| |
| |||||||
Log-Analyse und Auswertung: "Live Security Platinum" vollständig entfernt? Logs anbei.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
30.07.2012, 15:38
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  "Live Security Platinum" vollständig entfernt? Logs anbei. Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.07.2012, 15:49
| #17 |
 | "Live Security Platinum" vollständig entfernt? Logs anbei. Danke - hier das Ergebnis:
__________________Code:
ATTFilter
16:43:58.0192 4272 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:43:58.0619 4272 ============================================================
16:43:58.0619 4272 Current date / time: 2012/07/30 16:43:58.0619
16:43:58.0619 4272 SystemInfo:
16:43:58.0619 4272
16:43:58.0620 4272 OS Version: 6.1.7601 ServicePack: 1.0
16:43:58.0620 4272 Product type: Workstation
16:43:58.0620 4272 ComputerName: C-PC
16:43:58.0620 4272 UserName: C
16:43:58.0620 4272 Windows directory: C:\Windows
16:43:58.0620 4272 System windows directory: C:\Windows
16:43:58.0620 4272 Running under WOW64
16:43:58.0620 4272 Processor architecture: Intel x64
16:43:58.0620 4272 Number of processors: 4
16:43:58.0620 4272 Page size: 0x1000
16:43:58.0620 4272 Boot type: Normal boot
16:43:58.0620 4272 ============================================================
16:44:00.0876 4272 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:44:00.0882 4272 ============================================================
16:44:00.0882 4272 \Device\Harddisk0\DR0:
16:44:00.0882 4272 MBR partitions:
16:44:00.0882 4272 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x300800, BlocksNum 0x1CC00000
16:44:00.0882 4272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1CF00800, BlocksNum 0x1B684800
16:44:00.0882 4272 ============================================================
16:44:00.0899 4272 C: <-> \Device\Harddisk0\DR0\Partition0
16:44:00.0932 4272 D: <-> \Device\Harddisk0\DR0\Partition1
16:44:00.0933 4272 ============================================================
16:44:00.0933 4272 Initialize success
16:44:00.0933 4272 ============================================================
16:45:05.0664 2532 ============================================================
16:45:05.0664 2532 Scan started
16:45:05.0664 2532 Mode: Manual; SigCheck; TDLFS;
16:45:05.0664 2532 ============================================================
16:45:06.0538 2532 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:45:06.0631 2532 1394ohci - ok
16:45:06.0663 2532 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:45:06.0678 2532 ACPI - ok
16:45:06.0725 2532 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:45:06.0803 2532 AcpiPmi - ok
16:45:06.0881 2532 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:45:06.0912 2532 AdobeARMservice - ok
16:45:07.0006 2532 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:45:07.0037 2532 AdobeFlashPlayerUpdateSvc - ok
16:45:07.0255 2532 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:45:07.0302 2532 adp94xx - ok
16:45:07.0333 2532 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:45:07.0349 2532 adpahci - ok
16:45:07.0380 2532 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:45:07.0396 2532 adpu320 - ok
16:45:07.0427 2532 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:45:07.0614 2532 AeLookupSvc - ok
16:45:07.0677 2532 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:45:07.0755 2532 AFD - ok
16:45:07.0786 2532 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:45:07.0801 2532 agp440 - ok
16:45:07.0833 2532 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:45:07.0895 2532 ALG - ok
16:45:07.0911 2532 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:45:07.0926 2532 aliide - ok
16:45:07.0942 2532 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:45:07.0957 2532 amdide - ok
16:45:07.0989 2532 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:45:08.0067 2532 AmdK8 - ok
16:45:08.0067 2532 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:45:08.0098 2532 AmdPPM - ok
16:45:08.0145 2532 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:45:08.0176 2532 amdsata - ok
16:45:08.0207 2532 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:45:08.0223 2532 amdsbs - ok
16:45:08.0254 2532 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:45:08.0254 2532 amdxata - ok
16:45:08.0301 2532 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:45:08.0457 2532 AppID - ok
16:45:08.0472 2532 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:45:08.0535 2532 AppIDSvc - ok
16:45:08.0597 2532 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:45:08.0675 2532 Appinfo - ok
16:45:08.0722 2532 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:45:08.0737 2532 arc - ok
16:45:08.0753 2532 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:45:08.0769 2532 arcsas - ok
16:45:08.0784 2532 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:45:08.0847 2532 AsyncMac - ok
16:45:08.0878 2532 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:45:08.0909 2532 atapi - ok
16:45:08.0987 2532 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:45:09.0081 2532 AudioEndpointBuilder - ok
16:45:09.0096 2532 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:45:09.0143 2532 AudioSrv - ok
16:45:09.0205 2532 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:45:09.0299 2532 AxInstSV - ok
16:45:09.0346 2532 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:45:09.0424 2532 b06bdrv - ok
16:45:09.0471 2532 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:45:09.0502 2532 b57nd60a - ok
16:45:09.0549 2532 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:45:09.0611 2532 BDESVC - ok
16:45:09.0627 2532 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:45:09.0720 2532 Beep - ok
16:45:09.0814 2532 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:45:09.0892 2532 BFE - ok
16:45:09.0954 2532 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:45:10.0048 2532 BITS - ok
16:45:10.0095 2532 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:45:10.0141 2532 blbdrive - ok
16:45:10.0204 2532 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:45:10.0235 2532 bowser - ok
16:45:10.0282 2532 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:45:10.0360 2532 BrFiltLo - ok
16:45:10.0375 2532 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:45:10.0453 2532 BrFiltUp - ok
16:45:10.0500 2532 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:45:10.0563 2532 Browser - ok
16:45:10.0609 2532 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:45:10.0687 2532 Brserid - ok
16:45:10.0703 2532 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:45:10.0734 2532 BrSerWdm - ok
16:45:10.0765 2532 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:45:10.0828 2532 BrUsbMdm - ok
16:45:10.0843 2532 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:45:10.0875 2532 BrUsbSer - ok
16:45:10.0937 2532 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:45:10.0999 2532 BthEnum - ok
16:45:11.0031 2532 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:45:11.0062 2532 BTHMODEM - ok
16:45:11.0109 2532 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:45:11.0155 2532 BthPan - ok
16:45:11.0202 2532 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
16:45:11.0249 2532 BTHPORT - ok
16:45:11.0280 2532 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:45:11.0327 2532 bthserv - ok
16:45:11.0389 2532 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
16:45:11.0452 2532 BTHUSB - ok
16:45:11.0545 2532 bzserv (11954e4072ac64a8e10dfec69fa80773) C:\Program Files (x86)\Backblaze\bzserv.exe
16:45:11.0577 2532 bzserv - ok
16:45:11.0623 2532 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:45:11.0748 2532 cdfs - ok
16:45:11.0842 2532 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:45:11.0904 2532 cdrom - ok
16:45:11.0951 2532 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:45:11.0998 2532 CertPropSvc - ok
16:45:12.0045 2532 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:45:12.0091 2532 circlass - ok
16:45:12.0123 2532 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:45:12.0154 2532 CLFS - ok
16:45:12.0201 2532 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:45:12.0216 2532 clr_optimization_v2.0.50727_32 - ok
16:45:12.0279 2532 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:45:12.0310 2532 clr_optimization_v2.0.50727_64 - ok
16:45:12.0372 2532 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:45:12.0419 2532 clr_optimization_v4.0.30319_32 - ok
16:45:12.0450 2532 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:45:12.0466 2532 clr_optimization_v4.0.30319_64 - ok
16:45:12.0528 2532 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
16:45:12.0559 2532 clwvd - ok
16:45:12.0591 2532 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:45:12.0622 2532 CmBatt - ok
