| |
| |||||||
Log-Analyse und Auswertung: Merkwürdige, plötzlich auftauchende Fake-Popups. Virus?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.07.2013, 13:23
| #1 |
 |  Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? Hallo liebe User, Ich glaube mein Pc hat sich was eingefangen. Seit 4-5 Tagen tauchen plötzlich Seiten auf für irgendwelche Diät Pillen oder Google Chrome Umfragen. Diese sehen allerdings sehr unseriös aus und versprechen meist Macbooks, iPhones oder iPads. Es erscheint erst eine weiße Seite mit der Adresse: serve.bannersdontwork.com darauf hin kommt meist eine Weiterleitung auf: hxxp://surveycentral.deadlyblessing.com/home.html Bei Google gibt es auch einige Seiten mit Mitteln gegen diesen "Virus". Jedoch sind die nicht gerade vertrauenswürdig. Vor allem an der Grammatik: "..Frustriert Sie mit der Umleitung des Browsers zu serve.bannersdontwork.com? Suchen Sie eine Komplettlösung aus dem Problem loswerden? Wenn ja, dann sind zum Glück Sie am richtigen Ort.." Kling komisch oder? Hat jemand Rat für mich?  Ps: OTL.txt, EXTRAS.txt und Gmer.txt habe ich gemacht. Bei bedarf einfach bescheid sagen- |
|
04.07.2013, 13:24
| #2 |
| /// Malware-holic   | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? Hi na wenn wir dir weiterhelfen sollen, benötigen wir schon die von dir genannnten Logs :-)
__________________
__________________ |
|
04.07.2013, 13:30
| #3 |
| | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? Okay
__________________ Oder soll ich sie rein kopieren? |
|
04.07.2013, 13:47
| #4 |
| /// Malware-holic | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? Hi, das nächste Mal, bitte reinkopieren wenn möglich. Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.07.2013, 13:58
| #5 |
| | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? Hier das Ergebnis: Code:
ATTFilter
14:53:52.0004 3404 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:53:52.0301 3404 ============================================================
14:53:52.0301 3404 Current date / time: 2013/07/04 14:53:52.0301
14:53:52.0301 3404 SystemInfo:
14:53:52.0301 3404
14:53:52.0301 3404 OS Version: 6.0.6002 ServicePack: 2.0
14:53:52.0301 3404 Product type: Workstation
14:53:52.0301 3404 ComputerName: MEDION-PC
14:53:52.0301 3404 UserName: MEDION
14:53:52.0301 3404 Windows directory: C:\Windows
14:53:52.0301 3404 System windows directory: C:\Windows
14:53:52.0301 3404 Processor architecture: Intel x86
14:53:52.0301 3404 Number of processors: 4
14:53:52.0301 3404 Page size: 0x1000
14:53:52.0301 3404 Boot type: Normal boot
14:53:52.0301 3404 ============================================================
14:53:52.0816 3404 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:53:52.0847 3404 ============================================================
14:53:52.0847 3404 \Device\Harddisk0\DR0:
14:53:52.0847 3404 MBR partitions:
14:53:52.0847 3404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x71F04000
14:53:52.0878 3404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x71F0483F, BlocksNum 0x2801182
14:53:52.0878 3404 ============================================================
14:53:52.0956 3404 C: <-> \Device\Harddisk0\DR0\Partition1
14:53:53.0018 3404 D: <-> \Device\Harddisk0\DR0\Partition2
14:53:53.0018 3404 ============================================================
14:53:53.0018 3404 Initialize success
14:53:53.0018 3404 ============================================================
14:54:12.0877 5208 ============================================================
14:54:12.0877 5208 Scan started
14:54:12.0877 5208 Mode: Manual; SigCheck; TDLFS;
14:54:12.0877 5208 ============================================================
14:54:13.0283 5208 ================ Scan system memory ========================
14:54:13.0283 5208 Scan interrupted by user!
14:54:13.0283 5208 ================ Scan services =============================
14:54:13.0283 5208 Scan interrupted by user!
14:54:13.0283 5208 ================ Scan global ===============================
14:54:13.0283 5208 Scan interrupted by user!
14:54:13.0283 5208 ================ Scan MBR ==================================
14:54:13.0283 5208 Scan interrupted by user!
14:54:13.0283 5208 ================ Scan VBR ==================================
14:54:13.0283 5208 Scan interrupted by user!
14:54:13.0283 5208 ============================================================
14:54:13.0283 5208 Scan finished
14:54:13.0283 5208 ============================================================
14:54:13.0298 8096 Detected object count: 0
14:54:13.0298 8096 Actual detected object count: 0
14:54:24.0671 6732 ============================================================
14:54:24.0671 6732 Scan started
14:54:24.0671 6732 Mode: Manual; SigCheck; TDLFS;
14:54:24.0671 6732 ============================================================
14:54:24.0827 6732 ================ Scan system memory ========================
14:54:24.0827 6732 System memory - ok
14:54:24.0827 6732 ================ Scan services =============================
14:54:24.0983 6732 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:54:25.0139 6732 ACDaemon - ok
14:54:25.0248 6732 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
14:54:25.0264 6732 ACPI - ok
14:54:25.0295 6732 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:54:25.0326 6732 adp94xx - ok
14:54:25.0357 6732 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:54:25.0388 6732 adpahci - ok
14:54:25.0404 6732 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
14:54:25.0420 6732 adpu160m - ok
14:54:25.0435 6732 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:54:25.0451 6732 adpu320 - ok
14:54:25.0482 6732 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:54:25.0529 6732 AeLookupSvc - ok
14:54:25.0560 6732 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\Windows\system32\drivers\Afc.sys
14:54:25.0576 6732 Afc - ok
14:54:25.0607 6732 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
14:54:25.0654 6732 AFD - ok
14:54:25.0685 6732 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:54:25.0700 6732 agp440 - ok
14:54:25.0732 6732 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:54:25.0747 6732 aic78xx - ok
14:54:25.0763 6732 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
14:54:25.0810 6732 ALG - ok
14:54:25.0841 6732 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
14:54:25.0856 6732 aliide - ok
14:54:25.0856 6732 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:54:25.0888 6732 amdagp - ok
14:54:25.0903 6732 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
14:54:25.0919 6732 amdide - ok
14:54:25.0934 6732 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
14:54:25.0966 6732 AmdK7 - ok
14:54:25.0981 6732 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:54:26.0028 6732 AmdK8 - ok
14:54:26.0090 6732 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:54:26.0106 6732 AntiVirSchedulerService - ok
14:54:26.0168 6732 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:54:26.0168 6732 AntiVirService - ok
14:54:26.0215 6732 [ 53DDEA96AA407C3E2BCEF68A44E31A59 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
14:54:26.0246 6732 AntiVirWebService - ok
14:54:26.0278 6732 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
14:54:26.0324 6732 Appinfo - ok
14:54:26.0371 6732 [ 018857EAD9A077A56AEDFC0E5EF7A24A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:54:26.0387 6732 Apple Mobile Device - ok
14:54:26.0418 6732 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
14:54:26.0434 6732 arc - ok
14:54:26.0465 6732 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:54:26.0480 6732 arcsas - ok
14:54:26.0496 6732 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:54:26.0527 6732 AsyncMac - ok
14:54:26.0558 6732 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
14:54:26.0574 6732 atapi - ok
14:54:26.0605 6732 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
14:54:26.0636 6732 atksgt - ok
14:54:26.0652 6732 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:54:26.0683 6732 AudioEndpointBuilder - ok
14:54:26.0683 6732 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:54:26.0699 6732 Audiosrv - ok
14:54:26.0730 6732 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:54:26.0746 6732 avgntflt - ok
14:54:26.0746 6732 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:54:26.0761 6732 avipbb - ok
14:54:26.0777 6732 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:54:26.0777 6732 avkmgr - ok
14:54:26.0808 6732 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
14:54:26.0824 6732 Beep - ok
14:54:26.0839 6732 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
14:54:26.0902 6732 BFE - ok
14:54:26.0964 6732 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
14:54:26.0995 6732 BITS - ok
14:54:27.0011 6732 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:54:27.0073 6732 blbdrive - ok
14:54:27.0104 6732 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:54:27.0136 6732 Bonjour Service - ok
14:54:27.0182 6732 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:54:27.0214 6732 bowser - ok
14:54:27.0260 6732 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
14:54:27.0292 6732 BrFiltLo - ok
14:54:27.0307 6732 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
14:54:27.0370 6732 BrFiltUp - ok
