| |
| |||||||
Log-Analyse und Auswertung: BKA - Virus endgültig entfernen - Wie?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.04.2012, 11:54
| #1 |
| |  BKA - Virus endgültig entfernen - Wie? Hallo!! Hab seit zwei Tagen den BKA - Virus(Version Österreich) und hab es mit der Kaspersky Notfall CD 10 geschafft den Computer zu entsperren. Hab danach den Avira Free Antivir und Spyware Terminator 2012 laufen lassen. Hab die infizierten Dateien gelöscht die gefunden wurden. Aber bei jedem Suchlauf findet er neue Viren, deshalb glaub ich das diese Programme nicht alles entfernen können und sich noch immer infizierte Dateien verstecken und andere Dateien anstecken sozusagen. Hab bei der Suche in diesem Forum gesehen, dass die Logfiles gepostet werden müssen und jeder Virus bei jedem Computer für sich betrachtet werden muss und dass man hier sehr kompetente Hilfe bekommt. Bedanke mich schon im vorhinein herzlich für jede Hilfe!! Mario Anbei die dds.txt,Attach.txt(als ZIP) und keine gmer.txt weil ich ein 64bit - win7 - System hab. Code:
ATTFilter .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Marcel at 12:27:16 on 2012-04-02
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.43.1031.18.1979.866 [GMT 2:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\SCHED.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\AVGUARD.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\PROGRAM FILES\ACER\ACER EPOWER MANAGEMENT\EPOWERSVC.EXE
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\3DataManager\WTGService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\WINDOWS\SYSTEM32\DWM.EXE
C:\Windows\system32\taskeng.exe
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES (X86)\AMICOSINGLUN\AMICOSINGLUN64.EXE
C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVCPL64.EXE
C:\PROGRAM FILES\ACER\ACER EPOWER MANAGEMENT\EPOWERTRAY.EXE
C:\PROGRAM FILES (X86)\EGISTEC MYWINLOCKER\X86\MWLDAEMON.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
C:\Windows\PLFSetI.exe
C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
C:\Windows\system32\igfxsrvc.exe
C:\PROGRAM FILES (X86)\GOOGLE\GOOGLETOOLBARNOTIFIER\GOOGLETOOLBARNOTIFIER.EXE
C:\PROGRAM FILES (X86)\SKYPE\PHONE\SKYPE.EXE
C:\PROGRAM FILES (X86)\WINDOWS SIDEBAR\SIDEBAR.EXE
C:\PROGRAM FILES (X86)\ACER\ACER VCM\ACERVCM.EXE
C:\WINDOWS\SYSTEM32\IGFXEXT.EXE
C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORUPDATE.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\PROGRAM FILES (X86)\LAUNCH MANAGER\LMANAGER.EXE
C:\WINDOWS\SYSTEM32\WBEM\UNSECAPP.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\PROGRAM FILES (X86)\EGISTEC IPS\PMMUPDATE.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\PROGRAM FILES (X86)\ADOBE\READER 9.0\READER\READER_SL.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORICON.EXE
C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\AVGNT.EXE
C:\PROGRAM FILES (X86)\ITUNES\ITUNESHELPER.EXE
C:\PROGRAM FILES (X86)\DIVX\DIVX UPDATE\DIVXUPDATE.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
C:\PROGRAM FILES\ACER\ACER EPOWER MANAGEMENT\EPOWEREVENT.EXE
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\PROGRAM FILES (X86)\EGISTEC IPS\EGISUPDATE.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
C:\PROGRAM FILES\IPOD\BIN\IPODSERVICE.EXE
C:\PROGRAM FILES (X86)\DAEMON TOOLS LITE\DTSHELLHLP.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\PROGRAM FILES (X86)\ACER\ACER VCM\VC.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORDATAMGRSVC.EXE
C:\WINDOWS\SYSTEM32\SPPSVC.EXE
C:\Windows\System32\svchost.exe -k secsvcs
C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\WINDOWS\SYSWOW64\CMD.EXE
C:\WINDOWS\SYSTEM32\CONHOST.EXE
C:\WINDOWS\SYSWOW64\CSCRIPT.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = my.daemon-search.com
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=ao752&r=273609103516l0403w165w57n1s940
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=ao752&r=273609103516l0403w165w57n1s940
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=ao752&r=273609103516l0403w165w57n1s940
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACERVC~1.LNK - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{B2C4ACC7-D571-431F-9BBA-DC351948F5DE} : DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{B2C4ACC7-D571-431F-9BBA-DC351948F5DE}\458656F53536865727C6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B2C4ACC7-D571-431F-9BBA-DC351948F5DE}\55053403034343634393 : DhcpNameServer = 195.34.133.21 212.186.211.21
TCP: Interfaces\{B2C4ACC7-D571-431F-9BBA-DC351948F5DE}\E4544574541425 : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{32099AAC-C132-4136-9E9A-4E364A424E17}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\tqugodx7.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://my.daemon-search.com/|www.google.de
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Marcel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AntiVirSchedulerService;Avira AntiVir Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-9-25 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-9-25 269480]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-5-12 841248]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2008-1-1 13336]
R2 RS_Service;Raw Socket Service;C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-5-12 260640]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;C:\Windows\system32\DRIVERS\stflt.sys --> C:\Windows\system32\DRIVERS\stflt.sys [?]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-3-31 1148632]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-5-12 243232]
R2 WTGService;WTGService;C:\Program Files (x86)\3DataManager\WTGService.exe [2011-8-21 296400]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-25 135664]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-25 135664]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-4-17 305520]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-04-02 09:58:36 -------- d-----w- C:\Users\*****\AppData\Roaming\Malwarebytes
2012-04-02 09:53:14 -------- d-----w- C:\ProgramData\Malwarebytes
2012-04-02 09:52:55 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-04-02 09:52:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-31 13:07:17 51496 ----a-w- C:\Windows\System32\drivers\stflt.sys
2012-03-31 13:07:16 -------- d-----w- C:\Users\*****\AppData\Roaming\Spyware Terminator
2012-03-31 13:07:16 -------- d-----w- C:\ProgramData\Spyware Terminator
2012-03-31 13:05:33 -------- d-----w- C:\Program Files (x86)\Spyware Terminator
2012-03-31 10:45:20 -------- d-----w- C:\Users\*****\AppData\Roaming\gizza
2012-03-30 15:22:41 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{10DED3B6-D5DA-4648-B187-9412D91E73EA}\offreg.dll
2012-03-30 14:45:35 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{10DED3B6-D5DA-4648-B187-9412D91E73EA}\mpengine.dll
2012-03-15 18:34:07 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-15 18:34:06 3957616 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-15 18:34:04 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-14 12:07:44 3143168 ----a-w- C:\Windows\System32\win32k.sys
2012-03-14 12:07:32 1541120 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-14 12:07:30 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-14 12:07:26 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll
2012-03-14 12:07:26 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2012-03-14 12:07:23 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll
2012-03-14 12:07:22 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2012-03-14 12:07:21 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-03-14 12:07:20 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-03-14 12:07:19 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2012-03-14 12:07:18 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2012-03-13 18:50:33 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-13 18:50:33 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-13 18:50:33 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-13 18:50:24 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-13 18:50:23 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-13 18:50:22 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-13 18:50:22 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-08 13:14:04 162664 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-03-05 21:09:41 0 ----a-w- C:\Windows\SysWow64\sho5F7F.tmp
.