16:45:12.0653 2532 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:45:12.0669 2532 cmdide - ok
16:45:12.0715 2532 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:45:12.0747 2532 CNG - ok
16:45:12.0778 2532 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:45:12.0809 2532 Compbatt - ok
16:45:12.0840 2532 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:45:12.0887 2532 CompositeBus - ok
16:45:12.0903 2532 COMSysApp - ok
16:45:12.0996 2532 cphs (f08c6020e57f5e5bf2fd034db10bedfb) C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:45:13.0012 2532 cphs - ok
16:45:13.0059 2532 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:45:13.0059 2532 crcdisk - ok
16:45:13.0105 2532 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:45:13.0137 2532 CryptSvc - ok
16:45:13.0215 2532 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:45:13.0277 2532 DcomLaunch - ok
16:45:13.0324 2532 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:45:13.0386 2532 defragsvc - ok
16:45:13.0433 2532 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:45:13.0527 2532 DfsC - ok
16:45:13.0589 2532 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:45:13.0651 2532 Dhcp - ok
16:45:13.0698 2532 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:45:13.0761 2532 discache - ok
16:45:13.0807 2532 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:45:13.0839 2532 Disk - ok
16:45:13.0870 2532 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:45:13.0901 2532 Dnscache - ok
16:45:13.0932 2532 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:45:13.0995 2532 dot3svc - ok
16:45:14.0026 2532 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:45:14.0073 2532 DPS - ok
16:45:14.0104 2532 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:45:14.0151 2532 drmkaud - ok
16:45:14.0229 2532 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:45:14.0275 2532 DXGKrnl - ok
16:45:14.0307 2532 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:45:14.0353 2532 EapHost - ok
16:45:14.0556 2532 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:45:14.0634 2532 ebdrv - ok
16:45:14.0728 2532 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:45:14.0790 2532 EFS - ok
16:45:14.0868 2532 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:45:14.0962 2532 ehRecvr - ok
16:45:15.0009 2532 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:45:15.0071 2532 ehSched - ok
16:45:15.0149 2532 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:45:15.0180 2532 elxstor - ok
16:45:15.0211 2532 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:45:15.0227 2532 ErrDev - ok
16:45:15.0274 2532 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:45:15.0352 2532 EventSystem - ok
16:45:15.0492 2532 EvtEng (23e539016fb73c9a095270cdb9451bed) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:45:15.0539 2532 EvtEng - ok
16:45:15.0648 2532 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:45:15.0711 2532 exfat - ok
16:45:15.0726 2532 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:45:15.0789 2532 fastfat - ok
16:45:15.0851 2532 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:45:15.0913 2532 Fax - ok
16:45:15.0945 2532 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:45:15.0991 2532 fdc - ok
16:45:16.0023 2532 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:45:16.0085 2532 fdPHost - ok
16:45:16.0101 2532 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:45:16.0163 2532 FDResPub - ok
16:45:16.0194 2532 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:45:16.0210 2532 FileInfo - ok
16:45:16.0225 2532 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:45:16.0303 2532 Filetrace - ok
16:45:16.0335 2532 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:45:16.0366 2532 flpydisk - ok
16:45:16.0413 2532 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:45:16.0428 2532 FltMgr - ok
16:45:16.0491 2532 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:45:16.0553 2532 FontCache - ok
16:45:16.0631 2532 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:45:16.0647 2532 FontCache3.0.0.0 - ok
16:45:16.0693 2532 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:45:16.0709 2532 FsDepends - ok
16:45:16.0740 2532 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:45:16.0756 2532 Fs_Rec - ok
16:45:16.0818 2532 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:45:16.0834 2532 fvevol - ok
16:45:16.0881 2532 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:45:16.0912 2532 gagp30kx - ok
16:45:16.0990 2532 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:45:17.0052 2532 gpsvc - ok
16:45:17.0068 2532 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:45:17.0115 2532 hcw85cir - ok
16:45:17.0177 2532 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:45:17.0239 2532 HdAudAddService - ok
16:45:17.0271 2532 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:45:17.0302 2532 HDAudBus - ok
16:45:17.0333 2532 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:45:17.0349 2532 HidBatt - ok
16:45:17.0364 2532 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:45:17.0395 2532 HidBth - ok
16:45:17.0411 2532 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:45:17.0442 2532 HidIr - ok
16:45:17.0473 2532 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:45:17.0536 2532 hidserv - ok
16:45:17.0567 2532 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:45:17.0598 2532 HidUsb - ok
16:45:17.0645 2532 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:45:17.0707 2532 hkmsvc - ok
16:45:17.0754 2532 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:45:17.0785 2532 HomeGroupListener - ok
16:45:17.0848 2532 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:45:17.0879 2532 HomeGroupProvider - ok
16:45:17.0941 2532 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:45:17.0973 2532 HpSAMD - ok
16:45:18.0035 2532 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:45:18.0113 2532 HTTP - ok
16:45:18.0160 2532 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:45:18.0175 2532 hwpolicy - ok
16:45:18.0207 2532 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:45:18.0238 2532 i8042prt - ok
16:45:18.0285 2532 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:45:18.0316 2532 iaStorV - ok
16:45:18.0409 2532 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:45:18.0441 2532 idsvc - ok
16:45:18.0987 2532 igfx (371d7f91c0d2314eb984a4a6cbeabc92) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:45:19.0486 2532 igfx - ok
16:45:19.0595 2532 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:45:19.0626 2532 iirsp - ok
16:45:19.0704 2532 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:45:19.0813 2532 IKEEXT - ok
16:45:19.0845 2532 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:45:19.0845 2532 intelide - ok
16:45:19.0907 2532 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:45:19.0923 2532 intelppm - ok
16:45:19.0969 2532 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:45:20.0032 2532 IPBusEnum - ok
16:45:20.0079 2532 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:45:20.0125 2532 IpFilterDriver - ok
16:45:20.0172 2532 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:45:20.0250 2532 iphlpsvc - ok
16:45:20.0281 2532 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:45:20.0313 2532 IPMIDRV - ok
16:45:20.0344 2532 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:45:20.0406 2532 IPNAT - ok
16:45:20.0437 2532 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:45:20.0515 2532 IRENUM - ok
16:45:20.0531 2532 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:45:20.0547 2532 isapnp - ok
16:45:20.0562 2532 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:45:20.0578 2532 iScsiPrt - ok
16:45:20.0625 2532 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:45:20.0625 2532 kbdclass - ok
16:45:20.0656 2532 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:45:20.0687 2532 kbdhid - ok
16:45:20.0703 2532 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:45:20.0718 2532 KeyIso - ok
16:45:20.0734 2532 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:45:20.0749 2532 KSecDD - ok
16:45:20.0765 2532 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:45:20.0781 2532 KSecPkg - ok
16:45:20.0827 2532 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:45:20.0905 2532 ksthunk - ok
16:45:20.0937 2532 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:45:20.0999 2532 KtmRm - ok
16:45:21.0046 2532 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:45:21.0093 2532 LanmanServer - ok
16:45:21.0139 2532 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:45:21.0186 2532 LanmanWorkstation - ok
16:45:21.0233 2532 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:45:21.0280 2532 lltdio - ok
16:45:21.0327 2532 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:45:21.0389 2532 lltdsvc - ok
