| |
| |||||||
Log-Analyse und Auswertung: PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.05.2013, 23:04
| #1 |
 |  PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt Hallo Leute, seit Anfang April ist unser Rechner vermutlich vom "ad.yieldmanager" befallen - es traten PopUps sowie Werbeeinblendungen auf Websites auf, die nicht von der Site selbst stammten. Der Browsercache wurde bereits gelöscht, der CCleaner angewendet, wir haben eine Systemwiederherstellung versucht, aber vermutlich war der Virus zum letztmöglichen Wiederherstellungspunkt bereits vorhanden. Die PopUps sind wir inzwischen los, aber die Werbeeinblendungen tauchen weiterhin auf. Die vielversprechenste Lösung habe ich hier gelesen: http://www.trojaner-board.de/126772-...ung-virus.html Aber: "dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user."  Ich habe daher schon mal die OTL.exe nach den Anweisungen auf der Oldtimer Site ausgeführt und an den Post angehängt. Nun hoffe ich auf Hilfe.  Lieben Dank im voraus, Anika R. aus G. |
|
07.05.2013, 23:13
| #2 |
| /// Malware-holic   |  PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt Hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
08.05.2013, 20:37
| #3 |
| | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt 21:29:16.0403 5896 TDSS rootkit removing tool 2.8.17.0 Apr 11 2013 11:56:34
__________________21:29:17.0439 5896 ============================================================ 21:29:17.0439 5896 Current date / time: 2013/05/08 21:29:17.0439 21:29:17.0439 5896 SystemInfo: 21:29:17.0439 5896 21:29:17.0439 5896 OS Version: 6.1.7601 ServicePack: 1.0 21:29:17.0439 5896 Product type: Workstation 21:29:17.0439 5896 ComputerName: LARSI-HP 21:29:17.0439 5896 UserName: Larsi 21:29:17.0439 5896 Windows directory: C:\windows 21:29:17.0439 5896 System windows directory: C:\windows 21:29:17.0439 5896 Running under WOW64 21:29:17.0439 5896 Processor architecture: Intel x64 21:29:17.0439 5896 Number of processors: 4 21:29:17.0439 5896 Page size: 0x1000 21:29:17.0439 5896 Boot type: Normal boot 21:29:17.0440 5896 ============================================================ 21:29:18.0789 5896 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:29:18.0799 5896 Drive \Device\Harddisk1\DR1 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 21:29:18.0803 5896 ============================================================ 21:29:18.0803 5896 \Device\Harddisk0\DR0: 21:29:18.0803 5896 MBR partitions: 21:29:18.0803 5896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000 21:29:18.0803 5896 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x380F1800 21:29:18.0803 5896 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38188000, BlocksNum 0x1E00000 21:29:18.0803 5896 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39F88000, BlocksNum 0x3FD830 21:29:18.0803 5896 \Device\Harddisk1\DR1: 21:29:18.0804 5896 MBR partitions: 21:29:18.0804 5896 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x30, BlocksNum 0x777FD0 21:29:18.0804 5896 ============================================================ 21:29:18.0826 5896 C: <-> \Device\Harddisk0\DR0\Partition2 21:29:18.0852 5896 F: <-> \Device\Harddisk0\DR0\Partition4 21:29:18.0852 5896 ============================================================ 21:29:18.0852 5896 Initialize success 21:29:18.0852 5896 ============================================================ 21:29:36.0912 6012 ============================================================ 21:29:36.0912 6012 Scan started 21:29:36.0912 6012 Mode: Manual; SigCheck; TDLFS; 21:29:36.0912 6012 ============================================================ 21:29:37.0993 6012 ================ Scan system memory ======================== 21:29:37.0993 6012 System memory - ok 21:29:37.0993 6012 ================ Scan services ============================= 21:29:38.0529 6012 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys 21:29:39.0781 6012 1394ohci - ok 21:29:39.0917 6012 [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe 21:29:39.0933 6012 AAV UpdateService - ok 21:29:39.0984 6012 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys 21:29:40.0080 6012 Accelerometer - ok 21:29:40.0171 6012 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 21:29:40.0199 6012 ACDaemon - ok 21:29:40.0259 6012 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys 21:29:40.0292 6012 ACPI - ok 21:29:40.0367 6012 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys 21:29:40.0728 6012 AcpiPmi - ok 21:29:40.0921 6012 [ C245E08EC469A52A622EFDC9787A0DCC ] AdobeActiveFileMonitor10.0 C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe 21:29:40.0982 6012 AdobeActiveFileMonitor10.0 - ok 21:29:41.0250 6012 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:29:41.0284 6012 AdobeARMservice - ok 21:29:43.0031 6012 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:29:43.0070 6012 AdobeFlashPlayerUpdateSvc - ok 21:29:43.0222 6012 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys 21:29:43.0309 6012 adp94xx - ok 21:29:44.0484 6012 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys 21:29:44.0543 6012 adpahci - ok 21:29:44.0594 6012 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys 21:29:44.0612 6012 adpu320 - ok 21:29:44.0650 6012 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll 21:29:46.0290 6012 AeLookupSvc - ok 21:29:46.0507 6012 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe 21:29:46.0657 6012 AESTFilters - ok 21:29:46.0699 6012 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\windows\syswow64\drivers\Afc.sys 21:29:46.0736 6012 Afc - ok 21:29:46.0826 6012 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys 21:29:46.0967 6012 AFD - ok 21:29:47.0080 6012 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys 21:29:47.0216 6012 AgereSoftModem - ok 21:29:47.0279 6012 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys 21:29:47.0297 6012 agp440 - ok 21:29:47.0351 6012 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe 21:29:47.0390 6012 ALG - ok 21:29:47.0469 6012 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys 21:29:47.0485 6012 aliide - ok 21:29:47.0531 6012 [ 5A06AB7AB4D389DFE3C109599DF0BB65 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe 21:29:47.0603 6012 AMD External Events Utility - ok 21:29:47.0625 6012 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys 21:29:47.0639 6012 amdide - ok 21:29:47.0673 6012 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys 21:29:47.0741 6012 AmdK8 - ok 21:29:47.0864 6012 [ 650DDCCD6657E20737433CB774521B81 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys 21:29:48.0006 6012 amdkmdag - ok 21:29:48.0037 6012 [ F51B013C55B30DBE3AD59A7FE197C5BA ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys 21:29:48.0074 6012 amdkmdap - ok 21:29:48.0103 6012 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys 21:29:48.0142 6012 AmdPPM - ok 21:29:48.0179 6012 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys 21:29:48.0194 6012 amdsata - ok 21:29:48.0219 6012 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys 21:29:48.0236 6012 amdsbs - ok 21:29:48.0241 6012 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys 21:29:48.0262 6012 amdxata - ok 21:29:48.0384 6012 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys 21:29:48.0875 6012 AppID - ok 21:29:48.0904 6012 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll 21:29:49.0000 6012 AppIDSvc - ok 21:29:49.0057 6012 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll 21:29:49.0118 6012 Appinfo - ok 21:29:49.0286 6012 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:29:49.0306 6012 Apple Mobile Device - ok 21:29:49.0353 6012 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys 21:29:49.0377 6012 arc - ok 21:29:49.0386 6012 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys 21:29:49.0407 6012 arcsas - ok 21:29:49.0453 6012 [ CE2168C926927BA926301BAF172BC693 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys 21:29:49.0468 6012 ARCVCAM - ok 21:29:49.0506 6012 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys 21:29:49.0523 6012 aswFsBlk - ok 21:29:49.0565 6012 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys 21:29:49.0578 6012 aswMonFlt - ok 21:29:49.0624 6012 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys 21:29:49.0638 6012 aswRdr - ok 21:29:49.0704 6012 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys 21:29:49.0723 6012 aswRvrt - ok 21:29:49.0752 6012 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\windows\system32\drivers\aswSnx.sys 21:29:49.0784 6012 aswSnx - ok 21:29:49.0799 6012 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\windows\system32\drivers\aswSP.sys 21:29:49.0818 6012 aswSP - ok 21:29:49.0838 6012 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\windows\system32\drivers\aswTdi.sys 