| |
| |||||||
Log-Analyse und Auswertung: Live Security Platinum entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.08.2012, 18:48
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Live Security Platinum entfernen Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - user.js - File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-4112322236-3011114634-1874071500-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-4112322236-3011114634-1874071500-1000..\Run: [Pyixix] C:\Users\Saiken\AppData\Roaming\Haxe\itnef.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-4112322236-3011114634-1874071500-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
:Files
C:\ProgramData\7067855903044CBBA1635619F875F002
C:\Users\Saiken\AppData\Roaming\Ruepu
C:\Users\Saiken\AppData\Roaming\Haxe
C:\Users\Saiken\AppData\Roaming\Asyp
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache
C:\Program Files (x86)\Common Files\Spigot
C:\Program Files (x86)\pdfforge Toolbar
C:\Windows\Installer\{f02db07d-0321-17b8-1df1-89547b553cef}\U
C:\Windows\Installer\{f02db07d-0321-17b8-1df1-89547b553cef}\l
C:\Windows\Installer\{f02db07d-0321-17b8-1df1-89547b553cef}\n
C:\Windows\Installer\{f02db07d-0321-17b8-1df1-89547b553cef}\@
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
12.08.2012, 10:51
| #17 |
 | Live Security Platinum entfernenCode:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4112322236-3011114634-1874071500-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4112322236-3011114634-1874071500-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Pyixix deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4112322236-3011114634-1874071500-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HideSCAHealth deleted successfully.
========== FILES ==========
C:\ProgramData\7067855903044CBBA1635619F875F002 folder moved successfully.
C:\Users\Saiken\AppData\Roaming\Ruepu folder moved successfully.
C:\Users\Saiken\AppData\Roaming\Haxe folder moved successfully.
C:\Users\Saiken\AppData\Roaming\Asyp folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Saiken\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
File\Folder C:\Program Files (x86)\Common Files\Spigot not found.
File\Folder C:\Program Files (x86)\pdfforge Toolbar not found.
C:\Windows\Installer\{f02db07d-0321-17b8-1df1-89547b553cef}\U folder moved successfully.
C:\Windows\Installer\{f02db07d-0321-17b8-1df1-89547b553cef}\L folder moved successfully.
File\Folder C:\Windows\Installer\{f02db07d-0321-17b8-1df1-89547b553cef}\n not found.
C:\Windows\Installer\{f02db07d-0321-17b8-1df1-89547b553cef}\@ moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Saiken
->Temp folder emptied: 234756063 bytes
->Temporary Internet Files folder emptied: 210085676 bytes
->FireFox cache emptied: 68020994 bytes
->Google Chrome cache emptied: 6714827 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1268 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 5228 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 94643107 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 62366516 bytes
RecycleBin emptied: 91379092 bytes
Total Files Cleaned = 732,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Saiken
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.56.0 log created on 08122012_114344
Files\Folders moved on Reboot...
C:\Users\Saiken\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
File C:\Users\Saiken\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
|
|
12.08.2012, 14:03
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum entfernen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
12.08.2012, 18:26
| #19 |
| | Live Security Platinum entfernenCode:
ATTFilter 19:17:10.0171 4568 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:17:10.0354 4568 ============================================================
19:17:10.0354 4568 Current date / time: 2012/08/12 19:17:10.0354
19:17:10.0355 4568 SystemInfo:
19:17:10.0355 4568
19:17:10.0355 4568 OS Version: 6.1.7601 ServicePack: 1.0
19:17:10.0355 4568 Product type: Workstation
19:17:10.0355 4568 ComputerName: SAIKENS-BABY
19:17:10.0355 4568 UserName: Saiken
19:17:10.0355 4568 Windows directory: C:\windows
19:17:10.0356 4568 System windows directory: C:\windows
19:17:10.0356 4568 Running under WOW64
19:17:10.0356 4568 Processor architecture: Intel x64
19:17:10.0356 4568 Number of processors: 3
19:17:10.0356 4568 Page size: 0x1000
19:17:10.0356 4568 Boot type: Normal boot
19:17:10.0356 4568 ============================================================
19:17:12.0164 4568 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:17:12.0168 4568 ============================================================
19:17:12.0168 4568 \Device\Harddisk0\DR0:
19:17:12.0168 4568 MBR partitions:
19:17:12.0168 4568 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
19:17:12.0168 4568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34BA1000
19:17:12.0199 4568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x34C06000, BlocksNum 0x39FD800
19:17:12.0199 4568 ============================================================
19:17:12.0235 4568 C: <-> \Device\Harddisk0\DR0\Partition1
19:17:12.0281 4568 D: <-> \Device\Harddisk0\DR0\Partition2
19:17:12.0282 4568 ============================================================
19:17:12.0282 4568 Initialize success
19:17:12.0282 4568 ============================================================
19:19:36.0741 4056 ============================================================
19:19:36.0741 4056 Scan started
19:19:36.0741 4056 Mode: Manual; SigCheck; TDLFS;
19:19:36.0741 4056 ============================================================
19:19:37.0599 4056 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
19:19:37.0740 4056 1394ohci - ok
19:19:37.0771 4056 acedrv05 (056faaff049ca7237194065423307189) C:\windows\system32\drivers\acedrv05.sys
19:19:37.0802 4056 acedrv05 ( UnsignedFile.Multi.Generic ) - warning
19:19:37.0802 4056 acedrv05 - detected UnsignedFile.Multi.Generic (1)
19:19:37.0849 4056 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
19:19:37.0896 4056 ACPI - ok
19:19:37.0927 4056 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
19:19:38.0036 4056 AcpiPmi - ok
19:19:38.0067 4056 ACPIVPC (dc201246a14cb3b274df59faf539ab07) C:\windows\system32\DRIVERS\AcpiVpc.sys
19:19:38.0099 4056 ACPIVPC - ok
19:19:38.0239 4056 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:19:38.0270 4056 AdobeARMservice - ok
19:19:38.0473 4056 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:19:38.0504 4056 AdobeFlashPlayerUpdateSvc - ok
19:19:38.0582 4056 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
19:19:38.0629 4056 adp94xx - ok
19:19:38.0691 4056 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
19:19:38.0738 4056 adpahci - ok
19:19:38.0785 4056 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
19:19:38.0816 4056 adpu320 - ok
19:19:38.0847 4056 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
19:19:39.0019 4056 AeLookupSvc - ok
19:19:39.0113 4056 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
19:19:39.0222 4056 AFD - ok
19:19:39.0315 4056 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
19:19:39.0347 4056 agp440 - ok
19:19:39.0659 4056 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
19:19:39.0705 4056 ALG - ok
19:19:39.0752 4056 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
19:19:39.0783 4056 aliide - ok
19:19:39.0846 4056 AMD External Events Utility (b4143cb1dd16ae73c6177c72f33450a6) C:\windows\system32\atiesrxx.exe
19:19:39.0908 4056 AMD External Events Utility - ok
19:19:39.0924 4056 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
19:19:39.0955 4056 amdide - ok
19:19:40.0002 4056 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
19:19:40.0080 4056 AmdK8 - ok
19:19:40.0595 4056 amdkmdag (d1d06810bf7e21f5763eb06cb7e7262b) C:\windows\system32\DRIVERS\atipmdag.sys
19:19:40.0829 4056 amdkmdag - ok
19:19:41.0000 4056 amdkmdap (6ba71d6616b56816e57394d77dd1bb6f) C:\windows\system32\DRIVERS\atikmpag.sys
19:19:41.0063 4056 amdkmdap - ok
19:19:41.0125 4056 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
19:19:41.0172 4056 AmdPPM - ok
19:19:41.0234 4056 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
19:19:41.0265 4056 amdsata - ok
19:19:41.0312 4056 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
19:19:41.0343 4056 amdsbs - ok
19:19:41.0359 4056 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
19:19:41.0390 4056 amdxata - ok
19:19:41.0453 4056 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
19:19:41.0655 4056 AppID - ok
19:19:41.0687 4056 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
19:19:41.0796 4056 AppIDSvc - ok
19:19:41.0874 4056 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
19:19:41.0952 4056 Appinfo - ok
19:19:41.0999 4056 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
19:19:42.0014 4056 arc - ok
19:19:42.0045 4056 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
19:19:42.0061 4056 arcsas - ok
19:19:42.0092 4056 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
19:19:42.0155 4056 AsyncMac - ok
19:19:42.0170 4056 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
19:19:42.0201 4056 atapi - ok
19:19:42.0248 4056 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\windows\system32\DRIVERS\AtiPcie.sys
19:19:42.0248 4056 AtiPcie - ok
19:19:42.0357 4056 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
19:19:42.0482 4056 AudioEndpointBuilder - ok
19:19:42.0498 4056 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
19:19:42.0545 4056 AudioSrv - ok
19:19:42.0623 4056 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
19:19:42.0685 4056 AxInstSV - ok
19:19:42.0763 4056 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
19:19:42.0810 4056 b06bdrv - ok
19:19:42.0857 4056 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
19:19:42.0935 4056 b57nd60a - ok
19:19:43.0044 4056 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:19:43.0075 4056 BBSvc - ok
19:19:43.0137 4056 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:19:43.0169 4056 BBUpdate - ok
19:19:43.0434 4056 BCM43XX (5b5c36b2ec500462a715db6bcbaf5da7) C:\windows\system32\DRIVERS\bcmwl664.sys
19:19:43.0481 4056 BCM43XX - ok
19:19:43.0621 4056 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
19:19:43.0652 4056 BDESVC - ok
19:19:43.0715 4056 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
19:19:43.0824 4056 Beep - ok
19:19:43.0855 4056 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
19:19:43.0902 4056 blbdrive - ok
19:19:43.0964 4056 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
19:19:43.0995 4056 bowser - ok
19:19:44.0027 4056 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
19:19:44.0151 4056 BrFiltLo - ok
19:19:44.0167 4056 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
19:19:44.0198 4056 BrFiltUp - ok
19:19:44.0245 4056 Bridge0 (34f786535f9245e4028c57b28248c9d8) C:\windows\system32\drivers\WDBridge.sys
19:19:44.0261 4056 Bridge0 - ok
