-10-07 13:37        --------        d-----w-        c:\users\Natalie\AppData\Local\Mozilla
2012-10-07 13:36 . 2012-10-13 09:18        --------        d-----w-        c:\program files (x86)\Mozilla Maintenance Service
2012-10-05 01:26 . 2012-10-05 01:26        111456        ----a-w-        c:\windows\system32\drivers\avgmfx64.sys
2012-10-04 10:32 . 2012-10-04 10:32        --------        d-----w-        c:\program files (x86)\Common Files\DVDVideoSoft
2012-10-03 18:52 . 2012-10-03 18:52        --------        d-----w-        c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers
2012-10-03 18:16 . 2012-10-03 18:16        --------        d-----w-        C:\adobeTemp
2012-10-03 10:15 . 2012-10-03 10:15        --------        d-----w-        c:\users\Natalie\AppData\Roaming\AVG2013
2012-10-03 10:12 . 2012-10-17 17:52        30568        ----a-w-        c:\windows\system32\drivers\avgtpx64.sys
2012-10-03 10:12 . 2012-10-17 17:52        --------        d-----w-        c:\program files (x86)\Common Files\AVG Secure Search
2012-10-03 10:10 . 2012-10-03 11:30        --------        d-----w-        c:\programdata\AVG2013
2012-10-03 10:10 . 2012-10-03 10:10        --------        d-----w-        C:\$AVG
2012-10-03 10:10 . 2012-10-03 10:10        --------        d-----w-        c:\program files (x86)\AVG
2012-10-03 10:05 . 2012-10-18 15:44        --------        d-----w-        c:\programdata\MFAData
2012-10-03 10:05 . 2012-10-03 10:19        --------        d-----w-        c:\users\Natalie\AppData\Local\Avg2013
2012-10-03 10:05 . 2012-10-03 10:05        --------        d-----w-        c:\users\Natalie\AppData\Local\MFAData
2012-10-02 23:59 . 2012-08-30 07:27        9308616        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{CCC41C60-73C5-4F3F-BFDC-65ADB8D210A4}\mpengine.dll
2012-10-02 01:30 . 2012-10-02 01:30        185696        ----a-w-        c:\windows\system32\drivers\avgldx64.sys
2012-09-26 07:00 . 2012-08-21 21:01        245760        ----a-w-        c:\windows\system32\OxpsConverter.exe
2012-09-23 10:52 . 2012-09-23 10:52        --------        d-----w-        c:\users\Natalie\AppData\Roaming\TuneUp Software
2012-09-23 10:52 . 2012-09-23 10:53        --------        d-----w-        c:\programdata\TuneUp Software
2012-09-23 10:52 . 2012-09-23 10:52        --------        d-sh--w-        c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-09-23 10:52 . 2012-09-23 10:52        --------        d--h--w-        c:\programdata\Common Files
2012-09-21 01:46 . 2012-09-21 01:46        200032        ----a-w-        c:\windows\system32\drivers\avgtdia.sys
2012-09-21 01:46 . 2012-09-21 01:46        225120        ----a-w-        c:\windows\system32\drivers\avgloga.sys
2012-09-21 01:45 . 2012-09-21 01:45        61792        ----a-w-        c:\windows\system32\drivers\avgidsha.sys
2012-09-20 17:52 . 2012-09-20 17:52        --------        d-----w-        c:\users\Natalie\AppData\Roaming\PlayFirst
2012-09-20 17:52 . 2012-09-20 17:52        --------        d-----w-        c:\programdata\PlayFirst
2012-09-20 17:51 . 2012-09-20 17:52        --------        d-----w-        c:\program files (x86)\Dream Chronicles - The Book of Air
2012-09-20 17:48 . 2012-09-20 17:48        --------        d-----w-        c:\programdata\Big Fish Games
2012-09-20 17:48 . 2012-09-20 17:48        --------        d-----w-        c:\program files (x86)\bfgclient
2012-09-20 17:46 . 2012-10-16 09:22        --------        d-----w-        C:\BigFishGamesCache
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 23:48 . 2012-02-20 12:12        65309168        ----a-w-        c:\windows\system32\MRT.exe
2012-10-09 17:14 . 2012-03-30 02:44        696760        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 17:14 . 2011-07-19 09:23        73656        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-21 09:22 . 2012-07-10 11:50        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-09-21 09:22 . 2012-07-10 11:50        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-09-14 01:05 . 2012-09-14 01:05        40800        ----a-w-        c:\windows\system32\drivers\avgrkx64.sys
2012-09-13 01:11 . 2012-09-13 01:11        151904        ----a-w-        c:\windows\system32\drivers\avgidsdrivera.sys
2012-08-31 09:23 . 2012-06-13 03:08        2295408        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-08-31 09:22 . 2012-06-13 03:08        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-08-22 18:12 . 2012-09-12 04:46        1913200        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 04:46        950128        ----a-w-        c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 04:46        376688        ----a-w-        c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 04:46        288624        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 17:38 . 2012-10-10 17:31        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 04:46        574464        ----a-w-        c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 04:46        490496        ----a-w-        c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-10-17 17:52        1792968        ----a-w-        c:\program files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll" [2012-10-17 1792968]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Facebook Update"="c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-05 336384]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-06-27 168504]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-06-13 336440]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-12-09 74752]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-10-10 3116152]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-10-17 993736]
"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-10-17 1020512]
.
c:\users\Natalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Natalie\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe [2012-9-25 247728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-10-02 5783672]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Services for Windows; [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-02-15 13352]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-13 115168]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-04-16 79488]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-04-16 40064]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-09-21 61792]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-09-13 151904]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-10-17 30568]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-06 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-05 365568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-02 193568]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-01-14 1751656]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-10-03 722528]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-10-17 711112]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-06 9359872]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-06 309760]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-13 333928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-05-18 1145448]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 63435553
*Deregistered* - 63435553
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:14]
.
2012-10-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001Core.job
- c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-13 15:16]
.
2012-10-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001UA.job
- c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-13 15:16]
.
2012-10-12 c:\windows\Tasks\HPCeeScheduleForNatalie.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-12-17 525312]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-06-27 42808]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Natalie\AppData\Roaming\Mozilla\Firefox\Profiles\ivcvr686.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.http - 87.98.136.60
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-10 21:12; stealthyextension@gmail.com; c:\users\Natalie\AppData\Roaming\Mozilla\Firefox\Profiles\ivcvr686.default\extensions\stealthyextension@gmail.com.xpi
FF - ExtSQL: 2012-10-17 19:52; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.1
FF - ExtSQL: !HIDDEN! 2012-02-16 10:23; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
Wow6432Node-HKLM-Run-ROC_ROC_NT - c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe
SafeBoot-65921644.sys
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-loadtbs-2.1 - c:\users\Natalie\AppData\Roaming\loadtbs\uninstall.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}\bm_installer.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.032"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.abr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ani"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.apd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.arw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bay"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.bmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.cr2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.crw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cs1"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cur"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.dcr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dib"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djv"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djvu"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.dng"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.emf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.eps"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.erf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fpx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.gif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.hdr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icl"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icn"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ilbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.int"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.inta"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iw4"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2c"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2k"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jbr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jfif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jp2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpe"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpeg"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpg"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpk"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.kdc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.lbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mos"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.mrw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.nef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.nrw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.orf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pct"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.pef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pgm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pic"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pict"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pix"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.png"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ppm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspbrush"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspimage"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.raf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ras"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.raw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgb"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgba"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rle"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rsb"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.rw2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rwl"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sgi"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.sr2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.srf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.tga"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.thm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.tif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.tiff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50po"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50pp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50ppf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wmf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-10-18  21:59:53
ComboFix-quarantined-files.txt  2012-10-18 19:59
.
Vor Suchlauf: 12 Verzeichnis(se), 364.693.229.568 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 364.565.950.464 Bytes frei
.
- - End Of File - - 9488C3C6C8BDDE6681DBD75AC042A686

cosinus 18.10.2012 21:16
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Cellar Door 18.10.2012 22:27
Log GMER