==================== Find3M ====================
.
2012-03-31 13:02:52 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-03-09 10:44:52 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-29 21:34:07 0 ----a-w- C:\Windows\SysWow64\sho458.tmp
2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-17 17:31:29 0 ----a-w- C:\Windows\SysWow64\sho6B54.tmp
2012-02-06 16:45:10 258352 ----a-w- C:\Windows\SysWow64\unicows.dll
2012-01-17 10:42:20 0 ----a-w- C:\Windows\SysWow64\shoAA86.tmp
2012-01-13 23:39:40 0 ----a-w- C:\Windows\SysWow64\shoC299.tmp
2012-01-04 09:58:13 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-01-04 09:03:07 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
.
============= FINISH: 12:29:31,67 ===============
|
|
03.04.2012, 19:27
| #2 |
| /// Malwareteam    | BKA - Virus endgültig entfernen - Wie? Mein Name ist Marius und ich werde dir bei deinem Problem helfen. Eines vorneweg: Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass du clean bist. Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Schritt 1: aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Schritt 2: Scan mit TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
04.04.2012, 13:20
| #3 |
| | BKA - Virus endgültig entfernen - Wie? Zuerst mal vielen Dank für die ausführliche und genaue Hilfe.
__________________Hab beides gemacht und es hat keine Virusmeldungen gegeben. So also zuerst das aswMBR - Logfile: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-04 13:51:53
-----------------------------
13:51:53.702 OS Version: Windows x64 6.1.7600
13:51:53.702 Number of processors: 1 586 0x170A
13:51:53.703 ComputerName: MARCEL-PC UserName: Marcel
13:51:54.177 Initialize success
13:53:40.463 AVAST engine defs: 12040400
13:53:53.141 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
13:53:53.145 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
13:53:53.168 Disk 0 MBR read successfully
13:53:53.174 Disk 0 MBR scan
13:53:53.184 Disk 0 Windows 7 default MBR code
13:53:53.195 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
13:53:53.225 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
13:53:53.255 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 139213 MB offset 27469824
13:53:53.293 Disk 0 scanning C:\Windows\system32\drivers
13:54:12.313 Service scanning
13:54:55.879 Modules scanning
13:54:55.892 Disk 0 trace - called modules:
13:54:55.942 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
13:54:56.318 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80025f7060]
13:54:56.327 3 CLASSPNP.SYS[fffff88001afb43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa800217e050]
13:54:57.495 AVAST engine scan C:\Windows
13:55:01.664 AVAST engine scan C:\Windows\system32
14:03:29.717 AVAST engine scan C:\Windows\system32\drivers
14:03:59.724 AVAST engine scan C:\Users\Marcel
14:09:36.935 AVAST engine scan C:\ProgramData
14:10:43.731 Scan finished successfully
14:11:20.036 Disk 0 MBR has been saved successfully to "C:\Users\Marcel\Desktop\MBR.dat"
14:11:20.048 The log file has been saved successfully to "C:\Users\Marcel\Desktop\aswMBR.txt"
Code:
ATTFilter 14:12:57.0461 4388 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32
14:12:57.0851 4388 ============================================================
14:12:57.0851 4388 Current date / time: 2012/04/04 14:12:57.0851
14:12:57.0852 4388 SystemInfo:
14:12:57.0852 4388
14:12:57.0852 4388 OS Version: 6.1.7600 ServicePack: 0.0
14:12:57.0852 4388 Product type: Workstation
14:12:57.0852 4388 ComputerName: MARCEL-PC
14:12:57.0852 4388 UserName: Marcel
14:12:57.0853 4388 Windows directory: C:\Windows
14:12:57.0853 4388 System windows directory: C:\Windows
14:12:57.0853 4388 Running under WOW64
14:12:57.0853 4388 Processor architecture: Intel x64
14:12:57.0853 4388 Number of processors: 1
14:12:57.0853 4388 Page size: 0x1000
14:12:57.0853 4388 Boot type: Normal boot
14:12:57.0853 4388 ============================================================
14:12:59.0500 4388 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:12:59.0540 4388 \Device\Harddisk0\DR0:
14:12:59.0542 4388 MBR used
14:12:59.0542 4388 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
14:12:59.0542 4388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x10FE6800
14:12:59.0774 4388 Initialize success
14:12:59.0774 4388 ============================================================
14:13:08.0700 6644 ============================================================
14:13:08.0700 6644 Scan started
14:13:08.0700 6644 Mode: Manual;
14:13:08.0700 6644 ============================================================
14:13:10.0155 6644 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
14:13:10.0160 6644 1394ohci - ok
14:13:10.0265 6644 acedrv05 (056faaff049ca7237194065423307189) C:\Windows\system32\drivers\acedrv05.sys
14:13:10.0268 6644 acedrv05 - ok
14:13:10.0335 6644 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
14:13:10.0342 6644 ACPI - ok
14:13:10.0407 6644 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
14:13:10.0409 6644 AcpiPmi - ok
14:13:10.0495 6644 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:13:10.0511 6644 adp94xx - ok
14:13:10.0561 6644 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:13:10.0567 6644 adpahci - ok
14:13:10.0620 6644 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:13:10.0625 6644 adpu320 - ok
14:13:10.0691 6644 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:13:10.0695 6644 AeLookupSvc - ok
14:13:10.0809 6644 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
14:13:10.0819 6644 AFD - ok
14:13:10.0906 6644 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
14:13:10.0909 6644 agp440 - ok
14:13:10.0961 6644 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:13:10.0970 6644 ALG - ok
14:13:11.0073 6644 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
14:13:11.0074 6644 aliide - ok
14:13:11.0097 6644 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
14:13:11.0099 6644 amdide - ok
14:13:11.0158 6644 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:13:11.0163 6644 AmdK8 - ok
14:13:11.0207 6644 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:13:11.0209 6644 AmdPPM - ok
14:13:11.0295 6644 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
14:13:11.0298 6644 amdsata - ok
14:13:11.0367 6644 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:13:11.0372 6644 amdsbs - ok
14:13:11.0404 6644 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
14:13:11.0406 6644 amdxata - ok
14:13:11.0470 6644 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
14:13:11.0472 6644 AmUStor - ok
14:13:11.0599 6644 AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:13:11.0617 6644 AntiVirSchedulerService - ok
14:13:11.0667 6644 AntiVirService (72d90e56563165984224493069c69ed4) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:13:11.0673 6644 AntiVirService - ok
14:13:11.0813 6644 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
14:13:11.0816 6644 AppID - ok
14:13:11.0873 6644 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:13:11.0875 6644 AppIDSvc - ok
14:13:11.0947 6644 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
14:13:11.0950 6644 Appinfo - ok
14:13:12.0075 6644 Apple Mobile Device (70d7be78061126dd0c3accdb7e129017) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:13:12.0094 6644 Apple Mobile Device - ok
14:13:12.0183 6644 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:13:12.0186 6644 arc - ok
14:13:12.0208 6644 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:13:12.0211 6644 arcsas - ok
14:13:12.0260 6644 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:13:12.0262 6644 AsyncMac - ok
14:13:12.0307 6644 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
14:13:12.0311 6644 atapi - ok