19:19:44.0323 4056 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
19:19:44.0432 4056 Browser - ok
19:19:44.0463 4056 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
19:19:44.0510 4056 Brserid - ok
19:19:44.0526 4056 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
19:19:44.0557 4056 BrSerWdm - ok
19:19:44.0573 4056 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
19:19:44.0619 4056 BrUsbMdm - ok
19:19:44.0635 4056 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
19:19:44.0666 4056 BrUsbSer - ok
19:19:44.0838 4056 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
19:19:44.0916 4056 BthEnum - ok
19:19:44.0931 4056 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
19:19:44.0978 4056 BTHMODEM - ok
19:19:45.0009 4056 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
19:19:45.0056 4056 BthPan - ok
19:19:45.0134 4056 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
19:19:45.0197 4056 BTHPORT - ok
19:19:45.0228 4056 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
19:19:45.0321 4056 bthserv - ok
19:19:45.0368 4056 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
19:19:45.0399 4056 BTHUSB - ok
19:19:45.0431 4056 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
19:19:45.0509 4056 cdfs - ok
19:19:45.0555 4056 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
19:19:45.0618 4056 cdrom - ok
19:19:45.0696 4056 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
19:19:45.0805 4056 CertPropSvc - ok
19:19:45.0836 4056 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
19:19:45.0914 4056 circlass - ok
19:19:45.0977 4056 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
19:19:46.0008 4056 CLFS - ok
19:19:46.0086 4056 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:19:46.0117 4056 clr_optimization_v2.0.50727_32 - ok
19:19:46.0148 4056 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:19:46.0179 4056 clr_optimization_v2.0.50727_64 - ok
19:19:46.0257 4056 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:19:46.0289 4056 clr_optimization_v4.0.30319_32 - ok
19:19:46.0320 4056 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:19:46.0351 4056 clr_optimization_v4.0.30319_64 - ok
19:19:46.0398 4056 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
19:19:46.0429 4056 CmBatt - ok
19:19:46.0476 4056 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
19:19:46.0491 4056 cmdide - ok
19:19:46.0569 4056 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
19:19:46.0632 4056 CNG - ok
19:19:46.0663 4056 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
19:19:46.0694 4056 Compbatt - ok
19:19:46.0741 4056 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
19:19:46.0788 4056 CompositeBus - ok
19:19:46.0819 4056 COMSysApp - ok
19:19:46.0835 4056 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
19:19:46.0866 4056 crcdisk - ok
19:19:46.0944 4056 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
19:19:47.0006 4056 CryptSvc - ok
19:19:47.0193 4056 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:19:47.0240 4056 cvhsvc - ok
19:19:47.0303 4056 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\windows\system32\DRIVERS\dc3d.sys
19:19:47.0381 4056 dc3d - ok
19:19:47.0490 4056 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
19:19:47.0599 4056 DcomLaunch - ok
19:19:47.0630 4056 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
19:19:47.0708 4056 defragsvc - ok
19:19:47.0755 4056 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
19:19:47.0817 4056 DfsC - ok
19:19:47.0895 4056 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
19:19:47.0989 4056 Dhcp - ok
19:19:48.0020 4056 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
19:19:48.0083 4056 discache - ok
19:19:48.0129 4056 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
19:19:48.0161 4056 Disk - ok
19:19:48.0223 4056 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
19:19:48.0270 4056 Dnscache - ok
19:19:48.0317 4056 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
19:19:48.0426 4056 dot3svc - ok
19:19:48.0504 4056 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
19:19:48.0551 4056 Dot4 - ok
19:19:48.0597 4056 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\windows\system32\DRIVERS\Dot4Prt.sys
19:19:48.0660 4056 Dot4Print - ok
19:19:48.0691 4056 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
19:19:48.0738 4056 dot4usb - ok
19:19:48.0785 4056 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
19:19:48.0878 4056 DPS - ok
19:19:48.0894 4056 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
19:19:48.0941 4056 drmkaud - ok
19:19:49.0065 4056 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
19:19:49.0112 4056 DXGKrnl - ok
19:19:49.0143 4056 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
19:19:49.0206 4056 EapHost - ok
19:19:49.0487 4056 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
19:19:49.0611 4056 ebdrv - ok
19:19:49.0721 4056 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
19:19:49.0783 4056 EFS - ok
19:19:49.0955 4056 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
19:19:50.0017 4056 ehRecvr - ok
19:19:50.0048 4056 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
19:19:50.0079 4056 ehSched - ok
19:19:50.0189 4056 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
19:19:50.0235 4056 elxstor - ok
19:19:50.0251 4056 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
19:19:50.0282 4056 ErrDev - ok
19:19:50.0329 4056 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
19:19:50.0407 4056 EventSystem - ok
19:19:50.0438 4056 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
19:19:50.0532 4056 exfat - ok
19:19:50.0563 4056 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
19:19:50.0641 4056 fastfat - ok
19:19:50.0750 4056 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
19:19:50.0813 4056 Fax - ok
19:19:50.0859 4056 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
19:19:50.0891 4056 fdc - ok
19:19:50.0922 4056 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
19:19:51.0000 4056 fdPHost - ok
19:19:51.0015 4056 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
19:19:51.0078 4056 FDResPub - ok
19:19:51.0093 4056 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
19:19:51.0109 4056 FileInfo - ok
19:19:51.0125 4056 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
19:19:51.0171 4056 Filetrace - ok
19:19:51.0203 4056 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
19:19:51.0218 4056 flpydisk - ok
19:19:51.0281 4056 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
19:19:51.0327 4056 FltMgr - ok
19:19:51.0452 4056 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
19:19:51.0530 4056 FontCache - ok
19:19:51.0639 4056 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:19:51.0655 4056 FontCache3.0.0.0 - ok
19:19:51.0702 4056 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
19:19:51.0733 4056 FsDepends - ok
19:19:51.0780 4056 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
19:19:51.0795 4056 Fs_Rec - ok
19:19:51.0873 4056 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
19:19:51.0920 4056 fvevol - ok
19:19:51.0936 4056 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
19:19:51.0967 4056 gagp30kx - ok
19:19:52.0061 4056 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
19:19:52.0170 4056 gpsvc - ok
19:19:52.0232 4056 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:52.0263 4056 gupdate - ok
19:19:52.0279 4056 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:52.0310 4056 gupdatem - ok
19:19:52.0388 4056 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:19:52.0419 4056 gusvc - ok
19:19:52.0435 4056 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
19:19:52.0466 4056 hcw85cir - ok
19:19:52.0544 4056 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
19:19:52.0607 4056 HdAudAddService - ok
19:19:52.0653 4056 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
19:19:52.0700 4056 HDAudBus - ok
19:19:52.0747 4056 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
19:19:52.0778 4056 HidBatt - ok
19:19:52.0809 4056 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
19:19:52.0841 4056 HidBth - ok
19:19:52.0872 4056 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
19:19:52.0919 4056 HidIr - ok
19:19:52.0950 4056 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
19:19:53.0059 4056 hidserv - ok
19:19:53.0121 4056 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
19:19:53.0153 4056 HidUsb - ok
19:19:53.0199 4056 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
19:19:53.0309 4056 hkmsvc - ok
19:19:53.0355 4056 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
19:19:53.0402 4056 HomeGroupListener - ok
19:19:53.0449 4056 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
19:19:53.0496 4056 HomeGroupProvider - ok
19:19:53.0667 4056 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:19:53.0699 4056 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
19:19:53.0699 4056 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
19:19:53.0761 4056 hpqddsvc (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:19:53.0777 4056 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
19:19:53.0777 4056 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
19:19:53.0823 4056 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
19:19:53.0855 4056 HpSAMD - ok
19:19:53.0964 4056 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
19:19:54.0026 4056 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
19:19:54.0026 4056 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
19:19:54.0135 4056 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
19:19:54.0245 4056 HTTP - ok
19:19:54.0276 4056 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
19:19:54.0307 4056 hwpolicy - ok
19:19:54.0369 4056 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
19:19:54.0401 4056 i8042prt - ok
19:19:54.0479 4056 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
19:19:54.0525 4056 iaStorV - ok
19:19:54.0713 4056 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:19:54.0759 4056 idsvc - ok
19:19:55.0181 4056 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys
19:19:55.0399 4056 igfx - ok
19:19:55.0539 4056 IGRS (d951d20153e51928f9db2227d6ff5c7a) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
19:19:55.0571 4056 IGRS - ok
19:19:55.0695 4056 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
19:19:55.0727 4056 iirsp - ok
19:19:55.0851 4056 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
19:19:55.0992 4056 IKEEXT - ok
19:19:56.0226 4056 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\windows\system32\drivers\RTKVHD64.sys
19:19:56.0288 4056 IntcAzAudAddService - ok
19:19:56.0397 4056 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
19:19:56.0429 4056 intelide - ok
19:19:56.0475 4056 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
19:19:56.0507 4056 intelppm - ok
19:19:56.0538 4056 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
19:19:56.0616 4056 IPBusEnum - ok
