Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Deal Finder Nervensäge

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.01.2013, 14:21   #1
Bobby268
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



Ich bin über eine Suchmaschine auf euer sehr hilfreiches Board gestossen. Das erste Problem (browse to save) ist bereits durch die Suchfunktion erledigt.
Nur den Deal Finder werde ich einfach nicht los!

Ich nutze den neuesten Firefox.

Virenscanner, Malware-Rauswurfprogramme, der AdwCleaner, sind durchgelaufen, keine Funde in Sachen Deal Finder.

Das Dingens popt z.B. bei Amazon oder ebay auf und schlägt super Deals vor und will einen auf eine andere Seite führen. Logisch, dass ich das Ding jedesmal zugemacht habe. Es nervt total, da sich Bilder durch das Drüberlegen nicht öffnen lassen bzw. ich auch befürchte, dass es mehr anstellen könnte.

Über die Suche habe ich nur abgebrochene Threads gefunden.

Alt 11.01.2013, 15:08   #2
markusg
/// Malware-holic
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



Hi
wo sind die Logs von adwcleaner und Malwarebytes?
bzw andere Fundlogs?
bitte poste sie.
http://www.trojaner-board.de/125889-...en-posten.html
__________________

__________________

Alt 11.01.2013, 16:08   #3
Bobby268
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



O.K., bin da nicht so firm drin, hoffe, es klappt mit den Logs:

Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.11.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
db :: xxx [Administrator]

Schutz: Aktiviert

11.01.2013 15:57:00
mbam-log-2013-01-11 (15-57-00).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 210735
Laufzeit: 7 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

ADW kommt gleich.

Hier das Ergebnis von ADW

# AdwCleaner v2.105 - Datei am 11/01/2013 um 16:09:35 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : db - xx
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\db\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v18.0 (de)

Datei : C:\Users\db\AppData\Roaming\Mozilla\Firefox\Profiles\mi00ran3.default\prefs.js

Gelöscht : user_pref("extensions.50b287d2a38bb.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]
Gelöscht : user_pref("extensions.50b28adbef562.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]

*************************

AdwCleaner[S1].txt - [362 octets] - [11/01/2013 13:32:15]
AdwCleaner[S2].txt - [18273 octets] - [11/01/2013 13:51:55]
AdwCleaner[S3].txt - [1041 octets] - [11/01/2013 16:09:35]
__________________

Alt 11.01.2013, 16:54   #4
markusg
/// Malware-holic
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



Hi
hab ich irgendwas von neuen Logs gesagt, lies bitte, was oben steht.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 11.01.2013, 17:18   #5
Bobby268
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



Funde gibt es nicht und gabs nicht.


Alt 11.01.2013, 17:26   #6
markusg
/// Malware-holic
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



du schreibst oben:
Virenscanner, Malware-Rauswurfprogramme, der AdwCleaner, sind durchgelaufen, keine Funde in Sachen Deal Finder.
dann das nächste mal ein wenig klarer ausdrücken, danke.

download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
--> Deal Finder Nervensäge

Alt 11.01.2013, 18:11   #7
Bobby268
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



Habs durchlaufen lassen, leider sieht das Ergebnis irgendwie anders aus als in der Anleitung und ich bekomme den Log nicht hin

Es gibt zwei Funde, einmal Absolute Notifier und einmal rcpld. Der Scanner stuft es als Suspicious ein.

Alt 11.01.2013, 19:38   #8
markusg
/// Malware-holic
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



öffne c: tdsskiller-datum-version.txt, Inhalt posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 11.01.2013, 20:13   #9
Bobby268
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



Danke! (wie geht das mit dem Einfügen in den Kästchen?)