21:29:49.0852 6012 aswTdi - ok 21:29:49.0905 6012 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\windows\system32\drivers\aswVmm.sys 21:29:49.0922 6012 aswVmm - ok 21:29:49.0968 6012 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 21:29:50.0026 6012 AsyncMac - ok 21:29:50.0076 6012 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys 21:29:50.0090 6012 atapi - ok 21:29:50.0170 6012 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys 21:29:50.0183 6012 AtiHdmiService - ok 21:29:50.0243 6012 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll 21:29:50.0348 6012 AudioEndpointBuilder - ok 21:29:50.0359 6012 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll 21:29:50.0404 6012 AudioSrv - ok 21:29:50.0456 6012 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 21:29:50.0471 6012 avast! Antivirus - ok 21:29:50.0523 6012 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll 21:29:50.0573 6012 AxInstSV - ok 21:29:50.0617 6012 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys 21:29:50.0662 6012 b06bdrv - ok 21:29:50.0706 6012 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys 21:29:50.0771 6012 b57nd60a - ok 21:29:50.0871 6012 [ 810BE94A9E42309B3F74217AC28BC6AC ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys 21:29:50.0927 6012 BCM43XX - ok 21:29:50.0988 6012 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll 21:29:51.0038 6012 BDESVC - ok 21:29:51.0074 6012 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys 21:29:51.0130 6012 Beep - ok 21:29:51.0184 6012 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll 21:29:51.0247 6012 BFE - ok 21:29:51.0302 6012 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll 21:29:51.0403 6012 BITS - ok 21:29:51.0451 6012 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys 21:29:51.0527 6012 blbdrive - ok 21:29:51.0647 6012 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 21:29:51.0680 6012 Bonjour Service - ok 21:29:51.0746 6012 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys 21:29:51.0846 6012 bowser - ok 21:29:51.0909 6012 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys 21:29:52.0046 6012 BrFiltLo - ok 21:29:52.0085 6012 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys 21:29:52.0145 6012 BrFiltUp - ok 21:29:52.0190 6012 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll 21:29:52.0221 6012 Browser - ok 21:29:52.0249 6012 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys 21:29:52.0356 6012 Brserid - ok 21:29:52.0371 6012 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys 21:29:52.0450 6012 BrSerWdm - ok 21:29:52.0512 6012 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys 21:29:52.0578 6012 BrUsbMdm - ok 21:29:52.0625 6012 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys 21:29:52.0708 6012 BrUsbSer - ok 21:29:52.0973 6012 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys 21:29:53.0290 6012 BthEnum - ok 21:29:53.0389 6012 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys 21:29:53.0454 6012 BTHMODEM - ok 21:29:53.0491 6012 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys 21:29:53.0535 6012 BthPan - ok 21:29:53.0640 6012 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys 21:29:53.0744 6012 BTHPORT - ok 21:29:53.0799 6012 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll 21:29:53.0897 6012 bthserv - ok 21:29:53.0913 6012 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys 21:29:53.0972 6012 BTHUSB - ok 21:29:54.0012 6012 [ 59E3510784548C6939C1B3B985C232E3 ] btwampfl C:\windows\system32\drivers\btwampfl.sys 21:29:54.0041 6012 btwampfl - ok 21:29:54.0091 6012 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\windows\system32\drivers\btwaudio.sys 21:29:54.0118 6012 btwaudio - ok 21:29:54.0125 6012 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\windows\system32\drivers\btwavdt.sys 21:29:54.0150 6012 btwavdt - ok 21:29:54.0251 6012 [ 8BA6E93A182126781952A7895EC1E4B2 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 21:29:54.0305 6012 btwdins - ok 21:29:54.0351 6012 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys 21:29:54.0373 6012 btwl2cap - ok 21:29:54.0418 6012 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys 21:29:54.0444 6012 btwrchid - ok 21:29:54.0527 6012 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys 21:29:54.0647 6012 cdfs - ok 21:29:55.0002 6012 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys 21:29:55.0099 6012 cdrom - ok 21:29:55.0241 6012 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll 21:29:55.0373 6012 CertPropSvc - ok 21:29:55.0521 6012 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys 21:29:55.0652 6012 circlass - ok 21:29:55.0778 6012 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys 21:29:55.0840 6012 CLFS - ok 21:29:56.0413 6012 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:29:56.0483 6012 clr_optimization_v2.0.50727_32 - ok 21:29:56.0589 6012 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:29:56.0611 6012 clr_optimization_v2.0.50727_64 - ok 21:29:56.0696 6012 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:29:56.0743 6012 clr_optimization_v4.0.30319_32 - ok 21:29:57.0041 6012 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:29:57.0077 6012 clr_optimization_v4.0.30319_64 - ok 21:29:57.0160 6012 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys 21:29:57.0337 6012 CmBatt - ok 21:29:57.0386 6012 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys 21:29:57.0428 6012 cmdide - ok 21:29:57.0462 6012 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys 21:29:57.0545 6012 CNG - ok 21:29:57.0600 6012 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys 21:29:57.0630 6012 Compbatt - ok 21:29:57.0656 6012 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys 21:29:57.0712 6012 CompositeBus - ok 21:29:57.0741 6012 COMSysApp - ok 21:29:57.0765 6012 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys 21:29:57.0779 6012 crcdisk - ok 21:29:57.0822 6012 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll 21:29:57.0878 6012 CryptSvc - ok 21:29:57.0930 6012 [ A8BA4DA23AC20BDA23CA15234D42A3FA ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys 21:29:57.0958 6012 DAMDrv - ok 21:29:58.0017 6012 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll 21:29:58.0143 6012 DcomLaunch - ok 21:29:58.0361 6012 [ E6E9610D76418357A7EC725989687CB4 ] DEBridge C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe 21:29:58.0417 6012 DEBridge ( UnsignedFile.Multi.Generic ) - warning 21:29:58.0417 6012 DEBridge - detected UnsignedFile.Multi.Generic (1) 21:29:58.0452 6012 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll 21:29:58.0548 6012 defragsvc - ok 21:29:58.0734 6012 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys 21:29:58.0843 6012 DfsC - ok 21:29:59.0614 6012 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll 21:29:59.0713 6012 Dhcp - ok 21:29:59.0747 6012 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys 21:29:59.0860 6012 discache - ok 21:29:59.0919 6012 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys 21:29:59.0947 6012 Disk - ok 21:29:59.0990 6012 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll 21:30:00.0033 6012 Dnscache - ok 21:30:00.0075 6012 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll 21:30:00.0153 6012 dot3svc - ok 21:30:00.0234 6012 [ EF8004B4A9552C77FD0E99AB08841D13 ] DpHost c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe 21:30:00.0256 6012 DpHost - ok 21:30:00.0325 6012 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll 21:30:00.0437 6012 DPS - ok 21:30:00.0508 6012 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys 21:30:00.0608 6012 drmkaud - ok 21:30:00.0866 6012 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys 21:30:00.0912 6012 DXGKrnl - ok 21:30:00.0934 6012 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll 21:30:00.0976 6012 EapHost - ok 21:30:01.0089 6012 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys 21:30:01.0180 6012 ebdrv - ok 21:30:01.0246 6012 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe 21:30:01.0299 6012 EFS - ok 21:30:01.0367 6012 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe 21:30:01.0413 6012 ehRecvr - ok 21:30:01.0449 6012 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe 21:30:01.0513 6012 ehSched - ok 21:30:01.0575 6012 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys 21:30:01.0622 6012 elxstor - ok 21:30:01.0647 6012 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys 21:30:01.0763 6012 ErrDev - ok 21:30:01.0830 6012 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll 21:30:02.0018 6012 EventSystem - ok 21:30:02.0055 6012 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys 21:30:02.0220 6012 exfat - ok 21:30:02.0274 6012 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys 21:30:02.0370 6012 fastfat - ok 21:30:02.0467 6012 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe 21:30:02.0567 6012 Fax - ok 21:30:02.0631 6012 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys 21:30:02.0693 6012 fdc - ok 21:30:02.0778 6012 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll 21:30:02.0914 6012 fdPHost - ok 21:30:02.0940 6012 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll 21:30:03.0027 6012 FDResPub - ok 21:30:03.0080 6012 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys 21:30:03.0096 6012 FileInfo - ok 21:30:03.0130 6012 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys 21:30:03.0199 6012 Filetrace - ok 21:30:03.0278 6012 [ 7E728680AA428506A82351D859C32C95 ] FLCDLOCK c:\Windows\SysWOW64\flcdlock.exe 21:30:03.0296 6012 FLCDLOCK - ok 21:30:03.0347 6012 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys 21:30:03.0403 6012 flpydisk - ok 21:30:03.0435 6012 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 21:30:03.0453 6012 FltMgr - ok 21:30:03.0507 6012 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll 21:30:03.0560 6012 FontCache - ok 21:30:03.0618 6012 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:30:03.0630 6012 FontCache3.0.0.0 - ok 21:30:03.0665 6012 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys 21:30:03.0679 6012 FsDepends - ok 21:30:03.0709 6012 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 21:30:03.0724 6012 Fs_Rec - ok 21:30:03.0799 6012 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys 21:30:03.0827 6012 fvevol - ok 21:30:03.0876 6012 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys 21:30:03.0893 6012 gagp30kx - ok 21:30:03.0943 6012 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys 21:30:03.0957 6012 GEARAspiWDM - ok 21:30:04.0014 6012 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll 21:30:04.0113 6012 gpsvc - ok 21:30:04.0222 6012 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:30:04.0247 6012 gupdate - ok 21:30:04.0260 6012 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:30:04.0283 6012 gupdatem - ok 21:30:04.0308 6012 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys 21:30:04.0364 6012 hcw85cir - ok 21:30:04.0456 6012 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys 21:30:04.0560 6012 HdAudAddService - ok 21:30:04.0621 6012 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys 21:30:04.0686 6012 HDAudBus - ok 21:30:04.0737 6012 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys 21:30:04.0762 6012 HECIx64 - ok 21:30:04.0796 6012 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys 21:30:04.0836 6012 HidBatt - ok 21:30:04.0866 6012 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys 21:30:04.0908 6012 HidBth - ok 21:30:04.0939 6012 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys 21:30:04.0998 6012 HidIr - ok 21:30:05.0029 6012 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll 21:30:05.0095 6012 hidserv - ok 21:30:05.0149 6012 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys 21:30:05.0173 6012 HidUsb - ok 21:30:05.0217 6012 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll 21:30:05.0283 6012 hkmsvc - ok 21:30:05.0317 6012 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll 21:30:05.0360 6012 HomeGroupListener - ok 21:30:05.0394 6012 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll 21:30:05.0430 6012 HomeGroupProvider - ok 21:30:05.0608 6012 [ FCD7A3D515B7BA9276E7C82A45B4AB02 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe 21:30:05.0636 6012 HP Power Assistant Service - ok 21:30:05.0688 6012 [ AE2A8C80205F06BE5EDC63BE0AE9A756 ] HP ProtectTools Service c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe 21:30:05.0718 6012 HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - warning 21:30:05.0719 6012 HP ProtectTools Service - detected UnsignedFile.Multi.Generic (1) 21:30:05.0783 6012 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 21:30:05.0816 6012 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning 21:30:05.0816 6012 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1) 21:30:05.0859 6012 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 21:30:05.0882 6012 HP Wireless Assistant Service - ok 21:30:05.0944 6012 [ 94C74D758E0F7B1D962DA452B4D28C91 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe 21:30:05.0968 6012 HPDayStarterService ( UnsignedFile.Multi.Generic ) - warning 21:30:05.0968 6012 HPDayStarterService - detected UnsignedFile.Multi.Generic (1) 21:30:06.0053 6012 [ B7382BEC806B7B00FC84B3E2061FF48E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 21:30:06.0086 6012 HPDrvMntSvc.exe - ok 21:30:06.0117 6012 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys 21:30:06.0144 6012 hpdskflt - ok 21:30:06.0179 6012 [ 5AFB3F9B74553BD933555E1C800D2CE1 ] HpFkCryptService C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe 21:30:06.0195 6012 HpFkCryptService - ok 21:30:06.0239 6012 [ C9D858E20AE696E7A0D9A05B595F850A ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe 21:30:06.0285 6012 HPFSService ( UnsignedFile.Multi.Generic ) - warning 21:30:06.0285 6012 HPFSService - detected UnsignedFile.Multi.Generic (1) 21:30:06.0362 6012 [ 120C1CEB5E45DB0A04416242BD6C1E3E ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe 21:30:06.0388 6012 hpHotkeyMonitor - ok 21:30:06.0492 6012 [ 08457D8F8149757C70CEA59C71EC5D27 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 21:30:06.0555 6012 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 21:30:06.0555 6012 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 21:30:06.0580 6012 [ 75CC8C5146A3FB76221A7606628778D5 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 21:30:06.0612 6012 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 21:30:06.0612 6012 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 21:30:06.0649 6012 [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys 21:30:06.0666 6012 HpqKbFiltr - ok 21:30:06.0770 6012 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 21:30:06.0802 6012 hpqwmiex - ok 21:30:06.0868 6012 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys 21:30:06.0904 6012 HpSAMD - ok 21:30:06.0986 6012 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 21:30:07.0015 6012 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 21:30:07.0015 6012 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 21:30:07.0051 6012 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\windows\system32\Hpservice.exe 21:30:07.0079 6012 hpsrv - ok 21:30:07.0170 6012 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys 21:30:07.0269 6012 HTTP - ok 21:30:07.0314 6012 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys 21:30:07.0344 6012 hwpolicy - ok 21:30:07.0404 6012 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys 21:30:07.0441 6012 i8042prt - ok 21:30:07.0477 6012 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys 21:30:07.0518 6012 iaStor - ok 21:30:07.0600 6012 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 21:30:07.0625 6012 IAStorDataMgrSvc - ok 21:30:07.0677 6012 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys 21:30:07.0721 6012 iaStorV - ok 21:30:07.0775 6012 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:30:07.0829 6012 idsvc - ok 21:30:07.0853 6012 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys 21:30:07.0880 6012 iirsp - ok 21:30:07.0925 6012 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll 21:30:08.0044 6012 IKEEXT - ok 21:30:08.0094 6012 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\windows\system32\DRIVERS\Impcd.sys 21:30:08.0162 6012 Impcd - ok 21:30:08.0186 6012 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys 21:30:08.0214 6012 intelide - ok 21:30:08.0235 6012 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys 21:30:08.0288 6012 intelppm - ok 21:30:08.0321 6012 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll 21:30:08.0413 6012 IPBusEnum - ok 21:30:08.0453 6012 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys 21:30:08.0546 6012 IpFilterDriver - ok 21:30:08.0585 6012 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll 21:30:08.0640 6012 iphlpsvc - ok 21:30:08.0657 6012 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys 21:30:08.0690 6012 IPMIDRV - ok 21:30:08.0712 6012 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys 21:30:08.0803 6012 IPNAT - ok 21:30:08.0852 6012 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 21:30:08.0899 6012 iPod Service - ok 21:30:08.0935 6012 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys 21:30:09.0017 6012 IRENUM - ok 21:30:09.0045 6012 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys 21:30:09.0073 6012 isapnp - ok 21:30:09.0102 6012 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys 21:30:09.0135 6012 iScsiPrt - ok 21:30:09.0179 6012 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys 21:30:09.0210 6012 kbdclass - ok 21:30:09.0248 6012 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys 21:30:09.0304 6012 kbdhid - ok 21:30:09.0329 6012 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe 21:30:09.0362 6012 KeyIso - ok 21:30:09.0380 6012 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys 21:30:09.0408 6012 KSecDD - ok 21:30:09.0432 6012 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys 21:30:09.0462 6012 KSecPkg - ok 21:30:09.0471 6012 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys 21:30:09.0562 6012 ksthunk - ok 21:30:09.0603 6012 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll 21:30:09.0694 6012 KtmRm - ok 21:30:09.0739 6012 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll 21:30:09.0831 6012 LanmanServer - ok 21:30:09.0865 6012 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll 21:30:09.0956 6012 LanmanWorkstation - ok 21:30:10.0044 6012 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 21:30:10.0077 6012 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 21:30:10.0077 6012 LightScribeService - detected UnsignedFile.Multi.Generic (1) 21:30:10.0126 6012 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys 21:30:10.0212 6012 lltdio - ok 21:30:10.0249 6012 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll 21:30:10.0303 6012 lltdsvc - ok 21:30:10.0340 6012 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll 21:30:10.0423 6012 lmhosts - ok 21:30:10.0491 6012 [ BB4E55778D8DE3885E1CDAC795DE7BCE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 21:30:10.0525 6012 LMS - ok 21:30:10.0579 6012 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys 21:30:10.0613 6012 LSI_FC - ok 21:30:10.0635 6012 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys 21:30:10.0665 6012 LSI_SAS - ok 21:30:10.0671 6012 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys 21:30:10.0698 6012 LSI_SAS2 - ok 21:30:10.0713 6012 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys 21:30:10.0742 6012 LSI_SCSI - ok 21:30:10.0765 6012 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys 21:30:10.0855 6012 luafv - ok 21:30:10.0893 6012 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll 21:30:10.0933 6012 Mcx2Svc - ok 21:30:10.0953 6012 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys 21:30:10.0982 6012 megasas - ok 21:30:10.0999 6012 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys 21:30:11.0034 6012 MegaSR - ok 21:30:11.0085 6012 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll 21:30:11.0191 6012 MMCSS - ok 21:30:11.0219 6012 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys 21:30:11.0305 6012 Modem - ok 21:30:11.0340 6012 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys 21:30:11.0400 6012 monitor - ok 21:30:11.0431 6012 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys 21:30:11.0462 6012 mouclass - ok 21:30:11.0474 6012 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys 21:30:11.0526 6012 mouhid - ok 21:30:11.0567 6012 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys 21:30:11.0593 6012 mountmgr - ok 21:30:11.0680 6012 [ 1C9B83F6A2D1F414F0ACD28D75605607 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 21:30:11.0711 6012 MozillaMaintenance - ok 21:30:11.0743 6012 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys 21:30:11.0774 6012 mpio - ok 21:30:11.0800 6012 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys 21:30:11.0869 6012 mpsdrv - ok 21:30:11.0914 6012 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll 21:30:11.0996 6012 MpsSvc - ok 21:30:12.0039 6012 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys 21:30:12.0083 6012 MRxDAV - ok 21:30:12.0108 6012 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys 21:30:12.0147 6012 mrxsmb - ok 21:30:12.0174 6012 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys 21:30:12.0233 6012 mrxsmb10 - ok 21:30:12.0265 6012 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys 21:30:12.0322 6012 mrxsmb20 - ok 21:30:12.0350 6012 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys 21:30:12.0382 6012 msahci - ok 21:30:12.0400 6012 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys 21:30:12.0423 6012 msdsm - ok 21:30:12.0451 6012 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe 21:30:12.0489 6012 MSDTC - ok 21:30:12.0535 6012 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys 21:30:12.0627 6012 Msfs - ok 21:30:12.0657 6012 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys 21:30:12.0747 6012 mshidkmdf - ok 21:30:12.0778 6012 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys 21:30:12.0807 6012 msisadrv - ok 21:30:12.0845 6012 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll 21:30:12.0952 6012 MSiSCSI - ok 21:30:12.0957 6012 msiserver - ok 21:30:12.0990 6012 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys 21:30:13.0080 6012 MSKSSRV - ok 21:30:13.0109 6012 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys 21:30:13.0205 6012 MSPCLOCK - ok 21:30:13.0231 6012 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys 21:30:13.0320 6012 MSPQM - ok 21:30:13.0365 6012 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys 21:30:13.0406 6012 MsRPC - ok 21:30:13.0419 6012 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys 21:30:13.0447 6012 mssmbios - ok 21:30:13.0459 6012 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys 21:30:13.0554 6012 MSTEE - ok 21:30:13.0579 6012 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys 21:30:13.0610 6012 MTConfig - ok 21:30:13.0649 6012 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys 21:30:13.0682 6012 Mup - ok 21:30:13.0703 6012 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll 21:30:13.0806 6012 napagent - ok 21:30:13.0852 6012 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys 21:30:13.0921 6012 NativeWifiP - ok 21:30:13.0977 6012 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys 21:30:14.0038 6012 NDIS - ok 21:30:14.0051 6012 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys 21:30:14.0140 6012 NdisCap - ok 21:30:14.0186 6012 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys 21:30:14.0272 6012 NdisTapi - ok 21:30:14.0320 6012 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys 21:30:14.0428 6012 Ndisuio - ok 21:30:14.0473 6012 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys 21:30:14.0574 6012 NdisWan - ok 21:30:14.0593 6012 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys 21:30:14.0684 6012 NDProxy - ok 21:30:14.0741 6012 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 21:30:14.0776 6012 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 21:30:14.0776 6012 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 21:30:14.0812 6012 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys 21:30:14.0881 6012 NetBIOS - ok 21:30:14.0913 6012 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys 21:30:15.0014 6012 NetBT - ok 21:30:15.0038 6012 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe 21:30:15.0063 6012 Netlogon - ok 21:30:15.0117 6012 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll 21:30:15.0222 6012 Netman - ok 21:30:15.0247 6012 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll 21:30:15.0325 6012 netprofm - ok 21:30:15.0366 6012 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:30:15.0395 6012 NetTcpPortSharing - ok 21:30:15.0432 6012 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys 21:30:15.0460 6012 nfrd960 - ok 21:30:15.0519 6012 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll 21:30:15.0577 6012 NlaSvc - ok 21:30:15.0604 6012 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys 21:30:15.0673 6012 Npfs - ok 21:30:15.0699 6012 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll 21:30:15.0793 6012 nsi - ok 21:30:15.0812 6012 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys 21:30:15.0901 6012 nsiproxy - ok 21:30:15.0955 6012 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys 21:30:16.0004 6012 Ntfs - ok 21:30:16.0030 6012 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys 21:30:16.0121 6012 Null - ok 21:30:16.0302 6012 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys 21:30:16.0335 6012 nvraid - ok 21:30:16.0357 6012 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys 21:30:16.0378 6012 nvstor - ok 21:30:16.0428 6012 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys 21:30:16.0456 6012 nv_agp - ok 21:30:16.0476 6012 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys 21:30:16.0515 6012 ohci1394 - ok 21:30:16.0613 6012 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:30:16.0645 6012 ose - ok 21:30:16.0759 6012 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll 21:30:16.0813 6012 p2pimsvc - ok 21:30:16.0840 6012 