19:19:56.0678 4056 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
19:19:56.0756 4056 IpFilterDriver - ok
19:19:56.0787 4056 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
19:19:56.0850 4056 IPMIDRV - ok
19:19:56.0928 4056 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
19:19:56.0990 4056 IPNAT - ok
19:19:57.0021 4056 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
19:19:57.0115 4056 IRENUM - ok
19:19:57.0131 4056 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
19:19:57.0146 4056 isapnp - ok
19:19:57.0193 4056 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
19:19:57.0240 4056 iScsiPrt - ok
19:19:57.0302 4056 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\windows\system32\DRIVERS\k57nd60a.sys
19:19:57.0333 4056 k57nd60a - ok
19:19:57.0380 4056 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
19:19:57.0411 4056 kbdclass - ok
19:19:57.0458 4056 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
19:19:57.0505 4056 kbdhid - ok
19:19:57.0552 4056 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:19:57.0567 4056 KeyIso - ok
19:19:57.0630 4056 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
19:19:57.0645 4056 KSecDD - ok
19:19:57.0708 4056 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
19:19:57.0739 4056 KSecPkg - ok
19:19:57.0770 4056 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
19:19:57.0848 4056 ksthunk - ok
19:19:57.0911 4056 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
19:19:58.0004 4056 KtmRm - ok
19:19:58.0067 4056 L1C (55480b9c63f3f91a8ebbadcbf28fe581) C:\windows\system32\DRIVERS\L1C62x64.sys
19:19:58.0082 4056 L1C - ok
19:19:58.0176 4056 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
19:19:58.0269 4056 LanmanServer - ok
19:19:58.0316 4056 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
19:19:58.0410 4056 LanmanWorkstation - ok
19:19:58.0535 4056 Lenovo ReadyComm AppSvc (7fcb3ec66361f157bcd5b5c33ce2ac16) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
19:19:58.0566 4056 Lenovo ReadyComm AppSvc - ok
19:19:58.0613 4056 Lenovo ReadyComm ConnSvc (5287074e79e4ba82510886f684dc5f72) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
19:19:58.0644 4056 Lenovo ReadyComm ConnSvc - ok
19:19:58.0737 4056 lgmcbus (13424eaf5c4cb5bab7a2d283cb4904fd) C:\windows\system32\DRIVERS\lgmcbus.sys
19:19:58.0753 4056 lgmcbus - ok
19:19:58.0800 4056 lgmcmdfl (d4bba6bd8d44baffe8b6ee4036e79248) C:\windows\system32\DRIVERS\lgmcmdfl.sys
19:19:58.0815 4056 lgmcmdfl - ok
19:19:58.0847 4056 lgmcmdm (2241984e3c04fd7c43d57d89d379a6d8) C:\windows\system32\DRIVERS\lgmcmdm.sys
19:19:58.0878 4056 lgmcmdm - ok
19:19:58.0893 4056 lgmcmgmt (44b32ad57019853a86faaf310b58c818) C:\windows\system32\DRIVERS\lgmcmgmt.sys
19:19:58.0909 4056 lgmcmgmt - ok
19:19:58.0940 4056 lgmcnd5 (a6c32671fe8d2a34c9cb136765a57d51) C:\windows\system32\DRIVERS\lgmcnd5.sys
19:19:58.0956 4056 lgmcnd5 - ok
19:19:58.0987 4056 lgmcobex (a12586fad733a117faeee17081d267bb) C:\windows\system32\DRIVERS\lgmcobex.sys
19:19:59.0018 4056 lgmcobex - ok
19:19:59.0034 4056 lgmcunic (0adf858b34be72daf81d9a2cc46f7fdb) C:\windows\system32\DRIVERS\lgmcunic.sys
19:19:59.0049 4056 lgmcunic - ok
19:19:59.0112 4056 LHDmgr (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys
19:19:59.0143 4056 LHDmgr - ok
19:19:59.0174 4056 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
19:19:59.0268 4056 lltdio - ok
19:19:59.0346 4056 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
19:19:59.0439 4056 lltdsvc - ok
19:19:59.0455 4056 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
19:19:59.0502 4056 lmhosts - ok
19:19:59.0549 4056 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
19:19:59.0564 4056 LSI_FC - ok
19:19:59.0580 4056 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
19:19:59.0595 4056 LSI_SAS - ok
19:19:59.0627 4056 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
19:19:59.0642 4056 LSI_SAS2 - ok
19:19:59.0642 4056 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
19:19:59.0658 4056 LSI_SCSI - ok
19:19:59.0673 4056 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
19:19:59.0736 4056 luafv - ok
19:19:59.0767 4056 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
19:19:59.0814 4056 Mcx2Svc - ok
19:19:59.0829 4056 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
19:19:59.0845 4056 megasas - ok
19:19:59.0907 4056 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
19:19:59.0939 4056 MegaSR - ok
19:19:59.0970 4056 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
19:20:00.0079 4056 MMCSS - ok
19:20:00.0095 4056 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
19:20:00.0141 4056 Modem - ok
19:20:00.0173 4056 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
19:20:00.0204 4056 monitor - ok
19:20:00.0235 4056 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
19:20:00.0266 4056 mouclass - ok
19:20:00.0313 4056 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
19:20:00.0344 4056 mouhid - ok
19:20:00.0407 4056 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
19:20:00.0438 4056 mountmgr - ok
19:20:00.0547 4056 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:20:00.0563 4056 MozillaMaintenance - ok
19:20:00.0656 4056 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\windows\system32\DRIVERS\MpFilter.sys
19:20:00.0687 4056 MpFilter - ok
19:20:00.0734 4056 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
19:20:00.0765 4056 mpio - ok
19:20:00.0797 4056 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
19:20:00.0890 4056 mpsdrv - ok
19:20:00.0937 4056 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
19:20:00.0984 4056 MRxDAV - ok
19:20:01.0031 4056 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
19:20:01.0109 4056 mrxsmb - ok
19:20:01.0171 4056 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
19:20:01.0218 4056 mrxsmb10 - ok
19:20:01.0233 4056 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
19:20:01.0265 4056 mrxsmb20 - ok
19:20:01.0296 4056 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
19:20:01.0311 4056 msahci - ok
19:20:01.0343 4056 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
19:20:01.0389 4056 msdsm - ok
19:20:01.0421 4056 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
19:20:01.0467 4056 MSDTC - ok
19:20:01.0514 4056 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
19:20:01.0577 4056 Msfs - ok
19:20:01.0592 4056 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
19:20:01.0655 4056 mshidkmdf - ok
19:20:01.0686 4056 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
19:20:01.0701 4056 msisadrv - ok
19:20:01.0748 4056 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
19:20:01.0826 4056 MSiSCSI - ok
19:20:01.0826 4056 msiserver - ok
19:20:01.0873 4056 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
19:20:01.0920 4056 MSKSSRV - ok
19:20:02.0013 4056 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:20:02.0029 4056 MsMpSvc - ok
19:20:02.0076 4056 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
19:20:02.0138 4056 MSPCLOCK - ok
19:20:02.0154 4056 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
19:20:02.0247 4056 MSPQM - ok
19:20:02.0310 4056 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
19:20:02.0357 4056 MsRPC - ok
19:20:02.0388 4056 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
19:20:02.0419 4056 mssmbios - ok
19:20:02.0450 4056 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
19:20:02.0544 4056 MSTEE - ok
19:20:02.0559 4056 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
19:20:02.0575 4056 MTConfig - ok
19:20:02.0622 4056 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
19:20:02.0637 4056 Mup - ok
19:20:02.0731 4056 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
19:20:02.0856 4056 napagent - ok
19:20:02.0918 4056 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
19:20:02.0965 4056 NativeWifiP - ok
19:20:03.0121 4056 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
19:20:03.0168 4056 NDIS - ok
19:20:03.0215 4056 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
19:20:03.0293 4056 NdisCap - ok
19:20:03.0324 4056 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
19:20:03.0371 4056 NdisTapi - ok
19:20:03.0417 4056 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
19:20:03.0511 4056 Ndisuio - ok
19:20:03.0558 4056 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
19:20:03.0636 4056 NdisWan - ok
19:20:03.0683 4056 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
19:20:03.0776 4056 NDProxy - ok
19:20:03.0870 4056 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
19:20:03.0885 4056 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:20:03.0885 4056 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:20:03.0932 4056 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
19:20:04.0010 4056 NetBIOS - ok
19:20:04.0073 4056 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
19:20:04.0182 4056 NetBT - ok
19:20:04.0213 4056 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:20:04.0244 4056 Netlogon - ok
19:20:04.0307 4056 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
19:20:04.0416 4056 Netman - ok
19:20:04.0463 4056 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
19:20:04.0525 4056 netprofm - ok
19:20:04.0587 4056 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:20:04.0619 4056 NetTcpPortSharing - ok
19:20:05.0087 4056 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\windows\system32\DRIVERS\netw5v64.sys
19:20:05.0305 4056 netw5v64 - ok
19:20:05.0461 4056 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
19:20:05.0492 4056 nfrd960 - ok
19:20:05.0555 4056 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\windows\system32\DRIVERS\NisDrvWFP.sys
19:20:05.0586 4056 NisDrv - ok
19:20:05.0633 4056 NisSrv - ok
19:20:05.0726 4056 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
19:20:05.0820 4056 NlaSvc - ok
19:20:05.0851 4056 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
19:20:05.0913 4056 Npfs - ok
19:20:05.0929 4056 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
19:20:06.0007 4056 nsi - ok
19:20:06.0038 4056 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
19:20:06.0116 4056 nsiproxy - ok
19:20:06.0288 4056 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
19:20:06.0381 4056 Ntfs - ok
19:20:06.0553 4056 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\windows\system32\DRIVERS\NuidFltr.sys
19:20:06.0569 4056 NuidFltr - ok
19:20:06.0600 4056 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
19:20:06.0662 4056 Null - ok
19:20:06.0709 4056 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
19:20:06.0740 4056 nvraid - ok
19:20:06.0771 4056 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
19:20:06.0803 4056 nvstor - ok
19:20:06.0834 4056 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
19:20:06.0865 4056 nv_agp - ok
19:20:06.0896 4056 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
19:20:06.0943 4056 ohci1394 - ok
19:20:07.0037 4056 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:20:07.0052 4056 ose - ok