14:13:12.0415 6644 athr (88a02b6046356e6be4e387faa7451439) C:\Windows\system32\DRIVERS\athrx.sys
14:13:12.0461 6644 athr - ok
14:13:12.0540 6644 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
14:13:12.0558 6644 AudioEndpointBuilder - ok
14:13:12.0582 6644 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
14:13:12.0590 6644 AudioSrv - ok
14:13:12.0651 6644 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
14:13:12.0654 6644 avgntflt - ok
14:13:12.0716 6644 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
14:13:12.0719 6644 avipbb - ok
14:13:12.0771 6644 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
14:13:12.0775 6644 AxInstSV - ok
14:13:12.0839 6644 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:13:12.0855 6644 b06bdrv - ok
14:13:12.0902 6644 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:13:12.0917 6644 b57nd60a - ok
14:13:12.0973 6644 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:13:12.0976 6644 BDESVC - ok
14:13:13.0003 6644 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:13:13.0004 6644 Beep - ok
14:13:13.0079 6644 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
14:13:13.0110 6644 BFE - ok
14:13:13.0166 6644 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
14:13:13.0200 6644 BITS - ok
14:13:13.0282 6644 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:13:13.0284 6644 blbdrive - ok
14:13:13.0399 6644 Bonjour Service (673cf4f6bb1fbe09331b526802fbb892) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
14:13:13.0432 6644 Bonjour Service - ok
14:13:13.0490 6644 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
14:13:13.0493 6644 bowser - ok
14:13:13.0531 6644 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:13:13.0533 6644 BrFiltLo - ok
14:13:13.0560 6644 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:13:13.0562 6644 BrFiltUp - ok
14:13:13.0604 6644 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
14:13:13.0608 6644 Browser - ok
14:13:13.0646 6644 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:13:13.0652 6644 Brserid - ok
14:13:13.0672 6644 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:13:13.0674 6644 BrSerWdm - ok
14:13:13.0694 6644 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:13:13.0696 6644 BrUsbMdm - ok
14:13:13.0720 6644 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:13:13.0722 6644 BrUsbSer - ok
14:13:13.0781 6644 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
14:13:13.0783 6644 BthEnum - ok
14:13:13.0818 6644 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:13:13.0821 6644 BTHMODEM - ok
14:13:13.0845 6644 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:13:13.0848 6644 BthPan - ok
14:13:13.0926 6644 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
14:13:13.0943 6644 BTHPORT - ok
14:13:14.0009 6644 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:13:14.0012 6644 bthserv - ok
14:13:14.0073 6644 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
14:13:14.0076 6644 BTHUSB - ok
14:13:14.0125 6644 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:13:14.0128 6644 cdfs - ok
14:13:14.0209 6644 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
14:13:14.0213 6644 cdrom - ok
14:13:14.0266 6644 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
14:13:14.0269 6644 CertPropSvc - ok
14:13:14.0324 6644 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:13:14.0326 6644 circlass - ok
14:13:14.0367 6644 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:13:14.0374 6644 CLFS - ok
14:13:14.0457 6644 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:13:14.0472 6644 clr_optimization_v2.0.50727_32 - ok
14:13:14.0516 6644 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:13:14.0528 6644 clr_optimization_v2.0.50727_64 - ok
14:13:14.0644 6644 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:13:14.0673 6644 clr_optimization_v4.0.30319_32 - ok
14:13:14.0743 6644 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:13:14.0760 6644 clr_optimization_v4.0.30319_64 - ok
14:13:14.0859 6644 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:13:14.0861 6644 CmBatt - ok
14:13:14.0894 6644 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
14:13:14.0896 6644 cmdide - ok
14:13:14.0958 6644 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
14:13:14.0975 6644 CNG - ok
14:13:15.0025 6644 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:13:15.0029 6644 Compbatt - ok
14:13:15.0062 6644 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:13:15.0064 6644 CompositeBus - ok
14:13:15.0097 6644 COMSysApp - ok
14:13:15.0138 6644 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:13:15.0140 6644 crcdisk - ok
14:13:15.0204 6644 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
14:13:15.0209 6644 CryptSvc - ok
14:13:15.0373 6644 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:13:15.0423 6644 cvhsvc - ok
14:13:15.0481 6644 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
14:13:15.0500 6644 DcomLaunch - ok
14:13:15.0556 6644 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:13:15.0563 6644 defragsvc - ok
14:13:15.0644 6644 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
14:13:15.0647 6644 DfsC - ok
14:13:15.0715 6644 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
14:13:15.0721 6644 Dhcp - ok
14:13:15.0767 6644 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:13:15.0769 6644 discache - ok
14:13:15.0815 6644 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:13:15.0818 6644 Disk - ok
14:13:15.0907 6644 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\SysWOW64\Drivers\DKbFltr.sys
14:13:15.0909 6644 DKbFltr - ok
14:13:15.0962 6644 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
14:13:15.0967 6644 Dnscache - ok
14:13:16.0018 6644 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
14:13:16.0028 6644 dot3svc - ok
14:13:16.0067 6644 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
14:13:16.0072 6644 DPS - ok
14:13:16.0147 6644 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:13:16.0149 6644 drmkaud - ok
14:13:16.0235 6644 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:13:16.0243 6644 dtsoftbus01 - ok
14:13:16.0313 6644 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
14:13:16.0346 6644 DXGKrnl - ok
14:13:16.0453 6644 EagleX64 - ok
14:13:16.0508 6644 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:13:16.0512 6644 EapHost - ok
14:13:16.0645 6644 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:13:16.0736 6644 ebdrv - ok
14:13:16.0784 6644 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
14:13:16.0788 6644 EFS - ok
14:13:16.0856 6644 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
14:13:16.0896 6644 ehRecvr - ok
14:13:16.0946 6644 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:13:16.0958 6644 ehSched - ok
14:13:17.0036 6644 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:13:17.0053 6644 elxstor - ok
14:13:17.0149 6644 ePowerSvc (d3fa244ef742b359093f8596011cb815) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
14:13:17.0215 6644 ePowerSvc - ok
14:13:17.0235 6644 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
14:13:17.0237 6644 ErrDev - ok
14:13:17.0324 6644 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:13:17.0343 6644 EventSystem - ok
14:13:17.0378 6644 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:13:17.0387 6644 exfat - ok
14:13:17.0429 6644 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:13:17.0434 6644 fastfat - ok
14:13:17.0496 6644 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
14:13:17.0515 6644 Fax - ok
14:13:17.0536 6644 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:13:17.0538 6644 fdc - ok
14:13:17.0587 6644 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:13:17.0589 6644 fdPHost - ok
14:13:17.0616 6644 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:13:17.0618 6644 FDResPub - ok