18:06:25.0649 2896 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:06:25.0839 2896 ============================================================
18:06:25.0839 2896 Current date / time: 2013/01/11 18:06:25.0839
18:06:25.0839 2896 SystemInfo:
18:06:25.0839 2896
18:06:25.0839 2896 OS Version: 6.1.7601 ServicePack: 1.0
18:06:25.0839 2896 Product type: Workstation
18:06:25.0839 2896 ComputerName: DB-PC
18:06:25.0839 2896 UserName: db
18:06:25.0839 2896 Windows directory: C:\Windows
18:06:25.0839 2896 System windows directory: C:\Windows
18:06:25.0839 2896 Running under WOW64
18:06:25.0839 2896 Processor architecture: Intel x64
18:06:25.0839 2896 Number of processors: 2
18:06:25.0839 2896 Page size: 0x1000
18:06:25.0839 2896 Boot type: Normal boot
18:06:25.0839 2896 ============================================================
18:06:28.0909 2896 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:06:28.0919 2896 Drive \Device\Harddisk1\DR1 - Size: 0x1D2400000 (7.29 Gb), SectorSize: 0x200, Cylinders: 0x3B7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:06:28.0919 2896 ============================================================
18:06:28.0919 2896 \Device\Harddisk0\DR0:
18:06:28.0919 2896 MBR partitions:
18:06:28.0919 2896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x289E800, BlocksNum 0x32000
18:06:28.0919 2896 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x28D0800, BlocksNum 0x37AB5800
18:06:28.0919 2896 \Device\Harddisk1\DR1:
18:06:28.0919 2896 MBR partitions:
18:06:28.0919 2896 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xE90000
18:06:28.0919 2896 ============================================================
18:06:28.0949 2896 C: <-> \Device\Harddisk0\DR0\Partition2
18:06:28.0949 2896 ============================================================
18:06:28.0949 2896 Initialize success
18:06:28.0959 2896 ============================================================
18:06:40.0189 5388 ============================================================
18:06:40.0189 5388 Scan started
18:06:40.0189 5388 Mode: Manual; SigCheck; TDLFS;
18:06:40.0189 5388 ============================================================
18:06:40.0735 5388 ================ Scan system memory ========================
18:06:40.0735 5388 System memory - ok
18:06:40.0735 5388 ================ Scan services =============================
18:06:40.0832 5388 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:06:40.0922 5388 !SASCORE - ok
18:06:41.0072 5388 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:06:41.0172 5388 1394ohci - ok
18:06:41.0292 5388 [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
18:06:41.0352 5388 a2acc - ok
18:06:41.0532 5388 [ C6D0B4BF12036D1EE092D2F5EF436FC7 ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
18:06:41.0662 5388 a2AntiMalware - ok
18:06:41.0722 5388 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
18:06:41.0752 5388 A2DDA - ok
18:06:41.0772 5388 [ 3D55CE53128C81E06CD6B024C3B9FAC3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
18:06:41.0812 5388 a2injectiondriver - ok
18:06:41.0822 5388 [ E41D79682A209F72F4F578CFD4A53952 ] a2util C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
18:06:41.0842 5388 a2util - ok
18:06:41.0872 5388 [ 28D79AAA4E1C15577A86F930E8DA5E50 ] AbsoluteNotifier C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
18:06:41.0902 5388 AbsoluteNotifier ( UnsignedFile.Multi.Generic ) - warning
18:06:41.0902 5388 AbsoluteNotifier - detected UnsignedFile.Multi.Generic (1)
18:06:41.0942 5388 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:06:41.0972 5388 ACPI - ok
18:06:41.0992 5388 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:06:42.0082 5388 AcpiPmi - ok
18:06:42.0162 5388 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:06:42.0182 5388 AdobeARMservice - ok
18:06:42.0302 5388 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:06:42.0332 5388 AdobeFlashPlayerUpdateSvc - ok
18:06:42.0392 5388 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:06:42.0432 5388 adp94xx - ok
18:06:42.0492 5388 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:06:42.0542 5388 adpahci - ok
18:06:42.0562 5388 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:06:42.0592 5388 adpu320 - ok
18:06:42.0612 5388 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:06:42.0752 5388 AeLookupSvc - ok
18:06:42.0802 5388 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:06:42.0902 5388 AFD - ok
18:06:42.0932 5388 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:06:42.0962 5388 agp440 - ok
18:06:42.0992 5388 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:06:43.0082 5388 ALG - ok
18:06:43.0112 5388 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:06:43.0142 5388 aliide - ok
18:06:43.0172 5388 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:06:43.0192 5388 amdide - ok
18:06:43.0222 5388 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:06:43.0242 5388 AmdK8 - ok
18:06:43.0252 5388 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:06:43.0292 5388 AmdPPM - ok
18:06:43.0312 5388 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:06:43.0332 5388 amdsata - ok
18:06:43.0352 5388 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:06:43.0382 5388 amdsbs - ok
18:06:43.0402 5388 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:06:43.0412 5388 amdxata - ok
18:06:43.0472 5388 [ 94B415DF65DFCE569216F8276E8E9CBD ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
18:06:43.0492 5388 AntiVirMailService - ok
18:06:43.0512 5388 [ C321528276C59058A261616F7D1EA496 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:06:43.0532 5388 AntiVirSchedulerService - ok
18:06:43.0582 5388 [ 66AD3485D0AB5F9FDEF67928FD624A80 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:06:43.0612 5388 AntiVirService - ok
18:06:43.0642 5388 [ EDD7AD5B5C003B7AB38C90508B055C25 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:06:43.0672 5388 AntiVirWebService - ok
18:06:43.0712 5388 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:06:43.0902 5388 AppID - ok
18:06:43.0932 5388 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:06:43.0982 5388 AppIDSvc - ok
18:06:43.0992 5388 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:06:44.0052 5388 Appinfo - ok
18:06:44.0112 5388 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:06:44.0132 5388 Apple Mobile Device - ok
18:06:44.0162 5388 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:06:44.0182 5388 arc - ok