16:45:21.0420 2532 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:45:21.0467 2532 lmhosts - ok
16:45:21.0498 2532 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:45:21.0514 2532 LSI_FC - ok
16:45:21.0545 2532 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:45:21.0561 2532 LSI_SAS - ok
16:45:21.0576 2532 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:45:21.0592 2532 LSI_SAS2 - ok
16:45:21.0623 2532 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:45:21.0639 2532 LSI_SCSI - ok
16:45:21.0654 2532 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:45:21.0717 2532 luafv - ok
16:45:21.0763 2532 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
16:45:21.0779 2532 MBAMProtector - ok
16:45:21.0857 2532 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:45:21.0888 2532 MBAMService - ok
16:45:21.0935 2532 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:45:21.0982 2532 Mcx2Svc - ok
16:45:22.0013 2532 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:45:22.0044 2532 megasas - ok
16:45:22.0075 2532 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:45:22.0091 2532 MegaSR - ok
16:45:22.0122 2532 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
16:45:22.0122 2532 MEIx64 - ok
16:45:22.0153 2532 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:45:22.0216 2532 MMCSS - ok
16:45:22.0247 2532 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:45:22.0325 2532 Modem - ok
16:45:22.0356 2532 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:45:22.0403 2532 monitor - ok
16:45:22.0450 2532 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:45:22.0481 2532 mouclass - ok
16:45:22.0543 2532 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:45:22.0575 2532 mouhid - ok
16:45:22.0637 2532 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:45:22.0653 2532 mountmgr - ok
16:45:22.0777 2532 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:45:22.0809 2532 MozillaMaintenance - ok
16:45:22.0902 2532 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:45:22.0933 2532 MpFilter - ok
16:45:22.0965 2532 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:45:22.0980 2532 mpio - ok
16:45:23.0011 2532 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:45:23.0058 2532 mpsdrv - ok
16:45:23.0183 2532 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:45:23.0277 2532 MpsSvc - ok
16:45:23.0323 2532 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:45:23.0370 2532 MRxDAV - ok
16:45:23.0401 2532 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:45:23.0433 2532 mrxsmb - ok
16:45:23.0464 2532 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:45:23.0479 2532 mrxsmb10 - ok
16:45:23.0495 2532 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:45:23.0542 2532 mrxsmb20 - ok
16:45:23.0573 2532 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:45:23.0573 2532 msahci - ok
16:45:23.0604 2532 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:45:23.0620 2532 msdsm - ok
16:45:23.0651 2532 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:45:23.0682 2532 MSDTC - ok
16:45:23.0713 2532 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:45:23.0791 2532 Msfs - ok
16:45:23.0823 2532 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:45:23.0869 2532 mshidkmdf - ok
16:45:23.0885 2532 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:45:23.0901 2532 msisadrv - ok
16:45:23.0932 2532 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:45:24.0010 2532 MSiSCSI - ok
16:45:24.0025 2532 msiserver - ok
16:45:24.0072 2532 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:45:24.0119 2532 MSKSSRV - ok
16:45:24.0213 2532 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:45:24.0244 2532 MsMpSvc - ok
16:45:24.0259 2532 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:45:24.0322 2532 MSPCLOCK - ok
16:45:24.0353 2532 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:45:24.0415 2532 MSPQM - ok
16:45:24.0462 2532 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:45:24.0493 2532 MsRPC - ok
16:45:24.0525 2532 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:45:24.0540 2532 mssmbios - ok
16:45:24.0571 2532 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:45:24.0634 2532 MSTEE - ok
16:45:24.0649 2532 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:45:24.0665 2532 MTConfig - ok
16:45:24.0681 2532 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:45:24.0696 2532 Mup - ok
16:45:24.0774 2532 MyWiFiDHCPDNS (1571e40ee767b28df9a94b68d69c9605) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:45:24.0805 2532 MyWiFiDHCPDNS - ok
16:45:24.0852 2532 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:45:24.0930 2532 napagent - ok
16:45:25.0008 2532 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:45:25.0055 2532 NativeWifiP - ok
16:45:25.0117 2532 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:45:25.0164 2532 NDIS - ok
16:45:25.0195 2532 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:45:25.0258 2532 NdisCap - ok
16:45:25.0273 2532 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:45:25.0336 2532 NdisTapi - ok
16:45:25.0383 2532 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:45:25.0461 2532 Ndisuio - ok
16:45:25.0492 2532 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:45:25.0570 2532 NdisWan - ok
16:45:25.0601 2532 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:45:25.0663 2532 NDProxy - ok
16:45:25.0710 2532 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:45:25.0773 2532 NetBIOS - ok
16:45:25.0819 2532 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:45:25.0897 2532 NetBT - ok
16:45:25.0929 2532 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:45:25.0944 2532 Netlogon - ok
16:45:26.0007 2532 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:45:26.0069 2532 Netman - ok
16:45:26.0085 2532 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:45:26.0163 2532 netprofm - ok
16:45:26.0241 2532 netr28x (8b5d2d7cb0ef5b1967860b8ab742a46c) C:\Windows\system32\DRIVERS\netr28x.sys
16:45:26.0287 2532 netr28x - ok
16:45:26.0397 2532 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:45:26.0412 2532 NetTcpPortSharing - ok
16:45:26.0506 2532 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:45:26.0521 2532 nfrd960 - ok
16:45:26.0553 2532 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:45:26.0568 2532 NisDrv - ok
16:45:26.0631 2532 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
16:45:26.0662 2532 NisSrv - ok
16:45:26.0724 2532 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:45:26.0818 2532 NlaSvc - ok
16:45:26.0833 2532 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:45:26.0896 2532 Npfs - ok
16:45:26.0911 2532 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:45:26.0974 2532 nsi - ok
16:45:27.0005 2532 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:45:27.0052 2532 nsiproxy - ok
16:45:27.0130 2532 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:45:27.0192 2532 Ntfs - ok
16:45:27.0286 2532 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:45:27.0395 2532 Null - ok
16:45:27.0442 2532 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:45:27.0457 2532 nvraid - ok
16:45:27.0457 2532 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:45:27.0473 2532 nvstor - ok
16:45:27.0504 2532 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:45:27.0520 2532 nv_agp - ok
16:45:27.0551 2532 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:45:27.0598 2532 ohci1394 - ok
16:45:27.0676 2532 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:45:27.0691 2532 ose - ok
16:45:27.0972 2532 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:45:28.0097 2532 osppsvc - ok
16:45:28.0191 2532 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:45:28.0237 2532 p2pimsvc - ok
16:45:28.0284 2532 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:45:28.0315 2532 p2psvc - ok
16:45:28.0378 2532 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:45:28.0409 2532 Parport - ok
16:45:28.0440 2532 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:45:28.0456 2532 partmgr - ok
16:45:28.0487 2532 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:45:28.0534 2532 PcaSvc - ok
16:45:28.0549 2532 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:45:28.0581 2532 pci - ok
16:45:28.0581 2532 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:45:28.0596 2532 pciide - ok
16:45:28.0643 2532 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:45:28.0659 2532 pcmcia - ok
16:45:28.0659 2532 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:45:28.0674 2532 pcw - ok
16:45:28.0721 2532 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:45:28.0783 2532 PEAUTH - ok
16:45:28.0861 2532 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:45:28.0893 2532 PerfHost - ok