Code:
ComboFix 12-10-18.03 - Natalie 18.10.2012  20:29:38.1.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.5611.3907 [GMT 2:00]
ausgeführt von:: c:\users\Natalie\Downloads\ComboFix.exe
AV: AVG Anti-Virus 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Natalie\AppData\Local\assembly\tmp
c:\windows\SysWow64\DEBUG.log
c:\windows\UA000096.DLL
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-09-18 bis 2012-10-18  ))))))))))))))))))))))))))))))
.
.
2012-10-18 19:27 . 2012-10-18 19:27        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-10-17 21:16 . 2012-10-17 21:16        --------        d-----w-        C:\TDSSKiller_Quarantine
2012-10-17 17:54 . 2012-10-17 17:55        --------        d-----w-        c:\programdata\WinZip
2012-10-17 17:54 . 2012-10-17 17:54        --------        d-----w-        c:\program files\WinZip
2012-10-17 17:52 . 2012-10-17 17:52        --------        d-----w-        c:\users\Natalie\AppData\Local\AVG Secure Search
2012-10-17 17:52 . 2012-10-17 17:52        --------        d-----w-        c:\programdata\AVG Secure Search
2012-10-17 17:52 . 2012-10-18 15:39        --------        d-----w-        c:\program files (x86)\AVG Secure Search
2012-10-17 16:00 . 2012-10-17 16:00        --------        d-----w-        C:\_OTL
2012-10-14 15:25 . 2012-10-14 15:25        --------        d-----w-        c:\program files (x86)\ESET
2012-10-13 08:19 . 2012-10-13 08:19        --------        d-----w-        c:\users\Default\AppData\Roaming\TuneUp Software
2012-10-13 08:17 . 2012-10-13 08:17        --------        d-----w-        c:\users\Natalie\AppData\Roaming\Malwarebytes
2012-10-13 08:17 . 2012-10-13 08:17        --------        d-----w-        c:\programdata\Malwarebytes
2012-10-13 08:17 . 2012-10-13 08:17        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-13 08:17 . 2012-09-07 15:04        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-10-12 18:39 . 2012-10-12 18:39        --------        d-----w-        c:\users\Natalie\AppData\Local\Windows Live Writer
2012-10-12 18:39 . 2012-10-12 18:39        --------        d-----w-        c:\users\Natalie\AppData\Roaming\Windows Live Writer
2012-10-10 17:32 . 2012-08-31 18:19        1659760        ----a-w-        c:\windows\system32\drivers\ntfs.sys
2012-10-10 17:32 . 2012-08-30 18:03        5559664        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-10-10 17:32 . 2012-08-30 17:12        3914096        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2012-10-10 17:32 . 2012-08-30 17:12        3968880        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2012-10-10 17:32 . 2012-08-20 18:48        424448        ----a-w-        c:\windows\system32\KernelBase.dll
2012-10-10 17:32 . 2012-08-20 18:48        215040        ----a-w-        c:\windows\system32\winsrv.dll
2012-10-10 17:32 . 2012-08-20 18:48        1162240        ----a-w-        c:\windows\system32\kernel32.dll
2012-10-10 17:32 . 2012-08-20 18:46        338432        ----a-w-        c:\windows\system32\conhost.exe
2012-10-07 14:31 . 2012-10-07 14:31        --------        d-----w-        c:\users\Natalie\AppData\Local\Macromedia
2012-10-07 13:37 . 2012-10-07 13:37        --------        d-----w-        c:\users\Natalie\AppData\Local\Mozilla
2012-10-07 13:36 . 2012-10-13 09:18        --------        d-----w-        c:\program files (x86)\Mozilla Maintenance Service
2012-10-05 01:26 . 2012-10-05 01:26        111456        ----a-w-        c:\windows\system32\drivers\avgmfx64.sys
2012-10-04 10:32 . 2012-10-04 10:32        --------        d-----w-        c:\program files (x86)\Common Files\DVDVideoSoft
2012-10-03 18:52 . 2012-10-03 18:52        --------        d-----w-        c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers
2012-10-03 18:16 . 2012-10-03 18:16        --------        d-----w-        C:\adobeTemp
2012-10-03 10:15 . 2012-10-03 10:15        --------        d-----w-        c:\users\Natalie\AppData\Roaming\AVG2013
2012-10-03 10:12 . 2012-10-17 17:52        30568        ----a-w-        c:\windows\system32\drivers\avgtpx64.sys
2012-10-03 10:12 . 2012-10-17 17:52        --------        d-----w-        c:\program files (x86)\Common Files\AVG Secure Search
2012-10-03 10:10 . 2012-10-03 11:30        --------        d-----w-        c:\programdata\AVG2013
2012-10-03 10:10 . 2012-10-03 10:10        --------        d-----w-        C:\$AVG
2012-10-03 10:10 . 2012-10-03 10:10        --------        d-----w-        c:\program files (x86)\AVG
2012-10-03 10:05 . 2012-10-18 15:44        --------        d-----w-        c:\programdata\MFAData
2012-10-03 10:05 . 2012-10-03 10:19        --------        d-----w-        c:\users\Natalie\AppData\Local\Avg2013
2012-10-03 10:05 . 2012-10-03 10:05        --------        d-----w-        c:\users\Natalie\AppData\Local\MFAData
2012-10-02 23:59 . 2012-08-30 07:27        9308616        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{CCC41C60-73C5-4F3F-BFDC-65ADB8D210A4}\mpengine.dll
2012-10-02 01:30 . 2012-10-02 01:30        185696        ----a-w-        c:\windows\system32\drivers\avgldx64.sys
2012-09-26 07:00 . 2012-08-21 21:01        245760        ----a-w-        c:\windows\system32\OxpsConverter.exe
2012-09-23 10:52 . 2012-09-23 10:52        --------        d-----w-        c:\users\Natalie\AppData\Roaming\TuneUp Software
2012-09-23 10:52 . 2012-09-23 10:53        --------        d-----w-        c:\programdata\TuneUp Software
2012-09-23 10:52 . 2012-09-23 10:52        --------        d-sh--w-        c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-09-23 10:52 . 2012-09-23 10:52        --------        d--h--w-        c:\programdata\Common Files
2012-09-21 01:46 . 2012-09-21 01:46        200032        ----a-w-        c:\windows\system32\drivers\avgtdia.sys
2012-09-21 01:46 . 2012-09-21 01:46        225120        ----a-w-        c:\windows\system32\drivers\avgloga.sys
2012-09-21 01:45 . 2012-09-21 01:45        61792        ----a-w-        c:\windows\system32\drivers\avgidsha.sys
2012-09-20 17:52 . 2012-09-20 17:52        --------        d-----w-        c:\users\Natalie\AppData\Roaming\PlayFirst
2012-09-20 17:52 . 2012-09-20 17:52        --------        d-----w-        c:\programdata\PlayFirst
2012-09-20 17:51 . 2012-09-20 17:52        --------        d-----w-        c:\program files (x86)\Dream Chronicles - The Book of Air
2012-09-20 17:48 . 2012-09-20 17:48        --------        d-----w-        c:\programdata\Big Fish Games
2012-09-20 17:48 . 2012-09-20 17:48        --------        d-----w-        c:\program files (x86)\bfgclient
2012-09-20 17:46 . 2012-10-16 09:22        --------        d-----w-        C:\BigFishGamesCache
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 23:48 . 2012-02-20 12:12        65309168        ----a-w-        c:\windows\system32\MRT.exe
2012-10-09 17:14 . 2012-03-30 02:44        696760        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 17:14 . 2011-07-19 09:23        73656        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-21 09:22 . 2012-07-10 11:50        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-09-21 09:22 . 2012-07-10 11:50        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-09-14 01:05 . 2012-09-14 01:05        40800        ----a-w-        c:\windows\system32\drivers\avgrkx64.sys
2012-09-13 01:11 . 2012-09-13 01:11        151904        ----a-w-        c:\windows\system32\drivers\avgidsdrivera.sys
2012-08-31 09:23 . 2012-06-13 03:08        2295408        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-08-31 09:22 . 2012-06-13 03:08        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-08-22 18:12 . 2012-09-12 04:46        1913200        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 04:46        950128        ----a-w-        c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 04:46        376688        ----a-w-        c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 04:46        288624        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 17:38 . 2012-10-10 17:31        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 04:46        574464        ----a-w-        c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 04:46        490496        ----a-w-        c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-10-17 17:52        1792968        ----a-w-        c:\program files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll" [2012-10-17 1792968]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Facebook Update"="c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-05 336384]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-06-27 168504]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-06-13 336440]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-12-09 74752]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-10-10 3116152]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-10-17 993736]
"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-10-17 1020512]
.
c:\users\Natalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Natalie\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe [2012-9-25 247728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-10-02 5783672]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Services for Windows; [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-02-15 13352]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-13 115168]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-04-16 79488]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-04-16 40064]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-09-21 61792]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-09-13 151904]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-10-17 30568]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-06 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-05 365568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-02 193568]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-01-14 1751656]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-10-03 722528]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-10-17 711112]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-06 9359872]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-06 309760]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-13 333928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-05-18 1145448]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 63435553
*Deregistered* - 63435553
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:14]
.
2012-10-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001Core.job
- c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-13 15:16]
.
2012-10-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001UA.job
- c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-13 15:16]
.
2012-10-12 c:\windows\Tasks\HPCeeScheduleForNatalie.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-12-17 525312]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-06-27 42808]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Natalie\AppData\Roaming\Mozilla\Firefox\Profiles\ivcvr686.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.http - 87.98.136.60
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-10 21:12; stealthyextension@gmail.com; c:\users\Natalie\AppData\Roaming\Mozilla\Firefox\Profiles\ivcvr686.default\extensions\stealthyextension@gmail.com.xpi
FF - ExtSQL: 2012-10-17 19:52; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.1
FF - ExtSQL: !HIDDEN! 2012-02-16 10:23; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
Wow6432Node-HKLM-Run-ROC_ROC_NT - c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe
SafeBoot-65921644.sys
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-loadtbs-2.1 - c:\users\Natalie\AppData\Roaming\loadtbs\uninstall.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}\bm_installer.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.032"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.abr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ani"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.apd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.arw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bay"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.bmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.cr2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.crw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cs1"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cur"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.dcr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dib"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djv"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djvu"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.dng"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.emf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.eps"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.erf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fpx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.gif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.hdr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icl"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icn"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ilbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.int"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.inta"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iw4"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2c"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2k"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jbr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jfif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jp2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpe"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpeg"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpg"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpk"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.kdc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.lbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mos"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.mrw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.nef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.nrw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.orf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pct"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.pef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pgm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pic"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pict"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pix"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.png"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ppm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspbrush"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspimage"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.raf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ras"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.raw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgb"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgba"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rle"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rsb"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.rw2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rwl"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sgi"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.sr2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.srf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.tga"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.thm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.tif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.tiff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50po"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50pp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50ppf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wmf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-10-18  21:59:53
ComboFix-quarantined-files.txt  2012-10-18 19:59
.
Vor Suchlauf: 12 Verzeichnis(se), 364.693.229.568 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 364.565.950.464 Bytes frei
.
- - End Of File - - 9488C3C6C8BDDE6681DBD75AC042A686
Log Osam

Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 23:25:10 on 18.10.2012

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit
Default Browser: Mozilla Corporation Firefox 16.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"HPCeeScheduleForNatalie.job" - "Hewlett-Packard" - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
"FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001Core.job" - "Facebook Inc." - C:\Users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe
"FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001UA.job" - "Facebook Inc." - C:\Users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"AVG Anti-Rootkit Driver" (Avgrkx64) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgrkx64.sys
"AVG AVI Loader Driver" (Avgldx64) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgldx64.sys
"AVG Logging Driver" (Avgloga) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgloga.sys
"AVG Mini-Filter Resident Anti-Virus Shield" (Avgmfx64) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgmfx64.sys
"AVG TDI Driver" (Avgtdia) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgtdia.sys
"AVGIDSDriver" (AVGIDSDriver) - "AVG Technologies CZ, s.r.o. " - C:\Windows\System32\DRIVERS\avgidsdrivera.sys
"AVGIDSHA" (AVGIDSHA) - "AVG Technologies CZ, s.r.o. " - C:\Windows\System32\DRIVERS\avgidsha.sys
"avgtp" (avgtp) - "AVG Technologies" - C:\Windows\system32\drivers\avgtpx64.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"Sftfs" (Sftfs) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftfslh.sys
"Sftplay" (Sftplay) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftplaylh.sys
"Sftredir" (Sftredir) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftredirlh.sys
"Sftvol" (Sftvol) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftvollh.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{20C75730-7C25-476B-95DC-C65810F9E489} "XMLMimeFilterPP Class" - "Advanced Micro Devices" - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
{20C75730-7C25-476B-95DC-C65810F9E489} "XMLMimeFilterPP Class" - "Advanced Micro Devices" - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
{B658800C-F66E-4EF3-AB85-6C0C227862A9} "ViProtocolOLE Class" - ? - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} "AVG Find Extension" - ? -  (File not found | COM-object registry key not found)
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} "AVG Shell Extension Class" - "AVG Technologies CZ, s.r.o." - C:\Program Files (x86)\AVG\AVG2013\avgse.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? -  (File not found | COM-object registry key not found)
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? -  (File not found | COM-object registry key not found)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? -  (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )-----
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? -  (File not found | COM-object registry key not found)