14:13:17.0648 6644 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:13:17.0655 6644 FileInfo - ok
14:13:17.0689 6644 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:13:17.0691 6644 Filetrace - ok
14:13:17.0722 6644 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:13:17.0724 6644 flpydisk - ok
14:13:17.0791 6644 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
14:13:17.0797 6644 FltMgr - ok
14:13:17.0863 6644 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
14:13:17.0909 6644 FontCache - ok
14:13:18.0030 6644 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:13:18.0038 6644 FontCache3.0.0.0 - ok
14:13:18.0096 6644 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:13:18.0098 6644 FsDepends - ok
14:13:18.0131 6644 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:13:18.0139 6644 Fs_Rec - ok
14:13:18.0226 6644 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:13:18.0231 6644 fvevol - ok
14:13:18.0261 6644 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:13:18.0264 6644 gagp30kx - ok
14:13:18.0315 6644 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:13:18.0318 6644 GEARAspiWDM - ok
14:13:18.0388 6644 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
14:13:18.0419 6644 gpsvc - ok
14:13:18.0502 6644 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
14:13:18.0512 6644 GREGService - ok
14:13:18.0611 6644 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:13:18.0631 6644 gupdate - ok
14:13:18.0702 6644 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:13:18.0705 6644 gupdatem - ok
14:13:18.0757 6644 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:13:18.0777 6644 gusvc - ok
14:13:18.0886 6644 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:13:18.0888 6644 hcw85cir - ok
14:13:18.0951 6644 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
14:13:18.0958 6644 HdAudAddService - ok
14:13:19.0002 6644 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:13:19.0006 6644 HDAudBus - ok
14:13:19.0029 6644 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:13:19.0031 6644 HidBatt - ok
14:13:19.0057 6644 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:13:19.0059 6644 HidBth - ok
14:13:19.0101 6644 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:13:19.0104 6644 HidIr - ok
14:13:19.0140 6644 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:13:19.0143 6644 hidserv - ok
14:13:19.0188 6644 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
14:13:19.0190 6644 HidUsb - ok
14:13:19.0224 6644 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
14:13:19.0228 6644 hkmsvc - ok
14:13:19.0261 6644 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
14:13:19.0267 6644 HomeGroupListener - ok
14:13:19.0326 6644 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
14:13:19.0332 6644 HomeGroupProvider - ok
14:13:19.0395 6644 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
14:13:19.0397 6644 HpSAMD - ok
14:13:19.0451 6644 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
14:13:19.0471 6644 HTTP - ok
14:13:19.0541 6644 hwdatacard - ok
14:13:19.0573 6644 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
14:13:19.0575 6644 hwpolicy - ok
14:13:19.0620 6644 hwusbdev - ok
14:13:19.0674 6644 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:13:19.0677 6644 i8042prt - ok
14:13:19.0745 6644 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
14:13:19.0751 6644 iaStor - ok
14:13:19.0879 6644 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:13:19.0886 6644 IAStorDataMgrSvc - ok
14:13:20.0001 6644 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
14:13:20.0008 6644 iaStorV - ok
14:13:20.0165 6644 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:13:20.0180 6644 IDriverT - ok
14:13:20.0323 6644 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:13:20.0402 6644 idsvc - ok
14:13:20.0683 6644 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:13:20.0881 6644 igfx - ok
14:13:20.0926 6644 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:13:20.0928 6644 iirsp - ok
14:13:20.0987 6644 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
14:13:21.0021 6644 IKEEXT - ok
14:13:21.0133 6644 IntcAzAudAddService (1a6241b70453a6629a83db942aa6b08c) C:\Windows\system32\drivers\RTKVHD64.sys
14:13:21.0189 6644 IntcAzAudAddService - ok
14:13:21.0268 6644 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
14:13:21.0272 6644 IntcHdmiAddService - ok
14:13:21.0326 6644 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
14:13:21.0328 6644 intelide - ok
14:13:21.0365 6644 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:13:21.0367 6644 intelppm - ok
14:13:21.0421 6644 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:13:21.0425 6644 IPBusEnum - ok
14:13:21.0446 6644 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:13:21.0449 6644 IpFilterDriver - ok
14:13:21.0494 6644 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
14:13:21.0513 6644 iphlpsvc - ok
14:13:21.0536 6644 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:13:21.0538 6644 IPMIDRV - ok
14:13:21.0563 6644 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:13:21.0566 6644 IPNAT - ok
14:13:21.0660 6644 iPod Service (3151d878bb16307ef2cf4cda2463d15e) C:\Program Files\iPod\bin\iPodService.exe
14:13:21.0731 6644 iPod Service - ok
14:13:21.0782 6644 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:13:21.0785 6644 IRENUM - ok
14:13:21.0817 6644 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
14:13:21.0819 6644 isapnp - ok
14:13:21.0856 6644 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
14:13:21.0861 6644 iScsiPrt - ok
14:13:21.0910 6644 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:13:21.0915 6644 kbdclass - ok
14:13:21.0935 6644 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
14:13:21.0937 6644 kbdhid - ok
14:13:21.0997 6644 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:13:22.0000 6644 KeyIso - ok
14:13:22.0042 6644 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
14:13:22.0045 6644 KSecDD - ok
14:13:22.0084 6644 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
14:13:22.0090 6644 KSecPkg - ok
14:13:22.0116 6644 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:13:22.0118 6644 ksthunk - ok
14:13:22.0187 6644 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:13:22.0206 6644 KtmRm - ok
14:13:22.0259 6644 L1C (ad88105efddc55877ea8d06346d75989) C:\Windows\system32\DRIVERS\L1C62x64.sys
14:13:22.0261 6644 L1C - ok
14:13:22.0319 6644 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
14:13:22.0327 6644 LanmanServer - ok
14:13:22.0382 6644 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
14:13:22.0388 6644 LanmanWorkstation - ok
14:13:22.0494 6644 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:13:22.0496 6644 lltdio - ok
14:13:22.0549 6644 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:13:22.0558 6644 lltdsvc - ok
14:13:22.0592 6644 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:13:22.0596 6644 lmhosts - ok
14:13:22.0653 6644 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:13:22.0656 6644 LSI_FC - ok
14:13:22.0681 6644 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:13:22.0684 6644 LSI_SAS - ok
14:13:22.0706 6644 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:13:22.0709 6644 LSI_SAS2 - ok
14:13:22.0741 6644 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:13:22.0745 6644 LSI_SCSI - ok
14:13:22.0779 6644 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:13:22.0782 6644 luafv - ok
14:13:22.0834 6644 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
14:13:22.0838 6644 Mcx2Svc - ok
14:13:22.0860 6644 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:13:22.0862 6644 megasas - ok
14:13:22.0901 6644 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:13:22.0907 6644 MegaSR - ok