19:20:07.0442 4056 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:20:07.0645 4056 osppsvc - ok
19:20:07.0770 4056 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
19:20:07.0817 4056 p2pimsvc - ok
19:20:07.0863 4056 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
19:20:07.0910 4056 p2psvc - ok
19:20:07.0973 4056 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
19:20:08.0004 4056 Parport - ok
19:20:08.0051 4056 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
19:20:08.0082 4056 partmgr - ok
19:20:08.0129 4056 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
19:20:08.0175 4056 PcaSvc - ok
19:20:08.0222 4056 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
19:20:08.0253 4056 pci - ok
19:20:08.0269 4056 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
19:20:08.0285 4056 pciide - ok
19:20:08.0316 4056 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
19:20:08.0363 4056 pcmcia - ok
19:20:08.0394 4056 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
19:20:08.0409 4056 pcw - ok
19:20:08.0487 4056 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
19:20:08.0565 4056 PEAUTH - ok
19:20:08.0643 4056 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
19:20:08.0690 4056 PerfHost - ok
19:20:08.0846 4056 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
19:20:08.0987 4056 pla - ok
19:20:09.0065 4056 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
19:20:09.0096 4056 PlugPlay - ok
19:20:09.0205 4056 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
19:20:09.0221 4056 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:20:09.0221 4056 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:20:09.0252 4056 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
19:20:09.0299 4056 PNRPAutoReg - ok
19:20:09.0361 4056 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
19:20:09.0392 4056 PNRPsvc - ok
19:20:09.0486 4056 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\windows\system32\DRIVERS\point64.sys
19:20:09.0501 4056 Point64 - ok
19:20:09.0595 4056 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
19:20:09.0704 4056 PolicyAgent - ok
19:20:09.0735 4056 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
19:20:09.0798 4056 Power - ok
19:20:09.0845 4056 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
19:20:09.0907 4056 PptpMiniport - ok
19:20:09.0938 4056 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
19:20:09.0985 4056 Processor - ok
19:20:10.0047 4056 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
19:20:10.0110 4056 ProfSvc - ok
19:20:10.0141 4056 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:20:10.0172 4056 ProtectedStorage - ok
19:20:10.0250 4056 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
19:20:10.0344 4056 Psched - ok
19:20:10.0344 4056 PS_MDP - ok
19:20:10.0500 4056 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
19:20:10.0593 4056 ql2300 - ok
19:20:10.0718 4056 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
19:20:10.0749 4056 ql40xx - ok
19:20:10.0796 4056 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
19:20:10.0843 4056 QWAVE - ok
19:20:10.0874 4056 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
19:20:10.0937 4056 QWAVEdrv - ok
19:20:10.0952 4056 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
19:20:11.0061 4056 RasAcd - ok
19:20:11.0108 4056 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
19:20:11.0171 4056 RasAgileVpn - ok
19:20:11.0202 4056 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
19:20:11.0280 4056 RasAuto - ok
19:20:11.0327 4056 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
19:20:11.0420 4056 Rasl2tp - ok
19:20:11.0498 4056 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
19:20:11.0576 4056 RasMan - ok
19:20:11.0607 4056 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
19:20:11.0670 4056 RasPppoe - ok
19:20:11.0685 4056 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
19:20:11.0748 4056 RasSstp - ok
19:20:11.0810 4056 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
19:20:11.0919 4056 rdbss - ok
19:20:11.0935 4056 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
19:20:11.0966 4056 rdpbus - ok
19:20:11.0982 4056 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
19:20:12.0029 4056 RDPCDD - ok
19:20:12.0044 4056 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
19:20:12.0122 4056 RDPENCDD - ok
19:20:12.0138 4056 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
19:20:12.0185 4056 RDPREFMP - ok
19:20:12.0231 4056 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
19:20:12.0294 4056 RDPWD - ok
19:20:12.0356 4056 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
19:20:12.0387 4056 rdyboost - ok
19:20:12.0403 4056 ReadyComm.DirectRouter - ok
19:20:12.0450 4056 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
19:20:12.0543 4056 RemoteAccess - ok
19:20:12.0575 4056 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
19:20:12.0668 4056 RemoteRegistry - ok
19:20:12.0715 4056 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
19:20:12.0762 4056 RFCOMM - ok
19:20:12.0809 4056 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
19:20:12.0902 4056 RpcEptMapper - ok
19:20:12.0933 4056 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
19:20:12.0980 4056 RpcLocator - ok
19:20:13.0043 4056 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
19:20:13.0121 4056 RpcSs - ok
19:20:13.0152 4056 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
19:20:13.0245 4056 rspndr - ok
19:20:13.0308 4056 RSUSBSTOR (5aab4808e8ccae8c2ecda5b791260616) C:\windows\system32\Drivers\RtsUStor.sys
19:20:13.0323 4056 RSUSBSTOR - ok
19:20:13.0370 4056 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:20:13.0401 4056 SamSs - ok
19:20:13.0433 4056 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
19:20:13.0464 4056 sbp2port - ok
19:20:13.0495 4056 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
19:20:13.0573 4056 SCardSvr - ok
19:20:13.0620 4056 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
19:20:13.0698 4056 scfilter - ok
19:20:13.0838 4056 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
19:20:13.0963 4056 Schedule - ok
19:20:14.0010 4056 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
19:20:14.0057 4056 SCPolicySvc - ok
19:20:14.0103 4056 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
19:20:14.0135 4056 SDRSVC - ok
19:20:14.0197 4056 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
19:20:14.0275 4056 secdrv - ok
19:20:14.0306 4056 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
19:20:14.0400 4056 seclogon - ok
19:20:14.0431 4056 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
19:20:14.0509 4056 SENS - ok
19:20:14.0525 4056 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
19:20:14.0556 4056 SensrSvc - ok
19:20:14.0571 4056 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
19:20:14.0587 4056 Serenum - ok
19:20:14.0634 4056 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
19:20:14.0681 4056 Serial - ok
19:20:14.0712 4056 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
19:20:14.0774 4056 sermouse - ok
19:20:14.0837 4056 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
19:20:14.0915 4056 SessionEnv - ok
19:20:14.0946 4056 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
19:20:14.0993 4056 sffdisk - ok
19:20:15.0008 4056 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
19:20:15.0055 4056 sffp_mmc - ok
19:20:15.0071 4056 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
19:20:15.0086 4056 sffp_sd - ok
19:20:15.0117 4056 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
19:20:15.0164 4056 sfloppy - ok
19:20:15.0289 4056 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
19:20:15.0320 4056 Sftfs - ok
19:20:15.0429 4056 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:20:15.0476 4056 sftlist - ok
19:20:15.0539 4056 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
19:20:15.0570 4056 Sftplay - ok
19:20:15.0585 4056 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
19:20:15.0601 4056 Sftredir - ok
19:20:15.0601 4056 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
19:20:15.0617 4056 Sftvol - ok
19:20:15.0648 4056 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:20:15.0663 4056 sftvsa - ok
19:20:15.0741 4056 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
19:20:15.0819 4056 ShellHWDetection - ok
19:20:15.0851 4056 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
19:20:15.0882 4056 SiSRaid2 - ok
19:20:15.0897 4056 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
19:20:15.0913 4056 SiSRaid4 - ok
19:20:15.0991 4056 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:20:16.0007 4056 SkypeUpdate - ok
19:20:16.0053 4056 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
19:20:16.0131 4056 Smb - ok
19:20:16.0178 4056 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
19:20:16.0225 4056 SNMPTRAP - ok
19:20:16.0256 4056 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
19:20:16.0272 4056 spldr - ok
19:20:16.0365 4056 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
19:20:16.0443 4056 Spooler - ok
19:20:16.0755 4056 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
19:20:16.0896 4056 sppsvc - ok
19:20:17.0005 4056 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
19:20:17.0083 4056 sppuinotify - ok
19:20:17.0145 4056 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
19:20:17.0192 4056 srv - ok
19:20:17.0239 4056 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
19:20:17.0270 4056 srv2 - ok
19:20:17.0301 4056 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
19:20:17.0333 4056 srvnet - ok
19:20:17.0379 4056 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
19:20:17.0442 4056 SSDPSRV - ok
19:20:17.0457 4056 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
19:20:17.0489 4056 SstpSvc - ok
19:20:17.0520 4056 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
19:20:17.0520 4056 stexstor - ok
19:20:17.0613 4056 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
19:20:17.0676 4056 stisvc - ok
19:20:17.0707 4056 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
19:20:17.0738 4056 swenum - ok
19:20:17.0801 4056 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
19:20:17.0910 4056 swprv - ok
19:20:17.0972 4056 SynTP (e5d73228176c9f69072d1f91ced83484) C:\windows\system32\DRIVERS\SynTP.sys
19:20:18.0003 4056 SynTP - ok
19:20:18.0175 4056 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
19:20:18.0253 4056 SysMain - ok
19:20:18.0425 4056 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
19:20:18.0471 4056 TabletInputService - ok
19:20:18.0534 4056 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
19:20:18.0627 4056 TapiSrv - ok
19:20:18.0643 4056 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
19:20:18.0705 4056 TBS - ok
19:20:18.0924 4056 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
19:20:19.0002 4056 Tcpip - ok
19:20:19.0314 4056 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
