| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Verschlüsselungs-TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.07.2012, 15:35
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Verschlüsselungs-Trojaner Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.07.2012, 17:22
| #17 |
 | Verschlüsselungs-Trojaner Hallo,
__________________hier die Log-Datei: Code:
ATTFilter 18:16:58.0847 4916 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
18:16:59.0378 4916 ============================================================
18:16:59.0378 4916 Current date / time: 2012/07/25 18:16:59.0378
18:16:59.0378 4916 SystemInfo:
18:16:59.0378 4916
18:16:59.0378 4916 OS Version: 6.1.7601 ServicePack: 1.0
18:16:59.0378 4916 Product type: Workstation
18:16:59.0378 4916 ComputerName: FLOGAGA21
18:16:59.0378 4916 UserName: ehlertm
18:16:59.0378 4916 Windows directory: C:\Windows
18:16:59.0378 4916 System windows directory: C:\Windows
18:16:59.0378 4916 Running under WOW64
18:16:59.0378 4916 Processor architecture: Intel x64
18:16:59.0378 4916 Number of processors: 4
18:16:59.0378 4916 Page size: 0x1000
18:16:59.0378 4916 Boot type: Normal boot
18:16:59.0378 4916 ============================================================
18:17:01.0109 4916 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:17:01.0125 4916 ============================================================
18:17:01.0125 4916 \Device\Harddisk0\DR0:
18:17:01.0125 4916 MBR partitions:
18:17:01.0125 4916 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:17:01.0125 4916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x16400000
18:17:01.0140 4916 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16433000, BlocksNum 0x21173000
18:17:01.0140 4916 ============================================================
18:17:01.0172 4916 C: <-> \Device\Harddisk0\DR0\Partition1
18:17:01.0218 4916 D: <-> \Device\Harddisk0\DR0\Partition2
18:17:01.0218 4916 ============================================================
18:17:01.0218 4916 Initialize success
18:17:01.0218 4916 ============================================================
18:17:41.0123 3096 ============================================================
18:17:41.0123 3096 Scan started
18:17:41.0123 3096 Mode: Manual; SigCheck; TDLFS;
18:17:41.0123 3096 ============================================================
18:17:42.0590 3096 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:17:42.0714 3096 1394ohci - ok
18:17:42.0777 3096 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:17:42.0808 3096 ACPI - ok
18:17:42.0839 3096 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:17:42.0948 3096 AcpiPmi - ok
18:17:43.0104 3096 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:17:43.0136 3096 AdobeFlashPlayerUpdateSvc - ok
18:17:43.0214 3096 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:17:43.0260 3096 adp94xx - ok
18:17:43.0323 3096 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:17:43.0354 3096 adpahci - ok
18:17:43.0370 3096 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:17:43.0401 3096 adpu320 - ok
18:17:43.0432 3096 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:17:43.0604 3096 AeLookupSvc - ok
18:17:43.0682 3096 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:17:43.0760 3096 AFD - ok
18:17:43.0806 3096 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:17:43.0822 3096 agp440 - ok
18:17:43.0853 3096 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:17:43.0931 3096 ALG - ok
18:17:43.0962 3096 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:17:43.0994 3096 aliide - ok
18:17:44.0009 3096 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:17:44.0025 3096 amdide - ok
18:17:44.0072 3096 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:17:44.0118 3096 AmdK8 - ok
18:17:44.0134 3096 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:17:44.0181 3096 AmdPPM - ok
18:17:44.0212 3096 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:17:44.0243 3096 amdsata - ok
18:17:44.0274 3096 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:17:44.0290 3096 amdsbs - ok
18:17:44.0321 3096 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:17:44.0337 3096 amdxata - ok
18:17:44.0430 3096 AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:17:44.0462 3096 AntiVirSchedulerService - ok
18:17:44.0493 3096 AntiVirService (72d90e56563165984224493069c69ed4) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:17:44.0524 3096 AntiVirService - ok
18:17:44.0571 3096 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:17:44.0664 3096 AppID - ok
18:17:44.0711 3096 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:17:44.0820 3096 AppIDSvc - ok
18:17:44.0883 3096 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:17:44.0961 3096 Appinfo - ok
18:17:45.0008 3096 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:17:45.0023 3096 arc - ok
18:17:45.0054 3096 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:17:45.0086 3096 arcsas - ok
18:17:45.0101 3096 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:17:45.0195 3096 AsyncMac - ok
18:17:45.0242 3096 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:17:45.0257 3096 atapi - ok
18:17:45.0429 3096 athr (16567ab05cd34f46d0dcbb129ca143c2) C:\Windows\system32\DRIVERS\athrx.sys
18:17:45.0585 3096 athr - ok
18:17:45.0741 3096 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:17:45.0850 3096 AudioEndpointBuilder - ok
18:17:45.0850 3096 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:17:45.0944 3096 AudioSrv - ok
18:17:46.0037 3096 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
18:17:46.0053 3096 avgntflt - ok
18:17:46.0068 3096 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
18:17:46.0084 3096 avipbb - ok
18:17:46.0146 3096 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:17:46.0240 3096 AxInstSV - ok
18:17:46.0302 3096 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:17:46.0365 3096 b06bdrv - ok
18:17:46.0412 3096 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:17:46.0474 3096 b57nd60a - ok
18:17:46.0552 3096 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:17:46.0614 3096 BDESVC - ok
18:17:46.0661 3096 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:17:46.0755 3096 Beep - ok
18:17:46.0880 3096 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:17:46.0989 3096 BFE - ok
18:17:47.0036 3096 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:17:47.0145 3096 BITS - ok
18:17:47.0223 3096 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:17:47.0270 3096 blbdrive - ok
18:17:47.0316 3096 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:17:47.0379 3096 bowser - ok
18:17:47.0394 3096 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:17:47.0488 3096 BrFiltLo - ok
18:17:47.0504 3096 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:17:47.0550 3096 BrFiltUp - ok
18:17:47.0613 3096 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:17:47.0706 3096 Browser - ok
18:17:47.0738 3096 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:17:47.0816 3096 Brserid - ok
18:17:47.0831 3096 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:17:47.0894 3096 BrSerWdm - ok
18:17:47.0894 3096 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:17:47.0956 3096 BrUsbMdm - ok
18:17:47.0972 3096 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:17:48.0003 3096 BrUsbSer - ok
18:17:48.0050 3096 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:17:48.0096 3096 BthEnum - ok
18:17:48.0143 3096 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:17:48.0190 3096 BTHMODEM - ok
18:17:48.0237 3096 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:17:48.0299 3096 BthPan - ok
18:17:48.0408 3096 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
18:17:48.0455 3096 BTHPORT - ok
18:17:48.0502 3096 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:17:48.0580 3096 bthserv - ok
18:17:48.0642 3096 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
18:17:48.0705 3096 BTHUSB - ok
18:17:48.0736 3096 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:17:48.0845 3096 cdfs - ok
18:17:48.0876 3096 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:17:48.0923 3096 cdrom - ok
18:17:48.0970 3096 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:17:49.0095 3096 CertPropSvc - ok
18:17:49.0126 3096 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:17:49.0173 3096 circlass - ok
18:17:49.0251 3096 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:17:49.0282 3096 CLFS - ok
18:17:49.0344 3096 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:17:49.0360 3096 clr_optimization_v2.0.50727_32 - ok
18:17:49.0407 3096 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:17:49.0438 3096 clr_optimization_v2.0.50727_64 - ok
18:17:49.0532 3096 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:17:49.0563 3096 clr_optimization_v4.0.30319_32 - ok
18:17:49.0610 3096 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:17:49.0625 3096 clr_optimization_v4.0.30319_64 - ok
18:17:49.0688 3096 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
18:17:49.0703 3096 clwvd - ok
18:17:49.0766 3096 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:17:49.0812 3096 CmBatt - ok
18:17:49.0859 3096 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:17:49.0875 3096 cmdide - ok
18:17:49.0953 3096 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
18:17:50.0015 3096 CNG - ok
18:17:50.0046 3096 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:17:50.0062 3096 Compbatt - ok
18:17:50.0109 3096 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:17:50.0171 3096 CompositeBus - ok
18:17:50.0187 3096 COMSysApp - ok
18:17:50.0218 3096 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:17:50.0249 3096 crcdisk - ok
18:17:50.0312 3096 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
18:17:50.0374 3096 CryptSvc - ok
18:17:50.0530 3096 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:17:50.0592 3096 cvhsvc - ok
18:17:50.0686 3096 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:17:50.0795 3096 DcomLaunch - ok
18:17:50.0842 3096 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:17:50.0951 3096 defragsvc - ok
18:17:51.0014 3096 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:17:51.0123 3096 DfsC - ok
18:17:51.0201 3096 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:17:51.0294 3096 Dhcp - ok
18:17:51.0326 3096 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:17:51.0435 3096 discache - ok
18:17:51.0482 3096 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:17:51.0513 3096 Disk - ok
18:17:51.0560 3096 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:17:51.0622 3096 Dnscache - ok
18:17:51.0669 3096 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:17:51.0778 3096 dot3svc - ok
18:17:51.0825 3096 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:17:51.0918 3096 DPS - ok
18:17:51.0965 3096 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:17:52.0012 3096 drmkaud - ok
18:17:52.0121 3096 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:17:52.0184 3096 DXGKrnl - ok
18:17:52.0199 3096 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:17:52.0293 3096 EapHost - ok
18:17:52.0558 3096 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:17:52.0667 3096 ebdrv - ok
18:17:52.0776 3096 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:17:52.0854 3096 EFS - ok
18:17:52.0964 3096 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:17:53.0026 3096 ehRecvr - ok
18:17:53.0073 3096 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:17:53.0135 3096 ehSched - ok
18:17:53.0260 3096 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:17:53.0307 3096 elxstor - ok
18:17:53.0322 3096 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:17:53.0354 3096 ErrDev - ok
18:17:53.0416 3096 ETD (9d8739a2a2173c9d27c499a3fc6eda3f) C:\Windows\system32\DRIVERS\ETD.sys
18:17:53.0447 3096 ETD - ok
18:17:53.0494 3096 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:17:53.0603 3096 EventSystem - ok
18:17:53.0650 3096 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:17:53.0744 3096 exfat - ok
18:17:53.0775 3096 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:17:53.0868 3096 fastfat - ok
18:17:53.0962 3096 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:17:54.0056 3096 Fax - ok
18:17:54.0071 3096 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:17:54.0102 3096 fdc - ok
18:17:54.0149 3096 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:17:54.0243 3096 fdPHost - ok
18:17:54.0243 3096 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:17:54.0336 3096 FDResPub - ok
18:17:54.0352 3096 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:17:54.0368 3096 FileInfo - ok
18:17:54.0383 3096 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:17:54.0492 3096 Filetrace - ok
18:17:54.0492 3096 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:17:54.0524 3096 flpydisk - ok
18:17:54.0586 3096 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:17:54.0617 3096 FltMgr - ok
18:17:54.0711 3096 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:17:54.0804 3096 FontCache - ok
18:17:54.0898 3096 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:17:54.0914 3096 FontCache3.0.0.0 - ok
18:17:54.0945 3096 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:17:54.0976 3096 FsDepends - ok
18:17:55.0007 3096 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:17:55.0038 3096 Fs_Rec - ok
18:17:55.0085 3096 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:17:55.0132 3096 fvevol - ok
18:17:55.0163 3096 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:17:55.0179 3096 gagp30kx - ok
18:17:55.0272 3096 GameConsoleService (521a469caf61f00e1de081cc2099c1d6) C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