14:54:27.0401 6732 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
14:54:27.0432 6732 Browser - ok
14:54:27.0463 6732 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
14:54:27.0494 6732 Brserid - ok
14:54:27.0510 6732 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
14:54:27.0572 6732 BrSerWdm - ok
14:54:27.0619 6732 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
14:54:27.0682 6732 BrUsbMdm - ok
14:54:27.0713 6732 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
14:54:27.0775 6732 BrUsbSer - ok
14:54:27.0775 6732 BT - ok
14:54:27.0822 6732 [ 3AA4BF555C00C5B87FD48DD7BDBD4E97 ] btaudio C:\Windows\system32\drivers\btaudio.sys
14:54:27.0900 6732 btaudio - ok
14:54:27.0900 6732 BTCOM - ok
14:54:27.0916 6732 BTCOMBUS - ok
14:54:27.0916 6732 Btcsrusb - ok
14:54:27.0978 6732 [ 07F0A66CFA550B13AD0674AE09E3CBA0 ] BTDriver C:\Windows\system32\DRIVERS\btport.sys
14:54:28.0025 6732 BTDriver - ok
14:54:28.0025 6732 BtHidBus - ok
14:54:28.0040 6732 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:54:28.0118 6732 BTHMODEM - ok
14:54:28.0165 6732 [ 9DA09B5800B9DE8336948664E3B9CC94 ] btkrnl C:\Windows\system32\DRIVERS\btkrnl.sys
14:54:28.0228 6732 btkrnl - ok
14:54:28.0274 6732 [ 15E581ABCF37F07F1ABE3FC2645F33C0 ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys
14:54:28.0290 6732 btnetBUs - ok
14:54:28.0337 6732 [ D14C346D293E6F83CBB55AC641FF941E ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
14:54:28.0337 6732 btwdins ( UnsignedFile.Multi.Generic ) - warning
14:54:28.0337 6732 btwdins - detected UnsignedFile.Multi.Generic (1)
14:54:28.0352 6732 [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS C:\Windows\system32\DRIVERS\btwdndis.sys
14:54:28.0384 6732 BTWDNDIS - ok
14:54:28.0415 6732 [ 6BEB0ADAA3D2B80E6515EEC5D03B7540 ] btwhid C:\Windows\system32\DRIVERS\btwhid.sys
14:54:28.0462 6732 btwhid - ok
14:54:28.0508 6732 [ E206EC370646E42DC862FD995869D31D ] btwmodem C:\Windows\system32\DRIVERS\btwmodem.sys
14:54:28.0524 6732 btwmodem - ok
14:54:28.0555 6732 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\Windows\system32\Drivers\btwusb.sys
14:54:28.0618 6732 BTWUSB - ok
14:54:28.0649 6732 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:54:28.0680 6732 cdfs - ok
14:54:28.0696 6732 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:54:28.0711 6732 cdrom - ok
14:54:28.0742 6732 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
14:54:28.0789 6732 CertPropSvc - ok
14:54:28.0805 6732 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:54:28.0836 6732 circlass - ok
14:54:28.0883 6732 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
14:54:28.0914 6732 CLFS - ok
14:54:28.0961 6732 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:54:28.0976 6732 clr_optimization_v2.0.50727_32 - ok
14:54:29.0008 6732 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:54:29.0023 6732 clr_optimization_v4.0.30319_32 - ok
14:54:29.0054 6732 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:54:29.0070 6732 cmdide - ok
14:54:29.0101 6732 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:54:29.0117 6732 Compbatt - ok
14:54:29.0117 6732 COMSysApp - ok
14:54:29.0148 6732 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:54:29.0164 6732 crcdisk - ok
14:54:29.0179 6732 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
14:54:29.0210 6732 Crusoe - ok
14:54:29.0242 6732 [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:54:29.0273 6732 CryptSvc - ok
14:54:29.0304 6732 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:54:29.0335 6732 DcomLaunch - ok
14:54:29.0351 6732 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:54:29.0382 6732 DfsC - ok
14:54:29.0429 6732 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
14:54:29.0522 6732 DFSR - ok
14:54:29.0554 6732 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
14:54:29.0585 6732 Dhcp - ok
14:54:29.0600 6732 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
14:54:29.0616 6732 disk - ok
14:54:29.0632 6732 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:54:29.0678 6732 Dnscache - ok
14:54:29.0710 6732 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:54:29.0741 6732 dot3svc - ok
14:54:29.0788 6732 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
14:54:29.0819 6732 DPS - ok
14:54:29.0850 6732 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:54:29.0881 6732 drmkaud - ok
14:54:29.0928 6732 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:54:29.0959 6732 DXGKrnl - ok
14:54:29.0975 6732 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
14:54:30.0006 6732 e1express - ok
14:54:30.0053 6732 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
14:54:30.0100 6732 E1G60 - ok
14:54:30.0115 6732 EagleNT - ok
14:54:30.0146 6732 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
14:54:30.0162 6732 EapHost - ok
14:54:30.0193 6732 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
14:54:30.0224 6732 Ecache - ok
14:54:30.0287 6732 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:54:30.0318 6732 ehRecvr - ok
14:54:30.0334 6732 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
14:54:30.0365 6732 ehSched - ok
14:54:30.0365 6732 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
14:54:30.0412 6732 ehstart - ok
14:54:30.0443 6732 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:54:30.0474 6732 elxstor - ok
14:54:30.0536 6732 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
14:54:30.0599 6732 EMDMgmt - ok
14:54:30.0630 6732 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:54:30.0646 6732 ErrDev - ok
14:54:30.0677 6732 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
14:54:30.0708 6732 EventSystem - ok
14:54:30.0755 6732 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
14:54:30.0817 6732 exfat - ok
14:54:30.0880 6732 Fabs - ok
14:54:30.0895 6732 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:54:30.0926 6732 fastfat - ok
14:54:30.0958 6732 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:54:31.0036 6732 fdc - ok
14:54:31.0067 6732 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
14:54:31.0098 6732 fdPHost - ok
14:54:31.0098 6732 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
14:54:31.0145 6732 FDResPub - ok
14:54:31.0176 6732 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:54:31.0207 6732 FileInfo - ok
14:54:31.0223 6732 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:54:31.0254 6732 Filetrace - ok
14:54:32.0034 6732 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
14:54:32.0128 6732 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
14:54:32.0128 6732 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
14:54:32.0174 6732 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:54:32.0206 6732 flpydisk - ok
14:54:32.0237 6732 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:54:32.0252 6732 FltMgr - ok
14:54:32.0299 6732 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
14:54:32.0346 6732 FontCache - ok
14:54:32.0393 6732 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:54:32.0408 6732 FontCache3.0.0.0 - ok
14:54:32.0424 6732 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:54:32.0471 6732 Fs_Rec - ok
14:54:32.0502 6732 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:54:32.0549 6732 gagp30kx - ok
14:54:32.0564 6732 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
14:54:32.0627 6732 gpsvc - ok
14:54:32.0705 6732 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:54:32.0720 6732 gupdate - ok
14:54:32.0736 6732 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:54:32.0752 6732 gupdatem - ok
14:54:32.0798 6732 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:54:32.0814 6732 gusvc - ok
14:54:32.0861 6732 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:54:32.0876 6732 hamachi - ok
14:54:33.0079 6732 [ D38118CCE355FD128DFB9895D518E2B1 ] hcw10bda C:\Windows\system32\drivers\hcw10bda.sys
14:54:33.0173 6732 hcw10bda - ok
14:54:33.0188 6732 [ BDF31531270583FBA751C642B34078FC ] hcw10cir C:\Windows\system32\drivers\hcw10cir.sys
14:54:33.0220 6732 hcw10cir - ok
14:54:33.0251 6732 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:54:33.0329 6732 HdAudAddService - ok
14:54:33.0391 6732 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:54:33.0438 6732 HDAudBus - ok
14:54:33.0469 6732 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:54:33.0516 6732 HidBth - ok
14:54:33.0547 6732 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:54:33.0563 6732 HidIr - ok
14:54:33.0610 6732 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
14:54:33.0641 6732 hidserv - ok
14:54:33.0656 6732 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:54:33.0703 6732 HidUsb - ok
14:54:33.0734 6732 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:54:33.0766 6732 hkmsvc - ok
14:54:33.0781 6732 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
14:54:33.0797 6732 HpCISSs - ok
14:54:33.0828 6732 [ DD1E0A26D0F60A7EA65A1BEEC7D44EAB ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
14:54:33.0844 6732 HssDRV6 - ok
14:54:33.0875 6732 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:54:33.0937 6732 HTTP - ok
14:54:33.0968 6732 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
14:54:33.0984 6732 i2omp - ok
14:54:34.0000 6732 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:54:34.0031 6732 i8042prt - ok