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll 21:30:16.0887 6012 p2psvc - ok 21:30:16.0943 6012 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys 21:30:16.0967 6012 Parport - ok 21:30:17.0032 6012 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys 21:30:17.0064 6012 partmgr - ok 21:30:17.0171 6012 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll 21:30:17.0234 6012 PcaSvc - ok 21:30:17.0479 6012 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys 21:30:17.0506 6012 pci - ok 21:30:17.0524 6012 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys 21:30:17.0541 6012 pciide - ok 21:30:17.0582 6012 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys 21:30:17.0602 6012 pcmcia - ok 21:30:17.0620 6012 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys 21:30:17.0636 6012 pcw - ok 21:30:17.0672 6012 pdfcDispatcher - ok 21:30:17.0767 6012 [ 4A8CC4D25525F456069887D5E8C53225 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe 21:30:17.0796 6012 PdiService - ok 21:30:17.0846 6012 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys 21:30:18.0080 6012 PEAUTH - ok 21:30:18.0182 6012 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe 21:30:18.0219 6012 PerfHost - ok 21:30:18.0370 6012 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll 21:30:18.0517 6012 pla - ok 21:30:18.0572 6012 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll 21:30:18.0624 6012 PlugPlay - ok 21:30:18.0681 6012 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 21:30:18.0693 6012 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 21:30:18.0693 6012 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 21:30:18.0726 6012 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll 21:30:18.0761 6012 PNRPAutoReg - ok 21:30:18.0803 6012 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll 21:30:18.0831 6012 PNRPsvc - ok 21:30:18.0908 6012 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll 21:30:18.0995 6012 PolicyAgent - ok 21:30:19.0050 6012 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll 21:30:19.0142 6012 Power - ok 21:30:19.0284 6012 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys 21:30:19.0387 6012 PptpMiniport - ok 21:30:19.0403 6012 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys 21:30:19.0448 6012 Processor - ok 21:30:19.0484 6012 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll 21:30:19.0539 6012 ProfSvc - ok 21:30:19.0572 6012 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe 21:30:19.0603 6012 ProtectedStorage - ok 21:30:19.0661 6012 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys 21:30:19.0730 6012 Psched - ok 21:30:19.0781 6012 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 21:30:19.0808 6012 PSI_SVC_2 - ok 21:30:19.0877 6012 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys 21:30:19.0902 6012 PxHlpa64 - ok 21:30:20.0000 6012 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys 21:30:20.0060 6012 ql2300 - ok 21:30:20.0078 6012 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys 21:30:20.0097 6012 ql40xx - ok 21:30:20.0115 6012 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll 21:30:20.0141 6012 QWAVE - ok 21:30:20.0167 6012 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys 21:30:20.0210 6012 QWAVEdrv - ok 21:30:20.0232 6012 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys 21:30:20.0276 6012 RasAcd - ok 21:30:20.0334 6012 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys 21:30:20.0386 6012 RasAgileVpn - ok 21:30:20.0402 6012 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll 21:30:20.0494 6012 RasAuto - ok 21:30:20.0543 6012 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys 21:30:20.0604 6012 Rasl2tp - ok 21:30:20.0683 6012 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll 21:30:20.0765 6012 RasMan - ok 21:30:20.0788 6012 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys 21:30:20.0835 6012 RasPppoe - ok 21:30:20.0859 6012 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys 21:30:20.0914 6012 RasSstp - ok 21:30:20.0951 6012 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys 21:30:20.0996 6012 rdbss - ok 21:30:21.0006 6012 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys 21:30:21.0046 6012 rdpbus - ok 21:30:21.0079 6012 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys 21:30:21.0138 6012 RDPCDD - ok 21:30:21.0146 6012 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys 21:30:21.0219 6012 RDPENCDD - ok 21:30:21.0239 6012 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys 21:30:21.0315 6012 RDPREFMP - ok 21:30:21.0375 6012 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys 21:30:21.0422 6012 RDPWD - ok 21:30:21.0472 6012 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys 21:30:21.0498 6012 rdyboost - ok 21:30:21.0534 6012 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll 21:30:21.0598 6012 RemoteAccess - ok 21:30:21.0631 6012 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll 21:30:21.0703 6012 RemoteRegistry - ok 21:30:21.0766 6012 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys 21:30:21.0844 6012 RFCOMM - ok 21:30:21.0888 6012 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll 21:30:21.0981 6012 RpcEptMapper - ok 21:30:22.0011 6012 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe 21:30:22.0030 6012 RpcLocator - ok 21:30:22.0066 6012 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll 21:30:22.0111 6012 RpcSs - ok 21:30:22.0160 6012 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys 21:30:22.0247 6012 rspndr - ok 21:30:22.0290 6012 [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys 21:30:22.0327 6012 RSUSBSTOR - ok 21:30:22.0382 6012 [ 26E0D15FB1835F7ED638F157CCD2E04D ] RsvLock C:\windows\system32\drivers\RsvLock.sys 21:30:22.0398 6012 RsvLock - ok 21:30:22.0441 6012 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys 21:30:22.0476 6012 RTL8167 - ok 21:30:22.0525 6012 [ AFF453E04F8ACF26449D9B56FFB96BB1 ] rtsuvc C:\windows\system32\DRIVERS\rtsuvc.sys 21:30:22.0590 6012 rtsuvc - ok 21:30:22.0635 6012 [ 6EF8E5E3A079C97C70915CF740E89977 ] SafeBoot C:\windows\system32\drivers\SafeBoot.sys 21:30:22.0636 6012 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 6EF8E5E3A079C97C70915CF740E89977 21:30:22.0636 6012 SafeBoot ( LockedFile.Multi.Generic ) - warning 21:30:22.0636 6012 SafeBoot - detected LockedFile.Multi.Generic (1) 21:30:22.0647 6012 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe 21:30:22.0679 6012 SamSs - ok 21:30:22.0721 6012 [ FD8714A36C4646DE22DDC7E36F6D09EF ] SbAlg C:\windows\system32\drivers\SbAlg.sys 21:30:22.0737 6012 SbAlg - ok 21:30:22.0777 6012 [ 43027F1996F3AC6BD54B8A871996B7B3 ] SbFsLock C:\windows\system32\drivers\SbFsLock.sys 21:30:22.0789 6012 SbFsLock - ok 21:30:22.0820 6012 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys 21:30:22.0841 6012 sbp2port - ok 21:30:22.0865 6012 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll 21:30:22.0907 6012 SCardSvr - ok 21:30:22.0948 6012 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys 21:30:23.0050 6012 scfilter - ok 21:30:23.0152 6012 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll 21:30:23.0249 6012 Schedule - ok 21:30:23.0299 6012 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll 21:30:23.0356 6012 SCPolicySvc - ok 21:30:23.0404 6012 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys 21:30:23.0465 6012 sdbus - ok 21:30:23.0502 6012 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll 21:30:23.0566 6012 SDRSVC - ok 21:30:23.0604 6012 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys 21:30:23.0712 6012 secdrv - ok 21:30:23.0732 6012 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll 21:30:23.0840 6012 seclogon - ok 21:30:23.0907 6012 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll 21:30:24.0004 6012 SENS - ok 21:30:24.0051 6012 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll 21:30:24.0105 6012 SensrSvc - ok 21:30:24.0140 6012 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys 21:30:24.0193 6012 Serenum - ok 21:30:24.0244 6012 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys 21:30:24.0291 6012 Serial - ok 21:30:24.0354 6012 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys 21:30:24.0394 6012 sermouse - ok 21:30:24.0468 6012 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll 21:30:24.0558 6012 SessionEnv - ok 21:30:24.0585 6012 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys 21:30:24.0628 6012 sffdisk - ok 21:30:24.0644 6012 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys 21:30:24.0664 6012 sffp_mmc - ok 21:30:24.0682 6012 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys 21:30:24.0725 6012 sffp_sd - ok 21:30:24.0792 6012 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys 21:30:24.0845 6012 sfloppy - ok 