18:17:55.0304 3096 GameConsoleService - ok
18:17:55.0413 3096 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:17:55.0506 3096 gpsvc - ok
18:17:55.0522 3096 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:17:55.0569 3096 hcw85cir - ok
18:17:55.0647 3096 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:17:55.0709 3096 HdAudAddService - ok
18:17:55.0756 3096 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:17:55.0818 3096 HDAudBus - ok
18:17:55.0850 3096 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:17:55.0881 3096 HidBatt - ok
18:17:55.0896 3096 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:17:55.0959 3096 HidBth - ok
18:17:55.0974 3096 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:17:55.0990 3096 HidIr - ok
18:17:56.0021 3096 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:17:56.0099 3096 hidserv - ok
18:17:56.0162 3096 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
18:17:56.0193 3096 HidUsb - ok
18:17:56.0240 3096 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:17:56.0349 3096 hkmsvc - ok
18:17:56.0396 3096 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:17:56.0474 3096 HomeGroupListener - ok
18:17:56.0520 3096 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:17:56.0567 3096 HomeGroupProvider - ok
18:17:56.0630 3096 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:17:56.0661 3096 HpSAMD - ok
18:17:56.0739 3096 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:17:56.0832 3096 HTTP - ok
18:17:56.0879 3096 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:17:56.0895 3096 hwpolicy - ok
18:17:56.0957 3096 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:17:56.0988 3096 i8042prt - ok
18:17:57.0066 3096 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
18:17:57.0098 3096 iaStor - ok
18:17:57.0144 3096 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:17:57.0191 3096 iaStorV - ok
18:17:57.0316 3096 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:17:57.0378 3096 idsvc - ok
18:17:58.0127 3096 igfx (8cb8667f5a3b5515f2585f3254f3aaf7) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:17:58.0626 3096 igfx - ok
18:17:58.0767 3096 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:17:58.0782 3096 iirsp - ok
18:17:58.0876 3096 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:17:58.0985 3096 IKEEXT - ok
18:17:59.0172 3096 IntcAzAudAddService (404561d4ee0cae109379a40247046b03) C:\Windows\system32\drivers\RTKVHD64.sys
18:17:59.0266 3096 IntcAzAudAddService - ok
18:17:59.0422 3096 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:17:59.0484 3096 IntcDAud - ok
18:17:59.0500 3096 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:17:59.0531 3096 intelide - ok
18:17:59.0562 3096 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:17:59.0609 3096 intelppm - ok
18:17:59.0656 3096 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:17:59.0765 3096 IPBusEnum - ok
18:17:59.0859 3096 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:17:59.0968 3096 IpFilterDriver - ok
18:18:00.0030 3096 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
18:18:00.0124 3096 iphlpsvc - ok
18:18:00.0155 3096 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:18:00.0202 3096 IPMIDRV - ok
18:18:00.0218 3096 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:18:00.0296 3096 IPNAT - ok
18:18:00.0311 3096 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:18:00.0405 3096 IRENUM - ok
18:18:00.0420 3096 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:18:00.0452 3096 isapnp - ok
18:18:00.0483 3096 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:18:00.0530 3096 iScsiPrt - ok
18:18:00.0545 3096 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:18:00.0576 3096 kbdclass - ok
18:18:00.0623 3096 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:18:00.0670 3096 kbdhid - ok
18:18:00.0717 3096 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:18:00.0732 3096 KeyIso - ok
18:18:00.0779 3096 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
18:18:00.0795 3096 KSecDD - ok
18:18:00.0826 3096 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
18:18:00.0857 3096 KSecPkg - ok
18:18:00.0904 3096 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:18:00.0998 3096 ksthunk - ok
18:18:01.0029 3096 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:18:01.0138 3096 KtmRm - ok
18:18:01.0216 3096 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:18:01.0310 3096 LanmanServer - ok
18:18:01.0356 3096 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:18:01.0450 3096 LanmanWorkstation - ok
18:18:01.0497 3096 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:18:01.0590 3096 lltdio - ok
18:18:01.0653 3096 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:18:01.0762 3096 lltdsvc - ok
18:18:01.0778 3096 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:18:01.0856 3096 lmhosts - ok
18:18:01.0965 3096 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:18:01.0996 3096 LMS - ok
18:18:02.0043 3096 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:18:02.0074 3096 LSI_FC - ok
18:18:02.0074 3096 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:18:02.0105 3096 LSI_SAS - ok
18:18:02.0121 3096 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:18:02.0136 3096 LSI_SAS2 - ok
18:18:02.0152 3096 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:18:02.0183 3096 LSI_SCSI - ok
18:18:02.0199 3096 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:18:02.0292 3096 luafv - ok
18:18:02.0339 3096 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:18:02.0386 3096 Mcx2Svc - ok
18:18:02.0386 3096 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:18:02.0417 3096 megasas - ok
18:18:02.0464 3096 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:18:02.0495 3096 MegaSR - ok
18:18:02.0511 3096 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
18:18:02.0526 3096 MEIx64 - ok
18:18:02.0573 3096 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:18:02.0714 3096 MMCSS - ok
18:18:02.0745 3096 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:18:02.0823 3096 Modem - ok
18:18:02.0854 3096 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:18:02.0901 3096 monitor - ok
18:18:02.0948 3096 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
18:18:02.0963 3096 mouclass - ok
18:18:02.0994 3096 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:18:03.0026 3096 mouhid - ok
18:18:03.0088 3096 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:18:03.0104 3096 mountmgr - ok
18:18:03.0213 3096 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:18:03.0244 3096 MozillaMaintenance - ok
18:18:03.0291 3096 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:18:03.0322 3096 mpio - ok
18:18:03.0353 3096 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:18:03.0416 3096 mpsdrv - ok
18:18:03.0494 3096 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
18:18:03.0603 3096 MpsSvc - ok
18:18:03.0634 3096 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:18:03.0681 3096 MRxDAV - ok
18:18:03.0728 3096 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:18:03.0774 3096 mrxsmb - ok
18:18:03.0821 3096 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:18:03.0868 3096 mrxsmb10 - ok
18:18:03.0899 3096 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:18:03.0946 3096 mrxsmb20 - ok
18:18:03.0962 3096 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:18:03.0993 3096 msahci - ok
18:18:04.0024 3096 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:18:04.0055 3096 msdsm - ok
18:18:04.0086 3096 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:18:04.0149 3096 MSDTC - ok
18:18:04.0196 3096 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:18:04.0289 3096 Msfs - ok
18:18:04.0320 3096 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:18:04.0414 3096 mshidkmdf - ok
18:18:04.0445 3096 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:18:04.0461 3096 msisadrv - ok
18:18:04.0492 3096 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:18:04.0570 3096 MSiSCSI - ok
18:18:04.0570 3096 msiserver - ok
18:18:04.0648 3096 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:18:04.0742 3096 MSKSSRV - ok
18:18:04.0757 3096 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:18:04.0851 3096 MSPCLOCK - ok
18:18:04.0866 3096 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:18:04.0976 3096 MSPQM - ok
18:18:05.0022 3096 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:18:05.0054 3096 MsRPC - ok
18:18:05.0100 3096 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:18:05.0116 3096 mssmbios - ok
18:18:05.0132 3096 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:18:05.0210 3096 MSTEE - ok
18:18:05.0225 3096 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:18:05.0272 3096 MTConfig - ok
18:18:05.0288 3096 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:18:05.0303 3096 Mup - ok
18:18:05.0366 3096 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:18:05.0444 3096 napagent - ok
18:18:05.0506 3096 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:18:05.0553 3096 NativeWifiP - ok
18:18:05.0678 3096 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
18:18:05.0740 3096 NDIS - ok
18:18:05.0771 3096 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:18:05.0849 3096 NdisCap - ok
18:18:05.0880 3096 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:18:05.0958 3096 NdisTapi - ok
18:18:06.0005 3096 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:18:06.0099 3096 Ndisuio - ok
18:18:06.0130 3096 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:18:06.0224 3096 NdisWan - ok
18:18:06.0270 3096 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:18:06.0364 3096 NDProxy - ok
18:18:06.0411 3096 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:18:06.0489 3096 NetBIOS - ok
18:18:06.0520 3096 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:18:06.0614 3096 NetBT - ok
18:18:06.0629 3096 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:18:06.0660 3096 Netlogon - ok
18:18:06.0723 3096 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:18:06.0801 3096 Netman - ok
18:18:06.0848 3096 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:18:06.0941 3096 netprofm - ok
18:18:07.0004 3096 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:18:07.0019 3096 NetTcpPortSharing - ok
18:18:07.0066 3096 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:18:07.0097 3096 nfrd960 - ok
18:18:07.0144 3096 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:18:07.0238 3096 NlaSvc - ok
18:18:07.0253 3096 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:18:07.0331 3096 Npfs - ok
18:18:07.0347 3096 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:18:07.0425 3096 nsi - ok
18:18:07.0456 3096 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:18:07.0534 3096 nsiproxy - ok
18:18:07.0674 3096 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:18:07.0752 3096 Ntfs - ok
18:18:07.0862 3096 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:18:07.0971 3096 Null - ok
18:18:08.0018 3096 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:18:08.0049 3096 nvraid - ok
18:18:08.0080 3096 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:18:08.0096 3096 nvstor - ok
18:18:08.0127 3096 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:18:08.0158 3096 nv_agp - ok
18:18:08.0174 3096 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:18:08.0220 3096 ohci1394 - ok
18:18:08.0298 3096 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:18:08.0330 3096 ose - ok
18:18:08.0642 3096 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:18:08.0891 3096 osppsvc - ok
18:18:09.0078 3096 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:18:09.0141 3096 p2pimsvc - ok
18:18:09.0172 3096 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:18:09.0203 3096 p2psvc - ok
18:18:09.0266 3096 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:18:09.0297 3096 Parport - ok
18:18:09.0328 3096 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:18:09.0344 3096 partmgr - ok
18:18:09.0375 3096 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:18:09.0406 3096 PcaSvc - ok
18:18:09.0437 3096 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:18:09.0468 3096 pci - ok
18:18:09.0484 3096 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:18:09.0515 3096 pciide - ok
18:18:09.0546 3096 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:18:09.0562 3096 pcmcia - ok
18:18:09.0578 3096 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:18:09.0609 3096 pcw - ok
18:18:09.0656 3096 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:18:09.0765 3096 PEAUTH - ok
18:18:09.0843 3096 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:18:09.0874 3096 PerfHost - ok
18:18:10.0030 3096 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:18:10.0155 3096 pla - ok
18:18:10.0217 3096 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:18:10.0295 3096 PlugPlay - ok
18:18:10.0326 3096 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:18:10.0358 3096 PNRPAutoReg - ok
18:18:10.0404 3096 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:18:10.0436 3096 PNRPsvc - ok
18:18:10.0498 3096 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:18:10.0607 3096 PolicyAgent - ok
18:18:10.0638 3096 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:18:10.0748 3096 Power - ok
18:18:10.0810 3096 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:18:10.0888 3096 PptpMiniport - ok
18:18:10.0919 3096 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:18:10.0950 3096 Processor - ok
18:18:10.0997 3096 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