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
ITBar7Height64 "ITBar7Height64" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
{DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
"ICQ7.7" - "ICQ, LLC." - C:\Program Files (x86)\ICQ7.7\ICQ.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "AVG Security Toolbar" - ? - C:\Program Files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{95B7759C-8C7F-4BF1-B163-73684A933233} "AVG Security Toolbar" - ? - C:\Program Files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll
{0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Facebook Messenger.lnk" - "Facebook" - C:\Users\Natalie\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Facebook Update" - "Facebook Inc." - "C:\Users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"AVG_UI" - "AVG Technologies CZ, s.r.o." - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"HP Quick Launch" - "Hewlett-Packard Development Company, L.P." - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
"HP Software Update" - "Hewlett-Packard" - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
"HPOSD" - "Hewlett-Packard Development Company, L.P." - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
"HPQuickWebProxy" - "Hewlett-Packard Company" - "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"ROC_roc_ssl_v12" - ? - "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
"StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"vProt" - ? - "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"WinampAgent" - "Nullsoft, Inc." - "C:\Program Files (x86)\Winamp\winampa.exe"

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll  (File not found)
"@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe"  (File not found)
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
"AMD FUEL Service" (AMD FUEL Service) - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
"Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
"Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"AVG WatchDog" (avgwd) - "AVG Technologies CZ, s.r.o." - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
"AVGIDSAgent" (AVGIDSAgent) - "AVG Technologies CZ, s.r.o." - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
"Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
"Easybits Services for Windows" (ezSharedSvc) - ? - C:\Windows\system32\drivers\ezSharedSvc.sys  (File not found)
"GamesAppService" (GamesAppService) - "WildTangent, Inc." - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
"Google Updater Service" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
"HP Client Services" (HPClientSvc) - "Hewlett-Packard Company" - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
"HP Quick Synchronization Service" (HPDrvMntSvc.exe) - "Hewlett-Packard Company" - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
"HP Software Framework Service" (hpqwmiex) - "Hewlett-Packard Company" - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
"HP Support Assistant Service" (HP Support Assistant Service) - "Hewlett-Packard Company" - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
"HPWMISVC" (HPWMISVC) - "Hewlett-Packard Development Company, L.P." - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
"IconMan_R" (IconMan_R) - "Realsil Microelectronics Inc." - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
"MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
"vToolbarUpdater12.2.6" (vToolbarUpdater12.2.6) - ? - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
"vToolbarUpdater13.2.0" (vToolbarUpdater13.2.0) - ? - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
Log aswMDR

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-18 23:28:40
-----------------------------
23:28:40.635    OS Version: Windows x64 6.1.7601 Service Pack 1
23:28:40.635    Number of processors: 2 586 0x100
23:28:40.635    ComputerName: NATALIE-HP  UserName: Natalie
23:28:42.275    Initialize success
23:31:24.886    AVAST engine defs: 12101801
23:32:16.416    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006e
23:32:16.426    Disk 0 Vendor: TOSHIBA_ GS00 Size: 610480MB BusType: 11
23:32:16.446    Disk 0 MBR read successfully
23:32:16.446    Disk 0 MBR scan
23:32:16.466    Disk 0 Windows 7 default MBR code
23:32:16.486    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
23:32:16.506    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      590129 MB offset 409600
23:32:16.536    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS        16087 MB offset 1208993792
23:32:16.556    Disk 0 Partition 4 00    0C    FAT32 LBA MSDOS5.0    4063 MB offset 1241939968
23:32:16.606    Disk 0 scanning C:\Windows\system32\drivers
23:32:28.096    Service scanning
23:33:05.666    Modules scanning
23:33:05.676    Disk 0 trace - called modules:
23:33:05.736    ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys ACPI.sys storport.sys hal.dll amd_sata.sys
23:33:05.746    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005f82060]
23:33:05.756    3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8005c2aa30]
23:33:05.766    5 amd_xata.sys[fffff8800115da1d] -> nt!IofCallDriver -> [0xfffffa8005c25160]
23:33:05.776    7 ACPI.sys[fffff88000ef87a1] -> nt!IofCallDriver -> \Device\0000006e[0xfffffa8005c269c0]
23:33:07.276    AVAST engine scan C:\Windows
23:33:11.236    AVAST engine scan C:\Windows\system32
23:36:22.076    AVAST engine scan C:\Windows\system32\drivers
23:36:39.446    AVAST engine scan C:\Users\Natalie
23:51:16.428    AVAST engine scan C:\ProgramData
23:55:55.409    Scan finished successfully
23:57:20.609    Disk 0 MBR has been saved successfully to "C:\Users\Natalie\Desktop\MBR.dat"
23:57:20.609    The log file has been saved successfully to "C:\Users\Natalie\Desktop\aswMBR.txt"

cosinus 19.10.2012 09:56
Du hast kein GMER-Log gepostet, das war nochmal das von combofix

Cellar Door 19.10.2012 11:14
Ich habe den Scan mit gmer gerade nochmals durchgeführt, aber der log ist leer

cosinus 19.10.2012 11:43
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Cellar Door 20.10.2012 08:14
Malware Log

Code:
Malwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.19.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Natalie :: NATALIE-HP [Administrator]

Schutz: Deaktiviert

19.10.2012 15:27:40
mbam-log-2012-10-19 (15-27-40).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 363604
Laufzeit: 47 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

SuperAntiSpyware Log

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 10/19/2012 at 07:35 PM

Application Version : 5.6.1012

Core Rules Database Version : 9437
Trace Rules Database Version: 7249

Scan type      : Complete Scan
Total Scan Time : 02:06:34

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 784
Memory threats detected  : 0
Registry items scanned    : 71680
Registry threats detected : 0
File items scanned        : 161632
File threats detected    : 480