14:54:34.0062 6732 [ 9BCF5972C941B4B5CB60DED03CB9E300 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
14:54:34.0093 6732 IAANTMON - ok
14:54:34.0109 6732 [ 28AAE599496B4930B3F19026F2083BC4 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:54:34.0124 6732 iaStor - ok
14:54:34.0140 6732 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
14:54:34.0171 6732 iaStorV - ok
14:54:34.0218 6732 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:54:34.0234 6732 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:54:34.0234 6732 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:54:34.0312 6732 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:54:34.0390 6732 idsvc - ok
14:54:34.0436 6732 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:54:34.0468 6732 iirsp - ok
14:54:34.0499 6732 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
14:54:34.0530 6732 IKEEXT - ok
14:54:34.0577 6732 [ 2790CC09422B6BEDAE9825AE289E9BB7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:54:34.0655 6732 IntcAzAudAddService - ok
14:54:34.0686 6732 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
14:54:34.0702 6732 intelide - ok
14:54:34.0717 6732 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:54:34.0748 6732 intelppm - ok
14:54:34.0764 6732 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:54:34.0795 6732 IPBusEnum - ok
14:54:34.0826 6732 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:54:34.0904 6732 IpFilterDriver - ok
14:54:34.0951 6732 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:54:34.0982 6732 iphlpsvc - ok
14:54:34.0982 6732 IpInIp - ok
14:54:35.0014 6732 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
14:54:35.0076 6732 IPMIDRV - ok
14:54:35.0107 6732 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
14:54:35.0170 6732 IPNAT - ok
14:54:35.0201 6732 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:54:35.0248 6732 IRENUM - ok
14:54:35.0263 6732 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:54:35.0279 6732 isapnp - ok
14:54:35.0310 6732 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:54:35.0326 6732 iScsiPrt - ok
14:54:35.0357 6732 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
14:54:35.0372 6732 iteatapi - ok
14:54:35.0388 6732 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
14:54:35.0404 6732 iteraid - ok
14:54:35.0404 6732 IvtBtBUs - ok
14:54:35.0419 6732 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:54:35.0435 6732 kbdclass - ok
14:54:35.0466 6732 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:54:35.0497 6732 kbdhid - ok
14:54:35.0513 6732 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
14:54:35.0575 6732 KeyIso - ok
14:54:35.0591 6732 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:54:35.0622 6732 KSecDD - ok
14:54:35.0684 6732 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:54:35.0716 6732 KtmRm - ok
14:54:35.0731 6732 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
14:54:35.0794 6732 LanmanServer - ok
14:54:35.0840 6732 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:54:35.0903 6732 LanmanWorkstation - ok
14:54:35.0950 6732 [ 9188D073CD14F886790D6037D1986063 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:54:35.0981 6732 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
14:54:35.0981 6732 LightScribeService - detected UnsignedFile.Multi.Generic (1)
14:54:36.0012 6732 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
14:54:36.0028 6732 lirsgt - ok
14:54:36.0059 6732 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:54:36.0090 6732 lltdio - ok
14:54:36.0121 6732 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:54:36.0152 6732 lltdsvc - ok
14:54:36.0168 6732 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:54:36.0215 6732 lmhosts - ok
14:54:36.0246 6732 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:54:36.0262 6732 LSI_FC - ok
14:54:36.0308 6732 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:54:36.0340 6732 LSI_SAS - ok
14:54:36.0386 6732 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:54:36.0402 6732 LSI_SCSI - ok
14:54:36.0433 6732 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
14:54:36.0464 6732 luafv - ok
14:54:36.0511 6732 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus.sys
14:54:36.0527 6732 MarvinBus ( UnsignedFile.Multi.Generic ) - warning
14:54:36.0527 6732 MarvinBus - detected UnsignedFile.Multi.Generic (1)
14:54:36.0542 6732 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:54:36.0574 6732 Mcx2Svc - ok
14:54:36.0589 6732 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
14:54:36.0605 6732 megasas - ok
14:54:36.0636 6732 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
14:54:36.0667 6732 MegaSR - ok
14:54:36.0698 6732 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
14:54:36.0714 6732 MMCSS - ok
14:54:36.0745 6732 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
14:54:36.0808 6732 Modem - ok
14:54:36.0839 6732 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:54:36.0870 6732 monitor - ok
14:54:36.0870 6732 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:54:36.0901 6732 mouclass - ok
14:54:36.0901 6732 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:54:36.0932 6732 mouhid - ok
14:54:36.0948 6732 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
14:54:36.0964 6732 MountMgr - ok
14:54:36.0995 6732 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:54:37.0010 6732 MozillaMaintenance - ok
14:54:37.0042 6732 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
14:54:37.0073 6732 mpio - ok
14:54:37.0088 6732 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:54:37.0120 6732 mpsdrv - ok
14:54:37.0151 6732 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
14:54:37.0213 6732 MpsSvc - ok
14:54:37.0244 6732 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
14:54:37.0260 6732 Mraid35x - ok
14:54:37.0276 6732 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:54:37.0307 6732 MRxDAV - ok
14:54:37.0322 6732 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:54:37.0369 6732 mrxsmb - ok
14:54:37.0400 6732 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:54:37.0447 6732 mrxsmb10 - ok
14:54:37.0463 6732 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:54:37.0494 6732 mrxsmb20 - ok
14:54:37.0510 6732 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
14:54:37.0541 6732 msahci - ok
14:54:37.0588 6732 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:54:37.0603 6732 msdsm - ok
14:54:37.0619 6732 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
14:54:37.0666 6732 MSDTC - ok
14:54:37.0697 6732 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:54:37.0728 6732 Msfs - ok
14:54:37.0728 6732 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:54:37.0744 6732 msisadrv - ok
14:54:37.0806 6732 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:54:37.0853 6732 MSiSCSI - ok
14:54:37.0853 6732 msiserver - ok
14:54:37.0868 6732 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:54:37.0915 6732 MSKSSRV - ok
14:54:37.0931 6732 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:54:37.0946 6732 MSPCLOCK - ok
14:54:37.0993 6732 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:54:38.0024 6732 MSPQM - ok
14:54:38.0056 6732 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:54:38.0071 6732 MsRPC - ok
14:54:38.0087 6732 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:54:38.0102 6732 mssmbios - ok
14:54:38.0118 6732 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:54:38.0149 6732 MSTEE - ok
14:54:38.0165 6732 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
14:54:38.0180 6732 Mup - ok
14:54:38.0212 6732 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
14:54:38.0258 6732 napagent - ok
14:54:38.0305 6732 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:54:38.0321 6732 NativeWifiP - ok
14:54:38.0352 6732 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:54:38.0414 6732 NDIS - ok
14:54:38.0461 6732 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:54:38.0492 6732 NdisTapi - ok
14:54:38.0508 6732 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:54:38.0539 6732 Ndisuio - ok
14:54:38.0555 6732 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:54:38.0586 6732 NdisWan - ok
14:54:38.0602 6732 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:54:38.0633 6732 NDProxy - ok
14:54:38.0633 6732 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:54:38.0664 6732 NetBIOS - ok
14:54:38.0695 6732 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
14:54:38.0711 6732 netbt - ok
14:54:38.0773 6732 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
14:54:38.0773 6732 Netlogon - ok
14:54:38.0804 6732 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
14:54:38.0867 6732 Netman - ok
14:54:38.0898 6732 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:54:38.0914 6732 NetMsmqActivator - ok
14:54:38.0929 6732 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:54:38.0929 6732 NetPipeActivator - ok
14:54:38.0960 6732 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
14:54:38.0976 6732 netprofm - ok
14:54:39.0007 6732 [ 9BA2F93E4F01EC58E722B36639E0CE5D ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
14:54:39.0070 6732 netr28u - ok
14:54:39.0070 6732 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:54:39.0085 6732 NetTcpActivator - ok