18:18:11.0028 3096 ProfSvc - ok
18:18:11.0060 3096 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:18:11.0091 3096 ProtectedStorage - ok
18:18:11.0138 3096 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:18:11.0231 3096 Psched - ok
18:18:11.0294 3096 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
18:18:11.0325 3096 PSI - ok
18:18:11.0434 3096 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:18:11.0528 3096 ql2300 - ok
18:18:11.0637 3096 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:18:11.0668 3096 ql40xx - ok
18:18:11.0699 3096 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:18:11.0746 3096 QWAVE - ok
18:18:11.0762 3096 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:18:11.0808 3096 QWAVEdrv - ok
18:18:11.0808 3096 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:18:11.0886 3096 RasAcd - ok
18:18:11.0918 3096 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:18:11.0996 3096 RasAgileVpn - ok
18:18:12.0011 3096 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:18:12.0136 3096 RasAuto - ok
18:18:12.0167 3096 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:18:12.0261 3096 Rasl2tp - ok
18:18:12.0308 3096 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:18:12.0401 3096 RasMan - ok
18:18:12.0432 3096 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:18:12.0557 3096 RasPppoe - ok
18:18:12.0573 3096 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:18:12.0682 3096 RasSstp - ok
18:18:12.0729 3096 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:18:12.0822 3096 rdbss - ok
18:18:12.0854 3096 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:18:12.0900 3096 rdpbus - ok
18:18:12.0916 3096 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:18:13.0010 3096 RDPCDD - ok
18:18:13.0041 3096 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:18:13.0150 3096 RDPENCDD - ok
18:18:13.0181 3096 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:18:13.0259 3096 RDPREFMP - ok
18:18:13.0306 3096 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
18:18:13.0353 3096 RDPWD - ok
18:18:13.0415 3096 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:18:13.0431 3096 rdyboost - ok
18:18:13.0462 3096 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:18:13.0556 3096 RemoteAccess - ok
18:18:13.0602 3096 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:18:13.0712 3096 RemoteRegistry - ok
18:18:13.0743 3096 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:18:13.0790 3096 RFCOMM - ok
18:18:13.0899 3096 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:18:13.0930 3096 RichVideo ( UnsignedFile.Multi.Generic ) - warning
18:18:13.0930 3096 RichVideo - detected UnsignedFile.Multi.Generic (1)
18:18:13.0961 3096 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:18:14.0039 3096 RpcEptMapper - ok
18:18:14.0070 3096 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:18:14.0102 3096 RpcLocator - ok
18:18:14.0164 3096 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:18:14.0242 3096 RpcSs - ok
18:18:14.0273 3096 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:18:14.0382 3096 rspndr - ok
18:18:14.0429 3096 RTL8167 (ea5532868ba76923d75bcb2a1448d810) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:18:14.0460 3096 RTL8167 - ok
18:18:14.0538 3096 rtport (4ca0dba9e224473d664c25e411f5a3bd) C:\Windows\SysWOW64\drivers\rtport.sys
18:18:14.0554 3096 rtport - ok
18:18:14.0601 3096 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\Windows\system32\Drivers\SABI.sys
18:18:14.0648 3096 SABI - ok
18:18:14.0663 3096 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:18:14.0694 3096 SamSs - ok
18:18:14.0741 3096 Samsung UPD Service (d641337b75b9a9d5ae10687aa1097755) C:\Windows\System32\SUPDSvc.exe
18:18:14.0757 3096 Samsung UPD Service - ok
18:18:14.0804 3096 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:18:14.0835 3096 sbp2port - ok
18:18:14.0882 3096 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:18:14.0975 3096 SCardSvr - ok
18:18:15.0006 3096 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:18:15.0100 3096 scfilter - ok
18:18:15.0178 3096 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:18:15.0318 3096 Schedule - ok
18:18:15.0350 3096 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:18:15.0412 3096 SCPolicySvc - ok
18:18:15.0443 3096 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:18:15.0490 3096 SDRSVC - ok
18:18:15.0552 3096 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:18:15.0646 3096 secdrv - ok
18:18:15.0677 3096 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:18:15.0771 3096 seclogon - ok
18:18:15.0911 3096 Secunia PSI Agent (2d0599dd0124764fc939c59985c860de) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:18:15.0958 3096 Secunia PSI Agent - ok
18:18:16.0036 3096 Secunia Update Agent (20b9e1adbc58958b480933e4da005dfb) C:\Program Files (x86)\Secunia\PSI\sua.exe
18:18:16.0067 3096 Secunia Update Agent - ok
18:18:16.0176 3096 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:18:16.0286 3096 SENS - ok
18:18:16.0301 3096 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:18:16.0348 3096 SensrSvc - ok
18:18:16.0395 3096 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:18:16.0426 3096 Serenum - ok
18:18:16.0488 3096 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:18:16.0535 3096 Serial - ok
18:18:16.0566 3096 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:18:16.0629 3096 sermouse - ok
18:18:16.0676 3096 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:18:16.0769 3096 SessionEnv - ok
18:18:16.0800 3096 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:18:16.0832 3096 sffdisk - ok
18:18:16.0847 3096 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:18:16.0878 3096 sffp_mmc - ok
18:18:16.0894 3096 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:18:16.0925 3096 sffp_sd - ok
18:18:16.0941 3096 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:18:16.0956 3096 sfloppy - ok
18:18:17.0034 3096 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
18:18:17.0081 3096 Sftfs - ok
18:18:17.0175 3096 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:18:17.0222 3096 sftlist - ok
18:18:17.0237 3096 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:18:17.0268 3096 Sftplay - ok
18:18:17.0300 3096 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:18:17.0315 3096 Sftredir - ok
18:18:17.0346 3096 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
18:18:17.0362 3096 Sftvol - ok
18:18:17.0393 3096 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:18:17.0409 3096 sftvsa - ok
18:18:17.0456 3096 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:18:17.0549 3096 SharedAccess - ok
18:18:17.0612 3096 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:18:17.0690 3096 ShellHWDetection - ok
18:18:17.0736 3096 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:18:17.0752 3096 SiSRaid2 - ok
18:18:17.0768 3096 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:18:17.0799 3096 SiSRaid4 - ok
18:18:17.0830 3096 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:18:17.0924 3096 Smb - ok
18:18:17.0955 3096 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:18:18.0017 3096 SNMPTRAP - ok
18:18:18.0064 3096 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:18:18.0080 3096 spldr - ok
18:18:18.0173 3096 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:18:18.0251 3096 Spooler - ok
18:18:18.0470 3096 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:18:18.0641 3096 sppsvc - ok
18:18:18.0735 3096 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:18:18.0828 3096 sppuinotify - ok
18:18:18.0906 3096 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:18:18.0969 3096 srv - ok
18:18:19.0016 3096 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:18:19.0078 3096 srv2 - ok
18:18:19.0109 3096 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:18:19.0156 3096 srvnet - ok
18:18:19.0203 3096 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:18:19.0296 3096 SSDPSRV - ok
18:18:19.0312 3096 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:18:19.0374 3096 SstpSvc - ok
18:18:19.0406 3096 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:18:19.0421 3096 stexstor - ok
18:18:19.0468 3096 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
18:18:19.0499 3096 StillCam - ok
18:18:19.0577 3096 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:18:19.0655 3096 stisvc - ok
18:18:19.0702 3096 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:18:19.0733 3096 swenum - ok
18:18:19.0796 3096 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:18:19.0905 3096 swprv - ok
18:18:20.0092 3096 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:18:20.0186 3096 SysMain - ok
18:18:20.0310 3096 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:18:20.0373 3096 TabletInputService - ok
18:18:20.0404 3096 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:18:20.0482 3096 TapiSrv - ok
18:18:20.0529 3096 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:18:20.0622 3096 TBS - ok
18:18:20.0778 3096 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:18:20.0888 3096 Tcpip - ok
18:18:21.0106 3096 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:18:21.0184 3096 TCPIP6 - ok
18:18:21.0324 3096 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:18:21.0387 3096 tcpipreg - ok
18:18:21.0418 3096 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:18:21.0449 3096 TDPIPE - ok
18:18:21.0480 3096 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:18:21.0512 3096 TDTCP - ok
18:18:21.0574 3096 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:18:21.0699 3096 tdx - ok
18:18:21.0714 3096 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:18:21.0746 3096 TermDD - ok
18:18:21.0792 3096 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:18:21.0902 3096 TermService - ok
18:18:21.0933 3096 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:18:21.0980 3096 Themes - ok
18:18:22.0026 3096 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:18:22.0089 3096 THREADORDER - ok
18:18:22.0120 3096 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:18:22.0214 3096 TrkWks - ok
18:18:22.0276 3096 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:18:22.0370 3096 TrustedInstaller - ok
18:18:22.0401 3096 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:18:22.0494 3096 tssecsrv - ok
18:18:22.0541 3096 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:18:22.0572 3096 TsUsbFlt - ok
18:18:22.0650 3096 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:18:22.0760 3096 tunnel - ok
18:18:22.0791 3096 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
18:18:22.0806 3096 TurboB - ok
18:18:22.0900 3096 TurboBoost (759f59e3ea3802ff23f93dcdb6fe9171) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:18:22.0916 3096 TurboBoost - ok
18:18:22.0947 3096 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:18:22.0978 3096 uagp35 - ok
18:18:23.0040 3096 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:18:23.0150 3096 udfs - ok
18:18:23.0181 3096 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:18:23.0196 3096 UI0Detect - ok
18:18:23.0228 3096 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:18:23.0259 3096 uliagpkx - ok
18:18:23.0274 3096 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:18:23.0321 3096 umbus - ok
18:18:23.0352 3096 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:18:23.0384 3096 UmPass - ok
18:18:23.0649 3096 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:18:23.0774 3096 UNS - ok
18:18:23.0914 3096 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:18:24.0023 3096 upnphost - ok
18:18:24.0070 3096 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:18:24.0148 3096 usbccgp - ok
18:18:24.0179 3096 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:18:24.0210 3096 usbcir - ok
18:18:24.0226 3096 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
18:18:24.0288 3096 usbehci - ok
18:18:24.0335 3096 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:18:24.0382 3096 usbhub - ok
18:18:24.0398 3096 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:18:24.0429 3096 usbohci - ok
18:18:24.0460 3096 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:18:24.0491 3096 usbprint - ok
18:18:24.0507 3096 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:18:24.0554 3096 USBSTOR - ok
18:18:24.0585 3096 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:18:24.0616 3096 usbuhci - ok
18:18:24.0663 3096 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
18:18:24.0710 3096 usbvideo - ok
18:18:24.0741 3096 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:18:24.0850 3096 UxSms - ok
18:18:24.0866 3096 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:18:24.0881 3096 VaultSvc - ok
18:18:24.0928 3096 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:18:24.0944 3096 vdrvroot - ok
18:18:25.0068 3096 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:18:25.0178 3096 vds - ok
18:18:25.0224 3096 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:18:25.0256 3096 vga - ok
18:18:25.0271 3096 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:18:25.0365 3096 VgaSave - ok
18:18:25.0412 3096 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:18:25.0443 3096 vhdmp - ok
18:18:25.0474 3096 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:18:25.0490 3096 viaide - ok
18:18:25.0536 3096 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:18:25.0552 3096 volmgr - ok
18:18:25.0786 3096 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:18:25.0833 3096 volmgrx - ok
18:18:25.0864 3096 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:18:25.0895 3096 volsnap - ok