Adware.Tracking Cookie
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\O35NGEKK.txt [ /ero-advertising.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\U0J9RGBM.txt [ /ad2.adfarm1.adition.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\SSOFC13Z.txt [ /ad.yieldmanager.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\PH44KT8J.txt [ /ads.creative-serving.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\XH1I9RKB.txt [ /tracking.quisma.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\FUYYR6KR.txt [ /a.revenuemax.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\XRACA2PE.txt [ /clicksor.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\POIB1WJR.txt [ /www.etracker.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\LL83ABOQ.txt [ /2o7.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\AKO57PXS.txt [ /banners.victor.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\BV9FPIKK.txt [ /de.partypoker.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\QGYE8DPA.txt [ /www.googleadservices.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\QFJ5JGX4.txt [ /im.banner.t-online.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\G7YHYR14.txt [ /tracking.mindshare.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\CMEEIFDY.txt [ /ww251.smartadserver.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\LFKI0ZL8.txt [ /track.effiliation.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\PPJEDAJ1.txt [ /ad.ad-srv.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\LJ8N3OPI.txt [ /gostats.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\4L5QAK1Q.txt [ /ad.dyntracker.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\DZ011Y30.txt [ /www.googleadservices.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\M512RG1U.txt [ /adxpose.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\ZNC089FI.txt [ /casalemedia.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\8UUFEN6T.txt [ /webmasterplan.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\9Z5D1X2L.txt [ /bwincom.122.2o7.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\6MZ8BAHZ.txt [ /imrworldwide.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\R2QWDW27.txt [ /ad1.adfarm1.adition.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\3KY15D4P.txt [ /stat.ed.cupidplc.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\E8NSNKVT.txt [ /rts.pgmediaserve.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\MGN85WJY.txt [ /amazon-adsystem.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\CX66I3LK.txt [ /tomtailor.dyntracker.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YA9UTJ9F.txt [ /tracker.vinsight.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\5BY4RVUA.txt [ /eas.apm.emediate.eu ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\3PK125CW.txt [ /track.adform.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\XO95OUH3.txt [ /www.mmtracking.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\TJLYQRQ9.txt [ /wmedia.rotator.hadj7.adjuggler.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\INMUVG0O.txt [ /de.sitestat.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\JUT51UAR.txt [ /aa.adfarm1.adition.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\GIHIZEQL.txt [ /ads.onvertise.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\Y4DV1OQR.txt [ /serving-sys.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\EFTA8JD7.txt [ /ad.360yield.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\TE8AN8P1.txt [ /xiti.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\5JZ9TZXE.txt [ /ads.247activemedia.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YV3ME9U8.txt [ /mediaplex.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\IWPKKYAF.txt [ /unitymedia.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\1FS94ANO.txt [ /revsci.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\LYX1XKUN.txt [ /adbrite.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\XDXSMHC3.txt [ /adtech.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YL08J1IB.txt [ /partypoker.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\9ZWLDZE8.txt [ /accounts.youtube.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\FGFQ1ED0.txt [ /fastclick.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YPF5B76I.txt [ /histats.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\KGK9R087.txt [ /statcounter.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\Y5C8UO6L.txt [ /ads.lzjl.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\QOWGG3CF.txt [ /track.effiliation.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\FVC7QYEY.txt [ /mmotraffic.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\R7XSDLRG.txt [ /adfarm1.adition.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\JXIP60K2.txt [ /aim4media.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\KC2VIZGT.txt [ /zbox.zanox.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\UUYA5MRG.txt [ /smartadserver.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\9GBLF82L.txt [ /tracking.kissmyads.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\1GVF442K.txt [ /ad3.adfarm1.adition.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YOUFUTH0.txt [ /7.rotator.trafficbee.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\J1R6FIYQ.txt [ /doubleclick.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\QDO6CQ9Q.txt [ /ad.zanox.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\UQH74IMN.txt [ /specificclick.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\CV727O41.txt [ /apmebf.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\13W7FTBS.txt [ /ad.adnet.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\J5Y1BL35.txt [ /bdsm28.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\PHLNJGU6.txt [ /ad4.adfarm1.adition.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\E84PA8CS.txt [ /questionmarket.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\KRVLQA0W.txt [ /adform.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\GVAU6GNC.txt [ /liveperson.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\M0FL4H6L.txt [ /bs.serving-sys.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\B5T71GQ2.txt [ /www.googleadservices.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\XSBO4MI3.txt [ /ads.crakmedia.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\GSJTI6U2.txt [ /clickfuse.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\K1Q6EJC6.txt [ /ads.adk2.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\PCHFSWH3.txt [ /www.zanox-affiliate.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\MQQ04O9W.txt [ /www.googleadservices.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\0T87U07Q.txt [ /c.atdmt.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\STIZ53J3.txt [ /zanox-affiliate.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\D27ZF4Q2.txt [ /tradedoubler.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\NMUPR527.txt [ /yieldmanager.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\5UIKG83Y.txt [ /myroitracking.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\W1UWQ8S4.txt [ /7.rotator.wigetmedia.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\ASQ63AQK.txt [ /ad-emea.doubleclick.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\F1WNKG3S.txt [ /media6degrees.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\C9PCRY8H.txt [ /atdmt.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\S0IJ8806.txt [ /zedo.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\2P0II1LJ.txt [ /statse.webtrendslive.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\5SJ47PSX.txt [ /unister-adservices.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\6ER4HVM8.txt [ /tribalfusion.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\U0RH69EH.txt [ /eas4.emediate.eu ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\7KB0AAIX.txt [ /invitemedia.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\4S36C5Z5.txt [ /accounts.google.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\BH9UC9ES.txt [ /ad.ics-int.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\BG674UQ5.txt [ /adserver3.oberberg.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\RFN6XFHX.txt [ /zanox.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\3ZV7ITRR.txt [ /movieclipscom.122.2o7.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\HP6PKXVS.txt [ /ru4.