| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner verschickt Spam-Mails - Runde 2Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.06.2012, 13:34
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Trojaner verschickt Spam-Mails - Runde 2 Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.06.2012, 15:13
| #17 |
 | Trojaner verschickt Spam-Mails - Runde 2 TDSS
__________________Code:
ATTFilter 16:09:40.0593 2976 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
16:09:42.0512 2976 ============================================================
16:09:42.0512 2976 Current date / time: 2012/06/17 16:09:42.0512
16:09:42.0512 2976 SystemInfo:
16:09:42.0512 2976
16:09:42.0512 2976 OS Version: 6.1.7601 ServicePack: 1.0
16:09:42.0512 2976 Product type: Workstation
16:09:42.0512 2976 ComputerName: FALKO-PC
16:09:42.0512 2976 UserName: Falko
16:09:42.0512 2976 Windows directory: C:\Windows
16:09:42.0512 2976 System windows directory: C:\Windows
16:09:42.0512 2976 Running under WOW64
16:09:42.0512 2976 Processor architecture: Intel x64
16:09:42.0512 2976 Number of processors: 2
16:09:42.0512 2976 Page size: 0x1000
16:09:42.0512 2976 Boot type: Normal boot
16:09:42.0512 2976 ============================================================
16:09:43.0963 2976 Drive \Device\Harddisk0\DR0 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:09:44.0009 2976 Drive \Device\Harddisk1\DR1 - Size: 0x3BC00000 (0.93 Gb), SectorSize: 0x200, Cylinders: 0x79, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:09:44.0009 2976 ============================================================
16:09:44.0009 2976 \Device\Harddisk0\DR0:
16:09:44.0009 2976 MBR partitions:
16:09:44.0009 2976 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856E82
16:09:44.0009 2976 \Device\Harddisk1\DR1:
16:09:44.0025 2976 MBR partitions:
16:09:44.0025 2976 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1DDFE0
16:09:44.0025 2976 ============================================================
16:09:44.0041 2976 C: <-> \Device\Harddisk0\DR0\Partition0
16:09:44.0056 2976 ============================================================
16:09:44.0056 2976 Initialize success
16:09:44.0056 2976 ============================================================
16:09:50.0889 3404 ============================================================
16:09:50.0889 3404 Scan started
16:09:50.0889 3404 Mode: Manual; SigCheck; TDLFS;
16:09:50.0889 3404 ============================================================
16:09:51.0747 3404 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:09:51.0856 3404 1394ohci - ok
16:09:51.0919 3404 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:09:51.0950 3404 ACPI - ok
16:09:51.0965 3404 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:09:52.0012 3404 AcpiPmi - ok
16:09:52.0059 3404 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:09:52.0075 3404 adp94xx - ok
16:09:52.0106 3404 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:09:52.0121 3404 adpahci - ok
16:09:52.0153 3404 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:09:52.0184 3404 adpu320 - ok
16:09:52.0215 3404 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:09:52.0324 3404 AeLookupSvc - ok
16:09:52.0402 3404 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:09:52.0449 3404 AFD - ok
16:09:52.0496 3404 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:09:52.0511 3404 agp440 - ok
16:09:52.0745 3404 Akamai (c775d704feb2b600a5bf7b0b088546af) c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll
16:09:52.0745 3404 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
16:09:52.0745 3404 Akamai ( HiddenFile.Multi.Generic ) - warning
16:09:52.0745 3404 Akamai - detected HiddenFile.Multi.Generic (1)
16:09:52.0823 3404 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:09:52.0870 3404 ALG - ok
16:09:52.0901 3404 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:09:52.0917 3404 aliide - ok
16:09:52.0917 3404 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:09:52.0933 3404 amdide - ok
16:09:52.0964 3404 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:09:52.0995 3404 AmdK8 - ok
16:09:53.0011 3404 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:09:53.0042 3404 AmdPPM - ok
16:09:53.0089 3404 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:09:53.0104 3404 amdsata - ok
16:09:53.0135 3404 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:09:53.0151 3404 amdsbs - ok
16:09:53.0167 3404 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:09:53.0167 3404 amdxata - ok
16:09:53.0229 3404 AntiVirSchedulerService (9015bc03f62940527ec92d45ee89e46f) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:09:53.0260 3404 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - warning
16:09:53.0260 3404 AntiVirSchedulerService - detected UnsignedFile.Multi.Generic (1)
16:09:53.0291 3404 AntiVirService (b8720a787c1223492e6f319465e996ce) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:09:53.0323 3404 AntiVirService ( UnsignedFile.Multi.Generic ) - warning
16:09:53.0323 3404 AntiVirService - detected UnsignedFile.Multi.Generic (1)
16:09:53.0354 3404 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:09:53.0479 3404 AppID - ok
16:09:53.0510 3404 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:09:53.0541 3404 AppIDSvc - ok
16:09:53.0572 3404 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:09:53.0603 3404 Appinfo - ok
16:09:53.0713 3404 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:09:53.0728 3404 Apple Mobile Device - ok
16:09:53.0759 3404 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:09:53.0791 3404 arc - ok
16:09:53.0806 3404 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:09:53.0837 3404 arcsas - ok
16:09:53.0869 3404 aspnet_state - ok
16:09:53.0915 3404 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:09:53.0978 3404 AsyncMac - ok
16:09:54.0009 3404 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:09:54.0009 3404 atapi - ok
16:09:54.0071 3404 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:09:54.0149 3404 AudioEndpointBuilder - ok
16:09:54.0149 3404 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:09:54.0181 3404 AudioSrv - ok
16:09:54.0212 3404 avgntflt (c30b5fc0adcdfba7668e99baf0cbf58e) C:\Windows\system32\DRIVERS\avgntflt.sys
16:09:54.0243 3404 avgntflt - ok
16:09:54.0259 3404 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:09:54.0337 3404 AxInstSV - ok
16:09:54.0368 3404 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:09:54.0415 3404 b06bdrv - ok
16:09:54.0446 3404 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:09:54.0477 3404 b57nd60a - ok
16:09:54.0508 3404 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:09:54.0555 3404 BDESVC - ok
16:09:54.0571 3404 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:09:54.0633 3404 Beep - ok
16:09:54.0695 3404 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:09:54.0727 3404 BFE - ok
16:09:54.0805 3404 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
16:09:54.0898 3404 BITS - ok
16:09:54.0961 3404 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:09:54.0976 3404 blbdrive - ok
16:09:55.0054 3404 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:09:55.0070 3404 Bonjour Service - ok
16:09:55.0117 3404 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:09:55.0148 3404 bowser - ok
16:09:55.0179 3404 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:09:55.0257 3404 BrFiltLo - ok
16:09:55.0273 3404 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:09:55.0304 3404 BrFiltUp - ok
16:09:55.0335 3404 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:09:55.0397 3404 Browser - ok
16:09:55.0429 3404 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:09:55.0475 3404 Brserid - ok
16:09:55.0507 3404 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:09:55.0538 3404 BrSerWdm - ok
16:09:55.0569 3404 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:09:55.0616 3404 BrUsbMdm - ok
16:09:55.0631 3404 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:09:55.0647 3404 BrUsbSer - ok
16:09:55.0663 3404 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:09:55.0694 3404 BTHMODEM - ok
16:09:55.0709 3404 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:09:55.0741 3404 bthserv - ok
16:09:55.0741 3404 catchme - ok
16:09:55.0787 3404 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:09:55.0803 3404 cdfs - ok
16:09:55.0943 3404 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:09:56.0006 3404 cdrom - ok
16:09:56.0099 3404 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:09:56.0177 3404 CertPropSvc - ok
16:09:56.0271 3404 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:09:56.0318 3404 circlass - ok
16:09:56.0411 3404 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:09:56.0411 3404 CLFS - ok
16:09:56.0474 3404 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:09:56.0489 3404 clr_optimization_v2.0.50727_32 - ok
16:09:56.0505 3404 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:09:56.0521 3404 clr_optimization_v2.0.50727_64 - ok
16:09:56.0567 3404 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:09:56.0583 3404 clr_optimization_v4.0.30319_32 - ok
16:09:56.0614 3404 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:09:56.0614 3404 clr_optimization_v4.0.30319_64 - ok
16:09:56.0645 3404 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:09:56.0723 3404 CmBatt - ok
16:09:56.0755 3404 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:09:56.0755 3404 cmdide - ok
16:09:56.0801 3404 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:09:56.0833 3404 CNG - ok
16:09:56.0864 3404 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:09:56.0864 3404 Compbatt - ok
16:09:56.0911 3404 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:09:56.0957 3404 CompositeBus - ok
16:09:56.0957 3404 COMSysApp - ok
16:09:56.0973 3404 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:09:56.0989 3404 crcdisk - ok
16:09:57.0020 3404 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:09:57.0035 3404 CryptSvc - ok
16:09:57.0098 3404 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:09:57.0223 3404 DcomLaunch - ok
16:09:57.0254 3404 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:09:57.0347 3404 defragsvc - ok
16:09:57.0379 3404 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:09:57.0425 3404 DfsC - ok
16:09:57.0503 3404 dg_ssudbus (113212d25d0c9bb8901a9833774da97f) C:\Windows\system32\DRIVERS\ssudbus.sys
16:09:57.0535 3404 dg_ssudbus - ok
16:09:57.0566 3404 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:09:57.0628 3404 Dhcp - ok
16:09:57.0659 3404 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:09:57.0691 3404 discache - ok
16:09:57.0722 3404 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:09:57.0737 3404 Disk - ok
16:09:57.0769 3404 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:09:57.0831 3404 Dnscache - ok
16:09:57.0862 3404 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:09:57.0925 3404 dot3svc - ok
16:09:57.0971 3404 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:09:58.0003 3404 DPS - ok
16:09:58.0018 3404 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:09:58.0049 3404 drmkaud - ok
16:09:58.0081 3404 dump_wmimmc - ok
16:09:58.0159 3404 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:09:58.0205 3404 DXGKrnl - ok
16:09:58.0252 3404 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
16:09:58.0268 3404 E1G60 - ok
16:09:58.0299 3404 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:09:58.0346 3404 EapHost - ok
16:09:58.0502 3404 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:09:58.0595 3404 ebdrv - ok
16:09:58.0658 3404 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:09:58.0705 3404 EFS - ok
16:09:58.0876 3404 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:09:58.0923 3404 ehRecvr - ok
16:09:58.0954 3404 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:09:59.0001 3404 ehSched - ok
16:09:59.0048 3404 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:09:59.0063 3404 elxstor - ok
16:09:59.0095 3404 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:09:59.0126 3404 ErrDev - ok
16:09:59.0173 3404 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:09:59.0219 3404 EventSystem - ok
16:09:59.0251 3404 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:09:59.0297 3404 exfat - ok
16:09:59.0313 3404 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:09:59.0360 3404 fastfat - ok
16:09:59.0422 3404 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:09:59.0469 3404 Fax - ok
16:09:59.0500 3404 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:09:59.0516 3404 fdc - ok
16:09:59.0531 3404 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:09:59.0578 3404 fdPHost - ok
16:09:59.0594 3404 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:09:59.0641 3404 FDResPub - ok
16:09:59.0672 3404 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:09:59.0672 3404 FileInfo - ok
16:09:59.0687 3404 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:09:59.0734 3404 Filetrace - ok
16:09:59.0750 3404 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:09:59.0765 3404 flpydisk - ok
16:09:59.0828 3404 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:09:59.0843 3404 FltMgr - ok
16:09:59.0921 3404 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:09:59.0968 3404 FontCache - ok
16:10:00.0015 3404 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:10:00.0031 3404 FontCache3.0.0.0 - ok
16:10:00.0062 3404 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:10:00.0062 3404 FsDepends - ok
16:10:00.0093 3404 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:10:00.0109 3404 Fs_Rec - ok
16:10:00.0140 3404 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:10:00.0155 3404 fvevol - ok
16:10:00.0187 3404 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:10:00.0202 3404 gagp30kx - ok
16:10:00.0202 3404 gdrv - ok
16:10:00.0233 3404 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:10:00.0249 3404 GEARAspiWDM - ok
16:10:00.0296 3404 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:10:00.0343 3404 gpsvc - ok
16:10:00.0374 3404 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:10:00.0405 3404 hcw85cir - ok
16:10:00.0452 3404 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:10:00.0499 3404 HdAudAddService - ok
16:10:00.0530 3404 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:10:00.0561 3404 HDAudBus - ok
16:10:00.0592 3404 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:10:00.0608 3404 HidBatt - ok
16:10:00.0623 3404 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:10:00.0639 3404 HidBth - ok
16:10:00.0655 3404 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:10:00.0686 3404 HidIr - ok
16:10:00.0717 3404 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:10:00.0764 3404 hidserv - ok
16:10:00.0779 3404 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:10:00.0779 3404 HidUsb - ok
16:10:00.0826 3404 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:10:00.0857 3404 hkmsvc - ok
16:10:00.0904 3404 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:10:00.0951 3404 HomeGroupListener - ok
16:10:00.0982 3404 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:10:00.0998 3404 HomeGroupProvider - ok
16:10:01.0045 3404 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:10:01.0045 3404 HpSAMD - ok
16:10:01.0107 3404 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:10:01.0154 3404 HTTP - ok
16:10:01.0185 3404 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:10:01.0201 3404 hwpolicy - ok
16:10:01.0232 3404 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:10:01.0232 3404 i8042prt - ok
16:10:01.0279 3404 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:10:01.0310 3404 iaStorV - ok
16:10:01.0372 3404 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:10:01.0388 3404 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:10:01.0388 3404 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:10:01.0450 3404 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:10:01.0497 3404 idsvc - ok
16:10:01.0575 3404 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:10:01.0575 3404 iirsp - ok
16:10:01.0637 3404 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:10:01.0700 3404 IKEEXT - ok
16:10:01.0825 3404 IntcAzAudAddService (135856ac71116ccff05ed8481745241b) C:\Windows\system32\drivers\RTKVHD64.sys
16:10:01.0871 3404 IntcAzAudAddService - ok
16:10:01.0934 3404 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:10:01.0949 3404 intelide - ok
16:10:01.0965 3404 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:10:01.0981 3404 intelppm - ok
16:10:02.0012 3404 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:10:02.0043 3404 IPBusEnum - ok
16:10:02.0074 3404 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:10:02.0121 3404 IpFilterDriver - ok
16:10:02.0168 3404 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:10:02.0199 3404 iphlpsvc - ok
16:10:02.0215 3404 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:10:02.0230 3404 IPMIDRV - ok
16:10:02.0261 3404 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:10:02.0293 3404 IPNAT - ok
16:10:02.0386 3404 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
16:10:02.0402 3404 iPod Service - ok
16:10:02.0417 3404 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:10:02.0464 3404 IRENUM - ok
16:10:02.0495 3404 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:10:02.0495 3404 isapnp - ok
16:10:02.0527 3404 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:10:02.0542 3404 iScsiPrt - ok
16:10:02.0558 3404 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:10:02.0573 3404 kbdclass - ok