16:45:28.0986 2532 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:45:29.0127 2532 pla - ok
16:45:29.0173 2532 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:45:29.0220 2532 PlugPlay - ok
16:45:29.0251 2532 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:45:29.0267 2532 PNRPAutoReg - ok
16:45:29.0298 2532 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:45:29.0314 2532 PNRPsvc - ok
16:45:29.0361 2532 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:45:29.0423 2532 PolicyAgent - ok
16:45:29.0470 2532 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:45:29.0548 2532 Power - ok
16:45:29.0610 2532 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:45:29.0704 2532 PptpMiniport - ok
16:45:29.0751 2532 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:45:29.0782 2532 Processor - ok
16:45:29.0813 2532 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:45:29.0844 2532 ProfSvc - ok
16:45:29.0891 2532 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:45:29.0907 2532 ProtectedStorage - ok
16:45:29.0953 2532 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:45:30.0016 2532 Psched - ok
16:45:30.0094 2532 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:45:30.0156 2532 ql2300 - ok
16:45:30.0265 2532 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:45:30.0281 2532 ql40xx - ok
16:45:30.0312 2532 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:45:30.0343 2532 QWAVE - ok
16:45:30.0359 2532 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:45:30.0390 2532 QWAVEdrv - ok
16:45:30.0484 2532 RaMediaServer (6a300e7d6d90cd9ebe04b0cba03ab3ee) C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe
16:45:30.0515 2532 RaMediaServer ( UnsignedFile.Multi.Generic ) - warning
16:45:30.0515 2532 RaMediaServer - detected UnsignedFile.Multi.Generic (1)
16:45:30.0546 2532 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:45:30.0624 2532 RasAcd - ok
16:45:30.0671 2532 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:45:30.0718 2532 RasAgileVpn - ok
16:45:30.0749 2532 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:45:30.0811 2532 RasAuto - ok
16:45:30.0843 2532 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:45:30.0921 2532 Rasl2tp - ok
16:45:30.0967 2532 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:45:31.0045 2532 RasMan - ok
16:45:31.0077 2532 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:45:31.0139 2532 RasPppoe - ok
16:45:31.0155 2532 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:45:31.0217 2532 RasSstp - ok
16:45:31.0248 2532 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:45:31.0295 2532 rdbss - ok
16:45:31.0326 2532 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:45:31.0357 2532 rdpbus - ok
16:45:31.0373 2532 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:45:31.0420 2532 RDPCDD - ok
16:45:31.0451 2532 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:45:31.0498 2532 RDPENCDD - ok
16:45:31.0513 2532 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:45:31.0576 2532 RDPREFMP - ok
16:45:31.0607 2532 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:45:31.0654 2532 RDPWD - ok
16:45:31.0716 2532 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:45:31.0732 2532 rdyboost - ok
16:45:31.0857 2532 RegSrvc (156757a092b9350f475d24353239e78e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:45:31.0888 2532 RegSrvc - ok
16:45:31.0919 2532 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:45:32.0013 2532 RemoteAccess - ok
16:45:32.0044 2532 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:45:32.0091 2532 RemoteRegistry - ok
16:45:32.0153 2532 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:45:32.0184 2532 RFCOMM - ok
16:45:32.0200 2532 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:45:32.0262 2532 RpcEptMapper - ok
16:45:32.0293 2532 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:45:32.0340 2532 RpcLocator - ok
16:45:32.0387 2532 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:45:32.0449 2532 RpcSs - ok
16:45:32.0496 2532 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:45:32.0574 2532 rspndr - ok
16:45:32.0637 2532 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:45:32.0668 2532 RTL8167 - ok
16:45:32.0699 2532 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:45:32.0715 2532 SamSs - ok
16:45:32.0746 2532 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:45:32.0761 2532 sbp2port - ok
16:45:32.0808 2532 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:45:32.0871 2532 SCardSvr - ok
16:45:32.0902 2532 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:45:32.0964 2532 scfilter - ok
16:45:33.0027 2532 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:45:33.0120 2532 Schedule - ok
16:45:33.0151 2532 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:45:33.0198 2532 SCPolicySvc - ok
16:45:33.0214 2532 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:45:33.0261 2532 SDRSVC - ok
16:45:33.0339 2532 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:45:33.0385 2532 secdrv - ok
16:45:33.0417 2532 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:45:33.0495 2532 seclogon - ok
16:45:33.0510 2532 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:45:33.0588 2532 SENS - ok
16:45:33.0604 2532 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:45:33.0666 2532 SensrSvc - ok
16:45:33.0682 2532 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:45:33.0713 2532 Serenum - ok
16:45:33.0760 2532 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:45:33.0791 2532 Serial - ok
16:45:33.0838 2532 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:45:33.0853 2532 sermouse - ok
16:45:33.0885 2532 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:45:33.0978 2532 SessionEnv - ok
16:45:34.0009 2532 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:45:34.0056 2532 sffdisk - ok
16:45:34.0072 2532 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:45:34.0087 2532 sffp_mmc - ok
16:45:34.0103 2532 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:45:34.0134 2532 sffp_sd - ok
16:45:34.0150 2532 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:45:34.0181 2532 sfloppy - ok
16:45:34.0228 2532 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:45:34.0290 2532 SharedAccess - ok
16:45:34.0337 2532 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:45:34.0399 2532 ShellHWDetection - ok
16:45:34.0431 2532 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:45:34.0446 2532 SiSRaid2 - ok
16:45:34.0462 2532 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:45:34.0477 2532 SiSRaid4 - ok
16:45:34.0524 2532 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:45:34.0571 2532 Smb - ok
16:45:34.0618 2532 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:45:34.0649 2532 SNMPTRAP - ok
16:45:34.0665 2532 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:45:34.0680 2532 spldr - ok
16:45:34.0727 2532 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:45:34.0789 2532 Spooler - ok
16:45:34.0977 2532 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:45:35.0086 2532 sppsvc - ok
16:45:35.0195 2532 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:45:35.0273 2532 sppuinotify - ok
16:45:35.0335 2532 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:45:35.0382 2532 srv - ok
16:45:35.0413 2532 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:45:35.0460 2532 srv2 - ok
16:45:35.0476 2532 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:45:35.0507 2532 srvnet - ok
16:45:35.0538 2532 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:45:35.0601 2532 SSDPSRV - ok
16:45:35.0632 2532 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:45:35.0694 2532 SstpSvc - ok
16:45:35.0741 2532 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:45:35.0757 2532 stexstor - ok
16:45:35.0835 2532 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:45:35.0913 2532 stisvc - ok
16:45:35.0944 2532 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:45:35.0959 2532 swenum - ok
16:45:35.0991 2532 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:45:36.0053 2532 swprv - ok
16:45:36.0162 2532 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:45:36.0225 2532 SysMain - ok
16:45:36.0318 2532 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:45:36.0381 2532 TabletInputService - ok
16:45:36.0412 2532 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:45:36.0505 2532 TapiSrv - ok
16:45:36.0537 2532 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:45:36.0583 2532 TBS - ok
16:45:36.0708 2532 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:45:36.0771 2532 Tcpip - ok
16:45:36.0958 2532 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:45:37.0005 2532 TCPIP6 - ok
16:45:37.0114 2532 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:45:37.0192 2532 tcpipreg - ok