21:30:24.0881 6012 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll 21:30:24.0984 6012 SharedAccess - ok 21:30:25.0029 6012 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll 21:30:25.0136 6012 ShellHWDetection - ok 21:30:25.0186 6012 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys 21:30:25.0229 6012 SiSRaid2 - ok 21:30:25.0253 6012 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys 21:30:25.0291 6012 SiSRaid4 - ok 21:30:25.0404 6012 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 21:30:25.0469 6012 SkypeUpdate - ok 21:30:25.0527 6012 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys 21:30:25.0648 6012 Smb - ok 21:30:25.0724 6012 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe 21:30:25.0776 6012 SNMPTRAP - ok 21:30:25.0809 6012 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys 21:30:25.0834 6012 spldr - ok 21:30:25.0891 6012 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe 21:30:25.0950 6012 Spooler - ok 21:30:26.0193 6012 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe 21:30:26.0409 6012 sppsvc - ok 21:30:26.0446 6012 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll 21:30:26.0531 6012 sppuinotify - ok 21:30:26.0613 6012 [ B9657A0AFF28C1CB114ACC0CB93EE4BB ] sp_rsdrv2 C:\windows\system32\DRIVERS\stflt.sys 21:30:26.0642 6012 sp_rsdrv2 - ok 21:30:26.0676 6012 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys 21:30:26.0746 6012 srv - ok 21:30:26.0774 6012 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys 21:30:26.0841 6012 srv2 - ok 21:30:26.0893 6012 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys 21:30:26.0919 6012 srvnet - ok 21:30:26.0985 6012 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll 21:30:27.0059 6012 SSDPSRV - ok 21:30:27.0077 6012 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll 21:30:27.0141 6012 SstpSvc - ok 21:30:27.0856 6012 [ 676D11DFF21987C4D866004C0B282A32 ] ST2012_Svc C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe 21:30:27.0980 6012 ST2012_Svc - ok 21:30:28.0107 6012 [ F8807AAF697E1D20C9D7716A4941E574 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe 21:30:28.0156 6012 STacSV - ok 21:30:29.0004 6012 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys 21:30:29.0110 6012 stexstor - ok 21:30:29.0199 6012 [ 96DF19A03D37F8568141612D31F0D035 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys 21:30:29.0262 6012 STHDA - ok 21:30:29.0324 6012 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys 21:30:29.0390 6012 StillCam - ok 21:30:29.0533 6012 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll 21:30:29.0643 6012 stisvc - ok 21:30:29.0681 6012 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys 21:30:29.0715 6012 swenum - ok 21:30:30.0144 6012 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll 21:30:31.0287 6012 swprv - ok 21:30:31.0473 6012 [ D268D2A0DB2A2BBE963E688D0B039267 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys 21:30:31.0773 6012 SynTP - ok 21:30:31.0994 6012 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll 21:30:32.0077 6012 SysMain - ok 21:30:32.0132 6012 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll 21:30:32.0203 6012 TabletInputService - ok 21:30:32.0274 6012 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll 21:30:32.0363 6012 TapiSrv - ok 21:30:32.0383 6012 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll 21:30:32.0469 6012 TBS - ok 21:30:32.0621 6012 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys 21:30:32.0694 6012 Tcpip - ok 21:30:32.0758 6012 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys 21:30:32.0817 6012 TCPIP6 - ok 21:30:32.0884 6012 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys 21:30:32.0931 6012 tcpipreg - ok 21:30:32.0980 6012 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys 21:30:33.0036 6012 TDPIPE - ok 21:30:33.0065 6012 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys 21:30:33.0104 6012 TDTCP - ok 21:30:33.0163 6012 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys 21:30:33.0237 6012 tdx - ok 21:30:33.0359 6012 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys 21:30:33.0392 6012 TermDD - ok 21:30:33.0614 6012 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll 21:30:33.0696 6012 TermService - ok 21:30:33.0729 6012 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll 21:30:33.0861 6012 Themes - ok 21:30:33.0886 6012 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll 21:30:33.0981 6012 THREADORDER - ok 21:30:34.0071 6012 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\windows\system32\drivers\tpm.sys 21:30:34.0148 6012 TPM - ok 21:30:34.0237 6012 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll 21:30:34.0339 6012 TrkWks - ok 21:30:34.0494 6012 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe 21:30:34.0657 6012 TrustedInstaller - ok 21:30:34.0691 6012 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys 21:30:34.0774 6012 tssecsrv - ok 21:30:34.0887 6012 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys 21:30:34.0952 6012 TsUsbFlt - ok 21:30:35.0034 6012 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys 21:30:35.0150 6012 tunnel - ok 21:30:35.0187 6012 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys 21:30:35.0225 6012 uagp35 - ok 21:30:35.0344 6012 [ 9EEA84226ED2A028BC3FDFDDE03FE95C ] uArcCapture C:\windows\system\uArcCapture.exe 21:30:35.0415 6012 uArcCapture - ok 21:30:35.0566 6012 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys 21:30:35.0704 6012 udfs - ok 21:30:35.0806 6012 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe 21:30:35.0916 6012 UI0Detect - ok 21:30:35.0992 6012 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys 21:30:36.0072 6012 uliagpkx - ok 21:30:36.0457 6012 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys 21:30:36.0527 6012 umbus - ok 21:30:36.0630 6012 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys 21:30:36.0705 6012 UmPass - ok 21:30:37.0159 6012 [ 44AA8D5D3B3B5610FEF46CA8A9C52D8C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 21:30:37.0235 6012 UNS - ok 21:30:37.0290 6012 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll 21:30:37.0385 6012 upnphost - ok 21:30:37.0418 6012 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys 21:30:37.0492 6012 USBAAPL64 - ok 21:30:37.0531 6012 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys 21:30:37.0765 6012 usbccgp - ok 21:30:38.0102 6012 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys 21:30:38.0191 6012 usbcir - ok 21:30:38.0221 6012 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys 21:30:38.0269 6012 usbehci - ok 21:30:38.0382 6012 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys 21:30:38.0471 6012 usbhub - ok 21:30:38.0530 6012 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys 21:30:38.0590 6012 usbohci - ok 21:30:38.0651 6012 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys 21:30:38.0714 6012 usbprint - ok 21:30:38.0748 6012 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys 21:30:38.0813 6012 usbscan - ok 21:30:38.0848 6012 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS 21:30:38.0923 6012 USBSTOR - ok 21:30:38.0947 6012 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys 21:30:39.0017 6012 usbuhci - ok 21:30:39.0062 6012 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys 21:30:39.0138 6012 usbvideo - ok 21:30:39.0163 6012 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll 21:30:39.0258 6012 UxSms - ok 21:30:39.0323 6012 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe 21:30:39.0357 6012 VaultSvc - ok 21:30:39.0456 6012 [ F81A2648BFF893C8EFD9897811B14263 ] vcsFPService C:\windows\system32\vcsFPService.exe 21:30:39.0518 6012 vcsFPService - ok 21:30:39.0577 6012 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys 21:30:39.0591 6012 vdrvroot - ok 21:30:39.0702 6012 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe 21:30:39.0830 6012 vds - ok 21:30:39.0896 6012 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys 21:30:39.0930 6012 vga - ok 21:30:39.0960 6012 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys 21:30:40.0032 6012 VgaSave - ok 21:30:40.0083 6012 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys 21:30:40.0117 6012 vhdmp - ok 21:30:40.0153 6012 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys 21:30:40.0170 6012 viaide - ok 21:30:40.0186 6012 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys 21:30:40.0215 6012 volmgr - ok 21:30:40.0288 6012 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys 21:30:40.0338 6012 volmgrx - ok 21:30:40.0435 6012 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys 21:30:40.0607 6012 volsnap - ok 21:30:40.0678 6012 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys 21:30:40.0724 6012 vsmraid - ok 21:30:41.0076 6012 