16:10:02.0605 3404 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:10:02.0605 3404 kbdhid - ok
16:10:02.0636 3404 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:10:02.0651 3404 KeyIso - ok
16:10:02.0667 3404 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:10:02.0667 3404 KSecDD - ok
16:10:02.0683 3404 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:10:02.0714 3404 KSecPkg - ok
16:10:02.0729 3404 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:10:02.0761 3404 ksthunk - ok
16:10:02.0807 3404 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:10:02.0839 3404 KtmRm - ok
16:10:02.0901 3404 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
16:10:02.0948 3404 LanmanServer - ok
16:10:03.0010 3404 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:10:03.0041 3404 LanmanWorkstation - ok
16:10:03.0073 3404 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:10:03.0104 3404 lltdio - ok
16:10:03.0151 3404 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:10:03.0197 3404 lltdsvc - ok
16:10:03.0213 3404 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:10:03.0244 3404 lmhosts - ok
16:10:03.0275 3404 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:10:03.0291 3404 LSI_FC - ok
16:10:03.0322 3404 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:10:03.0322 3404 LSI_SAS - ok
16:10:03.0353 3404 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:10:03.0369 3404 LSI_SAS2 - ok
16:10:03.0385 3404 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:10:03.0400 3404 LSI_SCSI - ok
16:10:03.0431 3404 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:10:03.0463 3404 luafv - ok
16:10:03.0494 3404 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:10:03.0509 3404 Mcx2Svc - ok
16:10:03.0525 3404 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:10:03.0541 3404 megasas - ok
16:10:03.0572 3404 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:10:03.0587 3404 MegaSR - ok
16:10:03.0619 3404 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:10:03.0650 3404 MMCSS - ok
16:10:03.0681 3404 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:10:03.0728 3404 Modem - ok
16:10:03.0743 3404 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:10:03.0790 3404 monitor - ok
16:10:03.0821 3404 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:10:03.0853 3404 mouclass - ok
16:10:03.0931 3404 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:10:03.0962 3404 mouhid - ok
16:10:04.0149 3404 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:10:04.0165 3404 mountmgr - ok
16:10:04.0196 3404 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:10:04.0227 3404 mpio - ok
16:10:04.0243 3404 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:10:04.0289 3404 mpsdrv - ok
16:10:04.0352 3404 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:10:04.0399 3404 MpsSvc - ok
16:10:04.0430 3404 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:10:04.0445 3404 MRxDAV - ok
16:10:04.0492 3404 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:10:04.0555 3404 mrxsmb - ok
16:10:04.0586 3404 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:10:04.0617 3404 mrxsmb10 - ok
16:10:04.0648 3404 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:10:04.0679 3404 mrxsmb20 - ok
16:10:04.0711 3404 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:10:04.0726 3404 msahci - ok
16:10:04.0757 3404 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:10:04.0773 3404 msdsm - ok
16:10:04.0804 3404 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:10:04.0835 3404 MSDTC - ok
16:10:04.0867 3404 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:10:04.0898 3404 Msfs - ok
16:10:04.0913 3404 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:10:04.0945 3404 mshidkmdf - ok
16:10:04.0960 3404 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:10:04.0960 3404 msisadrv - ok
16:10:04.0991 3404 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:10:05.0038 3404 MSiSCSI - ok
16:10:05.0038 3404 msiserver - ok
16:10:05.0054 3404 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:10:05.0101 3404 MSKSSRV - ok
16:10:05.0116 3404 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:10:05.0147 3404 MSPCLOCK - ok
16:10:05.0147 3404 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:10:05.0194 3404 MSPQM - ok
16:10:05.0225 3404 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:10:05.0241 3404 MsRPC - ok
16:10:05.0272 3404 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:10:05.0288 3404 mssmbios - ok
16:10:05.0303 3404 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:10:05.0335 3404 MSTEE - ok
16:10:05.0366 3404 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:10:05.0381 3404 MTConfig - ok
16:10:05.0397 3404 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:10:05.0413 3404 Mup - ok
16:10:05.0444 3404 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:10:05.0506 3404 napagent - ok
16:10:05.0522 3404 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:10:05.0553 3404 NativeWifiP - ok
16:10:05.0600 3404 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:10:05.0631 3404 NDIS - ok
16:10:05.0647 3404 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:10:05.0678 3404 NdisCap - ok
16:10:05.0678 3404 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:10:05.0709 3404 NdisTapi - ok
16:10:05.0740 3404 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:10:05.0771 3404 Ndisuio - ok
16:10:05.0787 3404 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:10:05.0834 3404 NdisWan - ok
16:10:05.0865 3404 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:10:05.0896 3404 NDProxy - ok
16:10:05.0943 3404 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:10:05.0974 3404 NetBIOS - ok
16:10:06.0005 3404 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:10:06.0052 3404 NetBT - ok
16:10:06.0068 3404 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:10:06.0099 3404 Netlogon - ok
16:10:06.0130 3404 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:10:06.0161 3404 Netman - ok
16:10:06.0193 3404 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:10:06.0239 3404 netprofm - ok
16:10:06.0286 3404 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:10:06.0317 3404 NetTcpPortSharing - ok
16:10:06.0333 3404 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:10:06.0333 3404 nfrd960 - ok
16:10:06.0380 3404 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:10:06.0411 3404 NlaSvc - ok
16:10:06.0442 3404 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:10:06.0458 3404 Npfs - ok
16:10:06.0473 3404 npggsvc - ok
16:10:06.0489 3404 NPPTNT2 - ok
16:10:06.0505 3404 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:10:06.0567 3404 nsi - ok
16:10:06.0567 3404 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:10:06.0598 3404 nsiproxy - ok
16:10:06.0692 3404 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:10:06.0739 3404 Ntfs - ok
16:10:06.0801 3404 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:10:06.0832 3404 Null - ok
16:10:07.0409 3404 nvlddmkm (aaf5559039e99d0cc22e25255f3dc06e) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:10:07.0690 3404 nvlddmkm - ok
16:10:07.0768 3404 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:10:07.0784 3404 nvraid - ok
16:10:07.0815 3404 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:10:07.0831 3404 nvstor - ok
16:10:07.0877 3404 nvsvc (c20f9e2deec656c67f7986dd3a50ec62) C:\Windows\system32\nvvsvc.exe
16:10:07.0893 3404 nvsvc - ok
16:10:07.0909 3404 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:10:07.0924 3404 nv_agp - ok
16:10:08.0002 3404 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:10:08.0033 3404 odserv - ok
16:10:08.0065 3404 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:10:08.0080 3404 ohci1394 - ok
16:10:08.0096 3404 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:10:08.0111 3404 ose - ok
16:10:08.0143 3404 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:10:08.0189 3404 p2pimsvc - ok
16:10:08.0236 3404 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:10:08.0252 3404 p2psvc - ok
16:10:08.0299 3404 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:10:08.0299 3404 Parport - ok
16:10:08.0330 3404 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:10:08.0345 3404 partmgr - ok
16:10:08.0361 3404 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:10:08.0377 3404 PcaSvc - ok
16:10:08.0408 3404 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:10:08.0408 3404 pci - ok
16:10:08.0423 3404 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:10:08.0439 3404 pciide - ok
16:10:08.0470 3404 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:10:08.0517 3404 pcmcia - ok
16:10:08.0548 3404 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:10:08.0548 3404 pcw - ok
16:10:08.0595 3404 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:10:08.0657 3404 PEAUTH - ok
16:10:08.0720 3404 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:10:08.0751 3404 PerfHost - ok
16:10:08.0845 3404 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:10:08.0891 3404 pla - ok
16:10:08.0907 3404 PLCNDIS5 - ok
16:10:08.0954 3404 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:10:08.0969 3404 PlugPlay - ok
16:10:08.0985 3404 PnkBstrA - ok
16:10:09.0001 3404 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:10:09.0032 3404 PNRPAutoReg - ok
16:10:09.0063 3404 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:10:09.0063 3404 PNRPsvc - ok
16:10:09.0094 3404 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:10:09.0157 3404 PolicyAgent - ok
16:10:09.0219 3404 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:10:09.0266 3404 Power - ok
16:10:09.0313 3404 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:10:09.0375 3404 PptpMiniport - ok
16:10:09.0391 3404 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:10:09.0422 3404 Processor - ok
16:10:09.0453 3404 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:10:09.0500 3404 ProfSvc - ok
16:10:09.0531 3404 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:10:09.0547 3404 ProtectedStorage - ok
16:10:09.0578 3404 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:10:09.0625 3404 Psched - ok
16:10:09.0671 3404 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
16:10:09.0687 3404 PSI - ok
16:10:09.0749 3404 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:10:09.0781 3404 PSI_SVC_2 - ok
16:10:09.0874 3404 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:10:09.0921 3404 ql2300 - ok
16:10:09.0999 3404 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:10:10.0015 3404 ql40xx - ok
16:10:10.0046 3404 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:10:10.0077 3404 QWAVE - ok
16:10:10.0093 3404 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:10:10.0124 3404 QWAVEdrv - ok
16:10:10.0139 3404 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:10:10.0171 3404 RasAcd - ok
16:10:10.0202 3404 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:10:10.0249 3404 RasAgileVpn - ok
16:10:10.0264 3404 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:10:10.0311 3404 RasAuto - ok
16:10:10.0342 3404 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:10:10.0373 3404 Rasl2tp - ok
16:10:10.0420 3404 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:10:10.0467 3404 RasMan - ok
16:10:10.0483 3404 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:10:10.0514 3404 RasPppoe - ok
16:10:10.0529 3404 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:10:10.0561 3404 RasSstp - ok
16:10:10.0592 3404 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:10:10.0639 3404 rdbss - ok
16:10:10.0670 3404 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:10:10.0685 3404 rdpbus - ok
16:10:10.0685 3404 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:10:10.0717 3404 RDPCDD - ok
16:10:10.0732 3404 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:10:10.0763 3404 RDPENCDD - ok
16:10:10.0779 3404 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:10:10.0795 3404 RDPREFMP - ok
16:10:10.0826 3404 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:10:10.0873 3404 RDPWD - ok
16:10:10.0904 3404 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:10:10.0935 3404 rdyboost - ok
16:10:10.0966 3404 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:10:10.0997 3404 RemoteAccess - ok
16:10:11.0029 3404 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:10:11.0075 3404 RemoteRegistry - ok
16:10:11.0091 3404 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:10:11.0138 3404 RpcEptMapper - ok
16:10:11.0169 3404 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:10:11.0185 3404 RpcLocator - ok
16:10:11.0231 3404 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:10:11.0263 3404 RpcSs - ok
16:10:11.0294 3404 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:10:11.0325 3404 rspndr - ok
16:10:11.0372 3404 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:10:11.0419 3404 RTL8167 - ok
16:10:11.0434 3404 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:10:11.0450 3404 SamSs - ok
16:10:11.0497 3404 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:10:11.0497 3404 sbp2port - ok
16:10:11.0528 3404 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:10:11.0575 3404 SCardSvr - ok
16:10:11.0590 3404 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:10:11.0621 3404 scfilter - ok
16:10:11.0699 3404 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:10:11.0746 3404 Schedule - ok
16:10:11.0777 3404 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:10:11.0809 3404 SCPolicySvc - ok
16:10:11.0840 3404 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:10:11.0871 3404 SDRSVC - ok
16:10:11.0918 3404 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:10:11.0965 3404 secdrv - ok
16:10:11.0980 3404 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:10:12.0027 3404 seclogon - ok
16:10:12.0121 3404 Secunia PSI Agent (fc4842cecaf2a938be13a6c534034088) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
16:10:12.0167 3404 Secunia PSI Agent - ok
16:10:12.0214 3404 Secunia Update Agent (401c960e9c95d35cffb17ca57c4406fb) C:\Program Files (x86)\Secunia\PSI\sua.exe
16:10:12.0214 3404 Secunia Update Agent - ok
16:10:12.0308 3404 seehcri (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys
16:10:12.0339 3404 seehcri - ok
16:10:12.0370 3404 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:10:12.0401 3404 SENS - ok
16:10:12.0417 3404 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:10:12.0448 3404 SensrSvc - ok
16:10:12.0479 3404 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:10:12.0495 3404 Serenum - ok
16:10:12.0511 3404 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:10:12.0542 3404 Serial - ok
16:10:12.0573 3404 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:10:12.0589 3404 sermouse - ok
16:10:12.0620 3404 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:10:12.0651 3404 SessionEnv - ok
16:10:12.0682 3404 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:10:12.0713 3404 sffdisk - ok
16:10:12.0729 3404 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:10:12.0745 3404 sffp_mmc - ok
16:10:12.0760 3404 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:10:12.0776 3404 sffp_sd - ok
16:10:12.0823 3404 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:10:12.0854 3404 sfloppy - ok
16:10:12.0901 3404 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:10:12.0979 3404 SharedAccess - ok
16:10:13.0025 3404 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:10:13.0057 3404 ShellHWDetection - ok
16:10:13.0072 3404 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:10:13.0088 3404 SiSRaid2 - ok
16:10:13.0119 3404 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:10:13.0119 3404 SiSRaid4 - ok
16:10:13.0150 3404 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:10:13.0197 3404 Smb - ok
16:10:13.0213 3404 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:10:13.0244 3404 SNMPTRAP - ok
16:10:13.0275 3404 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:10:13.0275 3404 spldr - ok
16:10:13.0322 3404 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:10:13.0369 3404 Spooler - ok
16:10:13.0540 3404 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:10:13.0634 3404 sppsvc - ok
16:10:13.0696 3404 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:10:13.0743 3404 sppuinotify - ok
16:10:13.0821 3404 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:10:13.0868 3404 srv - ok
16:10:13.0883 3404 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:10:13.0930 3404 srv2 - ok
16:10:13.0946 3404 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:10:13.0977 3404 srvnet - ok
16:10:13.0993 3404 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:10:14.0039 3404 SSDPSRV - ok
16:10:14.0055 3404 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:10:14.0086 3404 SstpSvc - ok
16:10:14.0117 3404 ssudmdm (78cd64791f8634cf7b582fd085e57c4b) C:\Windows\system32\DRIVERS\ssudmdm.sys
16:10:14.0133 3404 ssudmdm - ok
16:10:14.0164 3404 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:10:14.0180 3404 stexstor - ok
16:10:14.0367 3404 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:10:14.0398 3404 stisvc - ok
16:10:14.0414 3404 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:10:14.0445 3404 swenum - ok
16:10:14.0476 3404 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:10:14.0523 3404 swprv - ok
16:10:14.0617 3404 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:10:14.0663 3404 SysMain - ok
16:10:14.0741 3404 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:10:14.0773 3404 TabletInputService - ok
16:10:14.0819 3404 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:10:14.0866 3404 TapiSrv - ok