16:45:37.0239 2532 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:45:37.0270 2532 TDPIPE - ok
16:45:37.0301 2532 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:45:37.0317 2532 TDTCP - ok
16:45:37.0348 2532 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:45:37.0441 2532 tdx - ok
16:45:37.0457 2532 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:45:37.0473 2532 TermDD - ok
16:45:37.0535 2532 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:45:37.0613 2532 TermService - ok
16:45:37.0644 2532 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:45:37.0660 2532 Themes - ok
16:45:37.0691 2532 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:45:37.0738 2532 THREADORDER - ok
16:45:37.0753 2532 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:45:37.0816 2532 TrkWks - ok
16:45:37.0863 2532 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:45:37.0925 2532 TrustedInstaller - ok
16:45:37.0972 2532 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:45:38.0019 2532 tssecsrv - ok
16:45:38.0065 2532 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:45:38.0112 2532 TsUsbFlt - ok
16:45:38.0175 2532 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:45:38.0237 2532 tunnel - ok
16:45:38.0268 2532 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:45:38.0284 2532 uagp35 - ok
16:45:38.0331 2532 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:45:38.0377 2532 udfs - ok
16:45:38.0409 2532 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:45:38.0424 2532 UI0Detect - ok
16:45:38.0455 2532 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:45:38.0487 2532 uliagpkx - ok
16:45:38.0518 2532 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:45:38.0533 2532 umbus - ok
16:45:38.0565 2532 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:45:38.0580 2532 UmPass - ok
16:45:38.0627 2532 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:45:38.0674 2532 upnphost - ok
16:45:38.0705 2532 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:45:38.0752 2532 usbccgp - ok
16:45:38.0799 2532 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:45:38.0830 2532 usbcir - ok
16:45:38.0861 2532 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:45:38.0877 2532 usbehci - ok
16:45:38.0923 2532 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:45:38.0970 2532 usbhub - ok
16:45:38.0986 2532 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:45:39.0017 2532 usbohci - ok
16:45:39.0048 2532 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:45:39.0079 2532 usbprint - ok
16:45:39.0126 2532 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
16:45:39.0173 2532 USBSTOR - ok
16:45:39.0189 2532 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:45:39.0220 2532 usbuhci - ok
16:45:39.0267 2532 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:45:39.0329 2532 usbvideo - ok
16:45:39.0360 2532 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:45:39.0407 2532 UxSms - ok
16:45:39.0438 2532 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:45:39.0454 2532 VaultSvc - ok
16:45:39.0485 2532 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:45:39.0501 2532 vdrvroot - ok
16:45:39.0547 2532 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:45:39.0610 2532 vds - ok
16:45:39.0641 2532 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:45:39.0657 2532 vga - ok
16:45:39.0672 2532 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:45:39.0719 2532 VgaSave - ok
16:45:39.0766 2532 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:45:39.0781 2532 vhdmp - ok
16:45:39.0797 2532 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:45:39.0813 2532 viaide - ok
16:45:39.0828 2532 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:45:39.0844 2532 volmgr - ok
16:45:39.0891 2532 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:45:39.0906 2532 volmgrx - ok
16:45:39.0937 2532 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:45:39.0953 2532 volsnap - ok
16:45:39.0984 2532 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:45:40.0000 2532 vsmraid - ok
16:45:40.0109 2532 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:45:40.0187 2532 VSS - ok
16:45:40.0296 2532 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:45:40.0343 2532 vwifibus - ok
16:45:40.0359 2532 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:45:40.0390 2532 vwififlt - ok
16:45:40.0421 2532 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:45:40.0452 2532 vwifimp - ok
16:45:40.0515 2532 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:45:40.0577 2532 W32Time - ok
16:45:40.0593 2532 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:45:40.0624 2532 WacomPen - ok
16:45:40.0671 2532 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:45:40.0796 2532 WANARP - ok
16:45:40.0811 2532 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:45:40.0842 2532 Wanarpv6 - ok
16:45:40.0936 2532 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:45:41.0014 2532 wbengine - ok
16:45:41.0123 2532 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:45:41.0154 2532 WbioSrvc - ok
16:45:41.0186 2532 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:45:41.0264 2532 wcncsvc - ok
16:45:41.0279 2532 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:45:41.0326 2532 WcsPlugInService - ok
16:45:41.0373 2532 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:45:41.0404 2532 Wd - ok
16:45:41.0435 2532 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:45:41.0466 2532 Wdf01000 - ok
16:45:41.0498 2532 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:45:41.0607 2532 WdiServiceHost - ok
16:45:41.0622 2532 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:45:41.0638 2532 WdiSystemHost - ok
16:45:41.0669 2532 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:45:41.0747 2532 WebClient - ok
16:45:41.0794 2532 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:45:41.0872 2532 Wecsvc - ok
16:45:41.0903 2532 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:45:41.0950 2532 wercplsupport - ok
16:45:41.0966 2532 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:45:42.0028 2532 WerSvc - ok
16:45:42.0075 2532 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:45:42.0137 2532 WfpLwf - ok
16:45:42.0153 2532 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:45:42.0168 2532 WIMMount - ok
16:45:42.0200 2532 WinDefend - ok
16:45:42.0200 2532 WinHttpAutoProxySvc - ok
16:45:42.0278 2532 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:45:42.0340 2532 Winmgmt - ok
16:45:42.0418 2532 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:45:42.0543 2532 WinRM - ok
16:45:42.0668 2532 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:45:42.0714 2532 Wlansvc - ok
16:45:42.0777 2532 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:45:42.0792 2532 WmiAcpi - ok
16:45:42.0855 2532 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:45:42.0886 2532 wmiApSrv - ok
16:45:42.0948 2532 WMPNetworkSvc - ok
16:45:42.0980 2532 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:45:43.0011 2532 WPCSvc - ok
16:45:43.0042 2532 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:45:43.0073 2532 WPDBusEnum - ok
16:45:43.0089 2532 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:45:43.0151 2532 ws2ifsl - ok
16:45:43.0182 2532 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:45:43.0214 2532 wscsvc - ok
16:45:43.0229 2532 WSearch - ok
16:45:43.0354 2532 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:45:43.0432 2532 wuauserv - ok
16:45:43.0541 2532 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:45:43.0604 2532 WudfPf - ok
16:45:43.0635 2532 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:45:43.0682 2532 wudfsvc - ok
16:45:43.0728 2532 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:45:43.0775 2532 WwanSvc - ok
16:45:43.0806 2532 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:45:44.0727 2532 \Device\Harddisk0\DR0 - ok
16:45:44.0758 2532 Boot (0x1200) (17e11c58bf717fdc753615cc6b92aa0a) \Device\Harddisk0\DR0\Partition0
16:45:44.0758 2532 \Device\Harddisk0\DR0\Partition0 - ok
16:45:44.0789 2532 Boot (0x1200) (1d1a740ddaaffd4cbc73af8a96ed0cf0) \Device\Harddisk0\DR0\Partition1
16:45:44.0789 2532 \Device\Harddisk0\DR0\Partition1 - ok
16:45:44.0789 2532 ============================================================
16:45:44.0789 2532 Scan finished
16:45:44.0789 2532 ============================================================
16:45:44.0820 5044 Detected object count: 1
16:45:44.0820 5044 Actual detected object count: 1
16:46:45.0130 5044 RaMediaServer ( UnsignedFile.Multi.Generic ) - skipped by user
16:46:45.0130 5044 RaMediaServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
30.07.2012, 20:05
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "Live Security Platinum" vollständig entfernt? Logs anbei. Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