18:06:44.0222 5388 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:06:44.0242 5388 arcsas - ok
18:06:44.0262 5388 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:06:44.0312 5388 AsyncMac - ok
18:06:44.0362 5388 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:06:44.0402 5388 atapi - ok
18:06:44.0492 5388 [ DE9FB3DADE8FD39AE2C587DF22D36B8E ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:06:44.0582 5388 athr - ok
18:06:44.0622 5388 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:06:44.0682 5388 AudioEndpointBuilder - ok
18:06:44.0702 5388 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:06:44.0752 5388 AudioSrv - ok
18:06:44.0782 5388 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:06:44.0802 5388 avgntflt - ok
18:06:44.0842 5388 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:06:44.0902 5388 avipbb - ok
18:06:44.0922 5388 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:06:44.0942 5388 avkmgr - ok
18:06:44.0982 5388 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:06:45.0032 5388 AxInstSV - ok
18:06:45.0082 5388 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:06:45.0152 5388 b06bdrv - ok
18:06:45.0182 5388 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:06:45.0252 5388 b57nd60a - ok
18:06:45.0292 5388 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:06:45.0322 5388 BBSvc - ok
18:06:45.0352 5388 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:06:45.0372 5388 BBUpdate - ok
18:06:45.0422 5388 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:06:45.0472 5388 BDESVC - ok
18:06:45.0502 5388 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:06:45.0562 5388 Beep - ok
18:06:45.0602 5388 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:06:45.0672 5388 BFE - ok
18:06:45.0742 5388 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:06:45.0822 5388 BITS - ok
18:06:45.0842 5388 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:06:45.0872 5388 blbdrive - ok
18:06:45.0932 5388 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:06:45.0972 5388 Bonjour Service - ok
18:06:45.0992 5388 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:06:46.0032 5388 bowser - ok
18:06:46.0062 5388 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:06:46.0092 5388 BrFiltLo - ok
18:06:46.0102 5388 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:06:46.0122 5388 BrFiltUp - ok
18:06:46.0142 5388 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:06:46.0172 5388 Browser - ok
18:06:46.0192 5388 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:06:46.0242 5388 Brserid - ok
18:06:46.0252 5388 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:06:46.0292 5388 BrSerWdm - ok
18:06:46.0322 5388 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:06:46.0342 5388 BrUsbMdm - ok
18:06:46.0352 5388 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:06:46.0382 5388 BrUsbSer - ok
18:06:46.0402 5388 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:06:46.0442 5388 BTHMODEM - ok
18:06:46.0482 5388 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:06:46.0542 5388 bthserv - ok
18:06:46.0562 5388 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:06:46.0622 5388 cdfs - ok
18:06:46.0662 5388 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:06:46.0702 5388 cdrom - ok
18:06:46.0732 5388 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:06:46.0782 5388 CertPropSvc - ok
18:06:46.0842 5388 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:06:46.0902 5388 circlass - ok
18:06:46.0952 5388 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:06:46.0982 5388 CLFS - ok
18:06:47.0042 5388 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:06:47.0082 5388 clr_optimization_v2.0.50727_32 - ok
18:06:47.0142 5388 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:06:47.0182 5388 clr_optimization_v2.0.50727_64 - ok
18:06:47.0252 5388 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:06:47.0382 5388 clr_optimization_v4.0.30319_32 - ok
18:06:47.0472 5388 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:06:47.0492 5388 clr_optimization_v4.0.30319_64 - ok
18:06:47.0532 5388 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:06:47.0562 5388 CmBatt - ok
18:06:47.0592 5388 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:06:47.0622 5388 cmdide - ok
18:06:47.0672 5388 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
18:06:47.0742 5388 CNG - ok
18:06:47.0782 5388 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:06:47.0802 5388 Compbatt - ok
18:06:47.0822 5388 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:06:47.0862 5388 CompositeBus - ok
18:06:47.0882 5388 COMSysApp - ok
18:06:47.0892 5388 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:06:47.0912 5388 crcdisk - ok
18:06:47.0952 5388 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:06:47.0992 5388 CryptSvc - ok
18:06:48.0114 5388 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:06:48.0161 5388 cvhsvc - ok
18:06:48.0192 5388 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:06:48.0270 5388 DcomLaunch - ok
18:06:48.0332 5388 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:06:48.0410 5388 defragsvc - ok
18:06:48.0426 5388 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:06:48.0473 5388 DfsC - ok
18:06:48.0504 5388 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:06:48.0566 5388 Dhcp - ok
18:06:48.0582 5388 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:06:48.0644 5388 discache - ok
18:06:48.0676 5388 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:06:48.0707 5388 Disk - ok
18:06:48.0769 5388 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:06:48.0800 5388 Dnscache - ok
18:06:48.0832 5388 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:06:48.0925 5388 dot3svc - ok
18:06:48.0941 5388 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:06:49.0003 5388 DPS - ok
18:06:49.0034 5388 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:06:49.0066 5388 drmkaud - ok
18:06:49.0112 5388 [ AEA290020589EAF37BA17BA4B0C60937 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
18:06:49.0128 5388 DsiWMIService - ok
18:06:49.0175 5388 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:06:49.0253 5388 DXGKrnl - ok
18:06:49.0284 5388 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:06:49.0331 5388 EapHost - ok
18:06:49.0440 5388 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:06:49.0643 5388 ebdrv - ok