16:10:14.0882 3404 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:10:14.0929 3404 TBS - ok
16:10:15.0178 3404 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:10:15.0241 3404 Tcpip - ok
16:10:15.0334 3404 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:10:15.0365 3404 TCPIP6 - ok
16:10:15.0412 3404 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:10:15.0459 3404 tcpipreg - ok
16:10:15.0475 3404 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:10:15.0521 3404 TDPIPE - ok
16:10:15.0537 3404 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:10:15.0568 3404 TDTCP - ok
16:10:15.0599 3404 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:10:15.0631 3404 tdx - ok
16:10:15.0677 3404 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:10:15.0693 3404 TermDD - ok
16:10:15.0740 3404 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:10:15.0787 3404 TermService - ok
16:10:15.0802 3404 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:10:15.0833 3404 Themes - ok
16:10:15.0849 3404 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:10:15.0880 3404 THREADORDER - ok
16:10:15.0896 3404 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:10:15.0943 3404 TrkWks - ok
16:10:15.0989 3404 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:10:16.0021 3404 TrustedInstaller - ok
16:10:16.0052 3404 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:10:16.0083 3404 tssecsrv - ok
16:10:16.0130 3404 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:10:16.0161 3404 TsUsbFlt - ok
16:10:16.0208 3404 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:10:16.0239 3404 tunnel - ok
16:10:16.0270 3404 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:10:16.0270 3404 uagp35 - ok
16:10:16.0317 3404 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:10:16.0364 3404 udfs - ok
16:10:16.0379 3404 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:10:16.0395 3404 UI0Detect - ok
16:10:16.0426 3404 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:10:16.0426 3404 uliagpkx - ok
16:10:16.0457 3404 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:10:16.0473 3404 umbus - ok
16:10:16.0504 3404 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:10:16.0504 3404 UmPass - ok
16:10:16.0520 3404 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:10:16.0582 3404 upnphost - ok
16:10:16.0613 3404 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
16:10:16.0645 3404 USBAAPL64 - ok
16:10:16.0660 3404 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:10:16.0676 3404 usbccgp - ok
16:10:16.0707 3404 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:10:16.0723 3404 usbcir - ok
16:10:16.0754 3404 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:10:16.0769 3404 usbehci - ok
16:10:16.0801 3404 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:10:16.0832 3404 usbhub - ok
16:10:16.0847 3404 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:10:16.0879 3404 usbohci - ok
16:10:16.0879 3404 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:10:16.0910 3404 usbprint - ok
16:10:16.0925 3404 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:10:16.0957 3404 USBSTOR - ok
16:10:16.0972 3404 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:10:16.0988 3404 usbuhci - ok
16:10:17.0003 3404 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:10:17.0050 3404 UxSms - ok
16:10:17.0081 3404 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:10:17.0081 3404 VaultSvc - ok
16:10:17.0097 3404 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:10:17.0097 3404 vdrvroot - ok
16:10:17.0144 3404 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:10:17.0206 3404 vds - ok
16:10:17.0222 3404 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:10:17.0237 3404 vga - ok
16:10:17.0253 3404 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:10:17.0284 3404 VgaSave - ok
16:10:17.0315 3404 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:10:17.0347 3404 vhdmp - ok
16:10:17.0362 3404 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:10:17.0378 3404 viaide - ok
16:10:17.0393 3404 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:10:17.0393 3404 volmgr - ok
16:10:17.0456 3404 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:10:17.0456 3404 volmgrx - ok
16:10:17.0487 3404 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:10:17.0487 3404 volsnap - ok
16:10:17.0518 3404 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:10:17.0534 3404 vsmraid - ok
16:10:17.0643 3404 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:10:17.0721 3404 VSS - ok
16:10:17.0799 3404 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
16:10:17.0830 3404 vwifibus - ok
16:10:17.0877 3404 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:10:17.0908 3404 W32Time - ok
16:10:17.0939 3404 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:10:17.0971 3404 WacomPen - ok
16:10:18.0002 3404 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:10:18.0033 3404 WANARP - ok
16:10:18.0033 3404 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:10:18.0064 3404 Wanarpv6 - ok
16:10:18.0158 3404 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:10:18.0220 3404 wbengine - ok
16:10:18.0267 3404 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:10:18.0298 3404 WbioSrvc - ok
16:10:18.0329 3404 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:10:18.0361 3404 wcncsvc - ok
16:10:18.0376 3404 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:10:18.0392 3404 WcsPlugInService - ok
16:10:18.0439 3404 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:10:18.0439 3404 Wd - ok
16:10:18.0485 3404 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:10:18.0532 3404 Wdf01000 - ok
16:10:18.0548 3404 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:10:18.0626 3404 WdiServiceHost - ok
16:10:18.0626 3404 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:10:18.0641 3404 WdiSystemHost - ok
16:10:18.0673 3404 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:10:18.0704 3404 WebClient - ok
16:10:18.0719 3404 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:10:18.0766 3404 Wecsvc - ok
16:10:18.0782 3404 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:10:18.0797 3404 wercplsupport - ok
16:10:18.0813 3404 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:10:18.0844 3404 WerSvc - ok
16:10:18.0875 3404 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:10:18.0907 3404 WfpLwf - ok
16:10:18.0907 3404 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:10:18.0922 3404 WIMMount - ok
16:10:18.0938 3404 WinDefend - ok
16:10:18.0953 3404 WinHttpAutoProxySvc - ok
16:10:19.0016 3404 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:10:19.0047 3404 Winmgmt - ok
16:10:19.0156 3404 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:10:19.0219 3404 WinRM - ok
16:10:19.0297 3404 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:10:19.0328 3404 WinUsb - ok
16:10:19.0437 3404 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:10:19.0499 3404 Wlansvc - ok
16:10:19.0531 3404 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:10:19.0546 3404 WmiAcpi - ok
16:10:19.0593 3404 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:10:19.0624 3404 wmiApSrv - ok
16:10:19.0640 3404 WMPNetworkSvc - ok
16:10:19.0655 3404 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:10:19.0687 3404 WPCSvc - ok
16:10:19.0718 3404 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:10:19.0733 3404 WPDBusEnum - ok
16:10:19.0765 3404 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:10:19.0811 3404 ws2ifsl - ok
16:10:19.0827 3404 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
16:10:19.0843 3404 wscsvc - ok
16:10:19.0843 3404 WSearch - ok
16:10:19.0967 3404 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:10:20.0045 3404 wuauserv - ok
16:10:20.0123 3404 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:10:20.0170 3404 WudfPf - ok
16:10:20.0201 3404 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:10:20.0264 3404 WUDFRd - ok
16:10:20.0295 3404 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:10:20.0326 3404 wudfsvc - ok
16:10:20.0357 3404 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:10:20.0389 3404 WwanSvc - ok
16:10:20.0467 3404 X6va006 - ok
16:10:20.0498 3404 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:10:20.0732 3404 \Device\Harddisk0\DR0 - ok
16:10:20.0732 3404 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
16:10:22.0900 3404 \Device\Harddisk1\DR1 - ok
16:10:22.0900 3404 Boot (0x1200) (bcc970058a80c4bc13c623751862e194) \Device\Harddisk0\DR0\Partition0
16:10:22.0900 3404 \Device\Harddisk0\DR0\Partition0 - ok
16:10:22.0916 3404 Boot (0x1200) (54dd5613a15ceda06910c724de429082) \Device\Harddisk1\DR1\Partition0
16:10:22.0916 3404 \Device\Harddisk1\DR1\Partition0 - ok
16:10:22.0916 3404 ============================================================
16:10:22.0916 3404 Scan finished
16:10:22.0916 3404 ============================================================
16:10:22.0916 2084 Detected object count: 4
16:10:22.0916 2084 Actual detected object count: 4
16:10:40.0794 2084 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
16:10:40.0794 2084 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
16:10:40.0794 2084 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - skipped by user
16:10:40.0794 2084 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:10:40.0794 2084 AntiVirService ( UnsignedFile.Multi.Generic ) - skipped by user
16:10:40.0794 2084 AntiVirService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:10:40.0810 2084 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:10:40.0810 2084 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:10:58.0984 4368 ============================================================
16:10:58.0984 4368 Scan started
16:10:58.0984 4368 Mode: Manual; SigCheck; TDLFS;
16:10:58.0984 4368 ============================================================
16:10:59.0452 4368 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:10:59.0468 4368 1394ohci - ok
16:10:59.0499 4368 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:10:59.0514 4368 ACPI - ok
16:10:59.0546 4368 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:10:59.0546 4368 AcpiPmi - ok
16:10:59.0592 4368 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:10:59.0608 4368 adp94xx - ok
16:10:59.0639 4368 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:10:59.0655 4368 adpahci - ok
16:10:59.0686 4368 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:10:59.0686 4368 adpu320 - ok
16:10:59.0733 4368 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:10:59.0748 4368 AeLookupSvc - ok
16:10:59.0795 4368 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:10:59.0811 4368 AFD - ok
16:10:59.0842 4368 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:10:59.0842 4368 agp440 - ok
16:11:00.0045 4368 Akamai (c775d704feb2b600a5bf7b0b088546af) c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll
16:11:00.0045 4368 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
16:11:00.0060 4368 Akamai ( HiddenFile.Multi.Generic ) - warning
16:11:00.0060 4368 Akamai - detected HiddenFile.Multi.Generic (1)
16:11:00.0107 4368 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:11:00.0107 4368 ALG - ok
16:11:00.0154 4368 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:11:00.0154 4368 aliide - ok
16:11:00.0170 4368 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:11:00.0185 4368 amdide - ok
16:11:00.0216 4368 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:11:00.0216 4368 AmdK8 - ok
16:11:00.0232 4368 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:11:00.0248 4368 AmdPPM - ok
16:11:00.0263 4368 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:11:00.0279 4368 amdsata - ok
16:11:00.0310 4368 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:11:00.0310 4368 amdsbs - ok
16:11:00.0326 4368 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:11:00.0341 4368 amdxata - ok
16:11:00.0388 4368 AntiVirSchedulerService (9015bc03f62940527ec92d45ee89e46f) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:11:00.0388 4368 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - warning
16:11:00.0388 4368 AntiVirSchedulerService - detected UnsignedFile.Multi.Generic (1)
16:11:00.0404 4368 AntiVirService (b8720a787c1223492e6f319465e996ce) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:11:00.0419 4368 AntiVirService ( UnsignedFile.Multi.Generic ) - warning
16:11:00.0419 4368 AntiVirService - detected UnsignedFile.Multi.Generic (1)
16:11:00.0450 4368 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:11:00.0466 4368 AppID - ok
16:11:00.0482 4368 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:11:00.0513 4368 AppIDSvc - ok
16:11:00.0544 4368 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:11:00.0560 4368 Appinfo - ok
16:11:00.0638 4368 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:11:00.0653 4368 Apple Mobile Device - ok
16:11:00.0684 4368 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:11:00.0700 4368 arc - ok
16:11:00.0716 4368 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:11:00.0731 4368 arcsas - ok
16:11:00.0762 4368 aspnet_state - ok
16:11:00.0794 4368 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:11:00.0840 4368 AsyncMac - ok
16:11:00.0856 4368 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:11:00.0872 4368 atapi - ok
16:11:00.0934 4368 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:11:00.0965 4368 AudioEndpointBuilder - ok
16:11:00.0965 4368 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:11:00.0996 4368 AudioSrv - ok
16:11:01.0028 4368 avgntflt (c30b5fc0adcdfba7668e99baf0cbf58e) C:\Windows\system32\DRIVERS\avgntflt.sys
16:11:01.0028 4368 avgntflt - ok
16:11:01.0059 4368 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:11:01.0074 4368 AxInstSV - ok
16:11:01.0106 4368 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:11:01.0137 4368 b06bdrv - ok
16:11:01.0152 4368 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:11:01.0168 4368 b57nd60a - ok
16:11:01.0199 4368 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:11:01.0215 4368 BDESVC - ok
16:11:01.0230 4368 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:11:01.0262 4368 Beep - ok
16:11:01.0308 4368 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:11:01.0340 4368 BFE - ok
16:11:01.0418 4368 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
16:11:01.0449 4368 BITS - ok
16:11:01.0496 4368 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:11:01.0511 4368 blbdrive - ok
16:11:01.0558 4368 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:11:01.0589 4368 Bonjour Service - ok
16:11:01.0605 4368 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:11:01.0620 4368 bowser - ok
16:11:01.0620 4368 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:11:01.0636 4368 BrFiltLo - ok
16:11:01.0652 4368 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:11:01.0667 4368 BrFiltUp - ok
16:11:01.0698 4368 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:11:01.0714 4368 Browser - ok
16:11:01.0761 4368 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:11:01.0776 4368 Brserid - ok
16:11:01.0808 4368 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:11:01.0808 4368 BrSerWdm - ok
16:11:01.0839 4368 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:11:01.0839 4368 BrUsbMdm - ok
16:11:01.0854 4368 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:11:01.0870 4368 BrUsbSer - ok
16:11:01.0886 4368 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:11:01.0901 4368 BTHMODEM - ok
16:11:01.0932 4368 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:11:01.0948 4368 bthserv - ok
16:11:01.0948 4368 catchme - ok
16:11:01.0979 4368 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:11:02.0010 4368 cdfs - ok
16:11:02.0042 4368 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:11:02.0057 4368 cdrom - ok
16:11:02.0073 4368 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:11:02.0104 4368 CertPropSvc - ok
16:11:02.0135 4368 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:11:02.0135 4368 circlass - ok
16:11:02.0166 4368 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:11:02.0182 4368 CLFS - ok
16:11:02.0229 4368 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:11:02.0244 4368 clr_optimization_v2.0.50727_32 - ok
16:11:02.0276 4368 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:11:02.0291 4368 clr_optimization_v2.0.50727_64 - ok
16:11:02.0338 4368 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:11:02.0354 4368 clr_optimization_v4.0.30319_32 - ok
16:11:02.0369 4368 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:11:02.0385 4368 clr_optimization_v4.0.30319_64 - ok
16:11:02.0416 4368 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:11:02.0432 4368 CmBatt - ok
16:11:02.0463 4368 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:11:02.0478 4368 cmdide - ok
16:11:02.0510 4368 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:11:02.0541 4368 CNG - ok
16:11:02.0572 4368 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:11:02.0572 4368 Compbatt - ok
16:11:02.0603 4368 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:11:02.0619 4368 CompositeBus - ok
16:11:02.0619 4368 COMSysApp - ok
16:11:02.0634 4368 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:11:02.0650 4368 crcdisk - ok
16:11:02.0697 4368 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:11:02.0712 4368 CryptSvc - ok
16:11:02.0759 4368 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:11:02.0806 4368 DcomLaunch - ok
16:11:02.0853 4368 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:11:02.0900 4368 defragsvc - ok