18:18:25.0942 3096 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:18:25.0973 3096 vsmraid - ok
18:18:26.0082 3096 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:18:26.0192 3096 VSS - ok
18:18:26.0332 3096 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:18:26.0379 3096 vwifibus - ok
18:18:26.0426 3096 vwififlt (13a0decd1794de60a8427862c8669d27) C:\Windows\system32\DRIVERS\vwififlt.sys
18:18:26.0472 3096 vwififlt - ok
18:18:26.0535 3096 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:18:26.0660 3096 W32Time - ok
18:18:26.0691 3096 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:18:26.0738 3096 WacomPen - ok
18:18:26.0784 3096 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:18:26.0862 3096 WANARP - ok
18:18:26.0878 3096 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:18:26.0940 3096 Wanarpv6 - ok
18:18:27.0050 3096 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:18:27.0143 3096 wbengine - ok
18:18:27.0284 3096 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:18:27.0330 3096 WbioSrvc - ok
18:18:27.0393 3096 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:18:27.0455 3096 wcncsvc - ok
18:18:27.0486 3096 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:18:27.0533 3096 WcsPlugInService - ok
18:18:27.0580 3096 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:18:27.0611 3096 Wd - ok
18:18:27.0923 3096 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:18:27.0970 3096 Wdf01000 - ok
18:18:27.0986 3096 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:18:28.0110 3096 WdiServiceHost - ok
18:18:28.0110 3096 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:18:28.0157 3096 WdiSystemHost - ok
18:18:28.0220 3096 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:18:28.0282 3096 WebClient - ok
18:18:28.0329 3096 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:18:28.0422 3096 Wecsvc - ok
18:18:28.0438 3096 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:18:28.0516 3096 wercplsupport - ok
18:18:28.0547 3096 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:18:28.0625 3096 WerSvc - ok
18:18:28.0688 3096 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:18:28.0766 3096 WfpLwf - ok
18:18:28.0781 3096 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:18:28.0797 3096 WIMMount - ok
18:18:28.0844 3096 WinDefend - ok
18:18:28.0844 3096 WinHttpAutoProxySvc - ok
18:18:28.0906 3096 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:18:29.0000 3096 Winmgmt - ok
18:18:29.0156 3096 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:18:29.0296 3096 WinRM - ok
18:18:29.0499 3096 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:18:29.0546 3096 WinUsb - ok
18:18:29.0639 3096 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:18:29.0717 3096 Wlansvc - ok
18:18:29.0795 3096 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:18:29.0811 3096 wlcrasvc - ok
18:18:29.0967 3096 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:18:30.0076 3096 wlidsvc - ok
18:18:30.0263 3096 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:18:30.0310 3096 WmiAcpi - ok
18:18:30.0388 3096 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:18:30.0435 3096 wmiApSrv - ok
18:18:30.0482 3096 WMPNetworkSvc - ok
18:18:30.0528 3096 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:18:30.0575 3096 WPCSvc - ok
18:18:30.0622 3096 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:18:30.0653 3096 WPDBusEnum - ok
18:18:30.0684 3096 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:18:30.0778 3096 ws2ifsl - ok
18:18:30.0794 3096 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
18:18:30.0840 3096 wscsvc - ok
18:18:30.0840 3096 WSearch - ok
18:18:31.0028 3096 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:18:31.0152 3096 wuauserv - ok
18:18:31.0308 3096 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:18:31.0402 3096 WudfPf - ok
18:18:31.0433 3096 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:18:31.0527 3096 WUDFRd - ok
18:18:31.0542 3096 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:18:31.0620 3096 wudfsvc - ok
18:18:31.0652 3096 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:18:31.0683 3096 WwanSvc - ok
18:18:31.0745 3096 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
18:18:32.0166 3096 \Device\Harddisk0\DR0 - ok
18:18:32.0166 3096 Boot (0x1200) (829d022612c51b27e592d806574a712c) \Device\Harddisk0\DR0\Partition0
18:18:32.0166 3096 \Device\Harddisk0\DR0\Partition0 - ok
18:18:32.0198 3096 Boot (0x1200) (a333bea0e22d8fc536c3f6fa0683ea56) \Device\Harddisk0\DR0\Partition1
18:18:32.0198 3096 \Device\Harddisk0\DR0\Partition1 - ok
18:18:32.0244 3096 Boot (0x1200) (74722cb6bc598c5dd0aba7c20f975f8b) \Device\Harddisk0\DR0\Partition2
18:18:32.0244 3096 \Device\Harddisk0\DR0\Partition2 - ok
18:18:32.0244 3096 ============================================================
18:18:32.0244 3096 Scan finished
18:18:32.0244 3096 ============================================================
18:18:32.0260 4992 Detected object count: 1
18:18:32.0260 4992 Actual detected object count: 1
|
|
26.07.2012, 11:03
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner Log ist unvollständig die untere Zusammenfassung fehlt
__________________
__________________ |
|
27.07.2012, 20:21
| #19 |
| | Verschlüsselungs-Trojaner Oh, das tut mir leid. Hier noch einmal, hoffentlich vollständig  Code:
ATTFilter 18:16:58.0847 4916 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
18:16:59.0378 4916 ============================================================
18:16:59.0378 4916 Current date / time: 2012/07/25 18:16:59.0378
18:16:59.0378 4916 SystemInfo:
18:16:59.0378 4916
18:16:59.0378 4916 OS Version: 6.1.7601 ServicePack: 1.0
18:16:59.0378 4916 Product type: Workstation
18:16:59.0378 4916 ComputerName: FLOGAGA21
18:16:59.0378 4916 UserName: ehlertm
18:16:59.0378 4916 Windows directory: C:\Windows
18:16:59.0378 4916 System windows directory: C:\Windows
18:16:59.0378 4916 Running under WOW64
18:16:59.0378 4916 Processor architecture: Intel x64
18:16:59.0378 4916 Number of processors: 4
18:16:59.0378 4916 Page size: 0x1000
18:16:59.0378 4916 Boot type: Normal boot
18:16:59.0378 4916 ============================================================
18:17:01.0109 4916 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:17:01.0125 4916 ============================================================
18:17:01.0125 4916 \Device\Harddisk0\DR0:
18:17:01.0125 4916 MBR partitions:
18:17:01.0125 4916 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:17:01.0125 4916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x16400000
18:17:01.0140 4916 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16433000, BlocksNum 0x21173000
18:17:01.0140 4916 ============================================================
18:17:01.0172 4916 C: <-> \Device\Harddisk0\DR0\Partition1
18:17:01.0218 4916 D: <-> \Device\Harddisk0\DR0\Partition2
18:17:01.0218 4916 ============================================================
18:17:01.0218 4916 Initialize success
18:17:01.0218 4916 ============================================================
18:17:41.0123 3096 ============================================================
18:17:41.0123 3096 Scan started
18:17:41.0123 3096 Mode: Manual; SigCheck; TDLFS;
18:17:41.0123 3096 ============================================================
18:17:42.0590 3096 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:17:42.0714 3096 1394ohci - ok
18:17:42.0777 3096 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:17:42.0808 3096 ACPI - ok
18:17:42.0839 3096 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:17:42.0948 3096 AcpiPmi - ok
18:17:43.0104 3096 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:17:43.0136 3096 AdobeFlashPlayerUpdateSvc - ok
18:17:43.0214 3096 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:17:43.0260 3096 adp94xx - ok
18:17:43.0323 3096 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:17:43.0354 3096 adpahci - ok
18:17:43.0370 3096 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:17:43.0401 3096 adpu320 - ok
18:17:43.0432 3096 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:17:43.0604 3096 AeLookupSvc - ok
18:17:43.0682 3096 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:17:43.0760 3096 AFD - ok
18:17:43.0806 3096 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:17:43.0822 3096 agp440 - ok
18:17:43.0853 3096 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:17:43.0931 3096 ALG - ok
18:17:43.0962 3096 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:17:43.0994 3096 aliide - ok
18:17:44.0009 3096 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:17:44.0025 3096 amdide - ok
18:17:44.0072 3096 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:17:44.0118 3096 AmdK8 - ok
18:17:44.0134 3096 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:17:44.0181 3096 AmdPPM - ok
18:17:44.0212 3096 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:17:44.0243 3096 amdsata - ok
18:17:44.0274 3096 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:17:44.0290 3096 amdsbs - ok
18:17:44.0321 3096 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:17:44.0337 3096 amdxata - ok
18:17:44.0430 3096 AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:17:44.0462 3096 AntiVirSchedulerService - ok
18:17:44.0493 3096 AntiVirService (72d90e56563165984224493069c69ed4) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:17:44.0524 3096 AntiVirService - ok
18:17:44.0571 3096 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:17:44.0664 3096 AppID - ok
18:17:44.0711 3096 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:17:44.0820 3096 AppIDSvc - ok
18:17:44.0883 3096 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:17:44.0961 3096 Appinfo - ok
18:17:45.0008 3096 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:17:45.0023 3096 arc - ok
18:17:45.0054 3096 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:17:45.0086 3096 arcsas - ok
18:17:45.0101 3096 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:17:45.0195 3096 AsyncMac - ok
18:17:45.0242 3096 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:17:45.0257 3096 atapi - ok
18:17:45.0429 3096 athr (16567ab05cd34f46d0dcbb129ca143c2) C:\Windows\system32\DRIVERS\athrx.sys
18:17:45.0585 3096 athr - ok
18:17:45.0741 3096 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:17:45.0850 3096 AudioEndpointBuilder - ok
18:17:45.0850 3096 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:17:45.0944 3096 AudioSrv - ok
18:17:46.0037 3096 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
18:17:46.0053 3096 avgntflt - ok
18:17:46.0068 3096 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
18:17:46.0084 3096 avipbb - ok
18:17:46.0146 3096 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:17:46.0240 3096 AxInstSV - ok
18:17:46.0302 3096 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:17:46.0365 3096 b06bdrv - ok
18:17:46.0412 3096 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:17:46.0474 3096 b57nd60a - ok
18:17:46.0552 3096 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:17:46.0614 3096 BDESVC - ok
18:17:46.0661 3096 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:17:46.0755 3096 Beep - ok
18:17:46.0880 3096 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:17:46.0989 3096 BFE - ok
18:17:47.0036 3096 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:17:47.0145 3096 BITS - ok
18:17:47.0223 3096 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:17:47.0270 3096 blbdrive - ok
18:17:47.0316 3096 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:17:47.0379 3096 bowser - ok
18:17:47.0394 3096 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:17:47.0488 3096 BrFiltLo - ok
18:17:47.0504 3096 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:17:47.0550 3096 BrFiltUp - ok
18:17:47.0613 3096 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:17:47.0706 3096 Browser - ok
18:17:47.0738 3096 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:17:47.0816 3096 Brserid - ok
18:17:47.0831 3096 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:17:47.0894 3096 BrSerWdm - ok
18:17:47.0894 3096 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:17:47.0956 3096 BrUsbMdm - ok
18:17:47.0972 3096 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:17:48.0003 3096 BrUsbSer - ok
18:17:48.0050 3096 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:17:48.0096 3096 BthEnum - ok
18:17:48.0143 3096 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:17:48.0190 3096 BTHMODEM - ok
18:17:48.0237 3096 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:17:48.0299 3096 BthPan - ok
18:17:48.0408 3096 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
18:17:48.0455 3096 BTHPORT - ok
18:17:48.0502 3096 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:17:48.0580 3096 bthserv - ok
18:17:48.0642 3096 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
18:17:48.0705 3096 BTHUSB - ok
18:17:48.0736 3096 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:17:48.0845 3096 cdfs - ok
18:17:48.0876 3096 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:17:48.0923 3096 cdrom - ok
18:17:48.0970 3096 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:17:49.0095 3096 CertPropSvc - ok
18:17:49.0126 3096 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:17:49.0173 3096 circlass - ok
18:17:49.0251 3096 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:17:49.0282 3096 CLFS - ok
18:17:49.0344 3096 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:17:49.0360 3096 clr_optimization_v2.0.50727_32 - ok
18:17:49.0407 3096 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:17:49.0438 3096 clr_optimization_v2.0.50727_64 - ok