19:20:19.0361 4056 TCPIP6 - ok
19:20:19.0501 4056 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
19:20:19.0595 4056 tcpipreg - ok
19:20:19.0641 4056 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
19:20:19.0673 4056 TDPIPE - ok
19:20:19.0719 4056 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
19:20:19.0766 4056 TDTCP - ok
19:20:19.0813 4056 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
19:20:19.0891 4056 tdx - ok
19:20:19.0922 4056 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
19:20:19.0938 4056 TermDD - ok
19:20:20.0000 4056 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
19:20:20.0063 4056 TermService - ok
19:20:20.0078 4056 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
19:20:20.0109 4056 Themes - ok
19:20:20.0156 4056 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
19:20:20.0234 4056 THREADORDER - ok
19:20:20.0265 4056 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
19:20:20.0312 4056 TrkWks - ok
19:20:20.0406 4056 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
19:20:20.0484 4056 TrustedInstaller - ok
19:20:20.0531 4056 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
19:20:20.0640 4056 tssecsrv - ok
19:20:20.0702 4056 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
19:20:20.0749 4056 TsUsbFlt - ok
19:20:20.0843 4056 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
19:20:20.0905 4056 tunnel - ok
19:20:20.0921 4056 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
19:20:20.0936 4056 uagp35 - ok
19:20:21.0014 4056 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
19:20:21.0092 4056 udfs - ok
19:20:21.0123 4056 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
19:20:21.0155 4056 UI0Detect - ok
19:20:21.0170 4056 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
19:20:21.0186 4056 uliagpkx - ok
19:20:21.0217 4056 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
19:20:21.0248 4056 umbus - ok
19:20:21.0279 4056 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
19:20:21.0326 4056 UmPass - ok
19:20:21.0373 4056 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
19:20:21.0451 4056 upnphost - ok
19:20:21.0482 4056 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
19:20:21.0545 4056 usbccgp - ok
19:20:21.0576 4056 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
19:20:21.0623 4056 usbcir - ok
19:20:21.0654 4056 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
19:20:21.0685 4056 usbehci - ok
19:20:21.0747 4056 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
19:20:21.0794 4056 usbhub - ok
19:20:21.0825 4056 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
19:20:21.0857 4056 usbohci - ok
19:20:21.0888 4056 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
19:20:21.0935 4056 usbprint - ok
19:20:21.0981 4056 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
19:20:22.0013 4056 usbscan - ok
19:20:22.0059 4056 usbsmi (310abd644511cbeee16814095759d670) C:\windows\system32\DRIVERS\SMIksdrv.sys
19:20:22.0106 4056 usbsmi - ok
19:20:22.0137 4056 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
19:20:22.0184 4056 USBSTOR - ok
19:20:22.0215 4056 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
19:20:22.0231 4056 usbuhci - ok
19:20:22.0278 4056 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
19:20:22.0325 4056 usbvideo - ok
19:20:22.0356 4056 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
19:20:22.0449 4056 UxSms - ok
19:20:22.0481 4056 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
19:20:22.0512 4056 VaultSvc - ok
19:20:22.0559 4056 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
19:20:22.0590 4056 vdrvroot - ok
19:20:22.0668 4056 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
19:20:22.0746 4056 vds - ok
19:20:22.0777 4056 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
19:20:22.0824 4056 vga - ok
19:20:22.0839 4056 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
19:20:22.0886 4056 VgaSave - ok
19:20:22.0933 4056 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
19:20:22.0964 4056 vhdmp - ok
19:20:22.0995 4056 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
19:20:23.0027 4056 viaide - ok
19:20:23.0058 4056 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
19:20:23.0089 4056 volmgr - ok
19:20:23.0167 4056 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
19:20:23.0214 4056 volmgrx - ok
19:20:23.0245 4056 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
19:20:23.0261 4056 volsnap - ok
19:20:23.0292 4056 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
19:20:23.0323 4056 vsmraid - ok
19:20:23.0479 4056 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
19:20:23.0588 4056 VSS - ok
19:20:23.0713 4056 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
19:20:23.0760 4056 vwifibus - ok
19:20:23.0791 4056 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
19:20:23.0807 4056 vwififlt - ok
19:20:23.0853 4056 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
19:20:23.0869 4056 vwifimp - ok
19:20:23.0916 4056 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
19:20:23.0963 4056 W32Time - ok
19:20:23.0994 4056 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
19:20:24.0025 4056 WacomPen - ok
19:20:24.0087 4056 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
19:20:24.0165 4056 WANARP - ok
19:20:24.0181 4056 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
19:20:24.0228 4056 Wanarpv6 - ok
19:20:24.0399 4056 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
19:20:24.0446 4056 wbengine - ok
19:20:24.0571 4056 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
19:20:24.0618 4056 WbioSrvc - ok
19:20:24.0696 4056 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
19:20:24.0774 4056 wcncsvc - ok
19:20:24.0805 4056 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
19:20:24.0836 4056 WcsPlugInService - ok
19:20:24.0867 4056 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
19:20:24.0883 4056 Wd - ok
19:20:24.0961 4056 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
19:20:25.0008 4056 Wdf01000 - ok
19:20:25.0023 4056 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
19:20:25.0148 4056 WdiServiceHost - ok
19:20:25.0148 4056 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
19:20:25.0195 4056 WdiSystemHost - ok
19:20:25.0226 4056 wdmirror (2a444acf7dd446505bcc801f8f6ae5fd) C:\windows\system32\DRIVERS\WDMirror.sys
19:20:25.0257 4056 wdmirror - ok
19:20:25.0320 4056 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
19:20:25.0382 4056 WebClient - ok
19:20:25.0429 4056 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
19:20:25.0538 4056 Wecsvc - ok
19:20:25.0569 4056 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
19:20:25.0694 4056 wercplsupport - ok
19:20:25.0725 4056 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
19:20:25.0835 4056 WerSvc - ok
19:20:25.0881 4056 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
19:20:25.0944 4056 WfpLwf - ok
19:20:25.0975 4056 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
19:20:25.0991 4056 WimFltr - ok
19:20:26.0006 4056 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
19:20:26.0022 4056 WIMMount - ok
19:20:26.0022 4056 WinHttpAutoProxySvc - ok
19:20:26.0100 4056 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
19:20:26.0178 4056 Winmgmt - ok
19:20:26.0396 4056 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
19:20:26.0505 4056 WinRM - ok
19:20:26.0677 4056 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
19:20:26.0724 4056 WinUsb - ok
19:20:26.0802 4056 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
19:20:26.0864 4056 Wlansvc - ok
19:20:26.0895 4056 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
19:20:26.0911 4056 WmiAcpi - ok
19:20:26.0989 4056 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
19:20:27.0005 4056 wmiApSrv - ok
19:20:27.0051 4056 WMPNetworkSvc - ok
19:20:27.0067 4056 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
19:20:27.0083 4056 WPCSvc - ok
19:20:27.0145 4056 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
19:20:27.0161 4056 WPDBusEnum - ok
19:20:27.0192 4056 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
19:20:27.0254 4056 ws2ifsl - ok
19:20:27.0254 4056 WSearch - ok
19:20:27.0301 4056 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
19:20:27.0301 4056 wsvd - ok
19:20:27.0363 4056 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
19:20:27.0441 4056 WudfPf - ok
19:20:27.0473 4056 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
19:20:27.0535 4056 WUDFRd - ok
19:20:27.0597 4056 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
19:20:27.0660 4056 wudfsvc - ok
19:20:27.0707 4056 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
19:20:27.0753 4056 WwanSvc - ok
19:20:27.0847 4056 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:20:28.0159 4056 \Device\Harddisk0\DR0 - ok
19:20:28.0159 4056 Boot (0x1200) (50225db88c3c859640d4e5af49f9209a) \Device\Harddisk0\DR0\Partition0
19:20:28.0159 4056 \Device\Harddisk0\DR0\Partition0 - ok
19:20:28.0206 4056 Boot (0x1200) (a474c2aed0c96350ec0b0aedbc2d297a) \Device\Harddisk0\DR0\Partition1
19:20:28.0206 4056 \Device\Harddisk0\DR0\Partition1 - ok
19:20:28.0237 4056 Boot (0x1200) (b667af1ddab9be8f6c9418bfcb8af9b1) \Device\Harddisk0\DR0\Partition2
19:20:28.0237 4056 \Device\Harddisk0\DR0\Partition2 - ok
19:20:28.0237 4056 ============================================================
19:20:28.0237 4056 Scan finished
19:20:28.0237 4056 ============================================================
19:20:28.0268 4624 Detected object count: 6
19:20:28.0268 4624 Actual detected object count: 6
19:22:15.0518 4624 acedrv05 ( UnsignedFile.Multi.Generic ) - skipped by user
19:22:15.0518 4624 acedrv05 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:22:15.0518 4624 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
19:22:15.0518 4624 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:22:15.0518 4624 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:22:15.0518 4624 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:22:15.0518 4624 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
19:22:15.0518 4624 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:22:15.0534 4624 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:22:15.0534 4624 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:22:15.0534 4624 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:22:15.0534 4624 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
13.08.2012, 15:29
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum entfernen Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.08.2012, 17:49
| #21 |
| | Live Security Platinum entfernenCode:
ATTFilter ComboFix 12-08-13.01 - Saiken 13.08.2012 18:29:22.1.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4091.2901 [GMT 2:00]
ausgeführt von:: c:\users\Saiken\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\s.bat
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-13 bis 2012-08-13 ))))))))))))))))))))))))))))))
.
.