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe 21:30:41.0272 6012 VSS - ok 21:30:41.0316 6012 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys 21:30:41.0362 6012 vwifibus - ok 21:30:41.0381 6012 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys 21:30:41.0433 6012 vwififlt - ok 21:30:41.0510 6012 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll 21:30:41.0622 6012 W32Time - ok 21:30:41.0642 6012 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys 21:30:41.0690 6012 WacomPen - ok 21:30:41.0751 6012 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys 21:30:41.0855 6012 WANARP - ok 21:30:41.0871 6012 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys 21:30:41.0911 6012 Wanarpv6 - ok 21:30:42.0113 6012 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe 21:30:42.0210 6012 wbengine - ok 21:30:42.0248 6012 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll 21:30:42.0285 6012 WbioSrvc - ok 21:30:42.0352 6012 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll 21:30:42.0402 6012 wcncsvc - ok 21:30:42.0413 6012 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll 21:30:42.0477 6012 WcsPlugInService - ok 21:30:42.0492 6012 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys 21:30:42.0520 6012 Wd - ok 21:30:42.0605 6012 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys 21:30:42.0634 6012 Wdf01000 - ok 21:30:42.0657 6012 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll 21:30:42.0775 6012 WdiServiceHost - ok 21:30:42.0793 6012 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll 21:30:42.0839 6012 WdiSystemHost - ok 21:30:42.0944 6012 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll 21:30:43.0049 6012 WebClient - ok 21:30:43.0115 6012 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll 21:30:43.0275 6012 Wecsvc - ok 21:30:43.0297 6012 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll 21:30:43.0508 6012 wercplsupport - ok 21:30:43.0594 6012 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll 21:30:43.0677 6012 WerSvc - ok 21:30:43.0780 6012 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys 21:30:43.0827 6012 WfpLwf - ok 21:30:43.0846 6012 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys 21:30:43.0867 6012 WIMMount - ok 21:30:43.0885 6012 WinDefend - ok 21:30:43.0891 6012 WinHttpAutoProxySvc - ok 21:30:44.0059 6012 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll 21:30:44.0154 6012 Winmgmt - ok 21:30:44.0406 6012 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll 21:30:44.0519 6012 WinRM - ok 21:30:44.0629 6012 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys 21:30:44.0682 6012 WinUsb - ok 21:30:44.0799 6012 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll 21:30:44.0913 6012 Wlansvc - ok 21:30:45.0132 6012 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:30:45.0264 6012 wlidsvc - ok 21:30:45.0323 6012 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys 21:30:45.0357 6012 WmiAcpi - ok 21:30:45.0395 6012 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe 21:30:45.0464 6012 wmiApSrv - ok 21:30:45.0531 6012 WMPNetworkSvc - ok 21:30:45.0555 6012 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll 21:30:45.0613 6012 WPCSvc - ok 21:30:45.0667 6012 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll 21:30:45.0714 6012 WPDBusEnum - ok 21:30:45.0738 6012 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys 21:30:45.0832 6012 ws2ifsl - ok 21:30:45.0856 6012 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll 21:30:45.0899 6012 wscsvc - ok 21:30:45.0904 6012 WSearch - ok 21:30:46.0088 6012 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll 21:30:46.0181 6012 wuauserv - ok 21:30:46.0217 6012 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys 21:30:46.0278 6012 WudfPf - ok 21:30:46.0338 6012 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys 21:30:46.0403 6012 WUDFRd - ok 21:30:46.0428 6012 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll 21:30:46.0503 6012 wudfsvc - ok 21:30:46.0564 6012 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll 21:30:46.0652 6012 WwanSvc - ok 21:30:46.0696 6012 ================ Scan global =============================== 21:30:46.0747 6012 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll 21:30:46.0795 6012 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll 21:30:46.0820 6012 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll 21:30:46.0871 6012 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll 21:30:46.0910 6012 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe 21:30:46.0917 6012 [Global] - ok 21:30:46.0918 6012 ================ Scan MBR ================================== 21:30:46.0935 6012 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 21:30:47.0327 6012 \Device\Harddisk0\DR0 - ok 21:30:47.0333 6012 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1 21:30:49.0247 6012 \Device\Harddisk1\DR1 - ok 21:30:49.0248 6012 ================ Scan VBR ================================== 21:30:49.0285 6012 [ 4DB08B6E9F490247FA59C00F98C438A2 ] \Device\Harddisk0\DR0\Partition1 21:30:49.0287 6012 \Device\Harddisk0\DR0\Partition1 - ok 21:30:49.0303 6012 [ F33A59E879746765B14C324DE2E06AA5 ] \Device\Harddisk0\DR0\Partition2 21:30:49.0305 6012 \Device\Harddisk0\DR0\Partition2 - ok 21:30:49.0433 6012 [ 3F12C7C1C1223A67D78493C0DE8423B0 ] \Device\Harddisk0\DR0\Partition3 21:30:49.0435 6012 \Device\Harddisk0\DR0\Partition3 - ok 21:30:49.0449 6012 [ 8927939C773856F320C9CC8AB97AC160 ] \Device\Harddisk0\DR0\Partition4 21:30:49.0450 6012 \Device\Harddisk0\DR0\Partition4 - ok 21:30:49.0456 6012 [ F44A8050E21CC69AF379D728ED4C9DF6 ] \Device\Harddisk1\DR1\Partition1 21:30:49.0458 6012 \Device\Harddisk1\DR1\Partition1 - ok 21:30:49.0458 6012 ============================================================ 21:30:49.0458 6012 Scan finished 21:30:49.0458 6012 ============================================================ 21:30:49.0473 6004 Detected object count: 12 21:30:49.0474 6004 Actual detected object count: 12 21:31:21.0339 6004 DEBridge ( UnsignedFile.Multi.Generic ) - skipped by user 21:31:21.0339 6004 DEBridge ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:31:21.0344 6004 HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - skipped by user 21:31:21.0344 6004 HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:31:21.0345 6004 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user 21:31:21.0345 6004 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:31:21.0347 6004 HPDayStarterService ( UnsignedFile.Multi.Generic ) - skipped by user 21:31:21.0347 6004 HPDayStarterService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:31:21.0349 6004 HPFSService ( UnsignedFile.Multi.Generic ) - skipped by user 21:31:21.0349 6004 HPFSService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:31:21.0351 6004 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 21:31:21.0351 6004 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:31:21.0353 6004 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 21:31:21.0353 6004 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:31:21.0355 6004 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 21:31:21.0355 6004 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:31:21.0357 6004 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 21:31:21.0358 6004 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:31:21.0359 6004 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 21:31:21.0359 6004 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:31:21.0361 6004 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 21:31:21.0361 6004 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:31:21.0362 6004 SafeBoot ( LockedFile.Multi.Generic ) - skipped by user 21:31:21.0363 6004 SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip 21:32:06.0243 5888 Deinitialize success |
|
08.05.2013, 20:41
| #4 |
| /// Malware-holic | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.05.2013, 09:36
| #5 |
| | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt hi markus, sorry, ich weiß nicht, wie ich einer txt datei code tags hinzufügen soll, daher habe ich das combo ergebnis gepostet UND angehängt... :/ danke auf jeden fall für deine hilfe!!! Combofix Logfile: Code:
ATTFilter ComboFix 13-05-08.02 - Larsi 09.05.2013 7:16.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3951.1919 [GMT 2:00]
ausgeführt von:: c:\users\Larsi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\HappyLyrics\hpPYlrc.dll
C:\Thumbs.db
c:\windows\SysWow64\pt
c:\windows\SysWow64\pt\DPCont32.dll.mui
c:\windows\SysWow64\pt\DPCrProv.dll.mui
c:\windows\SysWow64\pt\DPFPApiUI.dll.mui
c:\windows\SysWow64\pt\DPPassFilter.dll.mui
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-04-09 bis 2013-05-09 ))))))))))))))))))))))))))))))
.