18:17:49.0532 3096 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:17:49.0563 3096 clr_optimization_v4.0.30319_32 - ok
18:17:49.0610 3096 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:17:49.0625 3096 clr_optimization_v4.0.30319_64 - ok
18:17:49.0688 3096 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
18:17:49.0703 3096 clwvd - ok
18:17:49.0766 3096 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:17:49.0812 3096 CmBatt - ok
18:17:49.0859 3096 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:17:49.0875 3096 cmdide - ok
18:17:49.0953 3096 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
18:17:50.0015 3096 CNG - ok
18:17:50.0046 3096 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:17:50.0062 3096 Compbatt - ok
18:17:50.0109 3096 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:17:50.0171 3096 CompositeBus - ok
18:17:50.0187 3096 COMSysApp - ok
18:17:50.0218 3096 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:17:50.0249 3096 crcdisk - ok
18:17:50.0312 3096 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
18:17:50.0374 3096 CryptSvc - ok
18:17:50.0530 3096 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:17:50.0592 3096 cvhsvc - ok
18:17:50.0686 3096 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:17:50.0795 3096 DcomLaunch - ok
18:17:50.0842 3096 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:17:50.0951 3096 defragsvc - ok
18:17:51.0014 3096 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:17:51.0123 3096 DfsC - ok
18:17:51.0201 3096 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:17:51.0294 3096 Dhcp - ok
18:17:51.0326 3096 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:17:51.0435 3096 discache - ok
18:17:51.0482 3096 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:17:51.0513 3096 Disk - ok
18:17:51.0560 3096 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:17:51.0622 3096 Dnscache - ok
18:17:51.0669 3096 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:17:51.0778 3096 dot3svc - ok
18:17:51.0825 3096 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:17:51.0918 3096 DPS - ok
18:17:51.0965 3096 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:17:52.0012 3096 drmkaud - ok
18:17:52.0121 3096 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:17:52.0184 3096 DXGKrnl - ok
18:17:52.0199 3096 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:17:52.0293 3096 EapHost - ok
18:17:52.0558 3096 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:17:52.0667 3096 ebdrv - ok
18:17:52.0776 3096 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:17:52.0854 3096 EFS - ok
18:17:52.0964 3096 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:17:53.0026 3096 ehRecvr - ok
18:17:53.0073 3096 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:17:53.0135 3096 ehSched - ok
18:17:53.0260 3096 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:17:53.0307 3096 elxstor - ok
18:17:53.0322 3096 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:17:53.0354 3096 ErrDev - ok
18:17:53.0416 3096 ETD (9d8739a2a2173c9d27c499a3fc6eda3f) C:\Windows\system32\DRIVERS\ETD.sys
18:17:53.0447 3096 ETD - ok
18:17:53.0494 3096 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:17:53.0603 3096 EventSystem - ok
18:17:53.0650 3096 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:17:53.0744 3096 exfat - ok
18:17:53.0775 3096 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:17:53.0868 3096 fastfat - ok
18:17:53.0962 3096 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:17:54.0056 3096 Fax - ok
18:17:54.0071 3096 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:17:54.0102 3096 fdc - ok
18:17:54.0149 3096 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:17:54.0243 3096 fdPHost - ok
18:17:54.0243 3096 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:17:54.0336 3096 FDResPub - ok
18:17:54.0352 3096 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:17:54.0368 3096 FileInfo - ok
18:17:54.0383 3096 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:17:54.0492 3096 Filetrace - ok
18:17:54.0492 3096 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:17:54.0524 3096 flpydisk - ok
18:17:54.0586 3096 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:17:54.0617 3096 FltMgr - ok
18:17:54.0711 3096 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:17:54.0804 3096 FontCache - ok
18:17:54.0898 3096 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:17:54.0914 3096 FontCache3.0.0.0 - ok
18:17:54.0945 3096 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:17:54.0976 3096 FsDepends - ok
18:17:55.0007 3096 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:17:55.0038 3096 Fs_Rec - ok
18:17:55.0085 3096 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:17:55.0132 3096 fvevol - ok
18:17:55.0163 3096 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:17:55.0179 3096 gagp30kx - ok
18:17:55.0272 3096 GameConsoleService (521a469caf61f00e1de081cc2099c1d6) C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
18:17:55.0304 3096 GameConsoleService - ok
18:17:55.0413 3096 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:17:55.0506 3096 gpsvc - ok
18:17:55.0522 3096 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:17:55.0569 3096 hcw85cir - ok
18:17:55.0647 3096 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:17:55.0709 3096 HdAudAddService - ok
18:17:55.0756 3096 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:17:55.0818 3096 HDAudBus - ok
18:17:55.0850 3096 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:17:55.0881 3096 HidBatt - ok
18:17:55.0896 3096 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:17:55.0959 3096 HidBth - ok
18:17:55.0974 3096 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:17:55.0990 3096 HidIr - ok
18:17:56.0021 3096 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:17:56.0099 3096 hidserv - ok
18:17:56.0162 3096 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
18:17:56.0193 3096 HidUsb - ok
18:17:56.0240 3096 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:17:56.0349 3096 hkmsvc - ok
18:17:56.0396 3096 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:17:56.0474 3096 HomeGroupListener - ok
18:17:56.0520 3096 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:17:56.0567 3096 HomeGroupProvider - ok
18:17:56.0630 3096 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:17:56.0661 3096 HpSAMD - ok
18:17:56.0739 3096 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:17:56.0832 3096 HTTP - ok
18:17:56.0879 3096 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:17:56.0895 3096 hwpolicy - ok
18:17:56.0957 3096 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:17:56.0988 3096 i8042prt - ok
18:17:57.0066 3096 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
18:17:57.0098 3096 iaStor - ok
18:17:57.0144 3096 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:17:57.0191 3096 iaStorV - ok
18:17:57.0316 3096 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:17:57.0378 3096 idsvc - ok
18:17:58.0127 3096 igfx (8cb8667f5a3b5515f2585f3254f3aaf7) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:17:58.0626 3096 igfx - ok
18:17:58.0767 3096 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:17:58.0782 3096 iirsp - ok
18:17:58.0876 3096 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:17:58.0985 3096 IKEEXT - ok
18:17:59.0172 3096 IntcAzAudAddService (404561d4ee0cae109379a40247046b03) C:\Windows\system32\drivers\RTKVHD64.sys
18:17:59.0266 3096 IntcAzAudAddService - ok
18:17:59.0422 3096 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:17:59.0484 3096 IntcDAud - ok
18:17:59.0500 3096 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:17:59.0531 3096 intelide - ok
18:17:59.0562 3096 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:17:59.0609 3096 intelppm - ok
18:17:59.0656 3096 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:17:59.0765 3096 IPBusEnum - ok
18:17:59.0859 3096 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:17:59.0968 3096 IpFilterDriver - ok
18:18:00.0030 3096 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
18:18:00.0124 3096 iphlpsvc - ok
18:18:00.0155 3096 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:18:00.0202 3096 IPMIDRV - ok
18:18:00.0218 3096 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:18:00.0296 3096 IPNAT - ok
18:18:00.0311 3096 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:18:00.0405 3096 IRENUM - ok
18:18:00.0420 3096 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:18:00.0452 3096 isapnp - ok
18:18:00.0483 3096 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:18:00.0530 3096 iScsiPrt - ok
18:18:00.0545 3096 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:18:00.0576 3096 kbdclass - ok
18:18:00.0623 3096 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:18:00.0670 3096 kbdhid - ok
18:18:00.0717 3096 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:18:00.0732 3096 KeyIso - ok
18:18:00.0779 3096 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
18:18:00.0795 3096 KSecDD - ok
18:18:00.0826 3096 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
18:18:00.0857 3096 KSecPkg - ok
18:18:00.0904 3096 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:18:00.0998 3096 ksthunk - ok
18:18:01.0029 3096 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:18:01.0138 3096 KtmRm - ok
18:18:01.0216 3096 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:18:01.0310 3096 LanmanServer - ok
18:18:01.0356 3096 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:18:01.0450 3096 LanmanWorkstation - ok
18:18:01.0497 3096 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:18:01.0590 3096 lltdio - ok
18:18:01.0653 3096 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:18:01.0762 3096 lltdsvc - ok
18:18:01.0778 3096 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:18:01.0856 3096 lmhosts - ok
18:18:01.0965 3096 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:18:01.0996 3096 LMS - ok
18:18:02.0043 3096 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:18:02.0074 3096 LSI_FC - ok
18:18:02.0074 3096 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:18:02.0105 3096 LSI_SAS - ok
18:18:02.0121 3096 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:18:02.0136 3096 LSI_SAS2 - ok
18:18:02.0152 3096 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:18:02.0183 3096 LSI_SCSI - ok
18:18:02.0199 3096 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:18:02.0292 3096 luafv - ok
18:18:02.0339 3096 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:18:02.0386 3096 Mcx2Svc - ok
18:18:02.0386 3096 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:18:02.0417 3096 megasas - ok
18:18:02.0464 3096 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:18:02.0495 3096 MegaSR - ok
18:18:02.0511 3096 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
18:18:02.0526 3096 MEIx64 - ok
18:18:02.0573 3096 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:18:02.0714 3096 MMCSS - ok
18:18:02.0745 3096 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:18:02.0823 3096 Modem - ok
18:18:02.0854 3096 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:18:02.0901 3096 monitor - ok
18:18:02.0948 3096 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
18:18:02.0963 3096 mouclass - ok
18:18:02.0994 3096 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:18:03.0026 3096 mouhid - ok
18:18:03.0088 3096 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:18:03.0104 3096 mountmgr - ok
18:18:03.0213 3096 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:18:03.0244 3096 MozillaMaintenance - ok
18:18:03.0291 3096 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:18:03.0322 3096 mpio - ok
18:18:03.0353 3096 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:18:03.0416 3096 mpsdrv - ok
18:18:03.0494 3096 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
18:18:03.0603 3096 MpsSvc - ok
18:18:03.0634 3096 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:18:03.0681 3096 MRxDAV - ok
18:18:03.0728 3096 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:18:03.0774 3096 mrxsmb - ok
18:18:03.0821 3096 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:18:03.0868 3096 mrxsmb10 - ok
18:18:03.0899 3096 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:18:03.0946 3096 mrxsmb20 - ok
18:18:03.0962 3096 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:18:03.0993 3096 msahci - ok
18:18:04.0024 3096 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:18:04.0055 3096 msdsm - ok
18:18:04.0086 3096 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:18:04.0149 3096 MSDTC - ok
18:18:04.0196 3096 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:18:04.0289 3096 Msfs - ok
18:18:04.0320 3096 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:18:04.0414 3096 mshidkmdf - ok
18:18:04.0445 3096 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:18:04.0461 3096 msisadrv - ok
18:18:04.0492 3096 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:18:04.0570 3096 MSiSCSI - ok
18:18:04.0570 3096 msiserver - ok
18:18:04.0648 3096 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:18:04.0742 3096 MSKSSRV - ok
18:18:04.0757 3096 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:18:04.0851 3096 MSPCLOCK - ok
18:18:04.0866 3096 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:18:04.0976 3096 MSPQM - ok
18:18:05.0022 3096 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:18:05.0054 3096 MsRPC - ok
18:18:05.0100 3096 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:18:05.0116 3096 mssmbios - ok
18:18:05.0132 3096 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:18:05.0210 3096 MSTEE - ok