30.07.2012, 20:50
| #19 |
| | "Live Security Platinum" vollständig entfernt? Logs anbei. Habe das Programm geladen. Leider schaffe ich es nicht, alle Programme zu schließen. Im Task Manager wird noch immer Malwarebytes ausgeführt (alle Prozesse). Wenn ich die zugehörigen Prozesse beende, starten sie immer wieder erneut. Außerdem meldet das Programm, das MS Security Essentials noch aktiv ist, obwohl ich das Programm im Task Manager geschlossen habe und es nicht erneut startet. Danke, wie immer, für Hilfe. |
|
30.07.2012, 21:28
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "Live Security Platinum" vollständig entfernt? Logs anbei. Bei Malwarebytes solltest du den Schutz bzw. das Schutzmodul deaktivieren. Geht über die Programmoberfläche Bei MSE ist das ähnlich, da sollte man eine Option finden, die sich Echzeitschutz deaktivieren nennt
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.07.2012, 22:18
| #21 |
| | "Live Security Platinum" vollständig entfernt? Logs anbei. Danke für die Tips! Hier ist die Log-Datei: [code] Combofix Logfile: Code:
ATTFilter ComboFix 12-07-30.01 - C 30.07.2012 23:05:28.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4044.2789 [GMT 2:00]
ausgeführt von:: c:\users\C\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-28 bis 2012-07-30 ))))))))))))))))))))))))))))))
.
.
2012-07-30 21:11 . 2012-07-30 21:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-30 14:55 . 2012-06-29 01:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FCC6AB47-2D95-4144-B2E8-FBAA6E42CAAA}\mpengine.dll
2012-07-30 14:53 . 2012-06-29 01:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-30 09:23 . 2012-07-30 09:23 -------- d-----w- C:\_OTL
2012-07-27 15:02 . 2012-07-27 15:02 -------- d-----w- c:\program files (x86)\ESET
2012-07-27 08:08 . 2012-07-27 08:08 -------- d-----w- c:\program files (x86)\IrfanView
2012-07-26 08:38 . 2012-07-27 09:00 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-26 08:38 . 2012-07-27 09:00 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-26 08:38 . 2012-07-26 08:38 -------- d-----w- c:\windows\SysWow64\Macromed
2012-07-26 08:38 . 2012-07-26 08:38 -------- d-----w- c:\windows\system32\Macromed
2012-07-26 07:51 . 2012-07-26 07:53 -------- d-----w- c:\program files (x86)\CyberLink
2012-07-25 15:02 . 2012-07-25 15:02 -------- d-----w- c:\program files (x86)\Backblaze
2012-07-25 15:02 . 2012-07-25 15:02 -------- d-----w- c:\programdata\Backblaze
2012-07-25 12:46 . 2012-07-25 12:46 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2012-07-25 12:19 . 2012-07-25 12:20 -------- d-----w- c:\programdata\elsterformular
2012-07-25 12:18 . 2012-07-25 12:18 -------- d-----w- c:\program files (x86)\ElsterFormular
2012-07-25 10:36 . 2012-07-25 10:36 -------- d-----w- c:\program files (x86)\GPLGS
2012-07-25 10:36 . 2012-03-11 12:56 86608 ----a-w- c:\windows\system32\cpwmon64.dll
2012-07-25 10:36 . 2012-07-25 10:36 -------- d-----w- c:\program files (x86)\Acro Software
2012-07-25 10:28 . 2012-07-25 10:28 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-07-25 09:15 . 2012-07-25 09:15 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-07-25 07:43 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-07-25 07:43 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-07-25 07:43 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-07-25 07:43 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-07-25 07:30 . 2012-07-25 07:30 -------- d-----w- c:\windows\PCHEALTH
2012-07-25 07:27 . 2012-07-25 07:27 -------- d-----w- c:\program files\Microsoft Office
2012-07-25 07:27 . 2012-07-25 07:27 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-07-25 07:26 . 2012-07-25 09:18 -------- d-----w- c:\programdata\Microsoft Help
2012-07-25 06:29 . 2012-07-25 06:29 -------- d-----w- c:\program files\Microsoft Silverlight
2012-07-25 06:29 . 2012-07-25 06:29 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-07-25 06:25 . 2012-07-25 06:26 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-07-25 06:12 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2012-07-25 06:12 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-07-25 06:12 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2012-07-25 06:12 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2012-07-25 06:12 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2012-07-25 06:12 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2012-07-25 06:12 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2012-07-25 06:12 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2012-07-25 06:12 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2012-07-25 06:12 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2012-07-25 06:12 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2012-07-25 06:12 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2012-07-25 06:11 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-07-25 06:11 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-07-25 06:11 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-07-25 06:11 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-07-25 06:11 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-07-25 06:11 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2012-07-25 06:11 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-07-25 05:38 . 2012-07-25 05:38 -------- d-----w- c:\windows\system32\SPReview
2012-07-25 05:37 . 2012-07-25 05:37 -------- d-----w- c:\windows\system32\EventProviders
2012-07-25 00:16 . 2012-07-25 00:16 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-07-24 22:22 . 2010-11-20 13:27 14633472 ----a-w- c:\windows\system32\wmp.dll
2012-07-24 22:21 . 2010-11-20 13:27 457216 ----a-w- c:\windows\system32\msdrm.dll
2012-07-24 22:20 . 2010-11-20 13:27 418816 ----a-w- c:\windows\system32\sppwinob.dll
2012-07-24 22:19 . 2010-11-20 13:27 225280 ----a-w- c:\windows\system32\SndVolSSO.dll
2012-07-24 22:18 . 2010-11-20 13:26 91648 ----a-w- c:\windows\system32\mapistub.dll
2012-07-24 22:17 . 2010-11-20 13:27 23040 ----a-w- c:\windows\system32\rdprefdrvapi.dll
2012-07-24 22:15 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-07-24 22:15 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-07-24 22:11 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-07-24 21:32 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-07-24 21:32 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-07-24 21:32 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-07-24 21:32 . 2011-04-28 03:55 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-07-24 21:32 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2012-07-24 21:32 . 2010-11-20 13:24 229376 ----a-w- c:\windows\system32\fsquirt.exe
2012-07-24 21:28 . 2012-07-24 21:28 -------- d-----w- c:\programdata\Malwarebytes
2012-07-24 21:28 . 2012-07-24 21:28 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-24 21:28 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-24 21:23 . 2012-07-24 21:23 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{137C30D8-19FC-4C6F-9C43-730DA662DDCD}\gapaengine.dll
2012-07-24 21:15 . 2012-07-24 21:15 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-07-24 21:15 . 2012-07-24 21:15 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-24 21:04 . 2012-07-25 07:30 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-07-24 20:51 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-07-24 20:51 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2012-07-24 20:51 . 2010-11-20 13:27 33792 ----a-w- c:\windows\system32\profprov.dll
2012-07-24 20:51 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-07-24 20:51 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-07-24 20:51 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-07-24 20:51 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-07-24 20:50 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2012-07-24 20:48 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2012-07-24 20:48 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2012-07-24 20:40 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-24 20:34 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-24 20:29 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-07-24 20:29 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-07-24 20:29 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-07-24 20:29 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-07-24 20:29 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-07-24 20:29 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-07-24 20:29 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-07-24 20:25 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-07-24 20:24 . 2011-07-16 05:41 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-07-24 20:20 . 2012-06-06 06:05 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-07-24 20:18 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2012-07-24 20:06 . 2012-07-03 01:19 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-24 20:02 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-07-24 20:02 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-07-24 20:02 . 2011-02-05 17:06 605552 ----a-w- c:\windows\system32\winload.exe