.
2013-05-09 05:22 . 2013-05-09 05:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-09 05:17 . 2013-05-09 05:17 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C73B83AD-0411-41F5-840D-893579792EC3}\offreg.dll
2013-05-08 19:34 . 2013-02-22 06:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-07 14:38 . 2013-04-17 04:31 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C73B83AD-0411-41F5-840D-893579792EC3}\mpengine.dll
2013-05-07 10:20 . 2013-05-07 14:20 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2013-04-24 19:51 . 2013-05-07 14:37 -------- d-----w- c:\program files (x86)\LyricStar
2013-04-22 20:58 . 2013-04-22 20:58 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-02 00:06 . 2011-05-03 18:20 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-06 21:31 . 2013-04-06 21:31 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2013-03-17 10:09 . 2011-05-06 16:35 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-14 19:02 . 2012-06-28 17:12 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-14 19:02 . 2011-05-14 21:15 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-07 18:12 . 2013-03-07 18:12 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-07 18:12 . 2012-07-25 22:02 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-07 18:12 . 2012-07-25 22:02 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-06 23:33 . 2013-03-17 09:56 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-17 09:56 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2012-08-05 09:10 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2011-05-03 21:00 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2011-05-03 21:00 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2011-05-03 21:00 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2011-05-03 21:00 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2011-05-03 21:00 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2011-05-03 20:59 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2011-05-03 21:00 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-12 05:45 . 2013-03-14 18:18 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-14 18:18 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-14 18:18 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-14 18:18 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-14 18:18 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-14 18:18 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-26 20:02 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Larsi\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Larsi\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Larsi\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-12-17 59872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-12-12 11265536]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-19 518656]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-08-11 658424]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Larsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Larsi\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 22:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
R3 aswVmm;aswVmm; [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-10 342056]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-10 39464]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-11-11 232480]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
S0 aswRvrt;aswRvrt; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 RsvLock;RsvLock; [x]
S2 AAV UpdateService;AAV UpdateService;c:\program files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [2008-10-24 128296]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-01 169624]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2011-10-18 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-09-12 142904]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-01 281192]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [2013-04-06 51496]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2013-04-03 1149104]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe [2009-12-04 506472]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2010-02-01 704512]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 21:41 89216]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 20:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-28 19:02]
.
2013-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-08 06:38]
.
2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-08 06:38]
.
2013-05-09 c:\windows\Tasks\Happy Lyrics Update.job
- c:\program files (x86)\HappyLyrics\HLUpdater.exe [2013-02-27 22:28]
.
2013-05-07 c:\windows\Tasks\HPCeeScheduleForLarsi.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Larsi\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Larsi\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Larsi\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Larsi\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-10-18 489472]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-09-12 14904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2013-04-03 2777736]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-04-03 3684488]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Larsi\AppData\Roaming\Mozilla\Firefox\Profiles\7sc9oyl0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://news.google.de/nwshp?hl=de&tab=nn
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-04-13 17:14; {45d8ff86-d909-11db-9705-005056c00008}; c:\users\Larsi\AppData\Roaming\Mozilla\Firefox\Profiles\7sc9oyl0.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
FF - ExtSQL: !HIDDEN! 2011-05-04 19:08; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{59C0C5BD-2579-433A-BBB8-AFFD59642BAF} - c:\program files (x86)\HappyLyrics\hppylrc.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-09 07:25:02
ComboFix-quarantined-files.txt 2013-05-09 05:25
.
Vor Suchlauf: 11 Verzeichnis(se), 345.959.804.928 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 345.592.168.448 Bytes frei
.
- - End Of File - - E0F73934623F5838251175AB1D516A7F
|
|
11.05.2013, 12:10
| #6 |
| /// Malware-holic | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt passt so. War über den Feiertag nich daheim. malwarebytes: Downloade Dir bitte Malwarebytes
__________________ --> PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt |
|
11.05.2013, 20:10
| #7 |
| | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt schaut gut aus! :-) Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2013.05.11.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Larsi :: LARSI-HP [Administrator] 11.05.2013 16:17:33 mbam-log-2013-05-11 (16-17-33).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 440276 Laufzeit: 57 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
11.05.2013, 20:20
| #8 |
| /// Malware-holic | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt Hi, lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.05.2013, 20:39
| #9 |
| | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt Re-Hi, danke für die bisherige Hilfe - meine Programme kenne ich zum Glück genau, nur Happy Lyrics nicht und das habe ich nun entfernt. Alles andere ist HP Software, MS Updates, ein paar Helferlein wie Dropbox und iCloud. Also alles notwendig. ;-) Danke und Grüße Anika P.S.: Sorry, war krank... - Virusinfektion! :/ |
|
13.05.2013, 20:40
| #10 |
| /// Malware-holic | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt Hi, Downloade Dir bitte  AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.05.2013, 13:03
| #11 |
| | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt hi, ich habe noch zweites logfile gefunden und angehängt, was wohl von einem früheren bereinigungsversuch stammt - falls interessant für dich. :/ aber hier erst mal das von heute: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.300 - Datei am 14/05/2013 um 13:50:25 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Larsi - LARSI-HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Larsi\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\Larsi\AppData\Roaming\Mozilla\Firefox\Profiles\7sc9oyl0.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [9332 octets] - [06/04/2013 22:27:26]
AdwCleaner[S1].txt - [9504 octets] - [06/04/2013 22:28:11]
AdwCleaner[S2].txt - [845 octets] - [14/05/2013 13:50:25]
########## EOF - C:\AdwCleaner[S2].txt - [904 octets] ##########
Geändert von anika_r (14.05.2013 um 13:09 Uhr) |
|
14.05.2013, 13:04
| #12 |
| /// Malware-holic | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt Hi, HitmanPro - Download - Filepony Hitmanpro laden, doppelklick, scan, nichts löschen. Weiter klicken, Log als XML exportieren und posten, bzw packen und anhängen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.05.2013, 13:37
| #13 |
| | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt ...auch das sieht gut aus, würde ich behaupten. |
|
14.05.2013, 13:59
| #14 |
| /// Malware-holic | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt ja, siehts. abschließenes OTL log bitte
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.05.2013, 14:38
| #15 |
| | PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt hi, das log ist mir zu hoch - ganz lieben dank für die hilfe nochmal. ich kenne das tb jetzt mittlerweile seit 10 jahren und musste zum glück bis jetzt nur dieses eine mal eine so zeitintensive bereinigung mit unterstützung durchführen! vg, anika |
|
| Themen zu PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt |
| ad.yieldmanager, ad.yieldmanager.com, april, ausgeführt, befallen, browser, browser hijacker, browsern, ccleaner, folge, folgende, gelöscht, gen, hoffe, leute, lösung, mögliche, popups, rechner, script, scripts, systemwiederherstellung, vermutlich, versucht, virus, websites, werbeeinblendungen, werbung |
WARNUNG an die MITLESER: 
Linear-Darstellung