2012-08-13 16:35 . 2012-08-13 16:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-12 09:43 . 2012-08-12 09:43 -------- d-----w- C:\_OTL
2012-08-08 13:01 . 2012-08-08 13:01 328704 ----a-w- c:\windows\system32\services.exe.212D4E11F79A68F9
2012-08-08 12:56 . 2012-08-08 12:56 328704 ----a-w- c:\windows\system32\services.exe.1147DF87B3DA07B6
2012-08-08 12:51 . 2012-08-08 12:51 328704 ----a-w- c:\windows\system32\services.exe.B2755E72D36F7078
2012-08-08 12:46 . 2012-08-08 12:46 328704 ----a-w- c:\windows\system32\services.exe.1A059BB5E95C4011
2012-08-08 12:42 . 2012-08-08 12:42 328704 ----a-w- c:\windows\system32\services.exe.C5409BB5759BB947
2012-08-08 12:39 . 2012-08-08 12:39 328704 ----a-w- c:\windows\system32\services.exe.DFA9D2B7AB653F73
2012-08-08 12:34 . 2012-08-08 12:34 328704 ----a-w- c:\windows\system32\services.exe.0215EFF9D4F84EB6
2012-08-08 12:31 . 2012-08-08 12:31 328704 ----a-w- c:\windows\system32\services.exe.206A278CC5E583AD
2012-08-07 08:44 . 2012-08-07 08:44 328704 ----a-w- c:\windows\system32\services.exe.A3D262AB47EEBA0A
2012-08-07 08:39 . 2012-08-07 08:39 328704 ----a-w- c:\windows\system32\services.exe.EC84C971B8644A86
2012-08-07 08:34 . 2012-08-07 08:34 328704 ----a-w- c:\windows\system32\services.exe.062D37AF81671C1C
2012-08-07 08:30 . 2012-08-07 08:30 328704 ----a-w- c:\windows\system32\services.exe.4B2C3EBD93FB49F6
2012-08-07 08:25 . 2012-08-07 08:25 328704 ----a-w- c:\windows\system32\services.exe.4C292954DF4E1D80
2012-08-07 08:19 . 2012-08-07 08:19 328704 ----a-w- c:\windows\system32\services.exe.64EEE9B93A79940E
2012-08-07 08:14 . 2012-08-07 08:14 328704 ----a-w- c:\windows\system32\services.exe.640D6A0E8043E2D9
2012-08-07 08:09 . 2012-08-07 08:09 328704 ----a-w- c:\windows\system32\services.exe.D35855B12B28076F
2012-08-07 08:05 . 2012-08-07 08:05 328704 ----a-w- c:\windows\system32\services.exe.DFBB93E6946068A9
2012-08-07 07:59 . 2012-02-09 12:17 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-08-07 07:59 . 2012-02-09 12:17 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D90FF509-9C94-4684-8A89-B3472440D2FB}\gapaengine.dll
2012-08-07 07:59 . 2012-07-16 00:40 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C92AB6E-7C2D-4BEF-9803-74D949867CCA}\mpengine.dll
2012-08-07 07:56 . 2012-08-08 13:06 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-08-07 07:56 . 2012-08-08 13:06 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-31 07:49 . 2012-07-31 07:49 -------- d-----w- c:\program files (x86)\ESET
2012-07-22 11:36 . 2012-07-22 11:36 -------- d-----w- c:\program files (x86)\GUMF45C.tmp
2012-07-22 11:36 . 2012-07-22 11:36 4024320 ----a-w- c:\program files (x86)\GUTF49B.tmp
2012-07-18 17:39 . 2012-07-18 17:39 -------- d-----w- c:\users\Saiken\AppData\Roaming\Malwarebytes
2012-07-18 17:38 . 2012-07-18 17:38 -------- d-----w- c:\programdata\Malwarebytes
2012-07-18 17:38 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-18 17:38 . 2012-07-18 19:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-08 13:13 . 2012-05-06 10:32 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-08 13:13 . 2011-05-22 11:09 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 01:03 . 2012-01-10 09:08 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-12 03:08 . 2012-07-12 01:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 06:40 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 06:40 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 06:40 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 06:40 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 06:40 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 06:40 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 06:40 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-05 05:30 . 2012-06-05 05:30 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-06-05 05:30 . 2011-05-11 15:50 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-02 22:19 . 2012-06-23 14:44 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-23 14:45 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-23 14:45 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-23 14:45 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-23 14:44 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-23 14:45 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-23 14:44 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-23 14:44 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-23 14:44 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-12 01:01 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-12 01:01 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-12 01:01 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-12 01:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-12 01:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-12 01:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-12 01:01 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-12 01:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-12 01:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-12 01:01 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-12 01:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-12 01:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-12 01:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-12 01:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-12 01:01 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-12 01:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-12 01:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-12 01:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-12 01:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 06:40 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 06:40 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-11 06:40 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-11 06:40 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 06:40 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 06:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 06:40 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 06:40 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 06:40 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 04:04 . 2012-07-13 07:43 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E1A9F4AE-6F26-43AE-8247-DAEAE9846343}\mpengine.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-02 98304]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-03-02 171104]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 786760]
.
c:\users\Saiken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Saiken\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 136176]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-08 250056]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 136176]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 lgmcbus;LGE Mobile driver (WDM);c:\windows\system32\DRIVERS\lgmcbus.sys [2008-01-09 109056]
R3 lgmcmdfl;LGE Mobile USB WMC Modem Filter;c:\windows\system32\DRIVERS\lgmcmdfl.sys [2008-01-09 18944]
R3 lgmcmdm;LGE Mobile USB WMC Modem Driver;c:\windows\system32\DRIVERS\lgmcmdm.sys [2008-01-09 146432]
R3 lgmcmgmt;LGE Mobile USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\lgmcmgmt.sys [2008-01-09 130048]
R3 lgmcnd5;LGE Mobile USB WMC Ethernet ELDA (NDIS);c:\windows\system32\DRIVERS\lgmcnd5.sys [2008-01-09 33792]
R3 lgmcobex;LGE Mobile USB WMC OBEX Interface;c:\windows\system32\DRIVERS\lgmcobex.sys [2008-01-09 124928]
R3 lgmcunic;LGE Mobile USB WMC Ethernet ELDA (WDM);c:\windows\system32\DRIVERS\lgmcunic.sys [2008-01-09 144384]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-26 113120]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-12 242720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-03 202752]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-03-03 6402560]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-03-03 188928]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [2010-04-20 200704]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-06 13:13]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 09:32]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 09:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-27 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-27 2040352]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-04-12 4462496]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-18 7056800]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Saiken\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Saiken\AppData\Roaming\Mozilla\Firefox\Profiles\8gcostlq.default\
FF - prefs.js: browser.startup.homepage - web.de
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-VeriFaceManager - c:\program files (x86)\Lenovo\VeriFace\PManage.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0407.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-08-13 18:43:07 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-08-13 16:43
.
Vor Suchlauf: 8 Verzeichnis(se), 219.583.639.552 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 219.459.702.784 Bytes frei
.
- - End Of File - - 0A636F6F132F11164028E967E724860B
|
|
13.08.2012, 19:10
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum entfernen Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter File::
c:\windows\system32\services.exe.212D4E11F79A68F9
c:\windows\system32\services.exe.1147DF87B3DA07B6
c:\windows\system32\services.exe.B2755E72D36F7078
c:\windows\system32\services.exe.1A059BB5E95C4011
c:\windows\system32\services.exe.C5409BB5759BB947
c:\windows\system32\services.exe.DFA9D2B7AB653F73
c:\windows\system32\services.exe.0215EFF9D4F84EB6
c:\windows\system32\services.exe.206A278CC5E583AD
c:\windows\system32\services.exe.A3D262AB47EEBA0A
c:\windows\system32\services.exe.EC84C971B8644A86
c:\windows\system32\services.exe.062D37AF81671C1C
c:\windows\system32\services.exe.4B2C3EBD93FB49F6
c:\windows\system32\services.exe.4C292954DF4E1D80
c:\windows\system32\services.exe.64EEE9B93A79940E
c:\windows\system32\services.exe.640D6A0E8043E2D9
c:\windows\system32\services.exe.D35855B12B28076F
c:\windows\system32\services.exe.DFBB93E6946068A9
c:\program files (x86)\GUMF45C.tmp
c:\program files (x86)\GUTF49B.tmp
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.08.2012, 08:14
| #23 |
| | Live Security Platinum entfernenCode:
ATTFilter ComboFix 12-08-14.05 - Saiken 15.08.2012 8:58.2.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4091.2730 [GMT 2:00]
ausgeführt von:: c:\users\Saiken\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Saiken\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
FILE ::
"c:\program files (x86)\GUMF45C.tmp"
"c:\program files (x86)\GUTF49B.tmp"
"c:\windows\system32\services.exe.0215EFF9D4F84EB6"
"c:\windows\system32\services.exe.062D37AF81671C1C"
"c:\windows\system32\services.exe.1147DF87B3DA07B6"
"c:\windows\system32\services.exe.1A059BB5E95C4011"
"c:\windows\system32\services.exe.206A278CC5E583AD"
"c:\windows\system32\services.exe.212D4E11F79A68F9"
"c:\windows\system32\services.exe.4B2C3EBD93FB49F6"
"c:\windows\system32\services.exe.4C292954DF4E1D80"
"c:\windows\system32\services.exe.640D6A0E8043E2D9"
"c:\windows\system32\services.exe.64EEE9B93A79940E"
"c:\windows\system32\services.exe.A3D262AB47EEBA0A"
"c:\windows\system32\services.exe.B2755E72D36F7078"
"c:\windows\system32\services.exe.C5409BB5759BB947"
"c:\windows\system32\services.exe.D35855B12B28076F"
"c:\windows\system32\services.exe.DFA9D2B7AB653F73"
"c:\windows\system32\services.exe.DFBB93E6946068A9"
"c:\windows\system32\services.exe.EC84C971B8644A86"
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\GUTF49B.tmp
c:\windows\system32\services.exe.0215EFF9D4F84EB6
c:\windows\system32\services.exe.062D37AF81671C1C
c:\windows\system32\services.exe.1147DF87B3DA07B6
c:\windows\system32\services.exe.1A059BB5E95C4011
c:\windows\system32\services.exe.206A278CC5E583AD
c:\windows\system32\services.exe.212D4E11F79A68F9
c:\windows\system32\services.exe.4B2C3EBD93FB49F6
c:\windows\system32\services.exe.4C292954DF4E1D80
c:\windows\system32\services.exe.640D6A0E8043E2D9
c:\windows\system32\services.exe.64EEE9B93A79940E
c:\windows\system32\services.exe.A3D262AB47EEBA0A
c:\windows\system32\services.exe.B2755E72D36F7078
c:\windows\system32\services.exe.C5409BB5759BB947
c:\windows\system32\services.exe.D35855B12B28076F
c:\windows\system32\services.exe.DFA9D2B7AB653F73
c:\windows\system32\services.exe.DFBB93E6946068A9
c:\windows\system32\services.exe.EC84C971B8644A86
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-15 bis 2012-08-15 ))))))))))))))))))))))))))))))
.