2012-07-24 20:02 . 2011-02-05 17:10 642944 ----a-w- c:\windows\system32\winload.efi
2012-07-24 20:02 . 2011-02-05 17:10 20352 ----a-w- c:\windows\system32\kdusb.dll
2012-07-24 20:02 . 2011-02-05 17:10 19328 ----a-w- c:\windows\system32\kd1394.dll
2012-07-24 20:02 . 2011-02-05 17:10 17792 ----a-w- c:\windows\system32\kdcom.dll
2012-07-24 20:02 . 2011-02-05 17:06 566208 ----a-w- c:\windows\system32\winresume.efi
2012-07-24 20:02 . 2011-02-05 17:06 518672 ----a-w- c:\windows\system32\winresume.exe
2012-07-24 20:02 . 2010-11-20 13:27 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2012-07-24 19:45 . 2012-07-16 00:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{60C04465-1707-4FCF-9B01-09EA737DB111}\mpengine.dll
2012-07-24 19:44 . 2012-01-31 12:44 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-07-24 19:41 . 2012-07-24 19:41 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2012-07-24 19:41 . 2012-07-24 19:41 -------- d-----w- c:\windows\system32\wbem\en-US
2012-07-24 18:57 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-07-24 18:57 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-07-24 18:57 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-07-24 18:57 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-07-24 18:57 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-07-24 18:57 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-07-24 18:57 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-07-24 18:57 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-07-24 18:57 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-07-24 18:49 . 2012-07-24 20:56 -------- d-----w- c:\program files (x86)\Intel
2012-07-24 18:49 . 2012-07-24 18:20 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-25 05:46 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-07-25 05:46 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\C\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\C\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\C\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Backblaze"="c:\program files (x86)\Backblaze\bzbui.exe" [2012-07-25 493744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCam.exe" [2011-01-28 228448]
.
c:\users\C\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\C\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-3 26868192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 RaMediaServer;Ralink UPnP Media Server;c:\program files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe [2010-05-19 454656]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-02-04 340240]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 bzserv;Backblaze Service;c:\program files (x86)\Backblaze\bzserv.exe [2012-07-25 209072]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-28 31088]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-21 1360960]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-26 09:00]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1421831687-1281257669-1748259425-1000Core.job
- c:\users\C\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-24 21:11]
.
2012-07-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1421831687-1281257669-1748259425-1000UA.job
- c:\users\C\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-24 21:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\C\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\C\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\C\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\C\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-02-04 1933584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\C\AppData\Roaming\Mozilla\Firefox\Profiles\jp3wgw24.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-30 23:13:57
ComboFix-quarantined-files.txt 2012-07-30 21:13
.
Vor Suchlauf: 10 Verzeichnis(se), 148.604.248.064 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 148.500.885.504 Bytes frei
.
- - End Of File - - EA2B0769F0065E57B0BA57DBAEF1FB05
|
|
31.07.2012, 10:18
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "Live Security Platinum" vollständig entfernt? Logs anbei. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.07.2012, 10:26
| #23 |
| | "Live Security Platinum" vollständig entfernt? Logs anbei. Danke! Zu hxxp://www2.online-solutions.ru/en/d...e.php?p=131115 kann ich keine Verbindung aufbauen. Gibt es noch eine andere zuverlässige Quelle? |
|
31.07.2012, 12:07
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "Live Security Platinum" vollständig entfernt? Logs anbei. Nee kenn keine andere, probier es später nochmal, poste aber schonmal die anderen Logs
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.07.2012, 13:08
| #25 |
| | "Live Security Platinum" vollständig entfernt? Logs anbei. Danke, hier das Log: Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-31 13:54:46
-----------------------------
13:54:46.014 OS Version: Windows x64 6.1.7601 Service Pack 1
13:54:46.014 Number of processors: 4 586 0x2A07
13:54:46.014 ComputerName: C-PC UserName: C
13:54:46.716 Initialize success
13:54:52.222 AVAST engine defs: 12073101
13:54:55.473 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:54:55.476 Disk 0 Vendor: TOSHIBA_MK5059GSXP GT001L Size: 476940MB BusType: 11
13:54:55.530 Disk 0 MBR read successfully
13:54:55.534 Disk 0 MBR scan
13:54:55.538 Disk 0 Windows 7 default MBR code
13:54:55.552 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1536 MB offset 2048
13:54:55.573 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 235520 MB offset 3147776
13:54:55.593 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 224521 MB offset 485492736
13:54:55.642 Disk 0 Partition 4 00 12 Compaq diag NTFS 15361 MB offset 945311744
13:54:55.789 Disk 0 scanning C:\Windows\system32\drivers
13:55:06.862 Service scanning
13:55:41.141 Modules scanning
13:55:41.160 Disk 0 trace - called modules:
13:55:41.600 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
13:55:41.612 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005379060]
13:55:41.623 3 CLASSPNP.SYS[fffff880019a343f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004dab060]
13:55:41.636 Scan finished successfully
14:04:50.361 Disk 0 MBR has been saved successfully to "C:\Users\C\Desktop\MBR.dat"
14:04:50.366 The log file has been saved successfully to "C:\Users\C\Desktop\aswMBR.txt"
..und weiter geht es: Code:
ATTFilter GMER Logfile: |
|
31.07.2012, 18:58
| #27 |
| | "Live Security Platinum" vollständig entfernt? Logs anbei. Danke - hatte ich oben schon eingefügt, ist aber nicht so gut zu erkennen, da verschachtelt. Hier noch einmal: [code] OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 15:20:10 on 31.07.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Google Inc. Google Chrome 20.0.1132.57 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskUserS-1-5-21-1421831687-1281257669-1748259425-1000Core.job" - "Google Inc." - C:\Users\C\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-1421831687-1281257669-1748259425-1000UA.job" - "Google Inc." - C:\Users\C\AppData\Local\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {79eac9e4-baf9-11ce-8c82-00aa004ba90b} "gopher" - ? - (File not found | COM-object registry key not found) {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL [Internet Explorer] -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dropbox.lnk" - "Dropbox, Inc." - C:\Users\C\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Backblaze" - ? - "C:\Program Files (x86)\Backblaze\bzbui.exe" -quiet (File found, but it contains no detailed information) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "YouCam Mirage" - "CyberLink" - "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" "YouCam Tray" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "CutePDF Writer Monitor" - ? - C:\Windows\system32\cpwmon64.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243" (NisSrv) - "Microsoft Corporation" - C:\Program Files\Microsoft Security Client\NisSrv.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Backblaze Service" (bzserv) - ? - C:\Program Files (x86)\Backblaze\bzserv.exe (File found, but it contains no detailed information) "Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe "Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft Security Client\MsMpEng.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Ralink UPnP Media Server" (RaMediaServer) - ? - C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe (File found, but it contains no detailed information) "Wireless PAN DHCP Server" (MyWiFiDHCPDNS) - ? - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ===[ Logfile end ]=========================================[ Logfile end ]===  |