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\IZ0E84TR.txt [ /traffictrack.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\135FT992.txt [ /studivz.adfarm1.adition.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\RYEDEYZ5.txt [ /pro-market.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\OT4ECVL2.txt [ /ads.immobilienscout24.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\RR0T43PT.txt [ /stat.easydate.biz ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YX6SEKVD.txt [ /ads.advrtice.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\QMPCE6X1.txt [ /countomat.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\JLUCE5OE.txt [ /geoadserving.coffeetree.info ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\27RCY0JN.txt [ /mm.chitika.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\DJSRZRQ4.txt [ /adx.chip.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\3RORMRCW.txt [ /ads.pubmatic.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\R9NS695F.txt [ /tracking.mlsat02.de ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\TRD51QJE.txt [ /ads.glispa.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\TT0RQ0IX.txt [ /guj.122.2o7.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\WSTNXQ54.txt [ /avgtechnologies.112.2o7.net ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\9O9KF60O.txt [ /advertising.com ]
        C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\18YRPKYS.txt [ /viewad.exchangecash.de ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\AQ5BAQHP.txt [ Cookie:natalie@eu.battle.net/account ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\6Y0M524H.txt [ Cookie:natalie@ubesttorrent2011.com/tracking/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\013L1WOG.txt [ Cookie:natalie@google.com/accounts/recovery/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZBGGGH4L.txt [ Cookie:natalie@at.atwola.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\IAGYBD0G.txt [ Cookie:natalie@ad.yieldmanager.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9RKJIZR3.txt [ Cookie:natalie@a.revenuemax.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PZVC0KHR.txt [ Cookie:natalie@tracking.quisma.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5VRTHJ07.txt [ Cookie:natalie@gostats.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZYB2H5KF.txt [ Cookie:natalie@www.etracker.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3VJDU7UY.txt [ Cookie:natalie@lucidmedia.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\KO8WOLDX.txt [ Cookie:natalie@track.effiliation.com/servlet/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6XT2TPZZ.txt [ Cookie:natalie@gostats.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SYFJNJ1L.txt [ Cookie:natalie@hightraffic.hugoboss.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MFLJBX2G.txt [ Cookie:natalie@ad.dyntracker.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\CN50OXS7.txt [ Cookie:natalie@webmasterplan.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\J8TN8EP2.txt [ Cookie:natalie@bwincom.122.2o7.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LWLVO8DP.txt [ Cookie:natalie@imrworldwide.com/cgi-bin ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6061FEK4.txt [ Cookie:natalie@account.betfair.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\V1N5HHKX.txt [ Cookie:natalie@ad1.adfarm1.adition.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\V2G96X74.txt [ Cookie:natalie@rts.pgmediaserve.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\OP5FDQHM.txt [ Cookie:natalie@content.yieldmanager.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\G2UKG8U4.txt [ Cookie:natalie@eas.apm.emediate.eu/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\QNDGPU2J.txt [ Cookie:natalie@serving-sys.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NV512FEK.txt [ Cookie:natalie@labelfinder.glamour.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PF25HAMZ.txt [ Cookie:natalie@uk.sitestat.com/ladbrokes/sports/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DE9H4BWH.txt [ Cookie:natalie@unitymedia.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YPF2HN09.txt [ Cookie:natalie@revsci.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\2P60328D.txt [ Cookie:natalie@adbrite.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\T33ZD5DD.txt [ Cookie:natalie@a.trackfox2.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YFZ2W5E4.txt [ Cookie:natalie@adtech.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\natalie@accounts.youtube[1].txt [ Cookie:natalie@accounts.youtube.com/accounts ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7FJJOH0J.txt [ Cookie:natalie@statcounter.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\2X32UK4K.txt [ Cookie:natalie@fastclick.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YO7J7WMQ.txt [ Cookie:natalie@mmotraffic.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\8QKW9NMR.txt [ Cookie:natalie@adfarm1.adition.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\OM9O1ZT6.txt [ Cookie:natalie@counter2.sexmoney.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\XW728BKC.txt [ Cookie:natalie@doubleclick.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\E5EL0QDF.txt [ Cookie:natalie@bdsm28.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\B7SS5LF6.txt [ Cookie:natalie@apmebf.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5BA1WZCD.txt [ Cookie:natalie@ad4.adfarm1.adition.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RER899DX.txt [ Cookie:natalie@questionmarket.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\99KB99P9.txt [ Cookie:natalie@bs.serving-sys.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YZKW80K4.txt [ Cookie:natalie@adform.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\D9AUUUVH.txt [ Cookie:natalie@liveperson.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\0W6SF145.txt [ Cookie:natalie@adserver.adtechus.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\I03VCJH1.txt [ Cookie:natalie@zanox-affiliate.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\K3NBR4O6.txt [ Cookie:natalie@tradedoubler.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\VJANSN01.txt [ Cookie:natalie@advertstream.com/a ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\U9AONJYV.txt [ Cookie:natalie@myroitracking.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YNWSGZUE.txt [ Cookie:natalie@7.rotator.wigetmedia.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\73ZWMH4C.txt [ Cookie:natalie@media6degrees.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\A5SPV3E8.txt [ Cookie:natalie@atdmt.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\EKD9CSCJ.txt [ Cookie:natalie@zedo.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NQ4XCM97.txt [ Cookie:natalie@eas4.emediate.eu/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\8NDUS0KI.txt [ Cookie:natalie@accounts.google.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\TQIEXSG5.txt [ Cookie:natalie@adserver3.oberberg.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AGATCBB6.txt [ Cookie:natalie@mediatraffic.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\K1H2VKM2.txt [ Cookie:natalie@8tracks.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\93ZJ9HXU.txt [ Cookie:natalie@server.cpmstar.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\G7VV3K6M.txt [ Cookie:natalie@adserver.twitpic.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\T3LNCG73.txt [ Cookie:natalie@adxpose.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3ODME6QU.txt [ Cookie:natalie@edates.traffective-tracking.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7DNJR8SF.txt [ Cookie:natalie@clkads.com/adServe ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\A7GGE7Y2.txt [ Cookie:natalie@sexkontakt.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y1BNT32Q.txt [ Cookie:natalie@www.adserving.pixfuture.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GTVKXOYX.txt [ Cookie:natalie@tomtailor.dyntracker.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\BIKIF7QF.txt [ Cookie:natalie@track.adform.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZCKPZ1SV.txt [ Cookie:natalie@track.senzapudore.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7104WHAS.txt [ Cookie:natalie@studivz.adfarm1.adition.