18:06:49.0658 5388 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:06:49.0706 5388 EFS - ok
18:06:49.0769 5388 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:06:49.0847 5388 ehRecvr - ok
18:06:49.0893 5388 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:06:49.0956 5388 ehSched - ok
18:06:50.0003 5388 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:06:50.0065 5388 elxstor - ok
18:06:50.0143 5388 [ AC5C64F828C0A6A1350971501AC2A0C7 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
18:06:50.0190 5388 ePowerSvc - ok
18:06:50.0205 5388 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:06:50.0237 5388 ErrDev - ok
18:06:50.0315 5388 esgiguard - ok
18:06:50.0346 5388 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:06:50.0408 5388 EventSystem - ok
18:06:50.0455 5388 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:06:50.0517 5388 exfat - ok
18:06:50.0533 5388 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:06:50.0611 5388 fastfat - ok
18:06:50.0642 5388 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:06:50.0690 5388 Fax - ok
18:06:50.0721 5388 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:06:50.0752 5388 fdc - ok
18:06:50.0784 5388 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:06:50.0830 5388 fdPHost - ok
18:06:50.0846 5388 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:06:50.0908 5388 FDResPub - ok
18:06:50.0924 5388 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:06:50.0955 5388 FileInfo - ok
18:06:50.0955 5388 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:06:51.0018 5388 Filetrace - ok
18:06:51.0064 5388 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:06:51.0142 5388 FLEXnet Licensing Service - ok
18:06:51.0189 5388 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:06:51.0205 5388 flpydisk - ok
18:06:51.0220 5388 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:06:51.0252 5388 FltMgr - ok
18:06:51.0298 5388 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:06:51.0330 5388 FontCache - ok
18:06:51.0361 5388 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:06:51.0376 5388 FontCache3.0.0.0 - ok
18:06:51.0392 5388 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:06:51.0408 5388 FsDepends - ok
18:06:51.0439 5388 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:06:51.0454 5388 Fs_Rec - ok
18:06:51.0490 5388 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:06:51.0530 5388 fvevol - ok
18:06:51.0550 5388 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:06:51.0580 5388 gagp30kx - ok
18:06:51.0610 5388 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:06:51.0650 5388 GEARAspiWDM - ok
18:06:51.0691 5388 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:06:51.0801 5388 gpsvc - ok
18:06:51.0851 5388 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
18:06:51.0861 5388 GREGService - ok
18:06:51.0931 5388 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:06:51.0961 5388 gupdate - ok
18:06:51.0981 5388 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:06:52.0001 5388 gupdatem - ok
18:06:52.0051 5388 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:06:52.0111 5388 hcw85cir - ok
18:06:52.0141 5388 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:06:52.0191 5388 HdAudAddService - ok
18:06:52.0211 5388 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:06:52.0251 5388 HDAudBus - ok
18:06:52.0291 5388 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
18:06:52.0311 5388 HECIx64 - ok
18:06:52.0341 5388 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:06:52.0371 5388 HidBatt - ok
18:06:52.0381 5388 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:06:52.0421 5388 HidBth - ok
18:06:52.0461 5388 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:06:52.0511 5388 HidIr - ok
18:06:52.0571 5388 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:06:52.0661 5388 hidserv - ok
18:06:52.0721 5388 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:06:52.0741 5388 HidUsb - ok
18:06:52.0761 5388 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:06:52.0821 5388 hkmsvc - ok
18:06:52.0871 5388 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:06:52.0911 5388 HomeGroupListener - ok
18:06:52.0931 5388 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:06:52.0951 5388 HomeGroupProvider - ok
18:06:52.0981 5388 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:06:53.0001 5388 HpSAMD - ok
18:06:53.0041 5388 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:06:53.0131 5388 HTTP - ok
18:06:53.0141 5388 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:06:53.0161 5388 hwpolicy - ok
18:06:53.0181 5388 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:06:53.0201 5388 i8042prt - ok
18:06:53.0251 5388 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
18:06:53.0271 5388 iaStor - ok
18:06:53.0301 5388 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:06:53.0351 5388 iaStorV - ok
18:06:53.0401 5388 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:06:53.0521 5388 idsvc - ok
18:06:53.0781 5388 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:06:54.0341 5388 igfx - ok
18:06:54.0391 5388 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:06:54.0411 5388 iirsp - ok
18:06:54.0501 5388 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:06:54.0581 5388 IKEEXT - ok
18:06:54.0631 5388 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
18:06:54.0691 5388 Impcd - ok
18:06:54.0791 5388 [ 718A4008EE5DA174400396B27509EF82 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:06:55.0001 5388 IntcAzAudAddService - ok
18:06:55.0021 5388 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:06:55.0031 5388 intelide - ok
18:06:55.0071 5388 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:06:55.0101 5388 intelppm - ok
18:06:55.0121 5388 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:06:55.0191 5388 IPBusEnum - ok
18:06:55.0221 5388 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:06:55.0281 5388 IpFilterDriver - ok
18:06:55.0321 5388 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:06:55.0381 5388 iphlpsvc - ok
18:06:55.0421 5388 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:06:55.0481 5388 IPMIDRV - ok
18:06:55.0491 5388 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:06:55.0541 5388 IPNAT - ok
18:06:55.0621 5388 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:06:55.0671 5388 iPod Service - ok
18:06:55.0741 5388 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:06:55.0791 5388 IRENUM - ok