14:54:39.0085 6732 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:54:39.0101 6732 NetTcpPortSharing - ok
14:54:39.0116 6732 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:54:39.0148 6732 nfrd960 - ok
14:54:39.0179 6732 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:54:39.0194 6732 NlaSvc - ok
14:54:39.0210 6732 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
14:54:39.0304 6732 nmwcd - ok
14:54:39.0319 6732 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
14:54:39.0382 6732 nmwcdc - ok
14:54:39.0428 6732 [ 99B224F8026CB534724AA3C408561E45 ] nmwcdnsu C:\Windows\system32\drivers\nmwcdnsu.sys
14:54:39.0475 6732 nmwcdnsu - ok
14:54:39.0506 6732 [ D23257682D349A5E2E4507ED33DECC16 ] nmwcdnsuc C:\Windows\system32\drivers\nmwcdnsuc.sys
14:54:39.0569 6732 nmwcdnsuc - ok
14:54:39.0600 6732 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:54:39.0631 6732 Npfs - ok
14:54:39.0647 6732 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
14:54:39.0694 6732 nsi - ok
14:54:39.0725 6732 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:54:39.0756 6732 nsiproxy - ok
14:54:39.0803 6732 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:54:39.0850 6732 Ntfs - ok
14:54:39.0881 6732 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
14:54:39.0928 6732 ntrigdigi - ok
14:54:39.0959 6732 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
14:54:39.0974 6732 Null - ok
14:54:40.0240 6732 [ 0B2E7B39411FAA44EBDA76FB38673964 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:54:40.0520 6732 nvlddmkm - ok
14:54:40.0567 6732 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:54:40.0614 6732 nvraid - ok
14:54:40.0645 6732 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:54:40.0661 6732 nvstor - ok
14:54:40.0692 6732 [ 439FD6A5A34113388C51C48D0E5092AA ] nvsvc C:\Windows\system32\nvvsvc.exe
14:54:40.0723 6732 nvsvc - ok
14:54:40.0848 6732 [ E3C7676582502C5E4BB9288C3617AB59 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:54:40.0879 6732 nvUpdatusService - ok
14:54:40.0910 6732 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:54:40.0926 6732 nv_agp - ok
14:54:40.0926 6732 NwlnkFlt - ok
14:54:40.0942 6732 NwlnkFwd - ok
14:54:41.0004 6732 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:54:41.0051 6732 odserv - ok
14:54:41.0098 6732 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:54:41.0129 6732 ohci1394 - ok
14:54:41.0160 6732 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:54:41.0176 6732 ose - ok
14:54:41.0222 6732 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
14:54:41.0269 6732 p2pimsvc - ok
14:54:41.0285 6732 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
14:54:41.0300 6732 p2psvc - ok
14:54:41.0332 6732 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
14:54:41.0394 6732 Parport - ok
14:54:41.0425 6732 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:54:41.0456 6732 partmgr - ok
14:54:41.0472 6732 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
14:54:41.0534 6732 Parvdm - ok
14:54:41.0581 6732 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
14:54:41.0628 6732 PcaSvc - ok
14:54:41.0675 6732 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
14:54:41.0737 6732 pccsmcfd - ok
14:54:41.0768 6732 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
14:54:41.0800 6732 pci - ok
14:54:41.0815 6732 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
14:54:41.0846 6732 pciide - ok
14:54:41.0862 6732 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:54:41.0893 6732 pcmcia - ok
14:54:41.0924 6732 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:54:42.0002 6732 PEAUTH - ok
14:54:42.0112 6732 [ 0015113A604B94769AB5159E8DCFC6E6 ] PinnacleUpdateSvc C:\Program Files\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe
14:54:42.0143 6732 PinnacleUpdateSvc ( UnsignedFile.Multi.Generic ) - warning
14:54:42.0143 6732 PinnacleUpdateSvc - detected UnsignedFile.Multi.Generic (1)
14:54:42.0205 6732 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
14:54:42.0283 6732 pla - ok
14:54:42.0314 6732 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:54:42.0361 6732 PlugPlay - ok
14:54:42.0424 6732 [ 3A2E85F7D90D15460C337CE80C2E3B29 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
14:54:42.0424 6732 PnkBstrA - ok
14:54:42.0470 6732 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:54:42.0502 6732 PNRPAutoReg - ok
14:54:42.0502 6732 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
14:54:42.0533 6732 PNRPsvc - ok
14:54:42.0580 6732 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:54:42.0626 6732 PolicyAgent - ok
14:54:42.0658 6732 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:54:42.0720 6732 PptpMiniport - ok
14:54:42.0736 6732 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
14:54:42.0767 6732 Processor - ok
14:54:42.0798 6732 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
14:54:42.0845 6732 ProfSvc - ok
14:54:42.0876 6732 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:54:42.0892 6732 ProtectedStorage - ok
14:54:42.0907 6732 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
14:54:42.0923 6732 ProtexisLicensing - ok
14:54:42.0938 6732 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
14:54:42.0954 6732 PSched - ok
14:54:43.0016 6732 [ 30C867C08B13E66710E3210C8938E902 ] pspdisp C:\Windows\system32\DRIVERS\pspdisp.sys
14:54:43.0016 6732 pspdisp ( UnsignedFile.Multi.Generic ) - warning
14:54:43.0016 6732 pspdisp - detected UnsignedFile.Multi.Generic (1)
14:54:43.0048 6732 [ 9F074D9AE28CC00CF481C82D36212E20 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
14:54:43.0063 6732 PxHelp20 - ok
14:54:43.0313 6732 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:54:43.0375 6732 ql2300 - ok
14:54:43.0406 6732 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:54:43.0453 6732 ql40xx - ok
14:54:43.0469 6732 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
14:54:43.0500 6732 QWAVE - ok
14:54:43.0531 6732 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:54:43.0578 6732 QWAVEdrv - ok
14:54:43.0687 6732 [ 9B35220786B06B61D19C54406904E6ED ] Radio.fx C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
14:54:43.0796 6732 Radio.fx - ok
14:54:43.0828 6732 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:54:43.0874 6732 RasAcd - ok
14:54:43.0890 6732 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
14:54:43.0952 6732 RasAuto - ok
14:54:43.0984 6732 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:54:44.0015 6732 Rasl2tp - ok
14:54:44.0062 6732 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
14:54:44.0108 6732 RasMan - ok
14:54:44.0140 6732 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:54:44.0155 6732 RasPppoe - ok
14:54:44.0171 6732 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:54:44.0202 6732 RasSstp - ok
14:54:44.0218 6732 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:54:44.0249 6732 rdbss - ok
14:54:44.0264 6732 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:54:44.0296 6732 RDPCDD - ok
14:54:44.0327 6732 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:54:44.0374 6732 rdpdr - ok
14:54:44.0374 6732 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:54:44.0420 6732 RDPENCDD - ok
14:54:44.0514 6732 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:54:44.0576 6732 RDPWD - ok
14:54:44.0623 6732 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:54:44.0654 6732 RemoteAccess - ok
14:54:44.0670 6732 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:54:44.0686 6732 RemoteRegistry - ok
14:54:44.0717 6732 [ B9BB8E2093C1615AD6EA55AD96214354 ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
14:54:44.0748 6732 Revoflt - ok
14:54:44.0779 6732 [ 7CCAEBCAB6FC1ED0206C07E083E79207 ] RichVideo C:\Program Files\Cyberlink\Shared files\RichVideo.exe
14:54:44.0795 6732 RichVideo - ok
14:54:44.0810 6732 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
14:54:44.0857 6732 RpcLocator - ok
14:54:44.0888 6732 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
14:54:44.0920 6732 RpcSs - ok
14:54:44.0966 6732 [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
14:54:44.0982 6732 RRNetCap - ok
14:54:44.0998 6732 [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
14:54:44.0998 6732 RRNetCapMP - ok
14:54:45.0044 6732 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:54:45.0076 6732 rspndr - ok
14:54:45.0091 6732 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
14:54:45.0107 6732 SamSs - ok
14:54:45.0122 6732 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:54:45.0169 6732 sbp2port - ok
14:54:45.0185 6732 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:54:45.0200 6732 SCardSvr - ok
14:54:45.0263 6732 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
14:54:45.0341 6732 Schedule - ok
14:54:45.0372 6732 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:54:45.0388 6732 SCPolicySvc - ok
14:54:45.0419 6732 [ A689D522EEDF89401E1DA2FE883AA7EC ] SCREAMINGBDRIVER C:\Windows\system32\drivers\ScreamingBAudio.sys
14:54:45.0434 6732 SCREAMINGBDRIVER - ok
14:54:45.0481 6732 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:54:45.0544 6732 SDRSVC - ok
14:54:45.0575 6732 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:54:45.0622 6732 secdrv - ok
14:54:45.0622 6732 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