14:13:23.0051 6644 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:13:23.0054 6644 Microsoft Office Groove Audit Service - ok
14:13:23.0114 6644 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:13:23.0118 6644 MMCSS - ok
14:13:23.0176 6644 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:13:23.0178 6644 Modem - ok
14:13:23.0219 6644 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:13:23.0221 6644 monitor - ok
14:13:23.0273 6644 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:13:23.0275 6644 mouclass - ok
14:13:23.0300 6644 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:13:23.0304 6644 mouhid - ok
14:13:23.0345 6644 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
14:13:23.0348 6644 mountmgr - ok
14:13:23.0381 6644 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
14:13:23.0387 6644 mpio - ok
14:13:23.0421 6644 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:13:23.0423 6644 mpsdrv - ok
14:13:23.0485 6644 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
14:13:23.0518 6644 MpsSvc - ok
14:13:23.0540 6644 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
14:13:23.0545 6644 MRxDAV - ok
14:13:23.0597 6644 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:13:23.0601 6644 mrxsmb - ok
14:13:23.0658 6644 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:13:23.0664 6644 mrxsmb10 - ok
14:13:23.0705 6644 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:13:23.0709 6644 mrxsmb20 - ok
14:13:23.0742 6644 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
14:13:23.0744 6644 msahci - ok
14:13:23.0768 6644 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
14:13:23.0772 6644 msdsm - ok
14:13:23.0828 6644 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:13:23.0835 6644 MSDTC - ok
14:13:23.0895 6644 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:13:23.0897 6644 Msfs - ok
14:13:23.0948 6644 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:13:23.0949 6644 mshidkmdf - ok
14:13:23.0980 6644 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
14:13:23.0982 6644 msisadrv - ok
14:13:24.0031 6644 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:13:24.0036 6644 MSiSCSI - ok
14:13:24.0057 6644 msiserver - ok
14:13:24.0112 6644 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:13:24.0114 6644 MSKSSRV - ok
14:13:24.0169 6644 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:13:24.0171 6644 MSPCLOCK - ok
14:13:24.0213 6644 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:13:24.0215 6644 MSPQM - ok
14:13:24.0256 6644 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
14:13:24.0265 6644 MsRPC - ok
14:13:24.0302 6644 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
14:13:24.0304 6644 mssmbios - ok
14:13:24.0360 6644 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:13:24.0362 6644 MSTEE - ok
14:13:24.0385 6644 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:13:24.0387 6644 MTConfig - ok
14:13:24.0424 6644 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:13:24.0426 6644 Mup - ok
14:13:24.0475 6644 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
14:13:24.0477 6644 mwlPSDFilter - ok
14:13:24.0503 6644 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
14:13:24.0504 6644 mwlPSDNServ - ok
14:13:24.0542 6644 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
14:13:24.0545 6644 mwlPSDVDisk - ok
14:13:24.0683 6644 MWLService (0036634e5c92be109056f7e2380103a9) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
14:13:24.0689 6644 MWLService - ok
14:13:24.0746 6644 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
14:13:24.0764 6644 napagent - ok
14:13:24.0855 6644 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:13:24.0872 6644 NativeWifiP - ok
14:13:24.0949 6644 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
14:13:24.0983 6644 NDIS - ok
14:13:25.0021 6644 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:13:25.0023 6644 NdisCap - ok
14:13:25.0067 6644 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:13:25.0069 6644 NdisTapi - ok
14:13:25.0126 6644 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
14:13:25.0129 6644 Ndisuio - ok
14:13:25.0159 6644 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:13:25.0163 6644 NdisWan - ok
14:13:25.0199 6644 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
14:13:25.0202 6644 NDProxy - ok
14:13:25.0356 6644 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
14:13:25.0418 6644 Nero BackItUp Scheduler 4.0 - ok
14:13:25.0525 6644 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:13:25.0527 6644 NetBIOS - ok
14:13:25.0562 6644 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
14:13:25.0568 6644 NetBT - ok
14:13:25.0622 6644 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:13:25.0625 6644 Netlogon - ok
14:13:25.0695 6644 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:13:25.0706 6644 Netman - ok
14:13:25.0755 6644 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:13:25.0773 6644 netprofm - ok
14:13:25.0893 6644 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:13:25.0897 6644 NetTcpPortSharing - ok
14:13:26.0150 6644 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
14:13:26.0337 6644 NETw5s64 - ok
14:13:26.0384 6644 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:13:26.0389 6644 nfrd960 - ok
14:13:26.0446 6644 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
14:13:26.0455 6644 NlaSvc - ok
14:13:26.0486 6644 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:13:26.0488 6644 Npfs - ok
14:13:26.0520 6644 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:13:26.0524 6644 nsi - ok
14:13:26.0550 6644 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:13:26.0552 6644 nsiproxy - ok
14:13:26.0658 6644 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
14:13:26.0704 6644 Ntfs - ok
14:13:26.0738 6644 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:13:26.0740 6644 Null - ok
14:13:26.0812 6644 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
14:13:26.0816 6644 nvraid - ok
14:13:26.0858 6644 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
14:13:26.0861 6644 nvstor - ok
14:13:26.0926 6644 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
14:13:26.0931 6644 nv_agp - ok
14:13:27.0076 6644 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:13:27.0084 6644 odserv - ok
14:13:27.0108 6644 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
14:13:27.0111 6644 ohci1394 - ok
14:13:27.0161 6644 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:13:27.0165 6644 ose - ok
14:13:27.0405 6644 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:13:27.0545 6644 osppsvc - ok
14:13:27.0651 6644 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:13:27.0659 6644 p2pimsvc - ok
14:13:27.0733 6644 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:13:27.0751 6644 p2psvc - ok
14:13:27.0809 6644 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:13:27.0811 6644 Parport - ok
14:13:27.0852 6644 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
14:13:27.0855 6644 partmgr - ok
14:13:27.0887 6644 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:13:27.0895 6644 PcaSvc - ok
14:13:27.0940 6644 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
14:13:27.0945 6644 pci - ok
14:13:27.0984 6644 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
14:13:27.0988 6644 pciide - ok
14:13:28.0018 6644 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:13:28.0023 6644 pcmcia - ok
14:13:28.0062 6644 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:13:28.0064 6644 pcw - ok
14:13:28.0106 6644 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:13:28.0124 6644 PEAUTH - ok
14:13:28.0221 6644 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:13:28.0224 6644 PerfHost - ok
14:13:28.0320 6644 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