18:06:55.0801 5388 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:06:55.0821 5388 isapnp - ok
18:06:55.0841 5388 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:06:55.0871 5388 iScsiPrt - ok
18:06:55.0901 5388 [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
18:06:55.0911 5388 IviRegMgr - ok
18:06:55.0961 5388 [ 455B75C19BF3F1F2EE3AC10E1169826C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
18:06:55.0991 5388 k57nd60a - ok
18:06:56.0031 5388 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:06:56.0061 5388 kbdclass - ok
18:06:56.0091 5388 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:06:56.0121 5388 kbdhid - ok
18:06:56.0141 5388 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:06:56.0161 5388 KeyIso - ok
18:06:56.0191 5388 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:06:56.0221 5388 KSecDD - ok
18:06:56.0251 5388 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:06:56.0271 5388 KSecPkg - ok
18:06:56.0301 5388 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:06:56.0361 5388 ksthunk - ok
18:06:56.0391 5388 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:06:56.0451 5388 KtmRm - ok
18:06:56.0501 5388 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:06:56.0581 5388 LanmanServer - ok
18:06:56.0611 5388 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:06:56.0671 5388 LanmanWorkstation - ok
18:06:56.0751 5388 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:06:56.0771 5388 Live Updater Service - ok
18:06:56.0811 5388 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:06:56.0871 5388 lltdio - ok
18:06:56.0911 5388 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:06:56.0981 5388 lltdsvc - ok
18:06:57.0001 5388 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:06:57.0061 5388 lmhosts - ok
18:06:57.0131 5388 [ 9D8B95C0EAE145C46BC4A727B23DA395 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:06:57.0161 5388 LMS - ok
18:06:57.0201 5388 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:06:57.0221 5388 LSI_FC - ok
18:06:57.0241 5388 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:06:57.0261 5388 LSI_SAS - ok
18:06:57.0261 5388 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:06:57.0291 5388 LSI_SAS2 - ok
18:06:57.0291 5388 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:06:57.0321 5388 LSI_SCSI - ok
18:06:57.0331 5388 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:06:57.0391 5388 luafv - ok
18:06:57.0451 5388 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:06:57.0471 5388 MBAMProtector - ok
18:06:57.0611 5388 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:06:57.0641 5388 MBAMScheduler - ok
18:06:57.0821 5388 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:06:57.0891 5388 MBAMService - ok
18:06:57.0921 5388 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:06:57.0951 5388 Mcx2Svc - ok
18:06:57.0971 5388 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:06:57.0991 5388 megasas - ok
18:06:58.0031 5388 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:06:58.0061 5388 MegaSR - ok
18:06:58.0081 5388 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:06:58.0121 5388 MMCSS - ok
18:06:58.0141 5388 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:06:58.0201 5388 Modem - ok
18:06:58.0231 5388 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:06:58.0261 5388 monitor - ok
18:06:58.0301 5388 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:06:58.0321 5388 mouclass - ok
18:06:58.0351 5388 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
18:06:58.0381 5388 mouhid - ok
18:06:58.0401 5388 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:06:58.0421 5388 mountmgr - ok
18:06:58.0471 5388 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:06:58.0521 5388 MozillaMaintenance - ok
18:06:58.0571 5388 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:06:58.0601 5388 MpFilter - ok
18:06:58.0631 5388 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:06:58.0651 5388 mpio - ok
18:06:58.0671 5388 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:06:58.0722 5388 mpsdrv - ok
18:06:58.0772 5388 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:06:58.0872 5388 MpsSvc - ok
18:06:58.0892 5388 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:06:58.0942 5388 MRxDAV - ok
18:06:58.0962 5388 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:06:59.0012 5388 mrxsmb - ok
18:06:59.0042 5388 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:06:59.0072 5388 mrxsmb10 - ok
18:06:59.0102 5388 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:06:59.0122 5388 mrxsmb20 - ok
18:06:59.0142 5388 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:06:59.0172 5388 msahci - ok
18:06:59.0192 5388 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:06:59.0212 5388 msdsm - ok
18:06:59.0232 5388 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:06:59.0262 5388 MSDTC - ok
18:06:59.0292 5388 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:06:59.0342 5388 Msfs - ok
18:06:59.0362 5388 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:06:59.0422 5388 mshidkmdf - ok
18:06:59.0442 5388 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:06:59.0452 5388 msisadrv - ok
18:06:59.0502 5388 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:06:59.0582 5388 MSiSCSI - ok
18:06:59.0592 5388 msiserver - ok
18:06:59.0612 5388 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:06:59.0772 5388 MSKSSRV - ok
18:06:59.0912 5388 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:06:59.0942 5388 MsMpSvc - ok
18:07:00.0002 5388 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:07:00.0072 5388 MSPCLOCK - ok
18:07:00.0092 5388 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:07:00.0152 5388 MSPQM - ok
18:07:00.0172 5388 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:07:00.0202 5388 MsRPC - ok
18:07:00.0212 5388 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:07:00.0232 5388 mssmbios - ok
18:07:00.0242 5388 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:07:00.0312 5388 MSTEE - ok
18:07:00.0322 5388 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:07:00.0352 5388 MTConfig - ok
18:07:00.0362 5388 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:07:00.0392 5388 Mup - ok
18:07:00.0412 5388 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:07:00.0472 5388 napagent - ok
18:07:00.0522 5388 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:07:00.0562 5388 NativeWifiP - ok