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\274MOYUX.txt [ Cookie:natalie@mywebstats.it/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9ZOHOCTY.txt [ Cookie:natalie@farm1.netxmedia.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\JYZRYYCM.txt [ Cookie:natalie@tracking.affiliaxe.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UZRI72NE.txt [ Cookie:natalie@bestoffersmedia.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\75QQ8Z6M.txt [ Cookie:natalie@www.sexkontakt.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RPSIDI6H.txt [ Cookie:natalie@interclick.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\R738HMXD.txt [ Cookie:natalie@partypoker.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\HOP9JZFL.txt [ Cookie:natalie@histats.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\860N4SS0.txt [ Cookie:natalie@ads2.medianord.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\648EGB6A.txt [ Cookie:natalie@adlegend.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\TR8Q1W52.txt [ Cookie:natalie@stat.easydate.biz/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\V0OR21F0.txt [ Cookie:natalie@smartadserver.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7BT18V7Y.txt [ Cookie:natalie@server.adform.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7M8WZOYF.txt [ Cookie:natalie@e2.emediate.se/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UEKQZQU4.txt [ Cookie:natalie@counter.sexsuche.tv/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\86OWDGT1.txt [ Cookie:natalie@adx.chip.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GQ8Z7J14.txt [ Cookie:natalie@specificclick.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\G89F8Q6Y.txt [ Cookie:natalie@ad.adnet.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UGYXY8ZF.txt [ Cookie:natalie@clickbank.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\I2Z4NJKO.txt [ Cookie:natalie@adserver.innovalue.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\VLOO905L.txt [ Cookie:natalie@www.media970.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\BO2HFMXS.txt [ Cookie:natalie@statsadv.dadapro.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LWRZ9C1W.txt [ Cookie:natalie@s2.netxmedia.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FVYQ2DR8.txt [ Cookie:natalie@c.atdmt.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UDODW44C.txt [ Cookie:natalie@adnetwork.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YYNKER3Q.txt [ Cookie:natalie@yieldmanager.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7DMKA008.txt [ Cookie:natalie@loads7.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\20WS5WFM.txt [ Cookie:natalie@pornme.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9PQPPV3R.txt [ Cookie:natalie@mediadealr.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7ZLHJD9E.txt [ Cookie:natalie@de.sitestat.com/ndr/ndr/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\KXOFNPFQ.txt [ Cookie:natalie@unister-adservices.com/campaign/conversion/22 ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YG458L3A.txt [ Cookie:natalie@advertising.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4T6LX5LL.txt [ Cookie:natalie@traffic.brokerbabe.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GGT2UXRT.txt [ Cookie:natalie@www.hdpornmobile.xxx/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5KUC7BFM.txt [ Cookie:natalie@www.123-counter.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PAU3FIRZ.txt [ Cookie:natalie@viewad.exchangecash.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1EKS3G31.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1053503741/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1TKO3IUB.txt [ Cookie:natalie@2o7.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1SVOD0D6.txt [ Cookie:natalie@de.partypoker.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\8VPJ0ZTN.txt [ Cookie:natalie@ww251.smartadserver.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GX23X7B0.txt [ Cookie:natalie@in.mydirtyhobby.com/track/xCkSAGAU/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LHEQQ0PD.txt [ Cookie:natalie@tracking.dc-storm.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FFTPUM7O.txt [ Cookie:natalie@fidelity.rotator.hadj7.adjuggler.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\VCS972CH.txt [ Cookie:natalie@tracker.vinsight.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6WC8BS6P.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1060365111/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AX8WHSBO.txt [ Cookie:natalie@www.moviepilot.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\S08OU73M.txt [ Cookie:natalie@urbia.wwe-media.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\INIBML8Y.txt [ Cookie:natalie@microsoftsto.112.2o7.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RYB4Y5FO.txt [ Cookie:natalie@media.neodau.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZRF5P4AB.txt [ Cookie:natalie@rotator.hadj7.adjuggler.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\HPLXFNQ3.txt [ Cookie:natalie@deutschepostag.112.2o7.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\0T97I6MN.txt [ Cookie:natalie@unister-adservices.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\436DJWZB.txt [ Cookie:natalie@adserving.randyrun.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FG7IS1DS.txt [ Cookie:natalie@ubesttorrent2011.com/tracking/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AE7FZF24.txt [ Cookie:natalie@clkads.com/adServe/banners ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\R4C3YT25.txt [ Cookie:natalie@7.rotator.trafficbee.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\XKEQYUE5.txt [ Cookie:natalie@xm.xtendmedia.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\KB7Z99MS.txt [ Cookie:natalie@adt.traffictrack.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YUALPHY8.txt [ Cookie:natalie@cmpmedica.112.2o7.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\TZR9WULR.txt [ Cookie:natalie@tracker.bmtsystem.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DA54W650.txt [ Cookie:natalie@in.watchme.com/track/AxoUAGId/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\L2PCBYOB.txt [ Cookie:natalie@tradetracker.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4RF8KF04.txt [ Cookie:natalie@burstnet.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SIFZW1ST.txt [ Cookie:natalie@googleads.g.doubleclick.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\QW9YH58N.txt [ Cookie:natalie@sexpartnerclub.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MWSX86Q4.txt [ Cookie:natalie@banners.victor.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3UK6QCT4.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1038913304/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\F85V3RAB.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1028954965/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4J80HJQ1.txt [ Cookie:natalie@nextag.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PHTF99HH.txt [ Cookie:natalie@opodo.122.2o7.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\L5KR13KG.txt [ Cookie:natalie@aa.adfarm1.adition.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PN0H87ZE.txt [ Cookie:natalie@pro-market.net/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3BAEQEC8.txt [ Cookie:natalie@ads.saymedia.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1RJB68YK.txt [ Cookie:natalie@moviepilot.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\D6Z5U440.txt [ Cookie:natalie@adserver.advertisingbox.com/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\B5DUZCX6.txt [ Cookie:natalie@ad.adserver01.de/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SWNFJ27G.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1065473929/ ]
        C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GVWT2H3T.txt [ Cookie:natalie@track.zalando.de/789345933667438/ ]
        C:\USERS\NATALIE\Cookies\SSOFC13Z.txt [ Cookie:natalie@ad.yieldmanager.com/ ]
        C:\USERS\NATALIE\Cookies\XH1I9RKB.txt [ Cookie:natalie@tracking.quisma.com/ ]
        C:\USERS\NATALIE\Cookies\FUYYR6KR.txt [ Cookie:natalie@a.revenuemax.de/ ]
        C:\USERS\NATALIE\Cookies\POIB1WJR.txt [ Cookie:natalie@www.etracker.de/ ]
        C:\USERS\NATALIE\Cookies\LL83ABOQ.txt [ Cookie:natalie@2o7.net/ ]
        C:\USERS\NATALIE\Cookies\AKO57PXS.txt [ Cookie:natalie@banners.victor.com/ ]
        C:\USERS\NATALIE\Cookies\BV9FPIKK.txt [ Cookie:natalie@de.partypoker.com/ ]