16:11:02.0931 4368 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:11:02.0946 4368 DfsC - ok
16:11:02.0962 4368 dg_ssudbus (113212d25d0c9bb8901a9833774da97f) C:\Windows\system32\DRIVERS\ssudbus.sys
16:11:02.0978 4368 dg_ssudbus - ok
16:11:03.0009 4368 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:11:03.0040 4368 Dhcp - ok
16:11:03.0071 4368 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:11:03.0102 4368 discache - ok
16:11:03.0118 4368 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:11:03.0118 4368 Disk - ok
16:11:03.0165 4368 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:11:03.0165 4368 Dnscache - ok
16:11:03.0196 4368 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:11:03.0227 4368 dot3svc - ok
16:11:03.0258 4368 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:11:03.0290 4368 DPS - ok
16:11:03.0305 4368 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:11:03.0305 4368 drmkaud - ok
16:11:03.0321 4368 dump_wmimmc - ok
16:11:03.0383 4368 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:11:03.0414 4368 DXGKrnl - ok
16:11:03.0430 4368 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
16:11:03.0446 4368 E1G60 - ok
16:11:03.0477 4368 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:11:03.0492 4368 EapHost - ok
16:11:03.0664 4368 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:11:03.0711 4368 ebdrv - ok
16:11:03.0773 4368 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:11:03.0789 4368 EFS - ok
16:11:03.0836 4368 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:11:03.0851 4368 ehRecvr - ok
16:11:03.0882 4368 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:11:03.0898 4368 ehSched - ok
16:11:03.0945 4368 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:11:03.0945 4368 elxstor - ok
16:11:03.0976 4368 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:11:03.0992 4368 ErrDev - ok
16:11:04.0023 4368 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:11:04.0054 4368 EventSystem - ok
16:11:04.0085 4368 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:11:04.0116 4368 exfat - ok
16:11:04.0132 4368 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:11:04.0163 4368 fastfat - ok
16:11:04.0210 4368 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:11:04.0226 4368 Fax - ok
16:11:04.0257 4368 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:11:04.0272 4368 fdc - ok
16:11:04.0272 4368 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:11:04.0304 4368 fdPHost - ok
16:11:04.0319 4368 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:11:04.0350 4368 FDResPub - ok
16:11:04.0366 4368 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:11:04.0366 4368 FileInfo - ok
16:11:04.0382 4368 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:11:04.0397 4368 Filetrace - ok
16:11:04.0428 4368 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:11:04.0444 4368 flpydisk - ok
16:11:04.0475 4368 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:11:04.0491 4368 FltMgr - ok
16:11:04.0569 4368 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:11:04.0584 4368 FontCache - ok
16:11:04.0631 4368 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:11:04.0647 4368 FontCache3.0.0.0 - ok
16:11:04.0678 4368 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:11:04.0678 4368 FsDepends - ok
16:11:04.0709 4368 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:11:04.0709 4368 Fs_Rec - ok
16:11:04.0740 4368 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:11:04.0756 4368 fvevol - ok
16:11:04.0787 4368 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:11:04.0803 4368 gagp30kx - ok
16:11:04.0803 4368 gdrv - ok
16:11:04.0834 4368 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:11:04.0834 4368 GEARAspiWDM - ok
16:11:04.0896 4368 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:11:04.0928 4368 gpsvc - ok
16:11:04.0959 4368 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:11:04.0959 4368 hcw85cir - ok
16:11:05.0006 4368 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:11:05.0021 4368 HdAudAddService - ok
16:11:05.0037 4368 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:11:05.0037 4368 HDAudBus - ok
16:11:05.0068 4368 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:11:05.0084 4368 HidBatt - ok
16:11:05.0099 4368 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:11:05.0115 4368 HidBth - ok
16:11:05.0130 4368 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:11:05.0130 4368 HidIr - ok
16:11:05.0162 4368 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:11:05.0193 4368 hidserv - ok
16:11:05.0193 4368 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:11:05.0208 4368 HidUsb - ok
16:11:05.0240 4368 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:11:05.0271 4368 hkmsvc - ok
16:11:05.0302 4368 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:11:05.0318 4368 HomeGroupListener - ok
16:11:05.0349 4368 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:11:05.0364 4368 HomeGroupProvider - ok
16:11:05.0396 4368 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:11:05.0396 4368 HpSAMD - ok
16:11:05.0458 4368 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:11:05.0489 4368 HTTP - ok
16:11:05.0520 4368 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:11:05.0520 4368 hwpolicy - ok
16:11:05.0552 4368 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:11:05.0567 4368 i8042prt - ok
16:11:05.0598 4368 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:11:05.0614 4368 iaStorV - ok
16:11:05.0692 4368 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:11:05.0692 4368 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:11:05.0692 4368 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:11:05.0770 4368 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:11:05.0786 4368 idsvc - ok
16:11:05.0848 4368 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:11:05.0864 4368 iirsp - ok
16:11:05.0926 4368 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:11:05.0973 4368 IKEEXT - ok
16:11:06.0066 4368 IntcAzAudAddService (135856ac71116ccff05ed8481745241b) C:\Windows\system32\drivers\RTKVHD64.sys
16:11:06.0098 4368 IntcAzAudAddService - ok
16:11:06.0160 4368 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:11:06.0176 4368 intelide - ok
16:11:06.0191 4368 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:11:06.0207 4368 intelppm - ok
16:11:06.0222 4368 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:11:06.0254 4368 IPBusEnum - ok
16:11:06.0285 4368 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:11:06.0300 4368 IpFilterDriver - ok
16:11:06.0347 4368 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:11:06.0378 4368 iphlpsvc - ok
16:11:06.0410 4368 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:11:06.0425 4368 IPMIDRV - ok
16:11:06.0456 4368 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:11:06.0472 4368 IPNAT - ok
16:11:06.0566 4368 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
16:11:06.0581 4368 iPod Service - ok
16:11:06.0581 4368 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:11:06.0597 4368 IRENUM - ok
16:11:06.0612 4368 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:11:06.0628 4368 isapnp - ok
16:11:06.0659 4368 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:11:06.0659 4368 iScsiPrt - ok
16:11:06.0690 4368 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:11:06.0690 4368 kbdclass - ok
16:11:06.0722 4368 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:11:06.0722 4368 kbdhid - ok
16:11:06.0753 4368 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:11:06.0768 4368 KeyIso - ok
16:11:06.0784 4368 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:11:06.0784 4368 KSecDD - ok
16:11:06.0800 4368 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:11:06.0815 4368 KSecPkg - ok
16:11:06.0831 4368 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:11:06.0846 4368 ksthunk - ok
16:11:06.0878 4368 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:11:06.0909 4368 KtmRm - ok
16:11:06.0940 4368 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
16:11:06.0971 4368 LanmanServer - ok
16:11:06.0987 4368 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:11:07.0018 4368 LanmanWorkstation - ok
16:11:07.0034 4368 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:11:07.0065 4368 lltdio - ok
16:11:07.0096 4368 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:11:07.0127 4368 lltdsvc - ok
16:11:07.0143 4368 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:11:07.0174 4368 lmhosts - ok
16:11:07.0205 4368 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:11:07.0221 4368 LSI_FC - ok
16:11:07.0236 4368 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:11:07.0252 4368 LSI_SAS - ok
16:11:07.0283 4368 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:11:07.0283 4368 LSI_SAS2 - ok
16:11:07.0314 4368 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:11:07.0330 4368 LSI_SCSI - ok
16:11:07.0330 4368 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:11:07.0361 4368 luafv - ok
16:11:07.0392 4368 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:11:07.0392 4368 Mcx2Svc - ok
16:11:07.0424 4368 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:11:07.0424 4368 megasas - ok
16:11:07.0470 4368 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:11:07.0486 4368 MegaSR - ok
16:11:07.0502 4368 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:11:07.0533 4368 MMCSS - ok
16:11:07.0548 4368 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:11:07.0580 4368 Modem - ok
16:11:07.0595 4368 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:11:07.0595 4368 monitor - ok
16:11:07.0626 4368 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:11:07.0642 4368 mouclass - ok
16:11:07.0673 4368 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:11:07.0673 4368 mouhid - ok
16:11:07.0704 4368 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:11:07.0720 4368 mountmgr - ok
16:11:07.0736 4368 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:11:07.0751 4368 mpio - ok
16:11:07.0767 4368 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:11:07.0798 4368 mpsdrv - ok
16:11:07.0860 4368 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:11:07.0892 4368 MpsSvc - ok
16:11:07.0938 4368 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:11:07.0938 4368 MRxDAV - ok
16:11:07.0970 4368 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:11:07.0985 4368 mrxsmb - ok
16:11:08.0032 4368 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:11:08.0032 4368 mrxsmb10 - ok
16:11:08.0048 4368 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:11:08.0063 4368 mrxsmb20 - ok
16:11:08.0094 4368 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:11:08.0094 4368 msahci - ok
16:11:08.0126 4368 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:11:08.0141 4368 msdsm - ok
16:11:08.0172 4368 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:11:08.0188 4368 MSDTC - ok
16:11:08.0204 4368 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:11:08.0219 4368 Msfs - ok
16:11:08.0235 4368 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:11:08.0266 4368 mshidkmdf - ok
16:11:08.0266 4368 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:11:08.0282 4368 msisadrv - ok
16:11:08.0313 4368 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:11:08.0328 4368 MSiSCSI - ok
16:11:08.0344 4368 msiserver - ok
16:11:08.0344 4368 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:11:08.0375 4368 MSKSSRV - ok
16:11:08.0391 4368 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:11:08.0406 4368 MSPCLOCK - ok
16:11:08.0422 4368 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:11:08.0438 4368 MSPQM - ok
16:11:08.0484 4368 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:11:08.0500 4368 MsRPC - ok
16:11:08.0531 4368 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:11:08.0531 4368 mssmbios - ok
16:11:08.0547 4368 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:11:08.0578 4368 MSTEE - ok
16:11:08.0594 4368 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:11:08.0609 4368 MTConfig - ok
16:11:08.0625 4368 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:11:08.0625 4368 Mup - ok
16:11:08.0672 4368 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:11:08.0703 4368 napagent - ok
16:11:08.0734 4368 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:11:08.0750 4368 NativeWifiP - ok
16:11:08.0796 4368 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:11:08.0812 4368 NDIS - ok
16:11:08.0828 4368 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:11:08.0859 4368 NdisCap - ok
16:11:08.0874 4368 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:11:08.0890 4368 NdisTapi - ok
16:11:08.0921 4368 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:11:08.0952 4368 Ndisuio - ok
16:11:08.0984 4368 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:11:08.0999 4368 NdisWan - ok
16:11:09.0030 4368 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:11:09.0062 4368 NDProxy - ok
16:11:09.0077 4368 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:11:09.0093 4368 NetBIOS - ok
16:11:09.0124 4368 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:11:09.0155 4368 NetBT - ok
16:11:09.0186 4368 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:11:09.0186 4368 Netlogon - ok
16:11:09.0233 4368 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:11:09.0264 4368 Netman - ok
16:11:09.0296 4368 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:11:09.0327 4368 netprofm - ok
16:11:09.0374 4368 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:11:09.0389 4368 NetTcpPortSharing - ok
16:11:09.0405 4368 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:11:09.0420 4368 nfrd960 - ok
16:11:09.0452 4368 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:11:09.0483 4368 NlaSvc - ok
16:11:09.0514 4368 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:11:09.0545 4368 Npfs - ok
16:11:09.0545 4368 npggsvc - ok
16:11:09.0561 4368 NPPTNT2 - ok
16:11:09.0561 4368 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:11:09.0592 4368 nsi - ok
16:11:09.0608 4368 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:11:09.0639 4368 nsiproxy - ok
16:11:09.0732 4368 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:11:09.0764 4368 Ntfs - ok
16:11:09.0826 4368 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:11:09.0857 4368 Null - ok
16:11:10.0434 4368 nvlddmkm (aaf5559039e99d0cc22e25255f3dc06e) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:11:10.0606 4368 nvlddmkm - ok
16:11:10.0684 4368 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:11:10.0700 4368 nvraid - ok
16:11:10.0715 4368 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:11:10.0731 4368 nvstor - ok
16:11:10.0762 4368 nvsvc (c20f9e2deec656c67f7986dd3a50ec62) C:\Windows\system32\nvvsvc.exe
16:11:10.0778 4368 nvsvc - ok
16:11:10.0793 4368 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:11:10.0809 4368 nv_agp - ok
16:11:10.0887 4368 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:11:10.0902 4368 odserv - ok
16:11:10.0934 4368 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:11:10.0949 4368 ohci1394 - ok
16:11:10.0980 4368 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:11:10.0980 4368 ose - ok
16:11:11.0027 4368 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:11:11.0027 4368 p2pimsvc - ok
16:11:11.0074 4368 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:11:11.0090 4368 p2psvc - ok
16:11:11.0105 4368 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:11:11.0121 4368 Parport - ok
16:11:11.0152 4368 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:11:11.0152 4368 partmgr - ok
16:11:11.0168 4368 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:11:11.0183 4368 PcaSvc - ok
16:11:11.0199 4368 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:11:11.0214 4368 pci - ok
16:11:11.0230 4368 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:11:11.0230 4368 pciide - ok
16:11:11.0277 4368 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:11:11.0292 4368 pcmcia - ok
16:11:11.0308 4368 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:11:11.0324 4368 pcw - ok
16:11:11.0355 4368 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:11:11.0386 4368 PEAUTH - ok
16:11:11.0433 4368 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:11:11.0448 4368 PerfHost - ok
16:11:11.0542 4368 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:11:11.0589 4368 pla - ok
16:11:11.0589 4368 PLCNDIS5 - ok
16:11:11.0636 4368 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:11:11.0636 4368 PlugPlay - ok
16:11:11.0651 4368 PnkBstrA - ok
16:11:11.0651 4368 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:11:11.0667 4368 PNRPAutoReg - ok
16:11:11.0682 4368 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:11:11.0698 4368 PNRPsvc - ok
16:11:11.0729 4368 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:11:11.0760 4368 PolicyAgent - ok
16:11:11.0807 4368 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:11:11.0823 4368 Power - ok
16:11:11.0870 4368 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:11:11.0901 4368 PptpMiniport - ok
16:11:11.0916 4368 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:11:11.0916 4368 Processor - ok
16:11:11.0963 4368 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:11:11.0963 4368 ProfSvc - ok
16:11:11.0994 4368 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:11:12.0010 4368 ProtectedStorage - ok
16:11:12.0041 4368 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:11:12.0088 4368 Psched - ok
16:11:12.0119 4368 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