14:54:45.0653 6732 seclogon - ok
14:54:45.0668 6732 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
14:54:45.0715 6732 SENS - ok
14:54:45.0731 6732 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:54:45.0762 6732 Serenum - ok
14:54:45.0793 6732 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:54:45.0824 6732 Serial - ok
14:54:45.0856 6732 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:54:45.0918 6732 sermouse - ok
14:54:45.0996 6732 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
14:54:46.0012 6732 ServiceLayer - ok
14:54:46.0090 6732 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
14:54:46.0121 6732 SessionEnv - ok
14:54:46.0136 6732 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:54:46.0168 6732 sffdisk - ok
14:54:46.0199 6732 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:54:46.0230 6732 sffp_mmc - ok
14:54:46.0246 6732 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:54:46.0277 6732 sffp_sd - ok
14:54:46.0277 6732 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:54:46.0339 6732 sfloppy - ok
14:54:46.0386 6732 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:54:46.0417 6732 SharedAccess - ok
14:54:46.0495 6732 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:54:46.0526 6732 ShellHWDetection - ok
14:54:46.0573 6732 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:54:46.0604 6732 sisagp - ok
14:54:46.0636 6732 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:54:46.0651 6732 SiSRaid2 - ok
14:54:46.0667 6732 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:54:46.0698 6732 SiSRaid4 - ok
14:54:46.0745 6732 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:54:46.0823 6732 SkypeUpdate - ok
14:54:46.0979 6732 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
14:54:47.0119 6732 slsvc - ok
14:54:47.0197 6732 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
14:54:47.0260 6732 SLUINotify - ok
14:54:47.0291 6732 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:54:47.0306 6732 Smb - ok
14:54:47.0338 6732 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:54:47.0353 6732 SNMPTRAP - ok
14:54:47.0369 6732 [ D08D19EE68CB88AB1BC5DA3081505847 ] snpstd C:\Windows\system32\DRIVERS\snpstd.sys
14:54:47.0447 6732 snpstd - ok
14:54:47.0478 6732 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
14:54:47.0494 6732 spldr - ok
14:54:47.0509 6732 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
14:54:47.0540 6732 Spooler - ok
14:54:47.0572 6732 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:54:47.0618 6732 srv - ok
14:54:47.0634 6732 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:54:47.0681 6732 srv2 - ok
14:54:47.0696 6732 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:54:47.0712 6732 srvnet - ok
14:54:47.0774 6732 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:54:47.0837 6732 SSDPSRV - ok
14:54:47.0868 6732 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
14:54:47.0884 6732 ssmdrv - ok
14:54:47.0930 6732 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:54:47.0946 6732 SstpSvc - ok
14:54:47.0962 6732 Steam Client Service - ok
14:54:47.0993 6732 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
14:54:48.0040 6732 stisvc - ok
14:54:48.0071 6732 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:54:48.0086 6732 swenum - ok
14:54:48.0118 6732 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
14:54:48.0149 6732 swprv - ok
14:54:48.0164 6732 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:54:48.0180 6732 Symc8xx - ok
14:54:48.0196 6732 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:54:48.0211 6732 Sym_hi - ok
14:54:48.0227 6732 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:54:48.0242 6732 Sym_u3 - ok
14:54:48.0289 6732 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
14:54:48.0352 6732 SysMain - ok
14:54:48.0398 6732 [ 9D40AC2003DCA9F045181241C2BF47A2 ] SystemStoreService C:\Program Files\SoftwareUpdater\SystemStore.exe
14:54:48.0398 6732 SystemStoreService ( UnsignedFile.Multi.Generic ) - warning
14:54:48.0398 6732 SystemStoreService - detected UnsignedFile.Multi.Generic (1)
14:54:48.0430 6732 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:54:48.0445 6732 TabletInputService - ok
14:54:48.0476 6732 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\Windows\system32\DRIVERS\taphss.sys
14:54:48.0508 6732 taphss - ok
14:54:48.0523 6732 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:54:48.0554 6732 TapiSrv - ok
14:54:48.0648 6732 [ 4780C35A37DE77E0248C6C7AD99DA267 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
14:54:48.0664 6732 tbhsd - ok
14:54:48.0679 6732 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
14:54:48.0710 6732 TBS - ok
14:54:48.0742 6732 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:54:48.0804 6732 Tcpip - ok
14:54:48.0835 6732 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:54:48.0866 6732 Tcpip6 - ok
14:54:48.0898 6732 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:54:48.0929 6732 tcpipreg - ok
14:54:48.0960 6732 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:54:48.0976 6732 TDPIPE - ok
14:54:48.0991 6732 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:54:49.0054 6732 TDTCP - ok
14:54:49.0085 6732 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:54:49.0100 6732 tdx - ok
14:54:49.0116 6732 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:54:49.0147 6732 TermDD - ok
14:54:49.0163 6732 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
14:54:49.0210 6732 TermService - ok
14:54:49.0241 6732 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
14:54:49.0272 6732 Themes - ok
14:54:49.0288 6732 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
14:54:49.0303 6732 THREADORDER - ok
14:54:49.0334 6732 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
14:54:49.0381 6732 TrkWks - ok
14:54:49.0428 6732 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:54:49.0459 6732 TrustedInstaller - ok
14:54:49.0490 6732 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:54:49.0522 6732 tssecsrv - ok
14:54:49.0537 6732 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:54:49.0584 6732 tunmp - ok
14:54:49.0600 6732 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:54:49.0615 6732 tunnel - ok
14:54:49.0646 6732 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:54:49.0662 6732 uagp35 - ok
14:54:49.0678 6732 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:54:49.0709 6732 udfs - ok
14:54:49.0740 6732 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:54:49.0787 6732 UI0Detect - ok
14:54:49.0818 6732 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:54:49.0834 6732 uliagpkx - ok
14:54:49.0849 6732 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
14:54:49.0880 6732 uliahci - ok
14:54:49.0880 6732 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
14:54:49.0896 6732 UlSata - ok
14:54:49.0912 6732 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:54:49.0927 6732 ulsata2 - ok
14:54:49.0943 6732 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:54:49.0974 6732 umbus - ok
14:54:50.0021 6732 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
14:54:50.0052 6732 upnphost - ok
14:54:50.0083 6732 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
14:54:50.0130 6732 upperdev - ok
14:54:50.0146 6732 [ 9419FAAC6552A51542DBBA02971C841C ] usbbus C:\Windows\system32\DRIVERS\lgusbbus.sys
14:54:50.0208 6732 usbbus - ok
14:54:50.0239 6732 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:54:50.0255 6732 usbccgp - ok
14:54:50.0286 6732 [ 47B9770EA21436DE4AD5AEA7926E0900 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
14:54:50.0348 6732 usbcir - ok
14:54:50.0380 6732 [ C0A466FA4FFEC464320E159BC1BBDC0C ] UsbDiag C:\Windows\system32\DRIVERS\lgusbdiag.sys
14:54:50.0442 6732 UsbDiag - ok
14:54:50.0458 6732 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:54:50.0473 6732 usbehci - ok
14:54:50.0551 6732 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:54:50.0645 6732 usbhub - ok
14:54:50.0707 6732 [ F74A54774A9B0AFEB3C40ADEC68AA600 ] USBModem C:\Windows\system32\DRIVERS\lgusbmodem.sys
14:54:50.0770 6732 USBModem - ok
14:54:50.0816 6732 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:54:50.0863 6732 usbohci - ok
14:54:50.0894 6732 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:54:50.0926 6732 usbprint - ok
14:54:50.0957 6732 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:54:51.0019 6732 usbscan - ok
14:54:51.0050 6732 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\drivers\usbser.sys
14:54:51.0082 6732 usbser - ok
14:54:51.0097 6732 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
14:54:51.0160 6732 UsbserFilt - ok
14:54:51.0191 6732 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:54:51.0238 6732 USBSTOR - ok
14:54:51.0253 6732 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:54:51.0269 6732 usbuhci - ok
14:54:51.0269 6732 uxddrv - ok
14:54:51.0300 6732 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
14:54:51.0316 6732 UxSms - ok
14:54:51.0316 6732 VComm - ok
14:54:51.0331 6732 VcommMgr - ok
14:54:51.0378 6732 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
14:54:51.0394 6732 vds - ok
14:54:51.0425 6732 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:54:51.0456 6732 vga - ok