18:07:00.0622 5388 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:07:00.0672 5388 NDIS - ok
18:07:00.0712 5388 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:07:00.0792 5388 NdisCap - ok
18:07:00.0832 5388 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:07:00.0892 5388 NdisTapi - ok
18:07:00.0932 5388 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:07:00.0982 5388 Ndisuio - ok
18:07:01.0002 5388 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:07:01.0072 5388 NdisWan - ok
18:07:01.0092 5388 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:07:01.0152 5388 NDProxy - ok
18:07:01.0172 5388 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:07:01.0222 5388 NetBIOS - ok
18:07:01.0242 5388 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:07:01.0292 5388 NetBT - ok
18:07:01.0312 5388 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:07:01.0332 5388 Netlogon - ok
18:07:01.0352 5388 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:07:01.0422 5388 Netman - ok
18:07:01.0442 5388 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:07:01.0502 5388 netprofm - ok
18:07:01.0522 5388 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:07:01.0562 5388 NetTcpPortSharing - ok
18:07:01.0592 5388 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:07:01.0612 5388 nfrd960 - ok
18:07:01.0642 5388 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:07:01.0692 5388 NisDrv - ok
18:07:01.0752 5388 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:07:01.0782 5388 NisSrv - ok
18:07:01.0822 5388 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:07:01.0862 5388 NlaSvc - ok
18:07:01.0882 5388 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:07:01.0942 5388 Npfs - ok
18:07:01.0962 5388 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:07:02.0002 5388 nsi - ok
18:07:02.0012 5388 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:07:02.0072 5388 nsiproxy - ok
18:07:02.0142 5388 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:07:02.0262 5388 Ntfs - ok
18:07:02.0322 5388 [ 1873214666F6F0A883742DF91FBC48C9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
18:07:02.0342 5388 NTI IScheduleSvc - ok
18:07:02.0392 5388 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
18:07:02.0412 5388 NTIDrvr - ok
18:07:02.0422 5388 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:07:02.0472 5388 Null - ok
18:07:02.0502 5388 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:07:02.0522 5388 nvraid - ok
18:07:02.0542 5388 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:07:02.0572 5388 nvstor - ok
18:07:02.0582 5388 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:07:02.0602 5388 nv_agp - ok
18:07:02.0612 5388 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:07:02.0632 5388 ohci1394 - ok
18:07:02.0732 5388 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:07:02.0782 5388 ose - ok
18:07:02.0962 5388 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:07:03.0252 5388 osppsvc - ok
18:07:03.0282 5388 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:07:03.0302 5388 p2pimsvc - ok
18:07:03.0322 5388 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:07:03.0342 5388 p2psvc - ok
18:07:03.0372 5388 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:07:03.0402 5388 Parport - ok
18:07:03.0422 5388 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:07:03.0442 5388 partmgr - ok
18:07:03.0462 5388 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:07:03.0502 5388 PcaSvc - ok
18:07:03.0522 5388 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:07:03.0552 5388 pci - ok
18:07:03.0562 5388 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:07:03.0582 5388 pciide - ok
18:07:03.0612 5388 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:07:03.0642 5388 pcmcia - ok
18:07:03.0652 5388 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:07:03.0672 5388 pcw - ok
18:07:03.0722 5388 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:07:03.0812 5388 PEAUTH - ok
18:07:03.0872 5388 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:07:03.0922 5388 PerfHost - ok
18:07:03.0982 5388 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:07:04.0082 5388 pla - ok
18:07:04.0132 5388 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:07:04.0162 5388 PlugPlay - ok
18:07:04.0172 5388 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:07:04.0212 5388 PNRPAutoReg - ok
18:07:04.0232 5388 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:07:04.0252 5388 PNRPsvc - ok
18:07:04.0292 5388 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:07:04.0352 5388 PolicyAgent - ok
18:07:04.0372 5388 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:07:04.0432 5388 Power - ok
18:07:04.0462 5388 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:07:04.0522 5388 PptpMiniport - ok
18:07:04.0532 5388 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:07:04.0572 5388 Processor - ok
18:07:04.0592 5388 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:07:04.0622 5388 ProfSvc - ok
18:07:04.0642 5388 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:07:04.0652 5388 ProtectedStorage - ok
18:07:04.0682 5388 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:07:04.0732 5388 Psched - ok
18:07:04.0792 5388 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
18:07:04.0832 5388 PSI - ok
18:07:04.0852 5388 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
18:07:04.0872 5388 PSI_SVC_2 - ok
18:07:04.0932 5388 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:07:05.0022 5388 ql2300 - ok
18:07:05.0042 5388 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:07:05.0062 5388 ql40xx - ok
18:07:05.0082 5388 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:07:05.0122 5388 QWAVE - ok
18:07:05.0132 5388 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:07:05.0162 5388 QWAVEdrv - ok
18:07:05.0182 5388 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:07:05.0242 5388 RasAcd - ok
18:07:05.0272 5388 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:07:05.0322 5388 RasAgileVpn - ok
18:07:05.0352 5388 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:07:05.0412 5388 RasAuto - ok
18:07:05.0432 5388 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:07:05.0482 5388 Rasl2tp - ok
18:07:05.0512 5388 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:07:05.0572 5388 RasMan - ok
18:07:05.0582 5388 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:07:05.0642 5388 RasPppoe - ok