18:18:05.0225 3096 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:18:05.0272 3096 MTConfig - ok
18:18:05.0288 3096 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:18:05.0303 3096 Mup - ok
18:18:05.0366 3096 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:18:05.0444 3096 napagent - ok
18:18:05.0506 3096 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:18:05.0553 3096 NativeWifiP - ok
18:18:05.0678 3096 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
18:18:05.0740 3096 NDIS - ok
18:18:05.0771 3096 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:18:05.0849 3096 NdisCap - ok
18:18:05.0880 3096 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:18:05.0958 3096 NdisTapi - ok
18:18:06.0005 3096 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:18:06.0099 3096 Ndisuio - ok
18:18:06.0130 3096 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:18:06.0224 3096 NdisWan - ok
18:18:06.0270 3096 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:18:06.0364 3096 NDProxy - ok
18:18:06.0411 3096 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:18:06.0489 3096 NetBIOS - ok
18:18:06.0520 3096 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:18:06.0614 3096 NetBT - ok
18:18:06.0629 3096 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:18:06.0660 3096 Netlogon - ok
18:18:06.0723 3096 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:18:06.0801 3096 Netman - ok
18:18:06.0848 3096 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:18:06.0941 3096 netprofm - ok
18:18:07.0004 3096 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:18:07.0019 3096 NetTcpPortSharing - ok
18:18:07.0066 3096 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:18:07.0097 3096 nfrd960 - ok
18:18:07.0144 3096 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:18:07.0238 3096 NlaSvc - ok
18:18:07.0253 3096 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:18:07.0331 3096 Npfs - ok
18:18:07.0347 3096 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:18:07.0425 3096 nsi - ok
18:18:07.0456 3096 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:18:07.0534 3096 nsiproxy - ok
18:18:07.0674 3096 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:18:07.0752 3096 Ntfs - ok
18:18:07.0862 3096 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:18:07.0971 3096 Null - ok
18:18:08.0018 3096 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:18:08.0049 3096 nvraid - ok
18:18:08.0080 3096 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:18:08.0096 3096 nvstor - ok
18:18:08.0127 3096 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:18:08.0158 3096 nv_agp - ok
18:18:08.0174 3096 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:18:08.0220 3096 ohci1394 - ok
18:18:08.0298 3096 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:18:08.0330 3096 ose - ok
18:18:08.0642 3096 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:18:08.0891 3096 osppsvc - ok
18:18:09.0078 3096 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:18:09.0141 3096 p2pimsvc - ok
18:18:09.0172 3096 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:18:09.0203 3096 p2psvc - ok
18:18:09.0266 3096 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:18:09.0297 3096 Parport - ok
18:18:09.0328 3096 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:18:09.0344 3096 partmgr - ok
18:18:09.0375 3096 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:18:09.0406 3096 PcaSvc - ok
18:18:09.0437 3096 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:18:09.0468 3096 pci - ok
18:18:09.0484 3096 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:18:09.0515 3096 pciide - ok
18:18:09.0546 3096 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:18:09.0562 3096 pcmcia - ok
18:18:09.0578 3096 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:18:09.0609 3096 pcw - ok
18:18:09.0656 3096 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:18:09.0765 3096 PEAUTH - ok
18:18:09.0843 3096 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:18:09.0874 3096 PerfHost - ok
18:18:10.0030 3096 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:18:10.0155 3096 pla - ok
18:18:10.0217 3096 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:18:10.0295 3096 PlugPlay - ok
18:18:10.0326 3096 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:18:10.0358 3096 PNRPAutoReg - ok
18:18:10.0404 3096 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:18:10.0436 3096 PNRPsvc - ok
18:18:10.0498 3096 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:18:10.0607 3096 PolicyAgent - ok
18:18:10.0638 3096 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:18:10.0748 3096 Power - ok
18:18:10.0810 3096 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:18:10.0888 3096 PptpMiniport - ok
18:18:10.0919 3096 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:18:10.0950 3096 Processor - ok
18:18:10.0997 3096 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
18:18:11.0028 3096 ProfSvc - ok
18:18:11.0060 3096 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:18:11.0091 3096 ProtectedStorage - ok
18:18:11.0138 3096 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:18:11.0231 3096 Psched - ok
18:18:11.0294 3096 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
18:18:11.0325 3096 PSI - ok
18:18:11.0434 3096 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:18:11.0528 3096 ql2300 - ok
18:18:11.0637 3096 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:18:11.0668 3096 ql40xx - ok
18:18:11.0699 3096 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:18:11.0746 3096 QWAVE - ok
18:18:11.0762 3096 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:18:11.0808 3096 QWAVEdrv - ok
18:18:11.0808 3096 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:18:11.0886 3096 RasAcd - ok
18:18:11.0918 3096 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:18:11.0996 3096 RasAgileVpn - ok
18:18:12.0011 3096 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:18:12.0136 3096 RasAuto - ok
18:18:12.0167 3096 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:18:12.0261 3096 Rasl2tp - ok
18:18:12.0308 3096 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:18:12.0401 3096 RasMan - ok
18:18:12.0432 3096 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:18:12.0557 3096 RasPppoe - ok
18:18:12.0573 3096 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:18:12.0682 3096 RasSstp - ok
18:18:12.0729 3096 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:18:12.0822 3096 rdbss - ok
18:18:12.0854 3096 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:18:12.0900 3096 rdpbus - ok
18:18:12.0916 3096 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:18:13.0010 3096 RDPCDD - ok
18:18:13.0041 3096 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:18:13.0150 3096 RDPENCDD - ok
18:18:13.0181 3096 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:18:13.0259 3096 RDPREFMP - ok
18:18:13.0306 3096 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
18:18:13.0353 3096 RDPWD - ok
18:18:13.0415 3096 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:18:13.0431 3096 rdyboost - ok
18:18:13.0462 3096 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:18:13.0556 3096 RemoteAccess - ok
18:18:13.0602 3096 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:18:13.0712 3096 RemoteRegistry - ok
18:18:13.0743 3096 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:18:13.0790 3096 RFCOMM - ok
18:18:13.0899 3096 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:18:13.0930 3096 RichVideo ( UnsignedFile.Multi.Generic ) - warning
18:18:13.0930 3096 RichVideo - detected UnsignedFile.Multi.Generic (1)
18:18:13.0961 3096 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:18:14.0039 3096 RpcEptMapper - ok
18:18:14.0070 3096 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:18:14.0102 3096 RpcLocator - ok
18:18:14.0164 3096 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:18:14.0242 3096 RpcSs - ok
18:18:14.0273 3096 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:18:14.0382 3096 rspndr - ok
18:18:14.0429 3096 RTL8167 (ea5532868ba76923d75bcb2a1448d810) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:18:14.0460 3096 RTL8167 - ok
18:18:14.0538 3096 rtport (4ca0dba9e224473d664c25e411f5a3bd) C:\Windows\SysWOW64\drivers\rtport.sys
18:18:14.0554 3096 rtport - ok
18:18:14.0601 3096 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\Windows\system32\Drivers\SABI.sys
18:18:14.0648 3096 SABI - ok
18:18:14.0663 3096 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:18:14.0694 3096 SamSs - ok
18:18:14.0741 3096 Samsung UPD Service (d641337b75b9a9d5ae10687aa1097755) C:\Windows\System32\SUPDSvc.exe
18:18:14.0757 3096 Samsung UPD Service - ok
18:18:14.0804 3096 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:18:14.0835 3096 sbp2port - ok
18:18:14.0882 3096 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:18:14.0975 3096 SCardSvr - ok
18:18:15.0006 3096 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:18:15.0100 3096 scfilter - ok
18:18:15.0178 3096 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:18:15.0318 3096 Schedule - ok
18:18:15.0350 3096 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:18:15.0412 3096 SCPolicySvc - ok
18:18:15.0443 3096 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:18:15.0490 3096 SDRSVC - ok
18:18:15.0552 3096 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:18:15.0646 3096 secdrv - ok
18:18:15.0677 3096 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:18:15.0771 3096 seclogon - ok
18:18:15.0911 3096 Secunia PSI Agent (2d0599dd0124764fc939c59985c860de) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:18:15.0958 3096 Secunia PSI Agent - ok
18:18:16.0036 3096 Secunia Update Agent (20b9e1adbc58958b480933e4da005dfb) C:\Program Files (x86)\Secunia\PSI\sua.exe
18:18:16.0067 3096 Secunia Update Agent - ok
18:18:16.0176 3096 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:18:16.0286 3096 SENS - ok
18:18:16.0301 3096 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:18:16.0348 3096 SensrSvc - ok
18:18:16.0395 3096 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:18:16.0426 3096 Serenum - ok
18:18:16.0488 3096 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:18:16.0535 3096 Serial - ok
18:18:16.0566 3096 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:18:16.0629 3096 sermouse - ok
18:18:16.0676 3096 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:18:16.0769 3096 SessionEnv - ok
18:18:16.0800 3096 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:18:16.0832 3096 sffdisk - ok
18:18:16.0847 3096 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:18:16.0878 3096 sffp_mmc - ok
18:18:16.0894 3096 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:18:16.0925 3096 sffp_sd - ok
18:18:16.0941 3096 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:18:16.0956 3096 sfloppy - ok
18:18:17.0034 3096 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
18:18:17.0081 3096 Sftfs - ok
18:18:17.0175 3096 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:18:17.0222 3096 sftlist - ok
18:18:17.0237 3096 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:18:17.0268 3096 Sftplay - ok
18:18:17.0300 3096 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:18:17.0315 3096 Sftredir - ok
18:18:17.0346 3096 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
18:18:17.0362 3096 Sftvol - ok
18:18:17.0393 3096 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:18:17.0409 3096 sftvsa - ok
18:18:17.0456 3096 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:18:17.0549 3096 SharedAccess - ok
18:18:17.0612 3096 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:18:17.0690 3096 ShellHWDetection - ok
18:18:17.0736 3096 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:18:17.0752 3096 SiSRaid2 - ok
18:18:17.0768 3096 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:18:17.0799 3096 SiSRaid4 - ok
18:18:17.0830 3096 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:18:17.0924 3096 Smb - ok
18:18:17.0955 3096 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:18:18.0017 3096 SNMPTRAP - ok
18:18:18.0064 3096 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:18:18.0080 3096 spldr - ok
18:18:18.0173 3096 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:18:18.0251 3096 Spooler - ok
18:18:18.0470 3096 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:18:18.0641 3096 sppsvc - ok
18:18:18.0735 3096 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:18:18.0828 3096 sppuinotify - ok
18:18:18.0906 3096 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:18:18.0969 3096 srv - ok
18:18:19.0016 3096 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:18:19.0078 3096 srv2 - ok
18:18:19.0109 3096 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:18:19.0156 3096 srvnet - ok
18:18:19.0203 3096 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:18:19.0296 3096 SSDPSRV - ok
18:18:19.0312 3096 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:18:19.0374 3096 SstpSvc - ok
18:18:19.0406 3096 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:18:19.0421 3096 stexstor - ok
18:18:19.0468 3096 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
18:18:19.0499 3096 StillCam - ok
18:18:19.0577 3096 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:18:19.0655 3096 stisvc - ok
18:18:19.0702 3096 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:18:19.0733 3096 swenum - ok
18:18:19.0796 3096 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:18:19.0905 3096 swprv - ok
18:18:20.0092 3096 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:18:20.0186 3096 SysMain - ok