14:54:51.0456 6732 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
14:54:51.0487 6732 VgaSave - ok
14:54:51.0487 6732 VHidMinidrv - ok
14:54:51.0503 6732 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:54:51.0518 6732 viaagp - ok
14:54:51.0518 6732 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:54:51.0550 6732 ViaC7 - ok
14:54:51.0596 6732 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
14:54:51.0612 6732 viaide - ok
14:54:51.0643 6732 [ 3B8F222B23917C041E4DA29CCC57E7D0 ] vncmirror C:\Windows\system32\DRIVERS\vncmirror.sys
14:54:51.0659 6732 vncmirror - ok
14:54:51.0674 6732 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:54:51.0690 6732 volmgr - ok
14:54:51.0721 6732 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:54:51.0737 6732 volmgrx - ok
14:54:51.0752 6732 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:54:51.0784 6732 volsnap - ok
14:54:51.0815 6732 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:54:51.0846 6732 vsmraid - ok
14:54:51.0877 6732 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
14:54:51.0908 6732 VSS - ok
14:54:51.0955 6732 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
14:54:51.0986 6732 W32Time - ok
14:54:52.0002 6732 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:54:52.0049 6732 WacomPen - ok
14:54:52.0064 6732 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:54:52.0096 6732 Wanarp - ok
14:54:52.0096 6732 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:54:52.0111 6732 Wanarpv6 - ok
14:54:52.0127 6732 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:54:52.0158 6732 wcncsvc - ok
14:54:52.0189 6732 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:54:52.0220 6732 WcsPlugInService - ok
14:54:52.0252 6732 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
14:54:52.0267 6732 Wd - ok
14:54:52.0298 6732 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:54:52.0345 6732 Wdf01000 - ok
14:54:52.0376 6732 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:54:52.0423 6732 WdiServiceHost - ok
14:54:52.0439 6732 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:54:52.0454 6732 WdiSystemHost - ok
14:54:52.0501 6732 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
14:54:52.0517 6732 WebClient - ok
14:54:52.0548 6732 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:54:52.0626 6732 Wecsvc - ok
14:54:52.0642 6732 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:54:52.0657 6732 wercplsupport - ok
14:54:52.0688 6732 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
14:54:52.0704 6732 WerSvc - ok
14:54:52.0766 6732 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:54:52.0782 6732 WinDefend - ok
14:54:52.0782 6732 WinHttpAutoProxySvc - ok
14:54:52.0829 6732 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:54:52.0844 6732 Winmgmt - ok
14:54:52.0969 6732 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
14:54:53.0032 6732 WinRM - ok
14:54:53.0094 6732 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
14:54:53.0172 6732 WinUSB - ok
14:54:53.0219 6732 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:54:53.0281 6732 Wlansvc - ok
14:54:53.0375 6732 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:54:53.0422 6732 wlidsvc - ok
14:54:53.0453 6732 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:54:53.0515 6732 WmiAcpi - ok
14:54:53.0578 6732 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:54:53.0593 6732 wmiApSrv - ok
14:54:53.0640 6732 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:54:53.0671 6732 WMPNetworkSvc - ok
14:54:53.0687 6732 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:54:53.0765 6732 WPCSvc - ok
14:54:53.0796 6732 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:54:53.0874 6732 WPDBusEnum - ok
14:54:53.0890 6732 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
14:54:53.0905 6732 WpdUsb - ok
14:54:53.0983 6732 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:54:54.0030 6732 WPFFontCache_v0400 - ok
14:54:54.0061 6732 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:54:54.0092 6732 ws2ifsl - ok
14:54:54.0108 6732 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
14:54:54.0139 6732 wscsvc - ok
14:54:54.0170 6732 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
14:54:54.0202 6732 WSDPrintDevice - ok
14:54:54.0202 6732 [ 65D1FF8AAFF4A7D8F787A290E5087816 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
14:54:54.0248 6732 WSDScan - ok
14:54:54.0248 6732 WSearch - ok
14:54:54.0373 6732 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:54:54.0436 6732 wuauserv - ok
14:54:54.0467 6732 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:54:54.0514 6732 WudfPf - ok
14:54:54.0529 6732 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:54:54.0545 6732 WUDFRd - ok
14:54:54.0560 6732 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:54:54.0576 6732 wudfsvc - ok
14:54:54.0607 6732 [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys
14:54:54.0623 6732 XUIF - ok
14:54:54.0638 6732 [ 09E5340BD9B2CB730BF4DC6BE7721291 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
14:54:54.0654 6732 xusb21 - ok
14:54:54.0701 6732 [ 556B5CFE8D21B256ADD7F87D7F4B4123 ] {B154377D-700F-42cc-9474-23858FBDF4BD} C:\Program Files\HomeCinema\PowerDVD9\000.fcl
14:54:54.0716 6732 {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
14:54:54.0716 6732 ================ Scan global ===============================
14:54:54.0794 6732 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
14:54:54.0810 6732 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
14:54:54.0826 6732 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
14:54:54.0857 6732 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
14:54:54.0857 6732 [Global] - ok
14:54:54.0872 6732 ================ Scan MBR ==================================
14:54:54.0872 6732 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:54:55.0387 6732 \Device\Harddisk0\DR0 - ok
14:54:55.0387 6732 ================ Scan VBR ==================================
14:54:55.0434 6732 [ 451BF8B89E2F3CDD4E692CDC3564A186 ] \Device\Harddisk0\DR0\Partition1
14:54:55.0465 6732 \Device\Harddisk0\DR0\Partition1 - ok
14:54:55.0528 6732 [ DFE93867D5FB90BB72356F35495FE366 ] \Device\Harddisk0\DR0\Partition2
14:54:55.0574 6732 \Device\Harddisk0\DR0\Partition2 - ok
14:54:55.0574 6732 ============================================================
14:54:55.0574 6732 Scan finished
14:54:55.0574 6732 ============================================================
14:54:55.0574 1648 Detected object count: 8
14:54:55.0574 1648 Actual detected object count: 8
14:55:57.0141 1648 btwdins ( UnsignedFile.Multi.Generic ) - skipped by user
14:55:57.0142 1648 btwdins ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:55:57.0143 1648 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
14:55:57.0144 1648 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:55:57.0145 1648 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:55:57.0145 1648 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:55:57.0147 1648 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
14:55:57.0147 1648 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:55:57.0149 1648 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user
14:55:57.0149 1648 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:55:57.0151 1648 PinnacleUpdateSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:55:57.0151 1648 PinnacleUpdateSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:55:57.0153 1648 pspdisp ( UnsignedFile.Multi.Generic ) - skipped by user
14:55:57.0154 1648 pspdisp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:55:57.0156 1648 SystemStoreService ( UnsignedFile.Multi.Generic ) - skipped by user
14:55:57.0156 1648 SystemStoreService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:56:01.0275 7328 Deinitialize success
|
|
04.07.2013, 14:04
| #6 |
| /// Malware-holic | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? Hi, Scan mit Combofix
__________________ --> Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? |
|
04.07.2013, 14:28
| #7 |
| | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? So Sollte ich jetzt einen Neustart machen?Combofix Logfile: Code:
ATTFilter ComboFix 13-07-03.01 - MEDION 04.07.2013 15:16:11.1.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3325.2177 [GMT 2:00]
ausgeführt von:: c:\users\MEDION\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\Complitly
c:\program files\Complitly\chrome\ComplitlyChrome.crx
c:\program files\Complitly\FireFoxExtension.exe
c:\program files\Complitly\InstTracker.exe
c:\program files\Complitly\support@Complitly.com\chrome.manifest
c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png
c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files\Complitly\support@Complitly.com\install.rdf
c:\program files\Complitly\unins000.dat
c:\program files\Complitly\unins000.exe
c:\program files\Incredibar.com
c:\program files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\users\Administrator.MEDION-PC\AppData\Local\assembly\tmp
c:\users\MEDION\AppData\Local\assembly\tmp
c:\users\MEDION\AppData\Roaming\.#
c:\windows\IsUn0407.exe
c:\windows\system32\frapsvid.dll
c:\windows\system32\tmp9981.tmp
c:\windows\system32\tmp99B1.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-04 bis 2013-07-04 ))))))))))))))))))))))))))))))
.
.