        C:\USERS\NATALIE\Cookies\QGYE8DPA.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1028954965/ ]
        C:\USERS\NATALIE\Cookies\CMEEIFDY.txt [ Cookie:natalie@ww251.smartadserver.com/ ]
        C:\USERS\NATALIE\Cookies\LFKI0ZL8.txt [ Cookie:natalie@track.effiliation.com/servlet/ ]
        C:\USERS\NATALIE\Cookies\LJ8N3OPI.txt [ Cookie:natalie@gostats.de/ ]
        C:\USERS\NATALIE\Cookies\4L5QAK1Q.txt [ Cookie:natalie@ad.dyntracker.de/ ]
        C:\USERS\NATALIE\Cookies\DZ011Y30.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1006871605/ ]
        C:\USERS\NATALIE\Cookies\M512RG1U.txt [ Cookie:natalie@adxpose.com/ ]
        C:\USERS\NATALIE\Cookies\8UUFEN6T.txt [ Cookie:natalie@webmasterplan.com/ ]
        C:\USERS\NATALIE\Cookies\9Z5D1X2L.txt [ Cookie:natalie@bwincom.122.2o7.net/ ]
        C:\USERS\NATALIE\Cookies\6MZ8BAHZ.txt [ Cookie:natalie@imrworldwide.com/cgi-bin ]
        C:\USERS\NATALIE\Cookies\R2QWDW27.txt [ Cookie:natalie@ad1.adfarm1.adition.com/ ]
        C:\USERS\NATALIE\Cookies\E8NSNKVT.txt [ Cookie:natalie@rts.pgmediaserve.com/ ]
        C:\USERS\NATALIE\Cookies\AQ5BAQHP.txt [ Cookie:natalie@eu.battle.net/account ]
        C:\USERS\NATALIE\Cookies\CX66I3LK.txt [ Cookie:natalie@tomtailor.dyntracker.com/ ]
        C:\USERS\NATALIE\Cookies\YA9UTJ9F.txt [ Cookie:natalie@tracker.vinsight.de/ ]
        C:\USERS\NATALIE\Cookies\5BY4RVUA.txt [ Cookie:natalie@eas.apm.emediate.eu/ ]
        C:\USERS\NATALIE\Cookies\3PK125CW.txt [ Cookie:natalie@track.adform.net/ ]
        C:\USERS\NATALIE\Cookies\JUT51UAR.txt [ Cookie:natalie@aa.adfarm1.adition.com/ ]
        C:\USERS\NATALIE\Cookies\Y4DV1OQR.txt [ Cookie:natalie@serving-sys.com/ ]
        C:\USERS\NATALIE\Cookies\IWPKKYAF.txt [ Cookie:natalie@unitymedia.de/ ]
        C:\USERS\NATALIE\Cookies\1FS94ANO.txt [ Cookie:natalie@revsci.net/ ]
        C:\USERS\NATALIE\Cookies\LYX1XKUN.txt [ Cookie:natalie@adbrite.com/ ]
        C:\USERS\NATALIE\Cookies\XDXSMHC3.txt [ Cookie:natalie@adtech.de/ ]
        C:\USERS\NATALIE\Cookies\YL08J1IB.txt [ Cookie:natalie@partypoker.com/ ]
        C:\USERS\NATALIE\Cookies\9ZWLDZE8.txt [ Cookie:natalie@accounts.youtube.com/accounts ]
        C:\USERS\NATALIE\Cookies\FGFQ1ED0.txt [ Cookie:natalie@fastclick.net/ ]
        C:\USERS\NATALIE\Cookies\YPF5B76I.txt [ Cookie:natalie@histats.com/ ]
        C:\USERS\NATALIE\Cookies\KGK9R087.txt [ Cookie:natalie@statcounter.com/ ]
        C:\USERS\NATALIE\Cookies\FVC7QYEY.txt [ Cookie:natalie@mmotraffic.com/ ]
        C:\USERS\NATALIE\Cookies\R7XSDLRG.txt [ Cookie:natalie@adfarm1.adition.com/ ]
        C:\USERS\NATALIE\Cookies\6Y0M524H.txt [ Cookie:natalie@ubesttorrent2011.com/tracking/ ]
        C:\USERS\NATALIE\Cookies\JXIP60K2.txt [ Cookie:natalie@aim4media.com/ ]
        C:\USERS\NATALIE\Cookies\UUYA5MRG.txt [ Cookie:natalie@smartadserver.com/ ]
        C:\USERS\NATALIE\Cookies\9GBLF82L.txt [ Cookie:natalie@tracking.kissmyads.com/ ]
        C:\USERS\NATALIE\Cookies\YOUFUTH0.txt [ Cookie:natalie@7.rotator.trafficbee.com/ ]
        C:\USERS\NATALIE\Cookies\J1R6FIYQ.txt [ Cookie:natalie@doubleclick.net/ ]
        C:\USERS\NATALIE\Cookies\UQH74IMN.txt [ Cookie:natalie@specificclick.net/ ]
        C:\USERS\NATALIE\Cookies\CV727O41.txt [ Cookie:natalie@apmebf.com/ ]
        C:\USERS\NATALIE\Cookies\13W7FTBS.txt [ Cookie:natalie@ad.adnet.de/ ]
        C:\USERS\NATALIE\Cookies\J5Y1BL35.txt [ Cookie:natalie@bdsm28.de/ ]
        C:\USERS\NATALIE\Cookies\PHLNJGU6.txt [ Cookie:natalie@ad4.adfarm1.adition.com/ ]
        C:\USERS\NATALIE\Cookies\E84PA8CS.txt [ Cookie:natalie@questionmarket.com/ ]
        C:\USERS\NATALIE\Cookies\KRVLQA0W.txt [ Cookie:natalie@adform.net/ ]
        C:\USERS\NATALIE\Cookies\GVAU6GNC.txt [ Cookie:natalie@liveperson.net/ ]
        C:\USERS\NATALIE\Cookies\M0FL4H6L.txt [ Cookie:natalie@bs.serving-sys.com/ ]
        C:\USERS\NATALIE\Cookies\B5T71GQ2.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1069528796/ ]
        C:\USERS\NATALIE\Cookies\XSBO4MI3.txt [ Cookie:natalie@ads.crakmedia.com/ ]
        C:\USERS\NATALIE\Cookies\PCHFSWH3.txt [ Cookie:natalie@www.zanox-affiliate.de/ ]
        C:\USERS\NATALIE\Cookies\MQQ04O9W.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1066732035/ ]
        C:\USERS\NATALIE\Cookies\0T87U07Q.txt [ Cookie:natalie@c.atdmt.com/ ]
        C:\USERS\NATALIE\Cookies\STIZ53J3.txt [ Cookie:natalie@zanox-affiliate.de/ ]
        C:\USERS\NATALIE\Cookies\D27ZF4Q2.txt [ Cookie:natalie@tradedoubler.com/ ]
        C:\USERS\NATALIE\Cookies\NMUPR527.txt [ Cookie:natalie@yieldmanager.net/ ]
        C:\USERS\NATALIE\Cookies\5UIKG83Y.txt [ Cookie:natalie@myroitracking.com/ ]
        C:\USERS\NATALIE\Cookies\W1UWQ8S4.txt [ Cookie:natalie@7.rotator.wigetmedia.com/ ]
        C:\USERS\NATALIE\Cookies\F1WNKG3S.txt [ Cookie:natalie@media6degrees.com/ ]
        C:\USERS\NATALIE\Cookies\C9PCRY8H.txt [ Cookie:natalie@atdmt.com/ ]
        C:\USERS\NATALIE\Cookies\S0IJ8806.txt [ Cookie:natalie@zedo.com/ ]
        C:\USERS\NATALIE\Cookies\2P0II1LJ.txt [ Cookie:natalie@statse.webtrendslive.com/ ]
        C:\USERS\NATALIE\Cookies\5SJ47PSX.txt [ Cookie:natalie@unister-adservices.com/campaign/conversion/22 ]
        C:\USERS\NATALIE\Cookies\U0RH69EH.txt [ Cookie:natalie@eas4.emediate.eu/ ]
        C:\USERS\NATALIE\Cookies\4S36C5Z5.txt [ Cookie:natalie@accounts.google.com/ ]
        C:\USERS\NATALIE\Cookies\BG674UQ5.txt [ Cookie:natalie@adserver3.oberberg.net/ ]
        C:\USERS\NATALIE\Cookies\013L1WOG.txt [ Cookie:natalie@google.com/accounts/recovery/ ]
        C:\USERS\NATALIE\Cookies\3ZV7ITRR.txt [ Cookie:natalie@movieclipscom.122.2o7.net/ ]
        C:\USERS\NATALIE\Cookies\135FT992.txt [ Cookie:natalie@studivz.adfarm1.adition.com/ ]
        C:\USERS\NATALIE\Cookies\RYEDEYZ5.txt [ Cookie:natalie@pro-market.net/ ]
        C:\USERS\NATALIE\Cookies\RR0T43PT.txt [ Cookie:natalie@stat.easydate.biz/ ]
        C:\USERS\NATALIE\Cookies\JLUCE5OE.txt [ Cookie:natalie@geoadserving.coffeetree.info/ ]
        C:\USERS\NATALIE\Cookies\27RCY0JN.txt [ Cookie:natalie@mm.chitika.net/ ]
        C:\USERS\NATALIE\Cookies\DJSRZRQ4.txt [ Cookie:natalie@adx.chip.de/ ]
        C:\USERS\NATALIE\Cookies\R9NS695F.txt [ Cookie:natalie@tracking.mlsat02.de/tmobile/ ]
        C:\USERS\NATALIE\Cookies\9O9KF60O.txt [ Cookie:natalie@advertising.com/ ]
        C:\USERS\NATALIE\Cookies\18YRPKYS.txt [ Cookie:natalie@viewad.exchangecash.de/ ]
        .doubleclick.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .fastclick.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad4.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        tomtailor.dyntracker.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .zanox-affiliate.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .zanox-affiliate.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adxpose.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        adx2.chip.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad1.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .tracker.vinsight.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        7.rotator.trafficbee.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        7.rotator.trafficbee.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        7.rotator.trafficbee.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        7.rotator.wigetmedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        7.rotator.wigetmedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        7.rotator.wigetmedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ads.crakmedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ww251.smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]

cosinus 21.10.2012 12:01
Code:
UAC On - Limited User
Wie hast du sasw gestartet? Einfach per Doppelklick?

Bitte so wie es in der Anleitung steht auch ausführen!

Zitat:
Zitat von cosinus (Beitrag 324870)
Teil 2: Programm ausführen
Das Programm wurde nun installiert, eine Verknüpfung auf dem Desktop sollte erstellt worden sein. Nachdem du es gestartet hast, wird es sich erstmalig beim Updateserver nach neuen Schädlingssignaturen umsehen und Updates installieren. Diesen Vorgang NICHT abbrechen!

Benutzer mit Windows Vista und Windows 7 starten das Tool bitte wieder per Rechtsklick => als Administrator ausführen!


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:46 Uhr.
Seite 3 von 4 12 3 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131