16:11:12.0135 4368 PSI - ok
16:11:12.0166 4368 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:11:12.0182 4368 PSI_SVC_2 - ok
16:11:12.0275 4368 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:11:12.0306 4368 ql2300 - ok
16:11:12.0369 4368 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:11:12.0384 4368 ql40xx - ok
16:11:12.0416 4368 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:11:12.0447 4368 QWAVE - ok
16:11:12.0462 4368 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:11:12.0478 4368 QWAVEdrv - ok
16:11:12.0478 4368 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:11:12.0509 4368 RasAcd - ok
16:11:12.0540 4368 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:11:12.0572 4368 RasAgileVpn - ok
16:11:12.0587 4368 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:11:12.0618 4368 RasAuto - ok
16:11:12.0650 4368 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:11:12.0665 4368 Rasl2tp - ok
16:11:12.0712 4368 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:11:12.0743 4368 RasMan - ok
16:11:12.0868 4368 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:11:12.0915 4368 RasPppoe - ok
16:11:12.0930 4368 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:11:12.0946 4368 RasSstp - ok
16:11:12.0977 4368 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:11:13.0008 4368 rdbss - ok
16:11:13.0040 4368 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:11:13.0055 4368 rdpbus - ok
16:11:13.0055 4368 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:11:13.0086 4368 RDPCDD - ok
16:11:13.0102 4368 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:11:13.0118 4368 RDPENCDD - ok
16:11:13.0133 4368 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:11:13.0164 4368 RDPREFMP - ok
16:11:13.0196 4368 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:11:13.0211 4368 RDPWD - ok
16:11:13.0242 4368 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:11:13.0258 4368 rdyboost - ok
16:11:13.0274 4368 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:11:13.0305 4368 RemoteAccess - ok
16:11:13.0336 4368 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:11:13.0367 4368 RemoteRegistry - ok
16:11:13.0383 4368 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:11:13.0398 4368 RpcEptMapper - ok
16:11:13.0430 4368 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:11:13.0445 4368 RpcLocator - ok
16:11:13.0476 4368 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:11:13.0508 4368 RpcSs - ok
16:11:13.0523 4368 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:11:13.0554 4368 rspndr - ok
16:11:13.0586 4368 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:11:13.0601 4368 RTL8167 - ok
16:11:13.0617 4368 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:11:13.0632 4368 SamSs - ok
16:11:13.0664 4368 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:11:13.0679 4368 sbp2port - ok
16:11:13.0710 4368 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:11:13.0742 4368 SCardSvr - ok
16:11:13.0757 4368 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:11:13.0788 4368 scfilter - ok
16:11:13.0866 4368 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:11:13.0913 4368 Schedule - ok
16:11:13.0929 4368 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:11:13.0960 4368 SCPolicySvc - ok
16:11:13.0976 4368 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:11:13.0991 4368 SDRSVC - ok
16:11:14.0007 4368 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:11:14.0038 4368 secdrv - ok
16:11:14.0069 4368 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:11:14.0085 4368 seclogon - ok
16:11:14.0194 4368 Secunia PSI Agent (fc4842cecaf2a938be13a6c534034088) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
16:11:14.0210 4368 Secunia PSI Agent - ok
16:11:14.0241 4368 Secunia Update Agent (401c960e9c95d35cffb17ca57c4406fb) C:\Program Files (x86)\Secunia\PSI\sua.exe
16:11:14.0241 4368 Secunia Update Agent - ok
16:11:14.0319 4368 seehcri (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys
16:11:14.0334 4368 seehcri - ok
16:11:14.0366 4368 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:11:14.0397 4368 SENS - ok
16:11:14.0412 4368 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:11:14.0412 4368 SensrSvc - ok
16:11:14.0444 4368 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:11:14.0459 4368 Serenum - ok
16:11:14.0490 4368 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:11:14.0490 4368 Serial - ok
16:11:14.0522 4368 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:11:14.0537 4368 sermouse - ok
16:11:14.0568 4368 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:11:14.0584 4368 SessionEnv - ok
16:11:14.0615 4368 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:11:14.0615 4368 sffdisk - ok
16:11:14.0646 4368 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:11:14.0662 4368 sffp_mmc - ok
16:11:14.0678 4368 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:11:14.0678 4368 sffp_sd - ok
16:11:14.0709 4368 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:11:14.0724 4368 sfloppy - ok
16:11:14.0756 4368 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:11:14.0787 4368 SharedAccess - ok
16:11:14.0834 4368 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:11:14.0849 4368 ShellHWDetection - ok
16:11:14.0880 4368 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:11:14.0880 4368 SiSRaid2 - ok
16:11:14.0912 4368 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:11:14.0927 4368 SiSRaid4 - ok
16:11:14.0943 4368 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:11:14.0974 4368 Smb - ok
16:11:14.0990 4368 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:11:15.0005 4368 SNMPTRAP - ok
16:11:15.0005 4368 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:11:15.0021 4368 spldr - ok
16:11:15.0068 4368 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:11:15.0099 4368 Spooler - ok
16:11:15.0255 4368 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:11:15.0317 4368 sppsvc - ok
16:11:15.0380 4368 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:11:15.0426 4368 sppuinotify - ok
16:11:15.0473 4368 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:11:15.0489 4368 srv - ok
16:11:15.0520 4368 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:11:15.0520 4368 srv2 - ok
16:11:15.0536 4368 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:11:15.0551 4368 srvnet - ok
16:11:15.0582 4368 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:11:15.0614 4368 SSDPSRV - ok
16:11:15.0629 4368 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:11:15.0660 4368 SstpSvc - ok
16:11:15.0676 4368 ssudmdm (78cd64791f8634cf7b582fd085e57c4b) C:\Windows\system32\DRIVERS\ssudmdm.sys
16:11:15.0692 4368 ssudmdm - ok
16:11:15.0723 4368 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:11:15.0738 4368 stexstor - ok
16:11:15.0770 4368 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:11:15.0801 4368 stisvc - ok
16:11:15.0816 4368 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:11:15.0832 4368 swenum - ok
16:11:15.0863 4368 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:11:15.0894 4368 swprv - ok
16:11:15.0988 4368 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:11:16.0019 4368 SysMain - ok
16:11:16.0082 4368 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:11:16.0097 4368 TabletInputService - ok
16:11:16.0128 4368 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:11:16.0160 4368 TapiSrv - ok
16:11:16.0175 4368 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:11:16.0206 4368 TBS - ok
16:11:16.0331 4368 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:11:16.0378 4368 Tcpip - ok
16:11:16.0503 4368 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:11:16.0534 4368 TCPIP6 - ok
16:11:16.0581 4368 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:11:16.0612 4368 tcpipreg - ok
16:11:16.0628 4368 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:11:16.0643 4368 TDPIPE - ok
16:11:16.0659 4368 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:11:16.0675 4368 TDTCP - ok
16:11:16.0706 4368 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:11:16.0721 4368 tdx - ok
16:11:16.0753 4368 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:11:16.0768 4368 TermDD - ok
16:11:16.0831 4368 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:11:16.0877 4368 TermService - ok
16:11:16.0877 4368 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:11:16.0893 4368 Themes - ok
16:11:16.0924 4368 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:11:16.0955 4368 THREADORDER - ok
16:11:16.0971 4368 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:11:17.0002 4368 TrkWks - ok
16:11:17.0049 4368 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:11:17.0080 4368 TrustedInstaller - ok
16:11:17.0111 4368 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:11:17.0158 4368 tssecsrv - ok
16:11:17.0189 4368 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:11:17.0189 4368 TsUsbFlt - ok
16:11:17.0221 4368 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:11:17.0252 4368 tunnel - ok
16:11:17.0267 4368 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:11:17.0283 4368 uagp35 - ok
16:11:17.0314 4368 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:11:17.0345 4368 udfs - ok
16:11:17.0361 4368 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:11:17.0377 4368 UI0Detect - ok
16:11:17.0392 4368 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:11:17.0392 4368 uliagpkx - ok
16:11:17.0423 4368 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:11:17.0423 4368 umbus - ok
16:11:17.0455 4368 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:11:17.0455 4368 UmPass - ok
16:11:17.0470 4368 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:11:17.0501 4368 upnphost - ok
16:11:17.0533 4368 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
16:11:17.0533 4368 USBAAPL64 - ok
16:11:17.0548 4368 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:11:17.0564 4368 usbccgp - ok
16:11:17.0595 4368 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:11:17.0595 4368 usbcir - ok
16:11:17.0626 4368 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:11:17.0642 4368 usbehci - ok
16:11:17.0689 4368 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:11:17.0689 4368 usbhub - ok
16:11:17.0704 4368 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:11:17.0704 4368 usbohci - ok
16:11:17.0720 4368 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:11:17.0735 4368 usbprint - ok
16:11:17.0751 4368 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:11:17.0751 4368 USBSTOR - ok
16:11:17.0782 4368 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:11:17.0798 4368 usbuhci - ok
16:11:17.0798 4368 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:11:17.0829 4368 UxSms - ok
16:11:17.0860 4368 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:11:17.0860 4368 VaultSvc - ok
16:11:17.0907 4368 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:11:17.0923 4368 vdrvroot - ok
16:11:18.0063 4368 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:11:18.0125 4368 vds - ok
16:11:18.0157 4368 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:11:18.0157 4368 vga - ok
16:11:18.0172 4368 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:11:18.0203 4368 VgaSave - ok
16:11:18.0219 4368 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:11:18.0235 4368 vhdmp - ok
16:11:18.0250 4368 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:11:18.0266 4368 viaide - ok
16:11:18.0266 4368 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:11:18.0281 4368 volmgr - ok
16:11:18.0328 4368 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:11:18.0344 4368 volmgrx - ok
16:11:18.0375 4368 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:11:18.0391 4368 volsnap - ok
16:11:18.0406 4368 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:11:18.0422 4368 vsmraid - ok
16:11:18.0515 4368 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:11:18.0562 4368 VSS - ok
16:11:18.0625 4368 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
16:11:18.0640 4368 vwifibus - ok
16:11:18.0671 4368 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:11:18.0703 4368 W32Time - ok
16:11:18.0718 4368 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:11:18.0734 4368 WacomPen - ok
16:11:18.0749 4368 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:11:18.0765 4368 WANARP - ok
16:11:18.0781 4368 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:11:18.0796 4368 Wanarpv6 - ok
16:11:18.0905 4368 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:11:18.0937 4368 wbengine - ok
16:11:18.0983 4368 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:11:18.0999 4368 WbioSrvc - ok
16:11:19.0030 4368 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:11:19.0046 4368 wcncsvc - ok
16:11:19.0061 4368 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:11:19.0061 4368 WcsPlugInService - ok
16:11:19.0093 4368 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:11:19.0108 4368 Wd - ok
16:11:19.0139 4368 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:11:19.0155 4368 Wdf01000 - ok
16:11:19.0155 4368 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:11:19.0171 4368 WdiServiceHost - ok
16:11:19.0186 4368 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:11:19.0202 4368 WdiSystemHost - ok
16:11:19.0233 4368 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:11:19.0249 4368 WebClient - ok
16:11:19.0264 4368 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:11:19.0295 4368 Wecsvc - ok
16:11:19.0311 4368 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:11:19.0342 4368 wercplsupport - ok
16:11:19.0342 4368 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:11:19.0373 4368 WerSvc - ok
16:11:19.0389 4368 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:11:19.0420 4368 WfpLwf - ok
16:11:19.0436 4368 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:11:19.0436 4368 WIMMount - ok
16:11:19.0451 4368 WinDefend - ok
16:11:19.0467 4368 WinHttpAutoProxySvc - ok
16:11:19.0514 4368 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:11:19.0561 4368 Winmgmt - ok
16:11:19.0670 4368 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:11:19.0717 4368 WinRM - ok
16:11:19.0795 4368 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:11:19.0795 4368 WinUsb - ok
16:11:19.0873 4368 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:11:19.0904 4368 Wlansvc - ok
16:11:19.0935 4368 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:11:19.0951 4368 WmiAcpi - ok
16:11:19.0982 4368 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:11:19.0997 4368 wmiApSrv - ok
16:11:19.0997 4368 WMPNetworkSvc - ok
16:11:20.0013 4368 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:11:20.0029 4368 WPCSvc - ok
16:11:20.0060 4368 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:11:20.0060 4368 WPDBusEnum - ok
16:11:20.0091 4368 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:11:20.0138 4368 ws2ifsl - ok
16:11:20.0169 4368 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
16:11:20.0185 4368 wscsvc - ok
16:11:20.0200 4368 WSearch - ok
16:11:20.0325 4368 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:11:20.0387 4368 wuauserv - ok
16:11:20.0465 4368 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:11:20.0497 4368 WudfPf - ok
16:11:20.0512 4368 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:20.0543 4368 WUDFRd - ok
16:11:20.0575 4368 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:11:20.0606 4368 wudfsvc - ok
16:11:20.0621 4368 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:11:20.0637 4368 WwanSvc - ok
16:11:20.0715 4368 X6va006 - ok
16:11:20.0746 4368 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:11:20.0965 4368 \Device\Harddisk0\DR0 - ok
16:11:20.0980 4368 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
16:11:23.0102 4368 \Device\Harddisk1\DR1 - ok
16:11:23.0102 4368 Boot (0x1200) (bcc970058a80c4bc13c623751862e194) \Device\Harddisk0\DR0\Partition0
16:11:23.0102 4368 \Device\Harddisk0\DR0\Partition0 - ok
16:11:23.0102 4368 Boot (0x1200) (54dd5613a15ceda06910c724de429082) \Device\Harddisk1\DR1\Partition0
16:11:23.0102 4368 \Device\Harddisk1\DR1\Partition0 - ok
16:11:23.0102 4368 ============================================================
16:11:23.0102 4368 Scan finished
16:11:23.0102 4368 ============================================================
16:11:23.0117 0608 Detected object count: 4
16:11:23.0117 0608 Actual detected object count: 4
16:11:30.0449 0608 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
16:11:30.0449 0608 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
16:11:30.0449 0608 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - skipped by user
16:11:30.0449 0608 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:11:30.0449 0608 AntiVirService ( UnsignedFile.Multi.Generic ) - skipped by user
16:11:30.0449 0608 AntiVirService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:11:30.0465 0608 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:11:30.0465 0608 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
18.06.2012, 09:16
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner verschickt Spam-Mails - Runde 2 Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
23.06.2012, 10:47
| #19 |
| | Trojaner verschickt Spam-Mails - Runde 2 CF: Code:
ATTFilter ComboFix 12-06-21.03 - Falko 22.06.2012 14:47:33.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4094.2892 [GMT 2:00]
ausgeführt von:: c:\users\Falcao\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-05-22 bis 2012-06-22 ))))))))))))))))))))))))))))))
.
.