2013-07-04 13:24 . 2013-07-04 13:24 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-07-04 11:28 . 2013-06-17 00:10 7068072 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{5AAB86AA-F03B-4DCA-BA6D-24244C5F4B44}\mpengine.dll ERROR(0x00000005)
2013-07-03 18:56 . 2013-07-04 12:27 -------- d-----w- c:\users\MEDION\Gegen Virus
2013-06-30 16:41 . 2013-06-30 16:41 -------- d-----w- c:\users\MEDION\AppData\Local\CrashRpt
2013-06-30 16:37 . 2013-06-30 16:37 -------- d-----w- c:\program files\Audials
2013-06-30 16:35 . 2013-06-30 16:35 -------- d-----w- c:\users\MEDION\AppData\Local\RapidSolution
2013-06-28 16:07 . 2013-06-28 16:07 -------- d-----w- c:\users\MEDION\AppData\Roaming\AntiBrowserSpy 2009
2013-06-28 16:06 . 2013-06-28 16:13 -------- d-----w- c:\users\MEDION\AppData\Local\Abelssoft
2013-06-28 16:06 . 2013-06-28 16:06 -------- d-----w- c:\program files\AntiBrowserSpy
2013-06-28 16:05 . 2013-06-28 16:05 -------- d-----w- c:\users\MEDION\AppData\Local\SkypeFx
2013-06-28 16:05 . 2013-06-28 16:05 -------- d-----w- c:\users\MEDION\AppData\Local\Skype Voice Changer
2013-06-27 01:20 . 2013-06-27 01:20 39048 ----a-w- c:\windows\system32\drivers\tbhsd.sys
2013-06-27 01:20 . 2013-06-27 01:20 31848 ----a-w- c:\windows\system32\drivers\rrnetcap.sys
2013-06-22 11:37 . 2013-06-22 11:37 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-15 17:28 . 2013-06-15 17:28 -------- d-----w- c:\program files\Common Files\Java
2013-06-12 15:23 . 2013-05-08 04:37 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-12 15:23 . 2013-05-02 04:04 443904 ----a-w- c:\windows\system32\win32spl.dll
2013-06-12 15:23 . 2013-05-02 04:03 37376 ----a-w- c:\windows\system32\printcom.dll
2013-06-12 15:23 . 2013-04-24 01:46 812544 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 15:23 . 2013-04-24 04:00 985600 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 15:23 . 2013-04-24 04:00 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 15:23 . 2013-04-24 04:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 15:23 . 2013-04-24 04:00 41984 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 15:23 . 2013-05-02 22:03 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-12 15:23 . 2013-05-02 22:03 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-12 15:23 . 2013-04-17 12:30 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-07 22:43 . 2010-09-22 12:12 19087360 ----a-w- c:\windows\system32\mkl_blueripple.dll
2013-06-07 21:52 . 2013-06-07 22:04 -------- d-----w- c:\program files\Common Files\Steam
2013-06-07 21:52 . 2013-07-03 16:53 -------- d-----w- c:\program files\Steam
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-04 11:19 . 2013-03-19 22:06 119296 ----a-w- c:\windows\system32\zlib.dll
2013-06-22 11:37 . 2012-08-29 10:23 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-22 11:37 . 2010-06-08 17:00 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-07 22:43 . 2010-09-27 17:01 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2013-05-31 16:18 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll ERROR(0x00000005)
2013-05-31 16:18 . 2009-08-18 10:24 22240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll ERROR(0x00000005)
2013-05-02 00:06 . 2009-12-23 14:52 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-23 13:18 . 2013-03-16 17:09 141072 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-04-23 13:18 . 2013-03-16 17:11 281120 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-04-23 13:18 . 2013-03-16 17:08 281120 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-04-20 08:55 . 2013-03-16 17:08 281120 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-04-15 14:36 . 2012-01-30 14:57 3326232 ----a-w- c:\windows\RXSUnins.exe
2013-04-15 14:36 . 2012-01-30 14:57 3326232 ----a-w- c:\windows\RXCUnins.exe
2013-04-15 14:20 . 2013-05-16 12:49 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 10:56 . 2013-05-16 12:49 37376 ----a-w- c:\windows\system32\cdd.dll
2013-04-13 09:21 . 2012-06-10 10:10 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-04-13 09:21 . 2012-06-10 10:10 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-04-13 09:21 . 2012-06-10 10:10 135136 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-04-09 01:36 . 2013-05-16 12:49 2049024 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 18:18 . 2012-12-12 18:18 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
2011-06-24 15:04 81920 ----a-w- c:\program files\freecordertoolbar\vmntemplateX.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{77BEC163-D389-42c1-91A4-C758846296A5}]
2013-06-23 15:53 166744 ----a-w- c:\program files\Video downloader\Extension32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{e5b66461-19eb-4da5-bbf7-df2d266d975b}]
2011-05-09 08:49 176936 ----a-w- c:\program files\Free_Media_Recorder\prxtbFree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
"{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}"= "c:\program files\freecordertoolbar\vmntemplateX.dll" [2011-06-24 81920]
"{e5b66461-19eb-4da5-bbf7-df2d266d975b}"= "c:\program files\Free_Media_Recorder\prxtbFree.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
.
[HKEY_CLASSES_ROOT\clsid\{e5b66461-19eb-4da5-bbf7-df2d266d975b}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E5B66461-19EB-4DA5-BBF7-DF2D266D975B}"= "c:\program files\Free_Media_Recorder\prxtbFree.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{e5b66461-19eb-4da5-bbf7-df2d266d975b}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"125d3f6ae0a53efa91122391603b15de"=".." [X]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"BrowserMask"="c:\program files\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe" [2012-08-14 101328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-08 178712]
"CLMLServer"="c:\program files\HomeCinema\Power2Go\CLMLSvc.exe" [2008-07-18 104936]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-02-03 6724128]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-17 398944]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-09-08 888488]
"snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-07-03 345144]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-27 561213]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\docume~1\ settings\all users\application data\browserprotect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
backup=c:\windows\pss\BTTray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 18:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft MediaImpression Monitor]
2011-01-20 10:43 80448 ----a-w- c:\program files\Agfaphoto\MediaImpression 3D\ArcMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2009-03-30 15:54 75048 ----a-w- c:\program files\Cyberlink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-09-23 07:14 116648 ----atw- c:\users\MEDION\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jaksta Free Video History]
2011-11-24 01:11 164184 ----a-w- c:\program files\Jaksta Technologies\Jaksta Free Media Recorder Toolbar\Jaksta Free Video History\jfvhistoryp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
2003-05-08 10:00 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2012-11-29 08:22 162408 ----a-w- c:\program files\PDF24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]
2005-10-11 19:54 339968 ----a-w- c:\windows\vsnpstd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 05:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
2009-10-01 00:57 718688 ----a-w- c:\program files\Microsoft Xbox 360 Accessories\XBoxStat.exe
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 88322147
*Deregistered* - 88322147
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-27 20:28 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-21 13:33 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2755007580-1909110404-1396301959-1000Core.job
- c:\users\MEDION\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-02 20:28]
.
2013-07-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2755007580-1909110404-1396301959-1000UA.job
- c:\users\MEDION\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-02 20:28]
.
2013-07-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-30 14:16]
.
2013-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 12:46]
.
2013-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 12:46]
.
2013-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2755007580-1909110404-1396301959-1000Core.job
- c:\users\MEDION\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-12 07:14]
.