.
2012-08-15 07:03 . 2012-08-15 07:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-12 09:43 . 2012-08-12 09:43 -------- d-----w- C:\_OTL
2012-08-07 07:59 . 2012-02-09 12:17 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-08-07 07:59 . 2012-02-09 12:17 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D90FF509-9C94-4684-8A89-B3472440D2FB}\gapaengine.dll
2012-08-07 07:59 . 2012-07-16 00:40 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C92AB6E-7C2D-4BEF-9803-74D949867CCA}\mpengine.dll
2012-08-07 07:56 . 2012-08-08 13:06 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-08-07 07:56 . 2012-08-08 13:06 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-31 07:49 . 2012-07-31 07:49 -------- d-----w- c:\program files (x86)\ESET
2012-07-22 11:36 . 2012-07-22 11:36 -------- d-----w- c:\program files (x86)\GUMF45C.tmp
2012-07-18 17:39 . 2012-07-18 17:39 -------- d-----w- c:\users\Saiken\AppData\Roaming\Malwarebytes
2012-07-18 17:38 . 2012-07-18 17:38 -------- d-----w- c:\programdata\Malwarebytes
2012-07-18 17:38 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-18 17:38 . 2012-07-18 19:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-08 13:13 . 2012-05-06 10:32 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-08 13:13 . 2011-05-22 11:09 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 01:03 . 2012-01-10 09:08 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-12 03:08 . 2012-07-12 01:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 06:40 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 06:40 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 06:40 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 06:40 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 06:40 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 06:40 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 06:40 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-05 05:30 . 2012-06-05 05:30 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-06-05 05:30 . 2011-05-11 15:50 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-02 22:19 . 2012-06-23 14:44 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-23 14:45 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-23 14:45 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-23 14:45 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-23 14:44 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-23 14:45 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-23 14:44 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-23 14:44 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-23 14:44 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-12 01:01 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-12 01:01 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-12 01:01 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-12 01:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-12 01:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-12 01:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-12 01:01 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-12 01:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-12 01:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-12 01:01 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-12 01:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-12 01:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-12 01:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-12 01:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-12 01:01 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-12 01:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-12 01:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-12 01:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-12 01:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 06:40 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 06:40 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-11 06:40 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-11 06:40 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 06:40 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 06:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 06:40 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 06:40 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 06:40 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 04:04 . 2012-07-13 07:43 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E1A9F4AE-6F26-43AE-8247-DAEAE9846343}\mpengine.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-13_16.37.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-13 16:49 . 2012-08-13 16:49 13330 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-08-13 16:35 . 2012-08-13 16:35 13330 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2010-06-22 04:19 . 2012-08-15 06:50 51512 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-15 06:50 49192 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-05-12 07:00 . 2012-08-15 06:50 20236 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4112322236-3011114634-1874071500-1000_UserData.bin
+ 2009-07-14 04:46 . 2012-08-13 16:42 96016 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2012-08-13 16:36 . 2012-08-13 16:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-15 06:48 . 2012-08-15 06:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-13 16:36 . 2012-08-13 16:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-08-15 06:48 . 2012-08-15 06:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-08-13 16:35 294356 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-08-13 16:49 294356 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-05-11 20:49 . 2012-08-13 16:35 2137812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4112322236-3011114634-1874071500-1000-8192.dat
+ 2011-05-11 20:49 . 2012-08-13 16:49 2137812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4112322236-3011114634-1874071500-1000-8192.dat
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-02 98304]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-03-02 171104]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 786760]
.
c:\users\Saiken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Saiken\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 136176]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-08 250056]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 136176]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 lgmcbus;LGE Mobile driver (WDM);c:\windows\system32\DRIVERS\lgmcbus.sys [2008-01-09 109056]
R3 lgmcmdfl;LGE Mobile USB WMC Modem Filter;c:\windows\system32\DRIVERS\lgmcmdfl.sys [2008-01-09 18944]
R3 lgmcmdm;LGE Mobile USB WMC Modem Driver;c:\windows\system32\DRIVERS\lgmcmdm.sys [2008-01-09 146432]
R3 lgmcmgmt;LGE Mobile USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\lgmcmgmt.sys [2008-01-09 130048]
R3 lgmcnd5;LGE Mobile USB WMC Ethernet ELDA (NDIS);c:\windows\system32\DRIVERS\lgmcnd5.sys [2008-01-09 33792]
R3 lgmcobex;LGE Mobile USB WMC OBEX Interface;c:\windows\system32\DRIVERS\lgmcobex.sys [2008-01-09 124928]
R3 lgmcunic;LGE Mobile USB WMC Ethernet ELDA (WDM);c:\windows\system32\DRIVERS\lgmcunic.sys [2008-01-09 144384]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-26 113120]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-12 242720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-03 202752]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-03-03 6402560]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-03-03 188928]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [2010-04-20 200704]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-06 13:13]
.
2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 09:32]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-11 09:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Saiken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-27 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-27 2040352]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-04-12 4462496]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-18 7056800]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Saiken\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Saiken\AppData\Roaming\Mozilla\Firefox\Profiles\8gcostlq.default\
FF - prefs.js: browser.startup.homepage - web.de
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p=
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-08-15 09:06:14
ComboFix-quarantined-files.txt 2012-08-15 07:06
ComboFix2.txt 2012-08-13 16:43
.
Vor Suchlauf: 12 Verzeichnis(se), 220.101.382.144 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 220.038.238.208 Bytes frei
.
- - End Of File - - 40F688E42A32D34F6034E2FAEC04CCB6
|
|
15.08.2012, 19:38
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum entfernen Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.08.2012, 11:20
| #25 |
| | Live Security Platinum entfernenCode:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-16 11:10:08
Windows 6.1.7601 Service Pack 1
Running: 297pi42d.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002269ec2d88
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002269ec2d88 (not active ControlSet)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 11:22:15 on 16.08.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 13.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "acedrv05" (acedrv05) - ? - C:\windows\system32\drivers\acedrv05.sys (File found, but it contains no detailed information) "Bridge0" (Bridge0) - "Lenovo" - C:\windows\System32\drivers\WDBridge.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "LHDmgr" (LHDmgr) - "Lenovo." - C:\windows\System32\DRIVERS\LhdX64.sys "Sftfs" (Sftfs) - "Microsoft Corporation" - C:\windows\System32\DRIVERS\Sftfslh.sys "Sftplay" (Sftplay) - "Microsoft Corporation" - C:\windows\System32\DRIVERS\Sftplaylh.sys "Sftredir" (Sftredir) - "Microsoft Corporation" - C:\windows\System32\DRIVERS\Sftredirlh.sys "Sftvol" (Sftvol) - "Microsoft Corporation" - C:\windows\System32\DRIVERS\Sftvollh.sys "WimFltr" (WimFltr) - "Microsoft Corporation" - C:\windows\System32\DRIVERS\wimfltr.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {16148659-720A-457d-850B-2DBD87BB129D} "AudibleShlExt Class" - "Audible, Inc." - C:\Program Files (x86)\Audible\Bin\AudibleExt.dll {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {16148659-720A-457d-850B-2DBD87BB129D} "AudibleShlExt Class" - "Audible, Inc." - C:\Program Files (x86)\Audible\Bin\AudibleExt.dll {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll {94586423-855F-4EB2-9F6A-D9DA5658DBE3} "Context menu" - ? - C:\PROGRA~2\FREEM4~1\m4a_menu.dll (File found, but it contains no detailed information) {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_32" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} "Java Plug-in 1.6.0_32" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_32" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_32.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll {d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll {0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dropbox.lnk" - "Dropbox, Inc." - C:\Users\Saiken\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "DivXUpdate" - ? - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "HP Software Update" - "Hewlett-Packard" - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "UCam_Menu" - "CyberLink Corp." - "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" "UpdateP2GShortCut" - "CyberLink Corp." - "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" "YouCam Mirror Tray icon" - "CyberLink Corp." - "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243" (NisSrv) - ? - "c:\Program Files\Microsoft Security Client\NisSrv.exe" (File not found) "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe "Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe "BBUpdate" (BBUpdate) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE "Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE "Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE "Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Updater Service" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe "HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll "HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL "hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll "IGRS" (IGRS) - "Lenovo Group Limited" - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe "Lenovo ReadyComm AppSvc" (Lenovo ReadyComm AppSvc) - "Lenovo Group Limited" - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe "Lenovo ReadyComm ConnSvc" (Lenovo ReadyComm ConnSvc) - "Lenovo Group Limited" - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\MsMpEng.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "ReadyComm Presentation Space Helper Service" (PS_MDP) - ? - C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs (File not found) "ReadyComm.DirectRouter" (ReadyComm.DirectRouter) - ? - C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs (File not found) "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-16 11:23:49