2012-06-22 12:52 . 2012-06-22 17:00 -------- d-----w- c:\users\Falko\AppData\Local\temp
2012-06-22 12:52 . 2012-06-22 12:52 -------- d-----w- c:\users\test\AppData\Local\temp
2012-06-22 12:52 . 2012-06-22 12:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-06-22 12:52 . 2012-06-22 12:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-22 11:17 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2A06FE94-83E4-4146-97A5-FEEE927EF007}\mpengine.dll
2012-06-21 12:18 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 12:18 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 12:18 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 12:18 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 12:18 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 12:18 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 12:18 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 12:18 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 12:18 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-13 11:31 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 11:31 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 11:31 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-05 16:09 . 2010-04-16 12:26 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-04 13:56 . 2011-12-07 19:35 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-30 11:35 . 2012-05-10 12:20 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-09-26 17353352]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"REGSHAVE"="c:\program files (x86)\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2010-06-17 370176]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Falcao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Exif Launcher.lnk - c:\programme\FinePixViewer\QuickDCF.exe [N/A]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-7-29 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\ShotOnline\GameGuard\dump_wmimmc.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 X6va006;X6va006;c:\users\Falko\AppData\Local\Temp\0061BA5.tmp [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-07-29 994360]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-07-29 399416]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-06-25 7883296]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-06-25 1833504]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\Falko\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Falko\AppData\Roaming\Mozilla\Firefox\Profiles\iaqjpe1s.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Carte - c:\gamescampus\DE\Carte\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\X6va006]
"ImagePath"="\??\c:\users\Falko\AppData\Local\Temp\0061BA5.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-22 19:04:37 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-06-22 17:04
ComboFix2.txt 2011-12-12 19:25
.
Vor Suchlauf: 19 Verzeichnis(se), 497.614.512.128 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 497.892.564.992 Bytes frei
.
- - End Of File - - FC31251E7F7FB580F7B6F75AE2CBE248
|
|
24.06.2012, 16:13
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner verschickt Spam-Mails - Runde 2 Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.06.2012, 12:22
| #21 |
| | Trojaner verschickt Spam-Mails - Runde 2 GMER hat nichts gefunden, und es gab kein Log - ist das richtig so? OSAM: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 13:20:57 on 30.06.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 11.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLCFG32.CPL "Pando" - "Pando Networks" - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "dump_wmimmc" (dump_wmimmc) - ? - C:\Program Files (x86)\ShotOnline\GameGuard\dump_wmimmc.sys (File not found) "gdrv" (gdrv) - ? - C:\Windows\gdrv.sys (File not found) "NPPTNT2" (NPPTNT2) - ? - C:\Windows\system32\npptNT2.sys (File not found) "PLCNDIS5 NDIS Protocol Driver" (PLCNDIS5) - ? - C:\Windows\system32\plcndis5.sys (File not found) "PSI" (PSI) - "Secunia" - C:\Windows\System32\DRIVERS\psi_mf.sys "X6va006" (X6va006) - ? - C:\Users\Falko\AppData\Local\Temp\0061BA5.tmp (File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\Win32\XCShInfo.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\OLKFSTUB.DLL {CF822AB4-6DB5-4FDA-BC28-E61DF36D2583} "PDF-XChange PDF Preview Provider" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\Win32\XCShInfo.dll {67EB453C-1BE1-48EC-AAF3-23B10277FCC1} "PDF-XChange PDF Property Handler" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\Win32\XCShInfo.dll {EBD0B8F4-A9A0-41B7-9695-030CD264D9C8} "PDF-XChange PDF Thumbnail Provider" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\Win32\XCShInfo.dll {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\Win32\XCShInfo.dll [Internet Explorer] -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "PokerStars.net" - "PokerStars" - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Exif Launcher.lnk" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Exif Launcher.lnk (Shortcut exists | File not found) "Secunia PSI Tray.lnk" - "Secunia" - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "MobileDocuments" - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe "Skype" - "Skype Technologies S.A." - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira GmbH" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "DivXUpdate" - ? - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "FreePDF Assistant" - "shbox.de" - C:\Program Files (x86)\FreePDF_XP\fpassist.exe "iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "REGSHAVE" - "FUJI PHOTO FILM CO., LTD." - C:\Program Files (x86)\REGSHAVE\REGSHAVE.EXE /AUTORUN "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) "Redirected Port" - ? - C:\Windows\system32\redmonnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "Akamai NetSession Interface" (Akamai) - ? - c:\program files (x86)\common files\akamai\netsession_win_80c2ffa.dll (File found, but it contains no detailed information) "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - ? - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (File not found) "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "nProtect GameGuard Service" (npggsvc) - ? - C:\Windows\system32\GameMon.des -service (File not found) "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe (File not found) "Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe "Secunia PSI Agent" (Secunia PSI Agent) - "Secunia" - C:\Program Files (x86)\Secunia\PSI\PSIA.exe "Secunia Update Agent" (Secunia Update Agent) - "Secunia" - C:\Program Files (x86)\Secunia\PSI\sua.exe "Windows Media Player-Netzwerkfreigabedienst" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - ? - C:\Windows\system32\HITMAN~1.SCR (File not found) [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-12 22:25:53
-----------------------------
22:25:53.946 OS Version: Windows x64 6.1.7600
22:25:53.947 Number of processors: 2 586 0x170A
22:25:53.947 ComputerName: FALKO-PC UserName: Falko
22:25:55.656 Initialize success
22:33:00.222 AVAST engine defs: 11121201
22:33:23.395 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:33:23.397 Disk 0 Vendor: WDC_WD6400AAKS-22A7B2 01.03B01 Size: 610479MB BusType: 3
22:33:25.424 Disk 0 MBR read successfully
22:33:25.426 Disk 0 MBR scan
22:33:25.435 Disk 0 Windows 7 default MBR code
22:33:25.438 Service scanning
22:33:26.437 Modules scanning
22:33:26.439 Disk 0 trace - called modules:
22:33:26.443 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys
22:33:26.445 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048c4060]
22:33:26.448 3 CLASSPNP.SYS[fffff8800192243f] -> nt!IofCallDriver -> [0xfffffa80043759b0]
22:33:26.450 5 ACPI.sys[fffff88000f83781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004372060]
22:33:27.438 AVAST engine scan C:\Windows
22:33:31.497 AVAST engine scan C:\Windows\system32
22:34:53.847 AVAST engine scan C:\Windows\system32\drivers
22:35:02.039 AVAST engine scan C:\Users\Falko
22:35:20.164 AVAST engine scan C:\ProgramData
22:35:58.975 Scan finished successfully
22:36:06.836 Disk 0 MBR has been saved successfully to "C:\Users\Falko\Desktop\MBR.dat"
22:36:06.840 The log file has been saved successfully to "C:\Users\Falko\Desktop\aswMBR.txt"
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-12 22:40:32
-----------------------------
22:40:32.108 OS Version: Windows x64 6.1.7600
22:40:32.108 Number of processors: 2 586 0x170A
22:40:32.109 ComputerName: FALKO-PC UserName: Falko
22:40:33.630 Initialize success
22:40:36.483 AVAST engine defs: 11121201
22:40:39.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:40:39.469 Disk 0 Vendor: WDC_WD6400AAKS-22A7B2 01.03B01 Size: 610479MB BusType: 3
22:40:41.477 Disk 0 MBR read successfully
22:40:41.477 Disk 0 MBR scan
22:40:41.477 Disk 0 Windows 7 default MBR code
22:40:41.477 Service scanning
22:40:42.487 Modules scanning
22:40:42.487 Disk 0 trace - called modules:
22:40:42.487 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys
22:40:42.497 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048c4060]
22:40:42.497 3 CLASSPNP.SYS[fffff8800192243f] -> nt!IofCallDriver -> [0xfffffa80043759b0]
22:40:42.497 5 ACPI.sys[fffff88000f83781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004372060]
22:40:43.777 AVAST engine scan C:\Windows
22:40:50.937 AVAST engine scan C:\Windows\system32
22:41:59.197 AVAST engine scan C:\Windows\system32\drivers
22:42:07.137 AVAST engine scan C:\Users\Falko
22:42:22.957 AVAST engine scan C:\ProgramData
22:42:54.067 Scan finished successfully
22:43:15.769 Disk 0 MBR has been saved successfully to "C:\Users\Falko\Desktop\MBR.dat"
22:43:15.769 The log file has been saved successfully to "C:\Users\Falko\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-30 13:24:41
-----------------------------
13:24:41.501 OS Version: Windows x64 6.1.7601 Service Pack 1
13:24:41.501 Number of processors: 2 586 0x170A
13:24:41.501 ComputerName: FALKO-PC UserName: Falko
13:24:42.578 Initialize success
13:28:54.961 AVAST engine defs: 12063000
13:29:40.060 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:29:40.060 Disk 0 Vendor: WDC_WD6400AAKS-22A7B2 01.03B01 Size: 610479MB BusType: 3
13:29:40.060 Disk 0 MBR read successfully
13:29:40.060 Disk 0 MBR scan
13:29:40.076 Disk 0 Windows 7 default MBR code
13:29:40.076 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 610477 MB offset 63
13:29:40.092 Disk 0 scanning C:\Windows\system32\drivers
13:29:47.361 Service scanning
13:30:01.292 Modules scanning
13:30:01.292 Disk 0 trace - called modules:
13:30:01.292 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys
13:30:01.308 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048e3060]
13:30:01.308 3 CLASSPNP.SYS[fffff8800199b43f] -> nt!IofCallDriver -> [0xfffffa800438f580]
13:30:01.308 5 ACPI.sys[fffff88000f157a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004391060]
13:30:02.540 AVAST engine scan C:\Windows
13:30:05.036 AVAST engine scan C:\Windows\system32
13:32:06.452 AVAST engine scan C:\Windows\system32\drivers
13:32:15.563 AVAST engine scan C:\Users\Falko
13:33:11.925 AVAST engine scan C:\ProgramData
13:33:51.269 Scan finished successfully
13:35:09.675 Disk 0 MBR has been saved successfully to "C:\Users\Falko\Desktop\MBR.dat"
13:35:09.691 The log file has been saved successfully to "C:\Users\Falko\Desktop\aswMBR.txt"
|
|
01.07.2012, 15:48
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner verschickt Spam-Mails - Runde 2 Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.07.2012, 18:01
| #23 |
| | Trojaner verschickt Spam-Mails - Runde 2 SUPER AntiSpyware: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 07/07/2012 at 06:36 PM
Application Version : 5.5.1006
Core Rules Database Version : 8862
Trace Rules Database Version: 6674
Scan type : Complete Scan
Total Scan Time : 01:29:36
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 602
Memory threats detected : 0
Registry items scanned : 71415
Registry threats detected : 0
File items scanned : 183243
File threats detected : 426
Adware.Tracking Cookie
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@ad-igas.co[2].txt [ /ad-igas.co ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@ad.adnet[2].txt [ /ad.adnet ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@ad.yieldmanager[2].txt [ /ad.yieldmanager ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@ad.zanox[2].txt [ /ad.zanox ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@ad2.adfarm1.adition[2].txt [ /ad2.adfarm1.adition ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@adfarm1.adition[2].txt [ /adfarm1.adition ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@adsrv.admediate[2].txt [ /adsrv.admediate ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@adv.ad-igas.co[1].txt [ /adv.ad-igas.co ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@apmebf[1].txt [ /apmebf ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@atdmt[1].txt [ /atdmt ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@bs.serving-sys[1].txt [ /bs.serving-sys ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@content.yieldmanager[1].txt [ /content.yieldmanager ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@doubleclick[1].txt [ /doubleclick ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@mediaplex[1].txt [ /mediaplex ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@msnportal.112.2o7[1].txt [ /msnportal.112.2o7 ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@rotator.adjuggler[2].txt [ /rotator.adjuggler ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@serving-sys[2].txt [ /serving-sys ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@webmasterplan[2].txt [ /webmasterplan ]