2013-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2755007580-1909110404-1396301959-1000UA.job
- c:\users\MEDION\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-12 07:14]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=99d61649-e13c-48c6-8bc0-29d56a048adb&searchtype=hp
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=99d61649-e13c-48c6-8bc0-29d56a048adb&searchtype=ds&q={searchTerms}
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Download with &Media Finder - c:\program files\Media Finder\hook.html
IE: Free YouTube Download - c:\users\MEDION\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\MEDION\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Senden an &Bluetooth-Gerät... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Web-Suche - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath - c:\users\MEDION\AppData\Roaming\Mozilla\Firefox\Profiles\gr4oogbm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}
FF - ExtSQL: 2049-12-31 15:00; {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}; c:\users\MEDION\AppData\Roaming\Mozilla\Firefox\Profiles\gr4oogbm.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF - ExtSQL: !HIDDEN! 2010-01-07 16:57; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQOJGKy8M&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - cedae3900000000000000002721a85a9
FF - user.js: extensions.incredibar_i.instlDay - 15648
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1422:19
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6PQOJGKy8M
FF - user.js: extensions.incredibar_i.upn2n - 92543870491390904
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10674
FF - user.js: extensions.incredibar_i.ppd -
FF - user.js: extensions.funmoods.hmpg - false
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=orgnl&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtDyEtCyD0E0E0EtAzytDtN0D0Tzu0CyEzytCtN1L2XzutBtFtBtFtCtFyCtDtBtN1L1Czu&cr=736230633&ir=
FF - user.js: extensions.funmoods.dfltSrch - false
FF - user.js: extensions.funmoods.srchPrvdr - Funmoods
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - false
FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=orgnl&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtDyEtCyD0E0E0EtAzytDtN0D0Tzu0CyEzytCtN1L2XzutBtFtBtFtCtFyCtDtBtN1L1Czu&cr=736230633&ir=
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=orgnl&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtDyEtCyD0E0E0EtAzytDtN0D0Tzu0CyEzytCtN1L2XzutBtFtBtFtCtFyCtDtBtN1L1Czu&cr=736230633&ir=&q=
FF - user.js: extensions.funmoods.id - 0024210415EEE390
FF - user.js: extensions.funmoods.instlDay - 15830
FF - user.js: extensions.funmoods.vrsn - 1.8.11.0
FF - user.js: extensions.funmoods.vrsni - 1.8.11.0
FF - user.js: extensions.funmoods_i.vrsnTs - 1.8.11.019:34
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - orgnl
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef -
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.appId - {EA28B360-05E0-4F93-8150-02891F1D8D3C}
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods_i.hmpg - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)
WebBrowser-{40C3CC16-7269-4B32-9531-17F2950FB06F} - (no file)
HKCU-Run-WinClicker.exe - c:\program files\Salling Software AB\Salling Clicker\WinClicker.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-BtTray - c:\program files\IVT Corporation\BlueSoleil\BtTray.exe
MSConfigStartUp-Freecorder FLV Service - c:\program files\Freecorder\FLVSrvc.exe
MSConfigStartUp-LosAlamos - c:\windows\system32\sshnas21.dll
MSConfigStartUp-Media Finder - c:\program files\Media Finder\MF.exe
AddRemove-incredibar - c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-Motocross Madness 2 Trial - c:\program files\Aspyr Media
AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4}
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files\Complitly\unins000.exe
AddRemove-Angel König - Spinnfischen in Deutschland - c:\users\MEDION\Desktop\Angelkönig\Angelkoenig_uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-07-04 15:24
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\HomeCinema\PowerDVD9\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=hex:51,66,7a,6c,4c,1d,38,12,7b,ba,ea,
34,67,f9,48,0d,fd,1d,4b,bb,a3,e3,60,89
"{70DD86E8-B5BC-4E4A-9D5C-B6234C24323C}"=hex:51,66,7a,6c,4c,1d,38,12,86,85,ce,
74,8e,fb,24,0b,e2,4a,f5,63,49,7a,76,28
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,35,c0,f5,
ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
"{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}"=hex:51,66,7a,6c,4c,1d,38,12,55,e2,d0,
7e,f8,75,36,04,cc,26,b5,2d,be,5d,85,a1
"{E5B66461-19EB-4DA5-BBF7-DF2D266D975B}"=hex:51,66,7a,6c,4c,1d,38,12,0f,67,a5,
e1,d9,57,cb,08,c4,e1,9c,6d,23,33,d3,4f
"{AE07101B-46D4-4A98-AF68-0333EA26E113}"=hex:51,66,7a,6c,4c,1d,38,12,75,13,14,
aa,e6,08,f6,0f,d0,7e,40,73,ef,78,a5,07
"{F9639E4A-801B-4843-AEE3-03D9DA199E77}"=hex:51,66,7a,6c,4c,1d,38,12,24,9d,70,
fd,29,ce,2d,0d,d1,f5,40,99,df,47,da,63
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{31AD400D-1B06-4E33-A59A-90C2C140CBA0}"=hex:51,66,7a,6c,4c,1d,38,12,63,43,be,
35,34,55,5d,0b,da,8c,d3,82,c4,1e,8f,b4
"{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}"=hex:51,66,7a,6c,4c,1d,38,12,8f,de,00,
6a,5c,65,a0,03,f4,70,9f,cb,f6,31,2f,8d
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}"=hex:51,66,7a,6c,4c,1d,38,12,4d,a0,e0,
7c,bc,37,84,0f,e5,41,cb,b4,b5,01,91,c9
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{CA4520F3-AE13-4FB1-A513-58E23991C86D}"=hex:51,66,7a,6c,4c,1d,38,12,9d,23,56,
ce,21,e0,df,0a,da,05,1b,a2,3c,cf,8c,79
"{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}"=hex:51,66,7a,6c,4c,1d,38,12,72,c0,6c,
d6,0f,20,6b,06,f2,45,ef,9a,ea,fb,bc,76
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{EEE6C35C-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,32,c0,f5,
ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{AE420039-7F28-47A6-AAB4-D9BD0075BE23}"=hex:51,66,7a,6c,4c,1d,38,12,57,03,51,
aa,1a,31,c8,02,d5,a2,9a,fd,05,2b,fa,37
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
"{77BEC163-D389-42c1-91A4-C758846296A5}"=hex:51,66,7a,6c,4c,1d,3b,1b,5e,1c,32,
30,8e,b0,4d,3e,b5,9f,b5,35,bb,11,e3,89
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:2b,99,a9,c8,9f,bf,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_5_D.aac"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_5_D.cda"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_5_D.flac"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_5_D.m4a"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_5_D.mp3"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_5_D.mp4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_5_D.ogg"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_5_D.wav"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_5_D.wma"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4240)
c:\windows\system32\btmmhook.dll
.
Zeit der Fertigstellung: 2013-07-04 15:26:45
ComboFix-quarantined-files.txt 2013-07-04 13:26
.
Vor Suchlauf: 16 Verzeichnis(se), 669.987.336.192 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 671.748.268.032 Bytes frei
.
- - End Of File - - 981F61AE3B12F1F9D3DC6931E19AF60B
5C616939100B85E558DA92B899A0FC36 [/CODE] |
|
04.07.2013, 14:30
| #8 |
| /// Malware-holic | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? Wann ein neustart nötig ist, steht in der Anleitung zu Combofix. malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.07.2013, 14:34
| #9 | |
| | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus?Zitat:
Der bereits bei der Installation angegeben ist? |
|
04.07.2013, 14:42
| #10 |
| /// Malware-holic | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? ja, der bereits bei der instalation vergegebene Pfad
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.07.2013, 15:00
| #11 |
| | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? Der Scan könnte ein weilchen dauern Lg |
|
04.07.2013, 15:03
| #12 |
| /// Malware-holic | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? lass solche zwischenposts weg, danke
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.07.2013, 17:59
| #13 |
| | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? Tschuldige.. hier: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.07.04.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 MEDION :: MEDION-PC [Administrator] 04.07.2013 15:44:10 mbam-log-2013-07-04 (15-44-10).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 552482 Laufzeit: 2 Stunde(n), 30 Minute(n), 1 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 13 HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\gencrawler_gc.GenCrawler (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Funmoods (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 8 C:\Users\MEDION\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.dll (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\HomeCinema\MediaShow4\subsys\BigBang\Runtime\MUITransfer\MUITransfer.dll (Trojan.Hiloti.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\AVS4YOU\ACTIVADOR.EXE (PUP.Hacktool.Patcher) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\MEDION\Downloads\installer_mtx_mototrax_demo_Deutsch.exe (PUP.SmsPay.PGen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\MEDION\Downloads\Berdi.zip (PUP.Hacktool.Patcher) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\MEDION\Music\Music\YouTube\ACTIVADOR AVS Video Editor.rar (PUP.Hacktool.Patcher) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\MEDION\Music\Music\YouTube\ACT\AVS4YOU.ALL.PRODUCTS.ACTIVATOR.2011.(V1.1)-MPT.EXE (PUP.Hacktool.Patcher) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\MEDION\Music\Music\YouTube\ACTIVADOR AVS Video Editor\ACTIVADOR.EXE (PUP.Hacktool.Patcher) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
04.07.2013, 18:08
| #14 |
| /// Malware-holic | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
05.07.2013, 19:02
| #15 |
| | Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? Ich glaube das Problem is bereits bewältigt, es kommen keine Anzeigen mehr. Ist das dann noch notwendig? Lg |
|
| Themen zu Merkwürdige, plötzlich auftauchende Fake-Popups. Virus? |
| adresse, bescheid, einfach, erscheint, google, komisch, liebe, loswerden, lösung, merkwürdige, pille, plötzlich, problem, seite, seiten, seriös, suche, tagen, tauchen, umfrage, umleitung, virus, virus?, weiterleitung, weiße, weiße seite, werbung; pop-up; falsche weiterleitung; links |
WARNUNG an die MITLESER: 
Linear-Darstellung