18:07:05.0672 5388 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:07:05.0732 5388 RasSstp - ok
18:07:05.0752 5388 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:07:05.0822 5388 rdbss - ok
18:07:05.0842 5388 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:07:05.0872 5388 rdpbus - ok
18:07:05.0882 5388 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:07:05.0942 5388 RDPCDD - ok
18:07:05.0962 5388 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:07:06.0022 5388 RDPENCDD - ok
18:07:06.0032 5388 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:07:06.0082 5388 RDPREFMP - ok
18:07:06.0132 5388 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:07:06.0182 5388 RdpVideoMiniport - ok
18:07:06.0202 5388 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:07:06.0242 5388 RDPWD - ok
18:07:06.0282 5388 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:07:06.0312 5388 rdyboost - ok
18:07:06.0342 5388 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:07:06.0402 5388 RemoteAccess - ok
18:07:06.0442 5388 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:07:06.0522 5388 RemoteRegistry - ok
18:07:06.0532 5388 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:07:06.0592 5388 RpcEptMapper - ok
18:07:06.0692 5388 [ B1574DCB4AE3EFACC24AA87B4AE6FC55 ] rpcld C:\ProgramData\Rpcnet\Bin\rpcld.exe
18:07:06.0692 5388 Suspicious file (NoAccess): C:\ProgramData\Rpcnet\Bin\rpcld.exe. md5: B1574DCB4AE3EFACC24AA87B4AE6FC55
18:07:06.0692 5388 rpcld ( LockedFile.Multi.Generic ) - warning
18:07:06.0692 5388 rpcld - detected LockedFile.Multi.Generic (1)
18:07:06.0742 5388 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:07:06.0792 5388 RpcLocator - ok
18:07:06.0842 5388 [ 6684437F3628EF237C354F77D33426D1 ] rpcnet C:\Windows\SysWOW64\rpcnet.exe
18:07:06.0852 5388 rpcnet - ok
18:07:06.0882 5388 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:07:06.0942 5388 RpcSs - ok
18:07:06.0982 5388 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:07:07.0062 5388 rspndr - ok
18:07:07.0082 5388 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
18:07:07.0102 5388 RSUSBSTOR - ok
18:07:07.0142 5388 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
18:07:07.0152 5388 RS_Service - ok
18:07:07.0172 5388 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:07:07.0182 5388 SamSs - ok
18:07:07.0222 5388 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:07:07.0248 5388 SASDIFSV - ok
18:07:07.0248 5388 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:07:07.0279 5388 SASKUTIL - ok
18:07:07.0295 5388 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:07:07.0326 5388 sbp2port - ok
18:07:07.0357 5388 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:07:07.0419 5388 SCardSvr - ok
18:07:07.0435 5388 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:07:07.0497 5388 scfilter - ok
18:07:07.0529 5388 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:07:07.0653 5388 Schedule - ok
18:07:07.0685 5388 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:07:07.0716 5388 SCPolicySvc - ok
18:07:07.0747 5388 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:07:07.0841 5388 SDRSVC - ok
18:07:07.0887 5388 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:07:08.0012 5388 secdrv - ok
18:07:08.0059 5388 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:07:08.0121 5388 seclogon - ok
18:07:08.0309 5388 [ 306F9390976E41063D21AB9AB6D48122 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:07:08.0387 5388 Secunia PSI Agent - ok
18:07:08.0480 5388 [ 29C852880E9634F8C6BD77A4E68B5B34 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
18:07:08.0527 5388 Secunia Update Agent - ok
18:07:08.0558 5388 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:07:08.0618 5388 SENS - ok
18:07:08.0638 5388 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:07:08.0688 5388 SensrSvc - ok
18:07:08.0708 5388 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:07:08.0728 5388 Serenum - ok
18:07:08.0748 5388 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:07:08.0788 5388 Serial - ok
18:07:08.0818 5388 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:07:08.0848 5388 sermouse - ok
18:07:08.0888 5388 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:07:08.0938 5388 SessionEnv - ok
18:07:08.0968 5388 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:07:08.0998 5388 sffdisk - ok
18:07:09.0018 5388 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:07:09.0048 5388 sffp_mmc - ok
18:07:09.0058 5388 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:07:09.0088 5388 sffp_sd - ok
18:07:09.0108 5388 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:07:09.0138 5388 sfloppy - ok
18:07:09.0188 5388 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:07:09.0278 5388 Sftfs - ok
18:07:09.0348 5388 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:07:09.0388 5388 sftlist - ok
18:07:09.0408 5388 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:07:09.0428 5388 Sftplay - ok
18:07:09.0438 5388 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:07:09.0458 5388 Sftredir - ok
18:07:09.0488 5388 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:07:09.0518 5388 Sftvol - ok
18:07:09.0538 5388 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:07:09.0558 5388 sftvsa - ok
18:07:09.0578 5388 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:07:09.0648 5388 SharedAccess - ok
18:07:09.0678 5388 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:07:09.0748 5388 ShellHWDetection - ok
18:07:09.0778 5388 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:07:09.0798 5388 SiSRaid2 - ok
18:07:09.0818 5388 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:07:09.0838 5388 SiSRaid4 - ok
18:07:09.0888 5388 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:07:09.0978 5388 SkypeUpdate - ok
18:07:10.0008 5388 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:07:10.0068 5388 Smb - ok
18:07:10.0118 5388 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:07:10.0148 5388 SNMPTRAP - ok
18:07:10.0168 5388 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:07:10.0188 5388 spldr - ok
18:07:10.0218 5388 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:07:10.0278 5388 Spooler - ok
18:07:10.0398 5388 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:07:10.0498 5388 sppsvc - ok
18:07:10.0508 5388 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:07:10.0568 5388 sppuinotify - ok