C:\Users\Falko\AppData\Roaming\Microsoft\Windows\Cookies\falko@zanox[2].txt [ /zanox ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\HC0I8LYS.txt [ Cookie:falcao@adjuggler.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\XFCJT2NT.txt [ Cookie:falcao@server.adform.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\FFICVG7C.txt [ Cookie:falcao@ru4.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@xm.xtendmedia[1].txt [ Cookie:falcao@xm.xtendmedia.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\PAFG69GM.txt [ Cookie:falcao@unitymedia.de/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@imrworldwide[2].txt [ Cookie:falcao@imrworldwide.com/cgi-bin ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\190D7NXT.txt [ Cookie:falcao@goclicker.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\DT2E8K3E.txt [ Cookie:falcao@ad1.adfarm1.adition.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\G2FGHPHR.txt [ Cookie:falcao@search.eclickz.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\4X9D46LT.txt [ Cookie:falcao@specificclick.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\RVOQS9C0.txt [ Cookie:falcao@zbox.zanox.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\I3T9JIO3.txt [ Cookie:falcao@avatraffic.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\N473JC81.txt [ Cookie:falcao@doubleclick.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\WGIUWD0T.txt [ Cookie:falcao@adserv.kwick.de/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\BLA739NT.txt [ Cookie:falcao@www.zanox-affiliate.de/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\4FHSMO3E.txt [ Cookie:falcao@apmebf.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\U3QFKFD8.txt [ Cookie:falcao@tracking.mlsat02.de/tmobile/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Z1L920AP.txt [ Cookie:falcao@komtrack.com/tr ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\KXCY98KJ.txt [ Cookie:falcao@harrenmedianetwork.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\J7MHPX3E.txt [ Cookie:falcao@c.atdmt.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@adx.chip[2].txt [ Cookie:falcao@adx.chip.de/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\M21FN0EQ.txt [ Cookie:falcao@tribalfusion.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@xiti[1].txt [ Cookie:falcao@xiti.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\MSBU265V.txt [ Cookie:falcao@lucidmedia.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\HV13I5YY.txt [ Cookie:falcao@myroitracking.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\NO2VHNV7.txt [ Cookie:falcao@s2.trafficno.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\3GY98ZI8.txt [ Cookie:falcao@ad2.adfarm1.adition.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\BLPSNRO5.txt [ Cookie:falcao@www.mediatraffic.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@2o7[1].txt [ Cookie:falcao@2o7.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\4VEOB4S6.txt [ Cookie:falcao@clkads.com/adServe/banners ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\UYRGO23F.txt [ Cookie:falcao@eas.apm.emediate.eu/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\RATWW2RL.txt [ Cookie:falcao@mediaplex.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@adsonar[2].txt [ Cookie:falcao@adsonar.com/adserving ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\DGFGOPH5.txt [ Cookie:falcao@ad.adition.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\AJZMRMVS.txt [ Cookie:falcao@ads.247activemedia.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\AKERNOFI.txt [ Cookie:falcao@gamersmedia.com/servlet/ajrotator/track/pt1229818 ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@tracking.mindshare[2].txt [ Cookie:falcao@tracking.mindshare.de/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\XOU12XT1.txt [ Cookie:falcao@www.windowsmedia.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@battletracker[2].txt [ Cookie:falcao@battletracker.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\JSDH8WQN.txt [ Cookie:falcao@adfarm1.adition.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\XDUS6OPG.txt [ Cookie:falcao@adxpose.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\IGD6Z597.txt [ Cookie:falcao@adbrite.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@ar.atwola[1].txt [ Cookie:falcao@ar.atwola.com/html ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\H4J5ALJG.txt [ Cookie:falcao@zanox.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\VIBTZRZ1.txt [ Cookie:falcao@ad.adservermedia.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\9IQOOQ2Y.txt [ Cookie:falcao@amazon-adsystem.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@gamecenter.oberon-media[2].txt [ Cookie:falcao@gamecenter.oberon-media.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Z36OA89B.txt [ Cookie:falcao@tracking1.aleadpay.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\9JRIBICN.txt [ Cookie:falcao@vidasco.rotator.hadj7.adjuggler.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\U5A0URFN.txt [ Cookie:falcao@zanox-affiliate.de/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\G50LRJ18.txt [ Cookie:falcao@ads.gamersmedia.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\TRJ7FWS2.txt [ Cookie:falcao@clicksor.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\H5F0PNFP.txt [ Cookie:falcao@www.ads4adult.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\GHCR1RNI.txt [ Cookie:falcao@serving-sys.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\HT7YUP6B.txt [ Cookie:falcao@casalemedia.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\420EBY5J.txt [ Cookie:falcao@webmasterplan.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@explore.trackmania[2].txt [ Cookie:falcao@explore.trackmania.com/home/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\3IZZJ3JY.txt [ Cookie:falcao@www.findmonitor.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\WQLQ80KX.txt [ Cookie:falcao@media6degrees.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\55S3FDL6.txt [ Cookie:falcao@www.pornhub.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Z3B8Z2KJ.txt [ Cookie:falcao@smartadserver.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\U939MIVZ.txt [ Cookie:falcao@s4.trafficno.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@cdn5.specificclick[2].txt [ Cookie:falcao@cdn5.specificclick.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\OBYAS9ZA.txt [ Cookie:falcao@maniapub.trackmania.com/banner/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\XDIOVVPG.txt [ Cookie:falcao@ads1.zenoviaexchange.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\V79HK9BB.txt [ Cookie:falcao@trafficengine.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@content.yieldmanager[1].txt [ Cookie:falcao@content.yieldmanager.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\C02IGPLK.txt [ Cookie:falcao@adprudence.rotator.hadj7.adjuggler.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\F4AXJ0BD.txt [ Cookie:falcao@atdmt.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\5Z1C5F84.txt [ Cookie:falcao@ad3.adfarm1.adition.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\3D73ORWL.txt [ Cookie:falcao@s3.trafficno.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\OHJ91WU0.txt [ Cookie:falcao@clicks.coolsearchnow.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@explore.trackmania[1].txt [ Cookie:falcao@explore.trackmania.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\O21O8JLX.txt [ Cookie:falcao@aim4media.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@a.wazizu[1].txt [ Cookie:falcao@a.wazizu.com/ad/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\ISGED6WS.txt [ Cookie:falcao@counter2.sexmoney.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\QKS1MGWU.txt [ Cookie:falcao@tradedoubler.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@sevenoneintermedia.112.2o7[1].txt [ Cookie:falcao@sevenoneintermedia.112.2o7.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\ND72VB1I.txt [ Cookie:falcao@yadro.ru/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\CBIAJHFX.txt [ Cookie:falcao@pro-market.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\falcao@msnportal.112.2o7[1].txt [ Cookie:falcao@msnportal.112.2o7.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\6N5JIJMP.txt [ Cookie:falcao@mediatraffic.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\WU0BJF6X.txt [ Cookie:falcao@ad.zanox.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\MQDE36RY.txt [ Cookie:falcao@clkads.com/adServe ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\E0FYDVEV.txt [ Cookie:falcao@advertising.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\SA7CDWM2.txt [ Cookie:falcao@ox-d.enveromedia.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\MX2D79U2.txt [ Cookie:falcao@eclickz.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\B63FFTVE.txt [ Cookie:falcao@bwincom.122.2o7.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\95RRH6IT.txt [ Cookie:falcao@ox-d.matchflowmedia.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Q3HUROMS.txt [ Cookie:falcao@youporn.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\BLS053IZ.txt [ Cookie:falcao@atwola.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\PGQ6SFUQ.txt [ Cookie:falcao@collective-media.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\4UO9MS94.txt [ Cookie:falcao@filter.vespymedia.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\PVJ1Z5D2.txt [ Cookie:falcao@www.usenext.de/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\3QW0CQ26.txt [ Cookie:falcao@www.republicofadvertising.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\EZ6TXE8R.txt [ Cookie:falcao@ubesttorrent2011.com/tracking/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\YJHDYDNT.txt [ Cookie:falcao@zieltrack.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\0SG60DOY.txt [ Cookie:falcao@advertising.ezanga.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\32LPB932.txt [ Cookie:falcao@legolas-media.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\07Y67LAP.txt [ Cookie:falcao@adultfriendfinder.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\NKTD9ETM.txt [ Cookie:falcao@pornhub.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\B0DFDDZX.txt [ Cookie:falcao@medicalquestionswebsite.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\BDWQLP3Z.txt [ Cookie:falcao@ads.crakmedia.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\XRAEB56F.txt [ Cookie:falcao@www.burstnet.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\96BXC3TC.txt [ Cookie:falcao@burstnet.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\7JP5DWJW.txt [ Cookie:falcao@adserver.adtechus.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\TWDA7CQA.txt [ Cookie:falcao@tacoda.at.atwola.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falcao@doubleclick[1].txt [ Cookie:falcao@doubleclick.net/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falcao@apmebf[1].txt [ Cookie:falcao@apmebf.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falcao@mediaplex[1].txt [ Cookie:falcao@mediaplex.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falcao@adfarm1.adition[1].txt [ Cookie:falcao@adfarm1.adition.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falcao@zanox[1].txt [ Cookie:falcao@zanox.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falcao@zanox-affiliate[1].txt [ Cookie:falcao@zanox-affiliate.de/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falcao@webmasterplan[2].txt [ Cookie:falcao@webmasterplan.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falcao@atdmt[1].txt [ Cookie:falcao@atdmt.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falcao@tradedoubler[1].txt [ Cookie:falcao@tradedoubler.com/ ]
C:\USERS\FALCAO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falcao@ad.zanox[1].txt [ Cookie:falcao@ad.zanox.com/ ]
C:\USERS\FALCAO\Cookies\HC0I8LYS.txt [ Cookie:falcao@adjuggler.net/ ]
C:\USERS\FALCAO\Cookies\XFCJT2NT.txt [ Cookie:falcao@server.adform.net/ ]
C:\USERS\FALCAO\Cookies\FFICVG7C.txt [ Cookie:falcao@ru4.com/ ]
C:\USERS\FALCAO\Cookies\falcao@xm.xtendmedia[1].txt [ Cookie:falcao@xm.xtendmedia.com/ ]
C:\USERS\FALCAO\Cookies\PAFG69GM.txt [ Cookie:falcao@unitymedia.de/ ]
C:\USERS\FALCAO\Cookies\falcao@imrworldwide[2].txt [ Cookie:falcao@imrworldwide.com/cgi-bin ]
C:\USERS\FALCAO\Cookies\190D7NXT.txt [ Cookie:falcao@goclicker.com/ ]
C:\USERS\FALCAO\Cookies\DT2E8K3E.txt [ Cookie:falcao@ad1.adfarm1.adition.com/ ]
C:\USERS\FALCAO\Cookies\G2FGHPHR.txt [ Cookie:falcao@search.eclickz.com/ ]
C:\USERS\FALCAO\Cookies\4X9D46LT.txt [ Cookie:falcao@specificclick.net/ ]
C:\USERS\FALCAO\Cookies\RVOQS9C0.txt [ Cookie:falcao@zbox.zanox.com/ ]
C:\USERS\FALCAO\Cookies\I3T9JIO3.txt [ Cookie:falcao@avatraffic.com/ ]
C:\USERS\FALCAO\Cookies\N473JC81.txt [ Cookie:falcao@doubleclick.net/ ]
C:\USERS\FALCAO\Cookies\WGIUWD0T.txt [ Cookie:falcao@adserv.kwick.de/ ]
C:\USERS\FALCAO\Cookies\BLA739NT.txt [ Cookie:falcao@www.zanox-affiliate.de/ ]
C:\USERS\FALCAO\Cookies\4FHSMO3E.txt [ Cookie:falcao@apmebf.com/ ]
C:\USERS\FALCAO\Cookies\U3QFKFD8.txt [ Cookie:falcao@tracking.mlsat02.de/tmobile/ ]
C:\USERS\FALCAO\Cookies\Z1L920AP.txt [ Cookie:falcao@komtrack.com/tr ]
C:\USERS\FALCAO\Cookies\KXCY98KJ.txt [ Cookie:falcao@harrenmedianetwork.com/ ]
C:\USERS\FALCAO\Cookies\J7MHPX3E.txt [ Cookie:falcao@c.atdmt.com/ ]
C:\USERS\FALCAO\Cookies\falcao@adx.chip[2].txt [ Cookie:falcao@adx.chip.de/ ]
C:\USERS\FALCAO\Cookies\M21FN0EQ.txt [ Cookie:falcao@tribalfusion.com/ ]
C:\USERS\FALCAO\Cookies\falcao@xiti[1].txt [ Cookie:falcao@xiti.com/ ]
C:\USERS\FALCAO\Cookies\MSBU265V.txt [ Cookie:falcao@lucidmedia.com/ ]
C:\USERS\FALCAO\Cookies\HV13I5YY.txt [ Cookie:falcao@myroitracking.com/ ]
C:\USERS\FALCAO\Cookies\NO2VHNV7.txt [ Cookie:falcao@s2.trafficno.com/ ]
C:\USERS\FALCAO\Cookies\3GY98ZI8.txt [ Cookie:falcao@ad2.adfarm1.adition.com/ ]
C:\USERS\FALCAO\Cookies\BLPSNRO5.txt [ Cookie:falcao@www.mediatraffic.com/ ]
C:\USERS\FALCAO\Cookies\falcao@2o7[1].txt [ Cookie:falcao@2o7.net/ ]
C:\USERS\FALCAO\Cookies\4VEOB4S6.txt [ Cookie:falcao@clkads.com/adServe/banners ]
C:\USERS\FALCAO\Cookies\UYRGO23F.txt [ Cookie:falcao@eas.apm.emediate.eu/ ]
C:\USERS\FALCAO\Cookies\RATWW2RL.txt [ Cookie:falcao@mediaplex.com/ ]
C:\USERS\FALCAO\Cookies\falcao@adsonar[2].txt [ Cookie:falcao@adsonar.com/adserving ]
C:\USERS\FALCAO\Cookies\DGFGOPH5.txt [ Cookie:falcao@ad.adition.net/ ]
C:\USERS\FALCAO\Cookies\AJZMRMVS.txt [ Cookie:falcao@ads.247activemedia.com/ ]
C:\USERS\FALCAO\Cookies\AKERNOFI.txt [ Cookie:falcao@gamersmedia.com/servlet/ajrotator/track/pt1229818 ]
C:\USERS\FALCAO\Cookies\falcao@tracking.mindshare[2].txt [ Cookie:falcao@tracking.mindshare.de/ ]
C:\USERS\FALCAO\Cookies\XOU12XT1.txt [ Cookie:falcao@www.windowsmedia.com/ ]
C:\USERS\FALCAO\Cookies\falcao@battletracker[2].txt [ Cookie:falcao@battletracker.com/ ]
C:\USERS\FALCAO\Cookies\JSDH8WQN.txt [ Cookie:falcao@adfarm1.adition.com/ ]
C:\USERS\FALCAO\Cookies\XDUS6OPG.txt [ Cookie:falcao@adxpose.com/ ]
C:\USERS\FALCAO\Cookies\IGD6Z597.txt [ Cookie:falcao@adbrite.com/ ]
C:\USERS\FALCAO\Cookies\falcao@ar.atwola[1].txt [ Cookie:falcao@ar.atwola.com/html ]
C:\USERS\FALCAO\Cookies\H4J5ALJG.txt [ Cookie:falcao@zanox.com/ ]
C:\USERS\FALCAO\Cookies\VIBTZRZ1.txt [ Cookie:falcao@ad.adservermedia.com/ ]
C:\USERS\FALCAO\Cookies\9IQOOQ2Y.txt [ Cookie:falcao@amazon-adsystem.com/ ]
C:\USERS\FALCAO\Cookies\falcao@gamecenter.oberon-media[2].txt [ Cookie:falcao@gamecenter.oberon-media.com/ ]
C:\USERS\FALCAO\Cookies\Z36OA89B.txt [ Cookie:falcao@tracking1.aleadpay.com/ ]
C:\USERS\FALCAO\Cookies\9JRIBICN.txt [ Cookie:falcao@vidasco.rotator.hadj7.adjuggler.net/ ]
C:\USERS\FALCAO\Cookies\U5A0URFN.txt [ Cookie:falcao@zanox-affiliate.de/ ]
C:\USERS\FALCAO\Cookies\G50LRJ18.txt [ Cookie:falcao@ads.gamersmedia.com/ ]
C:\USERS\FALCAO\Cookies\TRJ7FWS2.txt [ Cookie:falcao@clicksor.com/ ]
C:\USERS\FALCAO\Cookies\H5F0PNFP.txt [ Cookie:falcao@www.ads4adult.com/ ]
C:\USERS\FALCAO\Cookies\GHCR1RNI.txt [ Cookie:falcao@serving-sys.com/ ]
C:\USERS\FALCAO\Cookies\HT7YUP6B.txt [ Cookie:falcao@casalemedia.com/ ]
C:\USERS\FALCAO\Cookies\420EBY5J.txt [ Cookie:falcao@webmasterplan.com/ ]
C:\USERS\FALCAO\Cookies\falcao@explore.trackmania[2].txt [ Cookie:falcao@explore.trackmania.com/home/ ]
C:\USERS\FALCAO\Cookies\3IZZJ3JY.txt [ Cookie:falcao@www.findmonitor.com/ ]