-----------------------------
11:23:49.957 OS Version: Windows x64 6.1.7601 Service Pack 1
11:23:49.957 Number of processors: 3 586 0x503
11:23:49.958 ComputerName: SAIKENS-BABY UserName: Saiken
11:23:51.569 Initialize success
11:25:11.875 AVAST engine defs: 12081503
11:25:21.371 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:25:21.376 Disk 0 Vendor: HITACHI_HTS545050B9A300 PB4ZC61H Size: 476940MB BusType: 11
11:25:21.392 Disk 0 MBR read successfully
11:25:21.398 Disk 0 MBR scan
11:25:21.407 Disk 0 Windows 7 default MBR code
11:25:21.424 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
11:25:21.439 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 431938 MB offset 411648
11:25:21.449 Disk 0 Partition - 00 0F Extended LBA 29692 MB offset 885020672
11:25:21.489 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 945829888
11:25:21.528 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29691 MB offset 885022720
11:25:21.567 Disk 0 scanning C:\windows\system32\drivers
11:25:36.912 Service scanning
11:26:12.154 Modules scanning
11:26:12.173 Disk 0 trace - called modules:
11:26:12.205 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
11:26:12.217 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004651060]
11:26:12.228 3 CLASSPNP.SYS[fffff880019bd43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80045c0060]
11:26:13.829 AVAST engine scan C:\windows
11:26:17.376 AVAST engine scan C:\windows\system32
11:30:09.275 AVAST engine scan C:\windows\system32\drivers
11:30:27.032 AVAST engine scan C:\Users\Saiken
12:04:24.090 AVAST engine scan C:\ProgramData
12:05:41.539 Scan finished successfully
12:17:51.576 Disk 0 MBR has been saved successfully to "C:\Users\Saiken\Desktop\MBR.dat"
12:17:51.581 The log file has been saved successfully to "C:\Users\Saiken\Desktop\aswMBR.txt"
|
|
16.08.2012, 13:16
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum entfernen Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.08.2012, 20:49
| #27 |
| | Live Security Platinum entfernen Bald durch? Das wäre ein Traum!!!  Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 08/16/2012 at 08:18 PM
Application Version : 5.5.1012
Core Rules Database Version : 9068
Trace Rules Database Version: 6880
Scan type : Complete Scan
Total Scan Time : 02:40:08
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 756
Memory threats detected : 0
Registry items scanned : 66492
Registry threats detected : 0
File items scanned : 181360
File threats detected : 386
Adware.Tracking Cookie
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\D6U6LSA9.txt [ /adx.chip.de ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\DSIU9596.txt [ /ads.creative-serving.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\WONU1WCV.txt [ /adbrite.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\64CWGHTJ.txt [ /ad.yieldmanager.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\QLK0LO35.txt [ /atdmt.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\NU6YQD1J.txt [ /casalemedia.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\ZTXA3ZS3.txt [ /imrworldwide.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\OLX23HEJ.txt [ /ad.zanox.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\O12DRY65.txt [ /ad.360yield.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\3O99XFI0.txt [ /adx2.chip.de ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\VJUQ97VB.txt [ /revsci.net ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\HDL2QZNA.txt [ /im.banner.t-online.de ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\U0TMOMRG.txt [ /bs.serving-sys.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\ZM3BD9N2.txt [ /microsoftwlsearchcrm.112.2o7.net ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\7EUVB5S1.txt [ /c.atdmt.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\FVWU9SC0.txt [ /invitemedia.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\XBNUGBA6.txt [ /adtech.de ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\Q3WJQ8N7.txt [ /apmebf.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\61X187RS.txt [ /adfarm1.adition.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\CTVFHXNL.txt [ /tracking.quisma.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\BV8Q945I.txt [ /mediaplex.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\VDODZHW9.txt [ /webmasterplan.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\K276BQIM.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\AC2GEMEO.txt [ /doubleclick.net ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\115GIDLN.txt [ /specificclick.net ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\8QJ1DB2K.txt [ /zanox.com ]
C:\Users\Saiken\AppData\Roaming\Microsoft\Windows\Cookies\QLFGWBDY.txt [ /adviva.net ]
C:\USERS\SAIKEN\Cookies\D6U6LSA9.txt [ Cookie:saiken@adx.chip.de/ ]
C:\USERS\SAIKEN\Cookies\QLK0LO35.txt [ Cookie:saiken@atdmt.com/ ]
C:\USERS\SAIKEN\Cookies\NU6YQD1J.txt [ Cookie:saiken@casalemedia.com/ ]
C:\USERS\SAIKEN\Cookies\ZTXA3ZS3.txt [ Cookie:saiken@imrworldwide.com/cgi-bin ]
C:\USERS\SAIKEN\Cookies\OLX23HEJ.txt [ Cookie:saiken@ad.zanox.com/ ]
C:\USERS\SAIKEN\Cookies\3O99XFI0.txt [ Cookie:saiken@adx2.chip.de/ ]
C:\USERS\SAIKEN\Cookies\VJUQ97VB.txt [ Cookie:saiken@revsci.net/ ]
C:\USERS\SAIKEN\Cookies\HDL2QZNA.txt [ Cookie:saiken@im.banner.t-online.de/ ]
C:\USERS\SAIKEN\Cookies\U0TMOMRG.txt [ Cookie:saiken@bs.serving-sys.com/ ]
C:\USERS\SAIKEN\Cookies\ZM3BD9N2.txt [ Cookie:saiken@microsoftwlsearchcrm.112.2o7.net/ ]
C:\USERS\SAIKEN\Cookies\7EUVB5S1.txt [ Cookie:saiken@c.atdmt.com/ ]
C:\USERS\SAIKEN\Cookies\FVWU9SC0.txt [ Cookie:saiken@invitemedia.com/ ]
C:\USERS\SAIKEN\Cookies\XBNUGBA6.txt [ Cookie:saiken@adtech.de/ ]
C:\USERS\SAIKEN\Cookies\Q3WJQ8N7.txt [ Cookie:saiken@apmebf.com/ ]
C:\USERS\SAIKEN\Cookies\CTVFHXNL.txt [ Cookie:saiken@tracking.quisma.com/ ]
C:\USERS\SAIKEN\Cookies\BV8Q945I.txt [ Cookie:saiken@mediaplex.com/ ]
C:\USERS\SAIKEN\Cookies\VDODZHW9.txt [ Cookie:saiken@webmasterplan.com/ ]
C:\USERS\SAIKEN\Cookies\K276BQIM.txt [ Cookie:saiken@ad2.adfarm1.adition.com/ ]
C:\USERS\SAIKEN\Cookies\AC2GEMEO.txt [ Cookie:saiken@doubleclick.net/ ]
C:\USERS\SAIKEN\Cookies\115GIDLN.txt [ Cookie:saiken@specificclick.net/ ]
C:\USERS\SAIKEN\Cookies\8QJ1DB2K.txt [ Cookie:saiken@zanox.com/ ]
C:\USERS\SAIKEN\Cookies\QLFGWBDY.txt [ Cookie:saiken@adviva.net/ ]
delivery.ibanner.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HMFVNVPQ ]
track.adform.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.ww251.smartadserver.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.awista-duesseldorf.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.de.at.atwola.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.qfind.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ww2.qfind.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ww2.qfind.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ww2.qfind.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ww2.qfind.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.vipstatsguard.org [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.vipstatsguard.org [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.vipstatsguard.org [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
track.zalando.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.mediamarkt.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.mediamarkt.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
media4.tchibo-content.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.fwu-mediathek.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.fwu-mediathek.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.fwu-mediathek.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.staubbeutel-discount.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.staubbeutel-discount.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.staubbeutel-discount.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.omediatrack.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ads2.bartime.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
media1.tchibo-content.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.ihg2.db.advertising.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.ihg.db.advertising.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ads.playamedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SAIKEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8GCOSTLQ.DEFAULT\COOKIES.SQLITE ]
cdn2.baronsmedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9GDYHFGT ]
Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.16.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Saiken :: SAIKENS-BABY [Administrator] 16.08.2012 15:03:50 mbam-log-2012-08-16 (15-03-50).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 391654 Laufzeit: 1 Stunde(n), 4 Minute(n), 28 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
17.08.2012, 19:36
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum entfernen Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.08.2012, 15:43
| #29 |
| | Live Security Platinum entfernen Soweit scheint alles gut zu sein. Ich habe nur noch Probleme mit dem Update für Microsoft, stehe aber schon in Kontakt mit einem Supporter. Mal sehen was das ergibt. Auf jeden Fall vielen Dank für die ganze Mühe, das war echt toll von dir!!! |
|
30.08.2012, 11:23
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Platinum entfernen Wurde das Problem mit Microsoft behoben? Wenn ja, bitte kurze Erläuterung
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Live Security Platinum entfernen |
| acedrv05.sys, adobe, andere, anderen, antiviren, anwendungen, bingbar, computer, document, entfernen, firefox, flash, forum, hallo zusammen, install.exe, lenovo, live, live security platinum entfernen, malwarebytes, microsoft office starter 2010, officejet, pdfforge toolbar, picasa, platinum, plug-in, programme, rechner, richtig, richtlinie, scan, searchscopes, security, software, update, usb 2.0, verlauf, wahrscheinlich, zusammen |
Linear-Darstellung