|
01.08.2012, 18:51
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "Live Security Platinum" vollständig entfernt? Logs anbei. Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.08.2012, 07:04
| #29 |
| | "Live Security Platinum" vollständig entfernt? Logs anbei. Danke! Hier das erste Log (sind alles cookies, die jedoch als "gefährlich" eingestuft wurden): Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 08/02/2012 at 00:27 AM
Application Version : 5.5.1012
Core Rules Database Version : 8992
Trace Rules Database Version: 6804
Scan type : Complete Scan
Total Scan Time : 02:32:58
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 615
Memory threats detected : 0
Registry items scanned : 63743
Registry threats detected : 0
File items scanned : 270972
File threats detected : 339
Adware.Tracking Cookie
C:\USERS\C\AppData\Roaming\Microsoft\Windows\Cookies\Low\c@mediaplex[1].txt [ Cookie:c@mediaplex.com/ ]
C:\USERS\C\AppData\Roaming\Microsoft\Windows\Cookies\Low\9ERKPDJ3.txt [ Cookie:c@ad.yieldmanager.com/ ]
C:\USERS\C\AppData\Roaming\Microsoft\Windows\Cookies\Low\GJGD2L98.txt [ Cookie:c@doubleclick.net/ ]
C:\USERS\C\AppData\Roaming\Microsoft\Windows\Cookies\Low\E93CBAGJ.txt [ Cookie:c@invitemedia.com/ ]
C:\USERS\C\AppData\Roaming\Microsoft\Windows\Cookies\Low\966JYXKW.txt [ Cookie:c@c.atdmt.com/ ]
C:\USERS\C\AppData\Roaming\Microsoft\Windows\Cookies\Low\K71HNLS7.txt [ Cookie:c@atdmt.com/ ]
C:\USERS\C\AppData\Roaming\Microsoft\Windows\Cookies\Low\B5I3CA94.txt [ Cookie:c@apmebf.com/ ]
C:\USERS\C\AppData\Roaming\Microsoft\Windows\Cookies\Low\UJK2P98K.txt [ Cookie:c@adfarm1.adition.com/ ]
C:\USERS\C\AppData\Roaming\Microsoft\Windows\Cookies\Low\c@c1.atdmt[1].txt [ Cookie:c@c1.atdmt.com/ ]
C:\USERS\C\AppData\Roaming\Microsoft\Windows\Cookies\Low\IMRYNITK.txt [ Cookie:c@accounts.google.com/ ]
.tracker.vinsight.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.microsoftwlsearchcrm.112.2o7.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c1.atdmt.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
zanox01.webtrekk.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.mlsat02.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
aka-cdn-ns.adtech.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adviva.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
zbox.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6aekiahcjwbq.stats.esomniture.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.zanox-affiliate.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trackalyzer.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
t2.trackalyzer.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tns-counter.ru [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apnonline.112.2o7.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
int.sitestat.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
int.sitestat.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.blogads.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.blogads.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.host-tracker.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.host-tracker.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.host-tracker.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.host-tracker.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.host-tracker.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tomtailor.dyntracker.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
delivery.atkmedia.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.iscout24.112.2o7.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unitymedia.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unitymedia.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.harrenmedianetwork.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.moviepilot.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.moviepilot.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.moviepilot.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.moviepilot.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.moviepilot.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.coremediadesign.co.uk [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.coremediadesign.co.uk [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.coremediadesign.co.uk [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.oms.122.2o7.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.p2media.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.p2media.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.p2media.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.klicktel.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.klicktel.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.webtrekk.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffictrack.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unister-adservices.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.dyntracker.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.dyntracker.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.dyntracker.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
aimfar.solution.weborama.fr [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weborama.fr [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weborama.fr [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weborama.fr [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weboramapublishertrackinguk2.solution.weborama.fr [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weboramapublishertrackinguk2.solution.weborama.fr [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ww251.smartadserver.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rambler.ru [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.openstat.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rambler.ru [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.spylog.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox-affiliate.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
honeytracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
honeytracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
honeytracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eclipse.unrulymedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eclipse.unrulymedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eclipse.unrulymedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.quartermedia.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.quartermedia.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.webtrekk.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.marketplace.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.marketplace.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.publisher.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.publisher.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserv.quality-channel.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
traffic.brand-wall.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adfarm1.adition.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.leadformix.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediabistro.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.adfarm1.adition.com [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.googleads.g.doubleclick.net [ C:\USERS\C\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ia.media-imdb.com [ C:\USERS\C\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\QMXS4YGF ]
statse.webtrendslive.com [ C:\USERS\C\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JP3WGW24.DEFAULT\COOKIES.SQLITE ]
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.02.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 C :: C-PC [Administrator] Schutz: Aktiviert 02.08.2012 08:10:31 mbam-log-2012-08-02 (08-10-31).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 456240 Laufzeit: 1 Stunde(n), 30 Minute(n), 44 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
03.08.2012, 09:12
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "Live Security Platinum" vollständig entfernt? Logs anbei. Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu "Live Security Platinum" vollständig entfernt? Logs anbei. |
| .dll, administrator, anti-malware, appdata, autostart, browser, dateien, desktop, einstellungen, entfernt?, explorer, frage, heuristiks/extra, heuristiks/shuriken, hilfe!, icon, links, live, logdatei, malwarebytes, microsoft, msimg32.dll, programme, pup.bundleinstaller.vg, roaming, rückgängig, scan, security, system, temp |
Linear-Darstellung