18:18:20.0310 3096 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:18:20.0373 3096 TabletInputService - ok
18:18:20.0404 3096 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:18:20.0482 3096 TapiSrv - ok
18:18:20.0529 3096 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:18:20.0622 3096 TBS - ok
18:18:20.0778 3096 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:18:20.0888 3096 Tcpip - ok
18:18:21.0106 3096 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:18:21.0184 3096 TCPIP6 - ok
18:18:21.0324 3096 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:18:21.0387 3096 tcpipreg - ok
18:18:21.0418 3096 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:18:21.0449 3096 TDPIPE - ok
18:18:21.0480 3096 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:18:21.0512 3096 TDTCP - ok
18:18:21.0574 3096 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:18:21.0699 3096 tdx - ok
18:18:21.0714 3096 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:18:21.0746 3096 TermDD - ok
18:18:21.0792 3096 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:18:21.0902 3096 TermService - ok
18:18:21.0933 3096 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:18:21.0980 3096 Themes - ok
18:18:22.0026 3096 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:18:22.0089 3096 THREADORDER - ok
18:18:22.0120 3096 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:18:22.0214 3096 TrkWks - ok
18:18:22.0276 3096 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:18:22.0370 3096 TrustedInstaller - ok
18:18:22.0401 3096 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:18:22.0494 3096 tssecsrv - ok
18:18:22.0541 3096 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:18:22.0572 3096 TsUsbFlt - ok
18:18:22.0650 3096 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:18:22.0760 3096 tunnel - ok
18:18:22.0791 3096 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
18:18:22.0806 3096 TurboB - ok
18:18:22.0900 3096 TurboBoost (759f59e3ea3802ff23f93dcdb6fe9171) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:18:22.0916 3096 TurboBoost - ok
18:18:22.0947 3096 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:18:22.0978 3096 uagp35 - ok
18:18:23.0040 3096 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:18:23.0150 3096 udfs - ok
18:18:23.0181 3096 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:18:23.0196 3096 UI0Detect - ok
18:18:23.0228 3096 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:18:23.0259 3096 uliagpkx - ok
18:18:23.0274 3096 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:18:23.0321 3096 umbus - ok
18:18:23.0352 3096 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:18:23.0384 3096 UmPass - ok
18:18:23.0649 3096 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:18:23.0774 3096 UNS - ok
18:18:23.0914 3096 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:18:24.0023 3096 upnphost - ok
18:18:24.0070 3096 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:18:24.0148 3096 usbccgp - ok
18:18:24.0179 3096 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:18:24.0210 3096 usbcir - ok
18:18:24.0226 3096 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
18:18:24.0288 3096 usbehci - ok
18:18:24.0335 3096 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:18:24.0382 3096 usbhub - ok
18:18:24.0398 3096 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:18:24.0429 3096 usbohci - ok
18:18:24.0460 3096 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:18:24.0491 3096 usbprint - ok
18:18:24.0507 3096 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:18:24.0554 3096 USBSTOR - ok
18:18:24.0585 3096 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:18:24.0616 3096 usbuhci - ok
18:18:24.0663 3096 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
18:18:24.0710 3096 usbvideo - ok
18:18:24.0741 3096 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:18:24.0850 3096 UxSms - ok
18:18:24.0866 3096 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:18:24.0881 3096 VaultSvc - ok
18:18:24.0928 3096 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:18:24.0944 3096 vdrvroot - ok
18:18:25.0068 3096 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:18:25.0178 3096 vds - ok
18:18:25.0224 3096 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:18:25.0256 3096 vga - ok
18:18:25.0271 3096 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:18:25.0365 3096 VgaSave - ok
18:18:25.0412 3096 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:18:25.0443 3096 vhdmp - ok
18:18:25.0474 3096 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:18:25.0490 3096 viaide - ok
18:18:25.0536 3096 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:18:25.0552 3096 volmgr - ok
18:18:25.0786 3096 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:18:25.0833 3096 volmgrx - ok
18:18:25.0864 3096 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:18:25.0895 3096 volsnap - ok
18:18:25.0942 3096 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:18:25.0973 3096 vsmraid - ok
18:18:26.0082 3096 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:18:26.0192 3096 VSS - ok
18:18:26.0332 3096 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:18:26.0379 3096 vwifibus - ok
18:18:26.0426 3096 vwififlt (13a0decd1794de60a8427862c8669d27) C:\Windows\system32\DRIVERS\vwififlt.sys
18:18:26.0472 3096 vwififlt - ok
18:18:26.0535 3096 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:18:26.0660 3096 W32Time - ok
18:18:26.0691 3096 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:18:26.0738 3096 WacomPen - ok
18:18:26.0784 3096 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:18:26.0862 3096 WANARP - ok
18:18:26.0878 3096 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:18:26.0940 3096 Wanarpv6 - ok
18:18:27.0050 3096 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:18:27.0143 3096 wbengine - ok
18:18:27.0284 3096 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:18:27.0330 3096 WbioSrvc - ok
18:18:27.0393 3096 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:18:27.0455 3096 wcncsvc - ok
18:18:27.0486 3096 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:18:27.0533 3096 WcsPlugInService - ok
18:18:27.0580 3096 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:18:27.0611 3096 Wd - ok
18:18:27.0923 3096 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:18:27.0970 3096 Wdf01000 - ok
18:18:27.0986 3096 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:18:28.0110 3096 WdiServiceHost - ok
18:18:28.0110 3096 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:18:28.0157 3096 WdiSystemHost - ok
18:18:28.0220 3096 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:18:28.0282 3096 WebClient - ok
18:18:28.0329 3096 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:18:28.0422 3096 Wecsvc - ok
18:18:28.0438 3096 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:18:28.0516 3096 wercplsupport - ok
18:18:28.0547 3096 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:18:28.0625 3096 WerSvc - ok
18:18:28.0688 3096 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:18:28.0766 3096 WfpLwf - ok
18:18:28.0781 3096 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:18:28.0797 3096 WIMMount - ok
18:18:28.0844 3096 WinDefend - ok
18:18:28.0844 3096 WinHttpAutoProxySvc - ok
18:18:28.0906 3096 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:18:29.0000 3096 Winmgmt - ok
18:18:29.0156 3096 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:18:29.0296 3096 WinRM - ok
18:18:29.0499 3096 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:18:29.0546 3096 WinUsb - ok
18:18:29.0639 3096 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:18:29.0717 3096 Wlansvc - ok
18:18:29.0795 3096 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:18:29.0811 3096 wlcrasvc - ok
18:18:29.0967 3096 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:18:30.0076 3096 wlidsvc - ok
18:18:30.0263 3096 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:18:30.0310 3096 WmiAcpi - ok
18:18:30.0388 3096 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:18:30.0435 3096 wmiApSrv - ok
18:18:30.0482 3096 WMPNetworkSvc - ok
18:18:30.0528 3096 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:18:30.0575 3096 WPCSvc - ok
18:18:30.0622 3096 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:18:30.0653 3096 WPDBusEnum - ok
18:18:30.0684 3096 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:18:30.0778 3096 ws2ifsl - ok
18:18:30.0794 3096 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
18:18:30.0840 3096 wscsvc - ok
18:18:30.0840 3096 WSearch - ok
18:18:31.0028 3096 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:18:31.0152 3096 wuauserv - ok
18:18:31.0308 3096 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:18:31.0402 3096 WudfPf - ok
18:18:31.0433 3096 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:18:31.0527 3096 WUDFRd - ok
18:18:31.0542 3096 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:18:31.0620 3096 wudfsvc - ok
18:18:31.0652 3096 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:18:31.0683 3096 WwanSvc - ok
18:18:31.0745 3096 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
18:18:32.0166 3096 \Device\Harddisk0\DR0 - ok
18:18:32.0166 3096 Boot (0x1200) (829d022612c51b27e592d806574a712c) \Device\Harddisk0\DR0\Partition0
18:18:32.0166 3096 \Device\Harddisk0\DR0\Partition0 - ok
18:18:32.0198 3096 Boot (0x1200) (a333bea0e22d8fc536c3f6fa0683ea56) \Device\Harddisk0\DR0\Partition1
18:18:32.0198 3096 \Device\Harddisk0\DR0\Partition1 - ok
18:18:32.0244 3096 Boot (0x1200) (74722cb6bc598c5dd0aba7c20f975f8b) \Device\Harddisk0\DR0\Partition2
18:18:32.0244 3096 \Device\Harddisk0\DR0\Partition2 - ok
18:18:32.0244 3096 ============================================================
18:18:32.0244 3096 Scan finished
18:18:32.0244 3096 ============================================================
18:18:32.0260 4992 Detected object count: 1
18:18:32.0260 4992 Actual detected object count: 1
18:21:33.0591 4992 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
18:21:33.0591 4992 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:21:37.0444 1948 Deinitialize success
|
|
27.07.2012, 22:13
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.07.2012, 11:25
| #21 |
| | Verschlüsselungs-Trojaner hi arne! hier das combofix-log: Code:
ATTFilter ComboFix 12-07-27.03 - ehlertm 28.07.2012 12:16:13.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4011.2633 [GMT 2:00]
ausgeführt von:: c:\users\ehlertm\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-28 bis 2012-07-28 ))))))))))))))))))))))))))))))
.
.
2012-07-28 10:20 . 2012-07-28 10:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-23 13:48 . 2012-07-23 13:48 -------- d-----w- C:\_OTL
2012-07-20 19:25 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-15 18:29 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-07-15 18:29 . 2012-06-02 05:48 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-15 18:29 . 2012-06-02 05:48 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-07-15 18:29 . 2012-06-02 05:45 340992 ----a-w- c:\windows\system32\schannel.dll
2012-07-15 18:29 . 2012-06-02 05:44 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-15 18:29 . 2012-06-02 04:40 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-07-15 18:29 . 2012-06-02 04:39 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-07-15 18:29 . 2012-06-02 04:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-07-15 18:29 . 2012-06-02 04:34 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-07-01 17:40 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-07-01 17:40 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-07-01 17:40 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-07-01 17:40 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-07-01 17:40 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-07-01 17:40 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-07-01 17:40 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-07-01 17:40 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-07-01 17:40 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-07-01 17:33 . 2012-07-01 17:33 -------- d-----w- c:\users\ehlertm\AppData\Local\Macromedia
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-20 19:19 . 2011-09-05 11:48 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-18 12:06 . 2012-04-02 10:45 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-18 12:06 . 2011-08-28 10:50 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-18 12:06 . 2012-04-02 11:06 9226440 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-04 11:06 . 2012-06-24 14:42 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-24 14:41 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-24 14:41 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-24 14:42 209920 ----a-w- c:\windows\system32\profsvc.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-18 250056]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-27 129976]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [2010-08-09 166704]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2010-10-07 13824]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-11-09 31088]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-27 425064]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 12:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-27 11780712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\ehlertm\AppData\Roaming\Mozilla\Firefox\Profiles\ulo1ayr6.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Adobe Flash Player Plugin - c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-28 12:23:19
ComboFix-quarantined-files.txt 2012-07-28 10:23
.