14:13:28.0367 6644 pla - ok
14:13:28.0442 6644 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
14:13:28.0462 6644 PlugPlay - ok
14:13:28.0496 6644 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:13:28.0500 6644 PNRPAutoReg - ok
14:13:28.0539 6644 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:13:28.0547 6644 PNRPsvc - ok
14:13:28.0611 6644 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
14:13:28.0627 6644 PolicyAgent - ok
14:13:28.0680 6644 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:13:28.0687 6644 Power - ok
14:13:28.0768 6644 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
14:13:28.0771 6644 PptpMiniport - ok
14:13:28.0805 6644 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:13:28.0808 6644 Processor - ok
14:13:28.0865 6644 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
14:13:28.0872 6644 ProfSvc - ok
14:13:28.0924 6644 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:13:28.0928 6644 ProtectedStorage - ok
14:13:28.0984 6644 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
14:13:28.0987 6644 Psched - ok
14:13:29.0057 6644 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:13:29.0103 6644 ql2300 - ok
14:13:29.0142 6644 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:13:29.0145 6644 ql40xx - ok
14:13:29.0190 6644 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:13:29.0199 6644 QWAVE - ok
14:13:29.0241 6644 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:13:29.0250 6644 QWAVEdrv - ok
14:13:29.0271 6644 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:13:29.0272 6644 RasAcd - ok
14:13:29.0330 6644 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:13:29.0333 6644 RasAgileVpn - ok
14:13:29.0382 6644 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:13:29.0387 6644 RasAuto - ok
14:13:29.0415 6644 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:13:29.0418 6644 Rasl2tp - ok
14:13:29.0483 6644 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
14:13:29.0492 6644 RasMan - ok
14:13:29.0526 6644 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:13:29.0536 6644 RasPppoe - ok
14:13:29.0573 6644 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:13:29.0576 6644 RasSstp - ok
14:13:29.0611 6644 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
14:13:29.0617 6644 rdbss - ok
14:13:29.0655 6644 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:13:29.0657 6644 rdpbus - ok
14:13:29.0694 6644 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:13:29.0696 6644 RDPCDD - ok
14:13:29.0761 6644 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:13:29.0763 6644 RDPENCDD - ok
14:13:29.0806 6644 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:13:29.0808 6644 RDPREFMP - ok
14:13:29.0866 6644 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
14:13:29.0873 6644 RDPWD - ok
14:13:29.0930 6644 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
14:13:29.0937 6644 rdyboost - ok
14:13:29.0989 6644 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:13:29.0993 6644 RemoteAccess - ok
14:13:30.0041 6644 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:13:30.0047 6644 RemoteRegistry - ok
14:13:30.0115 6644 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
14:13:30.0119 6644 RFCOMM - ok
14:13:30.0172 6644 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:13:30.0178 6644 RpcEptMapper - ok
14:13:30.0220 6644 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:13:30.0223 6644 RpcLocator - ok
14:13:30.0269 6644 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
14:13:30.0277 6644 RpcSs - ok
14:13:30.0359 6644 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:13:30.0361 6644 rspndr - ok
14:13:30.0464 6644 RS_Service (7cb9f0fdd730f4a4ecf6cde15ea12e8a) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
14:13:30.0499 6644 RS_Service - ok
14:13:30.0559 6644 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:13:30.0562 6644 SamSs - ok
14:13:30.0626 6644 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
14:13:30.0629 6644 sbp2port - ok
14:13:30.0675 6644 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:13:30.0681 6644 SCardSvr - ok
14:13:30.0713 6644 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
14:13:30.0715 6644 scfilter - ok
14:13:30.0803 6644 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
14:13:30.0838 6644 Schedule - ok
14:13:30.0879 6644 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
14:13:30.0881 6644 SCPolicySvc - ok
14:13:30.0935 6644 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
14:13:30.0943 6644 SDRSVC - ok
14:13:31.0023 6644 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:13:31.0026 6644 secdrv - ok
14:13:31.0059 6644 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
14:13:31.0063 6644 seclogon - ok
14:13:31.0094 6644 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:13:31.0098 6644 SENS - ok
14:13:31.0154 6644 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:13:31.0158 6644 SensrSvc - ok
14:13:31.0200 6644 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:13:31.0202 6644 Serenum - ok
14:13:31.0239 6644 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:13:31.0242 6644 Serial - ok
14:13:31.0271 6644 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:13:31.0272 6644 sermouse - ok
14:13:31.0330 6644 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
14:13:31.0335 6644 SessionEnv - ok
14:13:31.0374 6644 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
14:13:31.0375 6644 sffdisk - ok
14:13:31.0414 6644 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:13:31.0417 6644 sffp_mmc - ok
14:13:31.0446 6644 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:13:31.0448 6644 sffp_sd - ok
14:13:31.0485 6644 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:13:31.0487 6644 sfloppy - ok
14:13:31.0557 6644 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
14:13:31.0577 6644 Sftfs - ok
14:13:31.0690 6644 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:13:31.0723 6644 sftlist - ok
14:13:31.0793 6644 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:13:31.0798 6644 Sftplay - ok
14:13:31.0836 6644 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:13:31.0838 6644 Sftredir - ok
14:13:31.0884 6644 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
14:13:31.0886 6644 Sftvol - ok
14:13:31.0965 6644 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:13:31.0986 6644 sftvsa - ok
14:13:32.0038 6644 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:13:32.0048 6644 SharedAccess - ok
14:13:32.0111 6644 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
14:13:32.0120 6644 ShellHWDetection - ok
14:13:32.0187 6644 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:13:32.0190 6644 SiSRaid2 - ok
14:13:32.0213 6644 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:13:32.0216 6644 SiSRaid4 - ok
14:13:32.0256 6644 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:13:32.0258 6644 Smb - ok
14:13:32.0320 6644 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:13:32.0325 6644 SNMPTRAP - ok
14:13:32.0355 6644 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:13:32.0357 6644 spldr - ok
14:13:32.0416 6644 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
14:13:32.0435 6644 Spooler - ok
14:13:32.0577 6644 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
14:13:32.0679 6644 sppsvc - ok
14:13:32.0707 6644 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:13:32.0711 6644 sppuinotify - ok
14:13:32.0774 6644 sptd - ok
14:13:32.0861 6644 sp_rsdrv2 (b9657a0aff28c1cb114acc0cb93ee4bb) C:\Windows\system32\DRIVERS\stflt.sys
14:13:32.0864 6644 sp_rsdrv2 - ok
14:13:32.0928 6644 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
14:13:32.0936 6644 srv - ok
14:13:32.0992 6644 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
14:13:33.0000 6644 srv2 - ok