C:\USERS\FALCAO\Cookies\WQLQ80KX.txt [ Cookie:falcao@media6degrees.com/ ]
C:\USERS\FALCAO\Cookies\55S3FDL6.txt [ Cookie:falcao@www.pornhub.com/ ]
C:\USERS\FALCAO\Cookies\Z3B8Z2KJ.txt [ Cookie:falcao@smartadserver.com/ ]
C:\USERS\FALCAO\Cookies\U939MIVZ.txt [ Cookie:falcao@s4.trafficno.com/ ]
C:\USERS\FALCAO\Cookies\falcao@cdn5.specificclick[2].txt [ Cookie:falcao@cdn5.specificclick.net/ ]
C:\USERS\FALCAO\Cookies\OBYAS9ZA.txt [ Cookie:falcao@maniapub.trackmania.com/banner/ ]
C:\USERS\FALCAO\Cookies\XDIOVVPG.txt [ Cookie:falcao@ads1.zenoviaexchange.com/ ]
C:\USERS\FALCAO\Cookies\V79HK9BB.txt [ Cookie:falcao@trafficengine.net/ ]
C:\USERS\FALCAO\Cookies\falcao@content.yieldmanager[1].txt [ Cookie:falcao@content.yieldmanager.com/ ]
C:\USERS\FALCAO\Cookies\C02IGPLK.txt [ Cookie:falcao@adprudence.rotator.hadj7.adjuggler.net/ ]
C:\USERS\FALCAO\Cookies\F4AXJ0BD.txt [ Cookie:falcao@atdmt.com/ ]
C:\USERS\FALCAO\Cookies\5Z1C5F84.txt [ Cookie:falcao@ad3.adfarm1.adition.com/ ]
C:\USERS\FALCAO\Cookies\3D73ORWL.txt [ Cookie:falcao@s3.trafficno.com/ ]
C:\USERS\FALCAO\Cookies\OHJ91WU0.txt [ Cookie:falcao@clicks.coolsearchnow.com/ ]
C:\USERS\FALCAO\Cookies\falcao@explore.trackmania[1].txt [ Cookie:falcao@explore.trackmania.com/ ]
C:\USERS\FALCAO\Cookies\O21O8JLX.txt [ Cookie:falcao@aim4media.com/ ]
C:\USERS\FALCAO\Cookies\falcao@a.wazizu[1].txt [ Cookie:falcao@a.wazizu.com/ad/ ]
C:\USERS\FALCAO\Cookies\ISGED6WS.txt [ Cookie:falcao@counter2.sexmoney.com/ ]
C:\USERS\FALCAO\Cookies\QKS1MGWU.txt [ Cookie:falcao@tradedoubler.com/ ]
C:\USERS\FALCAO\Cookies\falcao@sevenoneintermedia.112.2o7[1].txt [ Cookie:falcao@sevenoneintermedia.112.2o7.net/ ]
C:\USERS\FALCAO\Cookies\ND72VB1I.txt [ Cookie:falcao@yadro.ru/ ]
C:\USERS\FALCAO\Cookies\CBIAJHFX.txt [ Cookie:falcao@pro-market.net/ ]
C:\USERS\FALCAO\Cookies\falcao@msnportal.112.2o7[1].txt [ Cookie:falcao@msnportal.112.2o7.net/ ]
C:\USERS\FALCAO\Cookies\6N5JIJMP.txt [ Cookie:falcao@mediatraffic.com/ ]
C:\USERS\FALCAO\Cookies\WU0BJF6X.txt [ Cookie:falcao@ad.zanox.com/ ]
C:\USERS\FALCAO\Cookies\MQDE36RY.txt [ Cookie:falcao@clkads.com/adServe ]
C:\USERS\FALCAO\Cookies\E0FYDVEV.txt [ Cookie:falcao@advertising.com/ ]
C:\USERS\FALCAO\Cookies\SA7CDWM2.txt [ Cookie:falcao@ox-d.enveromedia.com/ ]
C:\USERS\FALCAO\Cookies\MX2D79U2.txt [ Cookie:falcao@eclickz.com/ ]
C:\USERS\FALCAO\Cookies\B63FFTVE.txt [ Cookie:falcao@bwincom.122.2o7.net/ ]
C:\USERS\FALCAO\Cookies\95RRH6IT.txt [ Cookie:falcao@ox-d.matchflowmedia.com/ ]
C:\USERS\FALCAO\Cookies\Q3HUROMS.txt [ Cookie:falcao@youporn.com/ ]
C:\USERS\FALCAO\Cookies\BLS053IZ.txt [ Cookie:falcao@atwola.com/ ]
C:\USERS\FALCAO\Cookies\PGQ6SFUQ.txt [ Cookie:falcao@collective-media.net/ ]
C:\USERS\FALCAO\Cookies\4UO9MS94.txt [ Cookie:falcao@filter.vespymedia.com/ ]
C:\USERS\FALCAO\Cookies\PVJ1Z5D2.txt [ Cookie:falcao@www.usenext.de/ ]
C:\USERS\FALCAO\Cookies\3QW0CQ26.txt [ Cookie:falcao@www.republicofadvertising.com/ ]
C:\USERS\FALCAO\Cookies\EZ6TXE8R.txt [ Cookie:falcao@ubesttorrent2011.com/tracking/ ]
C:\USERS\FALCAO\Cookies\YJHDYDNT.txt [ Cookie:falcao@zieltrack.com/ ]
C:\USERS\FALCAO\Cookies\0SG60DOY.txt [ Cookie:falcao@advertising.ezanga.com/ ]
C:\USERS\FALCAO\Cookies\32LPB932.txt [ Cookie:falcao@legolas-media.com/ ]
C:\USERS\FALCAO\Cookies\07Y67LAP.txt [ Cookie:falcao@adultfriendfinder.com/ ]
C:\USERS\FALCAO\Cookies\NKTD9ETM.txt [ Cookie:falcao@pornhub.com/ ]
C:\USERS\FALCAO\Cookies\B0DFDDZX.txt [ Cookie:falcao@medicalquestionswebsite.com/ ]
C:\USERS\FALCAO\Cookies\BDWQLP3Z.txt [ Cookie:falcao@ads.crakmedia.com/ ]
C:\USERS\FALCAO\Cookies\XRAEB56F.txt [ Cookie:falcao@www.burstnet.com/ ]
C:\USERS\FALCAO\Cookies\96BXC3TC.txt [ Cookie:falcao@burstnet.com/ ]
C:\USERS\FALCAO\Cookies\7JP5DWJW.txt [ Cookie:falcao@adserver.adtechus.com/ ]
C:\USERS\FALCAO\Cookies\TWDA7CQA.txt [ Cookie:falcao@tacoda.at.atwola.com/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@adviva[1].txt [ Cookie:falko@adviva.net/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@smartadserver[2].txt [ Cookie:falko@smartadserver.com/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@adfarm1.adition[2].txt [ Cookie:falko@adfarm1.adition.com/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@atdmt[3].txt [ Cookie:falko@atdmt.com/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@cdn5.specificclick[2].txt [ Cookie:falko@cdn5.specificclick.net/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@tracking.quisma[1].txt [ Cookie:falko@tracking.quisma.com/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@ww251.smartadserver[1].txt [ Cookie:falko@ww251.smartadserver.com/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@zanox-affiliate[1].txt [ Cookie:falko@zanox-affiliate.de/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@traffictrack[2].txt [ Cookie:falko@traffictrack.de/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@content.yieldmanager[1].txt [ Cookie:falko@content.yieldmanager.com/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@bs.serving-sys[1].txt [ Cookie:falko@bs.serving-sys.com/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@zanox[2].txt [ Cookie:falko@zanox.com/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@webmasterplan[1].txt [ Cookie:falko@webmasterplan.com/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@msnportal.112.2o7[2].txt [ Cookie:falko@msnportal.112.2o7.net/ ]
C:\USERS\FALKO\AppData\Roaming\Microsoft\Windows\Cookies\Low\falko@mediaplex[2].txt [ Cookie:falko@mediaplex.com/ ]
C:\USERS\FALKO\Cookies\falko@adfarm1.adition[2].txt [ Cookie:falko@adfarm1.adition.com/ ]
C:\USERS\FALKO\Cookies\falko@ad.adnet[2].txt [ Cookie:falko@ad.adnet.de/ ]
C:\USERS\FALKO\Cookies\falko@atdmt[1].txt [ Cookie:falko@atdmt.com/ ]
C:\USERS\FALKO\Cookies\falko@ad2.adfarm1.adition[2].txt [ Cookie:falko@ad2.adfarm1.adition.com/ ]
C:\USERS\FALKO\Cookies\falko@content.yieldmanager[1].txt [ Cookie:falko@content.yieldmanager.com/ ]
C:\USERS\FALKO\Cookies\falko@bs.serving-sys[1].txt [ Cookie:falko@bs.serving-sys.com/ ]
C:\USERS\FALKO\Cookies\falko@zanox[2].txt [ Cookie:falko@zanox.com/ ]
C:\USERS\FALKO\Cookies\falko@webmasterplan[2].txt [ Cookie:falko@webmasterplan.com/ ]
C:\USERS\FALKO\Cookies\falko@msnportal.112.2o7[1].txt [ Cookie:falko@msnportal.112.2o7.net/ ]
C:\USERS\FALKO\Cookies\falko@mediaplex[1].txt [ Cookie:falko@mediaplex.com/ ]
C:\USERS\FALKO\Cookies\falko@rotator.adjuggler[2].txt [ Cookie:falko@rotator.adjuggler.com/ ]
ia.media-imdb.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UCXCLLGR ]
secure-uk.imrworldwide.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UCXCLLGR ]
www.pornhub.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UCXCLLGR ]
C:\USERS\FALCAO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FALCAO@ADVIVA[1].TXT [ /ADVIVA ]
C:\USERS\FALCAO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FALCAO@STUDIVZ.ADFARM1.ADITION[2].TXT [ /STUDIVZ.ADFARM1.ADITION ]
C:\USERS\FALCAO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FALCAO@ADS.FCNET[1].TXT [ /ADS.FCNET ]
C:\USERS\FALCAO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FALCAO@FASTCLICK[2].TXT [ /FASTCLICK ]
C:\USERS\FALCAO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FALCAO@MICROSOFTINTERNETEXPLORER.112.2O7[1].TXT [ /MICROSOFTINTERNETEXPLORER.112.2O7 ]
C:\USERS\FALCAO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FALCAO@E-2DJ6WJMIAIDZEDQ.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WJMIAIDZEDQ.STATS.ESOMNITURE ]
C:\USERS\FALCAO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FALCAO@BS.SERVING-SYS[2].TXT [ /BS.SERVING-SYS ]
C:\USERS\FALCAO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\FALCAO@TACODA[1].TXT [ /TACODA ]
C:\USERS\FALCAO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALCAO@ADTECH[2].TXT [ /ADTECH ]
C:\USERS\FALCAO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALCAO@TRAFFICTRACK[1].TXT [ /TRAFFICTRACK ]
.xiti.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
elite.callofduty.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
elite.callofduty.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.count.spring.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
elite.callofduty.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.elite.callofduty.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.elite.callofduty.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
musik-toplist.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.c.gigcount.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.eaeacom.112.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.zippytrack.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.zippytrack.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.zippytrack.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.webresint.122.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
nedstat.hostelbookers.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
nedstat.hostelbookers.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
audit.median.hu [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.prisacom.112.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.tns-counter.ru [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.gamestats.org [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.gamestats.org [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.gamestats.org [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.gamestats.org [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.sonyonlineentertainment.112.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.oms.122.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.accounts.spartzmedia.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
counter.top.ge [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
counter.top.ge [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
counter.top.ge [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
counter.top.ge [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.skydeutschland.122.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.ultimedia.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.ultimedia.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.trinitymirror.112.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
se-sportsnewmedia.videoplaza.tv [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.click-manchester.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.click-manchester.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.mediafire.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.mediafire.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
tracking.veille-referencement.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
tracking.veille-referencement.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.pornhub.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.moviepilot.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.moviepilot.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.pornhub.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\FALCAO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T10O59PZ.DEFAULT\COOKIES.SQLITE ]
C:\USERS\FALKO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALKO@ADTECH[1].TXT [ /ADTECH ]
C:\USERS\FALKO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALKO@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\USERS\FALKO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALKO@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
C:\USERS\FALKO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALKO@SERVING-SYS[2].TXT [ /SERVING-SYS ]
C:\USERS\FALKO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALKO@SPECIFICCLICK[2].TXT [ /SPECIFICCLICK ]
C:\USERS\FALKO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALKO@UNITYMEDIA[1].TXT [ /UNITYMEDIA ]
C:\USERS\FALKO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALKO@TRADEDOUBLER[2].TXT [ /TRADEDOUBLER ]
C:\USERS\FALKO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALKO@APMEBF[1].TXT [ /APMEBF ]
C:\USERS\FALKO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALKO@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\USERS\FALKO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALKO@AD.ZANOX[1].TXT [ /AD.ZANOX ]
C:\USERS\FALKO\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FALKO@ATDMT[1].TXT [ /ATDMT ]
ad.yieldmanager.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\FALKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IAQJPE1S.DEFAULT\COOKIES.SQLITE ]
Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.07.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Falcao :: FALKO-PC [limitiert] 07.07.2012 20:20:27 mbam-log-2012-07-07 (20-20-27).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 368413 Laufzeit: 34 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 1 C:\Users\Falcao\AppData\Roaming\WMPRWISE.EXE (Trojan.Agent) -> 3620 -> Löschen bei Neustart. Infizierte Speichermodule: 1 C:\Users\Falcao\AppData\Roaming\ntuser.dat (Misused.Legit) -> Löschen bei Neustart. Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Microsoft Firewall 2.9 (Trojan.Agent) -> Daten: C:\Users\Falcao\AppData\Roaming\WMPRWISE.EXE -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 4 C:\Users\Falcao\AppData\Roaming\ntuser.dat (Misused.Legit) -> Löschen bei Neustart. C:\Users\Falcao\AppData\Local\{11b0246f-e69c-52c2-3018-3d6072642a5c}\n (Trojan.Sirefef) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Falcao\AppData\Local\{11b0246f-e69c-52c2-3018-3d6072642a5c}\U\800000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Falcao\AppData\Roaming\WMPRWISE.EXE (Trojan.Agent) -> Löschen bei Neustart. (Ende) |
|
09.07.2012, 11:14
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner verschickt Spam-Mails - Runde 2 Hm, bei Malwarebytes war doch mehr an Funden als ich erwartet habe - wohl aber nur Überreste  Superantispyware hat nur Cookies angezeigt Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.07.2012, 13:23
| #25 |
| | Trojaner verschickt Spam-Mails - Runde 2 Generell ist alles in Ordnung, ob das Problem mit den E-Mails bereinigt ist bleibt abzuwarten, da schau ich mal. Ansonsten ein großes Dankeschön und auch vielen Dank für den Tipp mit den Cookies!  |
|
09.07.2012, 13:56
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner verschickt Spam-Mails - Runde 2Zitat:
Wenn nein: Bitte umgehend jetzt machen! Wenn ja: Hattest du ein zu einfaches Passwort? Beschreib mal wie das Passwort vorher war, also Länge und Zeichensatz. Ein schwaches Passwort besteht zB nur aus kleinen Buchstaben oder nur aus Zahlen und ist kürzer als 8 Stellen. Dann wären wir durch! Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Trojaner verschickt Spam-Mails - Runde 2 |
| .dll, adobe, antivir, antivir guard, audiodg.exe, avg, bonjour, converter, defender, desktop, device driver, firefox, home, modul, mozilla, mp3, nt.dll, plug-in, problem, prozesse, realtek, registry, secunia psi, services.exe, spam-mails, svchost.exe, taskhost.exe, tracker, trojaner, verweise, vista, warnung, windows, windows 7 home, winlogon.exe |