Vor Suchlauf: 8 Verzeichnis(se), 144.834.801.664 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 144.180.830.208 Bytes frei
.
- - End Of File - - 6BBA86B6968E455D3824014ABE072E43
|
|
28.07.2012, 23:09
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.07.2012, 20:30
| #23 |
| | Verschlüsselungs-Trojaner Hallo Arne, ich habe bei der Durchführung gewisse Schwierigkeiten und komme da nicht weiter. Ich melde mich Donnerstag wieder bei dir, da mir dann ein Freund an meinem PC dabei helfen kann. lg der Spachtel |
|
02.08.2012, 17:24
| #24 |
| | Verschlüsselungs-Trojaner hallo! hier schonmal das log vom scan mit GMER. Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-02 18:22:36
Windows 6.1.7601 Service Pack 1
Running: zj4inun7.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\4cedde6a3c77
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\4cedde6a3c77 (not active ControlSet)
---- EOF - GMER 1.0.15 ----
lg hier das OSAM-log: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 18:42:15 on 02.08.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 12.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "PSI" (PSI) - "Secunia" - C:\Windows\System32\DRIVERS\psi_mf.sys "rtport" (rtport) - "Windows (R) 2003 DDK 3790 provider" - C:\Windows\SysWOW64\drivers\rtport.sys "Sftfs" (Sftfs) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftfslh.sys "Sftplay" (Sftplay) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftplaylh.sys "Sftredir" (Sftredir) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftredirlh.sys "Sftvol" (Sftvol) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftvollh.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files (x86)\7-Zip\7-zip.dll {E99987AC-6311-4686-B095-EB30B69F9258} "Samsung AnyWeb Print" - ? - C:\Program Files\Samsung AnyWeb Print\W2PDeskband.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {94BB0C4C-B957-479A-85E4-42F53B89F681} "Samsung AnyWeb Print" - ? - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {AA609D72-8482-4076-8991-8CDAE5B93BCB} "Samsung BHO Class" - ? - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\ehlertm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Secunia PSI Tray.lnk" - "Secunia" - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Shortcut exists | File exists) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "avgnt" - "Avira GmbH" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "QuickTime Task" - "Apple Inc." - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "spd__ Langmon" - ? - C:\Windows\system32\spd__l.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe "Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe "GameConsoleService" (GameConsoleService) - "WildTangent, Inc." - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) Turbo Boost Technology Monitor 2.0" (TurboBoost) - "Intel(R) Corporation" - C:\Program Files\Intel\TurboBoost\TurboBoost.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Samsung UPD Service" (Samsung UPD Service) - "Samsung Electronics CO., LTD." - C:\Windows\System32\SUPDSvc.exe "Secunia PSI Agent" (Secunia PSI Agent) - "Secunia" - C:\Program Files (x86)\Secunia\PSI\PSIA.exe "Secunia Update Agent" (Secunia Update Agent) - "Secunia" - C:\Program Files (x86)\Secunia\PSI\sua.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru und nun das log vom mbr-scan: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-02 18:47:26
-----------------------------
18:47:26.195 OS Version: Windows x64 6.1.7601 Service Pack 1
18:47:26.195 Number of processors: 4 586 0x2A07
18:47:26.211 ComputerName: FLOGAGA21 UserName: ehlertm
18:47:26.944 Initialize success
18:50:26.362 AVAST engine defs: 12080200
18:50:33.335 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:50:33.335 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
18:50:33.351 Disk 0 MBR read successfully
18:50:33.366 Disk 0 MBR scan
18:50:33.382 Disk 0 unknown MBR code
18:50:33.397 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:50:33.429 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 182272 MB offset 206848
18:50:33.429 Disk 0 Partition - 00 0F Extended LBA 271079 MB offset 373499904
18:50:33.460 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 23486 MB offset 928669696
18:50:33.522 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 271078 MB offset 373501952
18:50:33.569 Disk 0 scanning C:\Windows\system32\drivers
18:50:45.175 Service scanning
18:51:18.388 Modules scanning
18:51:18.918 Disk 0 trace - called modules:
18:51:18.949 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:51:18.965 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006010060]
18:51:18.965 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004467050]
18:51:19.573 AVAST engine scan C:\Windows
18:51:24.191 AVAST engine scan C:\Windows\system32
18:54:49.487 AVAST engine scan C:\Windows\system32\drivers
18:55:03.200 AVAST engine scan C:\Users\ehlertm
18:55:30.469 AVAST engine scan C:\ProgramData
18:58:14.363 Scan finished successfully
18:58:47.934 Disk 0 MBR has been saved successfully to "C:\Users\ehlertm\Desktop\MBR.dat"
18:58:47.949 The log file has been saved successfully to "C:\Users\ehlertm\Desktop\aswMBR.txt"
LG der spachtel |
|
03.08.2012, 15:41
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.08.2012, 12:53
| #26 |
| | Verschlüsselungs-Trojaner hi arne. ich habe den mbrfix gemacht und nach dem neustart einen neuen scan durchlaufen lassen. hier das log: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-04 13:42:31
-----------------------------
13:42:31.769 OS Version: Windows x64 6.1.7601 Service Pack 1
13:42:31.769 Number of processors: 4 586 0x2A07
13:42:31.769 ComputerName: FLOGAGA21 UserName: ehlertm
13:42:32.611 Initialize success
13:42:39.912 AVAST engine defs: 12080400
13:42:46.058 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:42:46.058 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
13:42:46.074 Disk 0 MBR read successfully
13:42:46.074 Disk 0 MBR scan
13:42:46.090 Disk 0 Windows 7 default MBR code
13:42:46.090 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:42:46.105 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 182272 MB offset 206848
13:42:46.121 Disk 0 Partition - 00 0F Extended LBA 271079 MB offset 373499904
13:42:46.152 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 23486 MB offset 928669696
13:42:46.199 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 271078 MB offset 373501952
13:42:46.230 Disk 0 scanning C:\Windows\system32\drivers
13:42:57.353 Service scanning
13:43:30.503 Modules scanning
13:43:31.033 Disk 0 trace - called modules:
13:43:31.065 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
13:43:31.080 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800600f060]
13:43:31.096 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004441050]
13:43:31.735 AVAST engine scan C:\Windows
13:43:36.525 AVAST engine scan C:\Windows\system32
13:46:57.484 AVAST engine scan C:\Windows\system32\drivers
13:47:09.855 AVAST engine scan C:\Users\ehlertm
13:47:48.917 AVAST engine scan C:\ProgramData
13:50:13.717 Scan finished successfully
13:51:10.314 Disk 0 MBR has been saved successfully to "C:\Users\ehlertm\Desktop\MBR.dat"
13:51:10.329 The log file has been saved successfully to "C:\Users\ehlertm\Desktop\aswMBR2.txt"
|
|
04.08.2012, 14:37
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.08.2012, 12:09
| #28 |
| | Verschlüsselungs-Trojaner Hi Arne. Schön, das freut mich Hier schonmal das Log von Malwarebytes:Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.05.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ehlertm :: FLOGAGA21 [Administrator] 05.08.2012 12:19:55 mbam-log-2012-08-05 (12-19-55).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 336091 Laufzeit: 46 Minute(n), 19 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 08/05/2012 at 02:39 PM
Application Version : 5.5.1012
Core Rules Database Version : 9012
Trace Rules Database Version: 6824
Scan type : Complete Scan
Total Scan Time : 01:21:36
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 620
Memory threats detected : 0
Registry items scanned : 64412
Registry threats detected : 0
File items scanned : 149532
File threats detected : 314
Adware.Tracking Cookie
C:\Users\ehlertm\AppData\Roaming\Microsoft\Windows\Cookies\H8GXFVGW.txt [ /ad.zanox.com ]
C:\Users\ehlertm\AppData\Roaming\Microsoft\Windows\Cookies\2HIQFYID.txt [ /mediaplex.com ]
C:\Users\ehlertm\AppData\Roaming\Microsoft\Windows\Cookies\33RL1OJZ.txt [ /apmebf.com ]
C:\Users\ehlertm\AppData\Roaming\Microsoft\Windows\Cookies\Y5DICI37.txt [ /zanox.com ]
C:\USERS\EHLERTM\Cookies\H8GXFVGW.txt [ Cookie:ehlertm@ad.zanox.com/ ]
C:\USERS\EHLERTM\Cookies\2HIQFYID.txt [ Cookie:ehlertm@mediaplex.com/ ]
C:\USERS\EHLERTM\Cookies\33RL1OJZ.txt [ Cookie:ehlertm@apmebf.com/ ]
C:\USERS\EHLERTM\Cookies\Y5DICI37.txt [ Cookie:ehlertm@zanox.com/ ]
.revsci.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlyqkd5odo.stats.esomniture.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgkycmdpoao.stats.esomniture.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tracker.icerocket.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tracker.icerocket.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
a.visualrevenue.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\EHLERTM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ULO1AYR6.DEFAULT\COOKIES.SQLITE ]
|
|
05.08.2012, 15:47
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.08.2012, 21:41
| #30 |
| | Verschlüsselungs-Trojaner Hey Arne, alles soweit in Ordnung Allerdings sind die Dateien noch verschlüsselt. Soll ich da die Entschlüsselungsprogramme, welche bei eurem Thema "Vorgehen beim Verschlüsselungs-Trojaner" vorgestellt und erklärt werden verwenden? Kann ich über den PC wieder "normal" das Internet nutzen, also Mailcheck, Facebook etc.? War bis jetzt seit der Infizierung nur über diesen Laptop online, wenn ich auf dem Trojanerboard war. Wie siehts mit den verwendeten Programmen aus für die Säuberung des PCs? Kann ich die alle deinstallieren? Malwarebytes würde ich gerne drauflassen, oder würdest du eher SUPERAntiSpyware empfehlen? Hast du zufällig noch einen guten Tipp für ein Antivirenprogramm? Ich nutze seit längerem Avira. Ist das empfehlenswert? Vielen lieben Dank schonmal für deine zuverlässige Hilfe und deine Tipps bzgl. der Cookies! Einen schönen Abend noch! LG Spachtel |
|
| Themen zu Verschlüsselungs-Trojaner |
| 100 euro, 100 euro zahlen, angeblich, anhang, anhang geöffnet, befallen, e-mail, erschein, erscheint, erschienen, euro, fenster, kurze, laptop, nicht mehr, stand, verschlüsselungs-trojaner, virus, virus behoben, zahlen, zugreife, zugreifen |
Linear-Darstellung