14:13:33.0059 6644 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
14:13:33.0063 6644 srvnet - ok
14:13:33.0126 6644 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:13:33.0135 6644 SSDPSRV - ok
14:13:33.0175 6644 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:13:33.0183 6644 SstpSvc - ok
14:13:33.0324 6644 ST2012_Svc (b17788cce16d54dca857b4dbf6d1041b) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
14:13:33.0404 6644 ST2012_Svc - ok
14:13:33.0533 6644 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
14:13:33.0573 6644 StarWindServiceAE - ok
14:13:33.0683 6644 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:13:33.0686 6644 stexstor - ok
14:13:33.0745 6644 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
14:13:33.0766 6644 stisvc - ok
14:13:33.0802 6644 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
14:13:33.0804 6644 swenum - ok
14:13:33.0870 6644 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:13:33.0890 6644 swprv - ok
14:13:33.0949 6644 SynTP (ed6d1424e5b0c21a57b28dd8508d6843) C:\Windows\system32\DRIVERS\SynTP.sys
14:13:33.0955 6644 SynTP - ok
14:13:34.0040 6644 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
14:13:34.0097 6644 SysMain - ok
14:13:34.0138 6644 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
14:13:34.0144 6644 TabletInputService - ok
14:13:34.0178 6644 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
14:13:34.0188 6644 TapiSrv - ok
14:13:34.0217 6644 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:13:34.0223 6644 TBS - ok
14:13:34.0331 6644 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
14:13:34.0389 6644 Tcpip - ok
14:13:34.0458 6644 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
14:13:34.0476 6644 TCPIP6 - ok
14:13:34.0538 6644 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
14:13:34.0539 6644 tcpipreg - ok
14:13:34.0579 6644 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:13:34.0581 6644 TDPIPE - ok
14:13:34.0632 6644 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
14:13:34.0634 6644 TDTCP - ok
14:13:34.0694 6644 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
14:13:34.0699 6644 tdx - ok
14:13:34.0732 6644 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
14:13:34.0736 6644 TermDD - ok
14:13:34.0799 6644 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
14:13:34.0823 6644 TermService - ok
14:13:34.0858 6644 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:13:34.0863 6644 Themes - ok
14:13:34.0911 6644 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:13:34.0914 6644 THREADORDER - ok
14:13:34.0959 6644 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:13:34.0965 6644 TrkWks - ok
14:13:35.0024 6644 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
14:13:35.0028 6644 TrustedInstaller - ok
14:13:35.0100 6644 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:13:35.0107 6644 tssecsrv - ok
14:13:35.0157 6644 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
14:13:35.0163 6644 tunnel - ok
14:13:35.0204 6644 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:13:35.0207 6644 uagp35 - ok
14:13:35.0259 6644 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
14:13:35.0265 6644 udfs - ok
14:13:35.0342 6644 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:13:35.0347 6644 UI0Detect - ok
14:13:35.0407 6644 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
14:13:35.0409 6644 uliagpkx - ok
14:13:35.0456 6644 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
14:13:35.0458 6644 umbus - ok
14:13:35.0482 6644 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:13:35.0483 6644 UmPass - ok
14:13:35.0574 6644 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
14:13:35.0593 6644 Updater Service - ok
14:13:35.0645 6644 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:13:35.0663 6644 upnphost - ok
14:13:35.0716 6644 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
14:13:35.0719 6644 usbccgp - ok
14:13:35.0773 6644 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
14:13:35.0776 6644 usbcir - ok
14:13:35.0829 6644 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys
14:13:35.0834 6644 usbehci - ok
14:13:35.0900 6644 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
14:13:35.0907 6644 usbhub - ok
14:13:35.0948 6644 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
14:13:35.0950 6644 usbohci - ok
14:13:35.0993 6644 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:13:35.0995 6644 usbprint - ok
14:13:36.0046 6644 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:13:36.0049 6644 USBSTOR - ok
14:13:36.0083 6644 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\DRIVERS\usbuhci.sys
14:13:36.0087 6644 usbuhci - ok
14:13:36.0145 6644 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
14:13:36.0151 6644 usbvideo - ok
14:13:36.0198 6644 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:13:36.0203 6644 UxSms - ok
14:13:36.0251 6644 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:13:36.0254 6644 VaultSvc - ok
14:13:36.0317 6644 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
14:13:36.0318 6644 vdrvroot - ok
14:13:36.0371 6644 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
14:13:36.0390 6644 vds - ok
14:13:36.0430 6644 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:13:36.0432 6644 vga - ok
14:13:36.0473 6644 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:13:36.0476 6644 VgaSave - ok
14:13:36.0504 6644 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
14:13:36.0508 6644 vhdmp - ok
14:13:36.0531 6644 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
14:13:36.0535 6644 viaide - ok
14:13:36.0567 6644 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
14:13:36.0570 6644 volmgr - ok
14:13:36.0607 6644 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
14:13:36.0614 6644 volmgrx - ok
14:13:36.0653 6644 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
14:13:36.0666 6644 volsnap - ok
14:13:36.0708 6644 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:13:36.0712 6644 vsmraid - ok
14:13:36.0800 6644 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
14:13:36.0858 6644 VSS - ok
14:13:36.0890 6644 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:13:36.0891 6644 vwifibus - ok
14:13:36.0945 6644 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:13:36.0949 6644 vwififlt - ok
14:13:36.0986 6644 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:13:37.0004 6644 W32Time - ok
14:13:37.0045 6644 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:13:37.0048 6644 WacomPen - ok
14:13:37.0099 6644 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:13:37.0102 6644 WANARP - ok
14:13:37.0130 6644 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:13:37.0131 6644 Wanarpv6 - ok
14:13:37.0256 6644 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:13:37.0302 6644 WatAdminSvc - ok
14:13:37.0392 6644 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
14:13:37.0439 6644 wbengine - ok
14:13:37.0481 6644 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:13:37.0489 6644 WbioSrvc - ok
14:13:37.0545 6644 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
14:13:37.0564 6644 wcncsvc - ok
14:13:37.0599 6644 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:13:37.0605 6644 WcsPlugInService - ok
14:13:37.0661 6644 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:13:37.0663 6644 Wd - ok
14:13:37.0714 6644 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:13:37.0745 6644 Wdf01000 - ok
14:13:37.0809 6644 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:13:37.0817 6644 WdiServiceHost - ok
14:13:37.0832 6644 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:13:37.0836 6644 WdiSystemHost - ok
14:13:37.0894 6644 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
14:13:37.0903 6644 WebClient - ok
14:13:37.0949 6644 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:13:37.0967 6644 Wecsvc - ok
14:13:37.0999 6644 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:13:38.0006 6644 wercplsupport - ok
14:13:38.0057 6644 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:13:38.0062 6644 WerSvc - ok
14:13:38.0137 6644 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:13:38.0139 6644 WfpLwf - ok
14:13:38.0185 6644 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:13:38.0187 6644 WIMMount - ok
14:13:38.0249 6644 WinDefend - ok
14:13:38.0277 6644 WinHttpAutoProxySvc - ok
14:13:38.0347 6644 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:13:38.0379 6644 Winmgmt - ok
14:13:38.0477 6644 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
14:13:38.0547 6644 WinRM - ok
14:13:38.0637 6644 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:13:38.0671 6644 Wlansvc - ok
14:13:38.0844 6644 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:13:38.0946 6644 wlidsvc - ok
14:13:39.0056 6644 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:13:39.0058 6644 WmiAcpi - ok
14:13:39.0134 6644 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:13:39.0140 6644 wmiApSrv - ok
14:13:39.0212 6644 WMPNetworkSvc - ok
14:13:39.0256 6644 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:13:39.0261 6644 WPCSvc - ok
14:13:39.0293 6644 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
14:13:39.0301 6644 WPDBusEnum - ok
14:13:39.0368 6644 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:13:39.0370 6644 ws2ifsl - ok
14:13:39.0412 6644 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
14:13:39.0418 6644 wscsvc - ok
14:13:39.0440 6644 WSearch - ok
14:13:39.0576 6644 WTGService (27f229f3a4fa57e3eb7ae705eda8232b) C:\Program Files (x86)\3DataManager\WTGService.exe
14:13:39.0606 6644 WTGService - ok
14:13:39.0725 6644 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
14:13:39.0808 6644 wuauserv - ok
14:13:39.0876 6644 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
14:13:39.0879 6644 WudfPf - ok
14:13:39.0942 6644 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:13:39.0946 6644 WUDFRd - ok
14:13:39.0998 6644 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
14:13:40.0005 6644 wudfsvc - ok
14:13:40.0051 6644 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:13:40.0059 6644 WwanSvc - ok
14:13:40.0171 6644 X6va002 - ok
14:13:40.0307 6644 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
14:13:40.0309 6644 xusb21 - ok
14:13:40.0360 6644 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:13:40.0417 6644 \Device\Harddisk0\DR0 - ok
14:13:40.0428 6644 Boot (0x1200) (c2bd5f636914f1e80e2420e1ca71878b) \Device\Harddisk0\DR0\Partition0
14:13:40.0430 6644 \Device\Harddisk0\DR0\Partition0 - ok
14:13:40.0447 6644 Boot (0x1200) (2b09f950d335a96dc5cbd85a2bce43b5) \Device\Harddisk0\DR0\Partition1
14:13:40.0450 6644 \Device\Harddisk0\DR0\Partition1 - ok
14:13:40.0456 6644 ============================================================
14:13:40.0456 6644 Scan finished
14:13:40.0456 6644 ============================================================
14:13:40.0473 5624 Detected object count: 0
14:13:40.0473 5624 Actual detected object count: 0
14:14:14.0631 6784 Deinitialize success
|
|
07.04.2012, 15:25
| #4 |
| /// Malwareteam | BKA - Virus endgültig entfernen - Wie? Schritt 1: defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung. Schritt 2: Logdateien posten Bitte alle logs von Antivir zippen und hier anhängen - du findest sie im Programm unter "Berichte".
__________________ Kein Asylrecht für Trojaner!  Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
07.04.2012, 18:32
| #5 |
| | BKA - Virus endgültig entfernen - Wie? Also mit dem Defogger hatte ich keine Probleme, alles einwandfrei. Soll ich auch die logs von den Updates mitschicken od nur die von den Suchläufen bzw Viren?? |
|
07.04.2012, 18:44
| #6 |
| /// Malwareteam | BKA - Virus endgültig entfernen - Wie? Prima!  Ja, zippe alle Logfiles und hänge sie an!
__________________ --> BKA - Virus endgültig entfernen - Wie? |
|
07.04.2012, 19:15
| #7 |
| | BKA - Virus endgültig entfernen - Wie? Bitteschön alle Logs gezippt! Schönen Abend noch und gute Nacht! |
|
08.04.2012, 19:38
| #8 |
| /// Malwareteam | BKA - Virus endgültig entfernen - Wie? MBAM Downloade Dir bitte Malwarebytes
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
10.04.2012, 11:45
| #9 |
| /// Malwareteam | BKA - Virus endgültig entfernen - Wie? Hallo, benötigst Du noch weiterhin Hilfe ? Sollte ich innerhalb der nächsten 24 Stunden keine Antwort von dir erhalten, werde ich dein Thema aus meinen Abos nehmen und bekomme dadurch keine Nachricht über neue Antworten. Das Verschwinden der Symptome bedeutet nicht, dass dein System schon sauber ist
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
11.04.2012, 21:19
| #10 |
| | BKA - Virus endgültig entfernen - Wie? Bitteschön hatte 3 Funde!!! MB - Logfile: Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.04.11.05 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Marcel :: MARCEL-PC [Administrator] 11.04.2012 19:32:53 mbam-log-2012-04-11 (19-32-53).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 403736 Laufzeit: 1 Stunde(n), 53 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Users\Marcel\AppData\Local\Temp\Temp1_BattleRealmsv1.50NoCDPatchAll.zip\BattleRealmsNOCD.exe (Trojan.Bancos) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Marcel\AppData\Local\Temp\Temp1_Battle_Realms_v1.50q_No-CD_Crack.zip\BattleRealmsNOCD.exe (Trojan.Bancos) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Marcel\Desktop\unnötig\Battle_Realms_v1.50q_No-CD_Crack\BattleRealmsNOCD.exe (Trojan.Bancos) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
11.04.2012, 21:24
| #11 | |
| /// Malwareteam | BKA - Virus endgültig entfernen - Wie?Zitat:
  Alleine der Besuch auf Seiten, welche diese Dateien zum Download anbieten, beinhaltet ein hohes Risiko sich zu infizieren. Wenn Du den Crack startest, startest du eine ausführbare Datei aus einer sehr dubiosen Quelle. Im Quellcode der Datei kann alles mögliche stehen. ( z.B downloaden und ausführen von Malware Dateien ) Dies ist einer der Hauptgründe wie man sich infiziert. Ausserdem sind Cracks usw illegal und das ist genauso Diebstahl wie in einem Laden. Darum haben wir uns darauf geeinigt: Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden. Deshalb beschränkt sich unsere Hilfe für dich auf eine Anleitung zur Neuinstallation und Absicherung des Systems __________________
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
12.04.2012, 12:02
| #12 |
| | BKA - Virus endgültig entfernen - Wie? Wie bitte?????D.h. die ganze Arbeit war umsonst? Ich hab den Computer von meinem Bruder(deshalb lautet der Benutzer auch Marcel) vor einem Jahr gebraucht bekommen. Ich hab weder den Crack benutzt beim Zeitpunkt der Verseuchung meines Computers noch ihn heruntergeladen, hab nicht mal gewusst, dass er oben ist. Und mein Bruder hat gemeint das es sehr lang her ist, dass er das heruntergeladen hat. Deshalb glaub ich kaum das es nur an den Dateien liegt, dass der bka-Virus gekommen ist. Versteh schon das ihr mit illegalen Daten nichts zu tun haben wollt und solche Tätigkeiten nicht unterstützen wollt. Aber was soll ich jetzt machen?? Naja kann man wohl nichts machen Danke auf alle Fälle für die Hilfe bis jetzt! Lg Mario |
|
| Themen zu BKA - Virus endgültig entfernen - Wie? |
| adobe, antivir, antivir guard, avira, bonjour, computer, dateien gelöscht, defender, desktop, entfernen, firefox, google, home, infizierte dateien, kaspersky, locker, mozilla, mywinlocker, plug-in, realtek, software, spyware, svchost.exe, symantec, system, usb, viren, virus, windows, windows 7 64-bit, windows 7 home, windows 7 home premium |
Linear-Darstellung