18:07:10.0588 5388 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:07:10.0648 5388 srv - ok
18:07:10.0678 5388 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:07:10.0718 5388 srv2 - ok
18:07:10.0738 5388 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:07:10.0768 5388 srvnet - ok
18:07:10.0808 5388 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:07:10.0858 5388 SSDPSRV - ok
18:07:10.0898 5388 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:07:10.0948 5388 SstpSvc - ok
18:07:10.0978 5388 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:07:10.0998 5388 stexstor - ok
18:07:11.0028 5388 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:07:11.0078 5388 stisvc - ok
18:07:11.0098 5388 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:07:11.0108 5388 swenum - ok
18:07:11.0138 5388 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:07:11.0228 5388 swprv - ok
18:07:11.0288 5388 [ 0A535B4F638D5BBCF3EE6C997BF33892 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:07:11.0328 5388 SynTP - ok
18:07:11.0378 5388 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:07:11.0478 5388 SysMain - ok
18:07:11.0498 5388 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:07:11.0528 5388 TabletInputService - ok
18:07:11.0548 5388 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:07:11.0608 5388 TapiSrv - ok
18:07:11.0618 5388 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:07:11.0678 5388 TBS - ok
18:07:11.0838 5388 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:07:12.0038 5388 Tcpip - ok
18:07:12.0138 5388 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:07:12.0198 5388 TCPIP6 - ok
18:07:12.0218 5388 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:07:12.0238 5388 tcpipreg - ok
18:07:12.0268 5388 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:07:12.0308 5388 TDPIPE - ok
18:07:12.0328 5388 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:07:12.0338 5388 TDTCP - ok
18:07:12.0358 5388 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:07:12.0408 5388 tdx - ok
18:07:12.0428 5388 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:07:12.0448 5388 TermDD - ok
18:07:12.0478 5388 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:07:12.0538 5388 TermService - ok
18:07:12.0548 5388 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:07:12.0578 5388 Themes - ok
18:07:12.0598 5388 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:07:12.0638 5388 THREADORDER - ok
18:07:12.0648 5388 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:07:12.0708 5388 TrkWks - ok
18:07:12.0748 5388 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:07:12.0788 5388 TrustedInstaller - ok
18:07:12.0798 5388 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:07:12.0868 5388 tssecsrv - ok
18:07:12.0908 5388 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:07:12.0948 5388 TsUsbFlt - ok
18:07:12.0978 5388 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:07:12.0998 5388 TsUsbGD - ok
18:07:13.0038 5388 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:07:13.0098 5388 tunnel - ok
18:07:13.0128 5388 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:07:13.0148 5388 uagp35 - ok
18:07:13.0168 5388 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
18:07:13.0178 5388 UBHelper - ok
18:07:13.0198 5388 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:07:13.0258 5388 udfs - ok
18:07:13.0298 5388 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:07:13.0318 5388 UI0Detect - ok
18:07:13.0338 5388 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:07:13.0358 5388 uliagpkx - ok
18:07:13.0368 5388 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:07:13.0408 5388 umbus - ok
18:07:13.0418 5388 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:07:13.0448 5388 UmPass - ok
18:07:13.0558 5388 [ 0B0B9F55B12767A755932C26B5FED715 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:07:13.0668 5388 UNS - ok
18:07:13.0708 5388 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:07:13.0768 5388 upnphost - ok
18:07:13.0838 5388 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:07:13.0898 5388 USBAAPL64 - ok
18:07:13.0928 5388 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:07:13.0958 5388 usbccgp - ok
18:07:13.0978 5388 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:07:14.0008 5388 usbcir - ok
18:07:14.0028 5388 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:07:14.0048 5388 usbehci - ok
18:07:14.0078 5388 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
18:07:14.0108 5388 usbhub - ok
18:07:14.0128 5388 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:07:14.0158 5388 usbohci - ok
18:07:14.0178 5388 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:07:14.0218 5388 usbprint - ok
18:07:14.0258 5388 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:07:14.0318 5388 usbscan - ok
18:07:14.0338 5388 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:07:14.0378 5388 USBSTOR - ok
18:07:14.0388 5388 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:07:14.0418 5388 usbuhci - ok
18:07:14.0448 5388 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:07:14.0468 5388 usbvideo - ok
18:07:14.0498 5388 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:07:14.0548 5388 UxSms - ok
18:07:14.0558 5388 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:07:14.0568 5388 VaultSvc - ok
18:07:14.0598 5388 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:07:14.0618 5388 vdrvroot - ok
18:07:14.0648 5388 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:07:14.0748 5388 vds - ok
18:07:14.0778 5388 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:07:14.0798 5388 vga - ok
18:07:14.0818 5388 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:07:14.0878 5388 VgaSave - ok
18:07:14.0898 5388 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:07:14.0928 5388 vhdmp - ok
18:07:14.0938 5388 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:07:14.0958 5388 viaide - ok
18:07:14.0968 5388 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:07:14.0988 5388 volmgr - ok
18:07:15.0018 5388 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:07:15.0048 5388 volmgrx - ok
18:07:15.0068 5388 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:07:15.0098 5388 volsnap - ok
18:07:15.0118 5388 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:07:15.0158 5388 vsmraid - ok
18:07:15.0218 5388 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:07:15.0378 5388 VSS - ok
18:07:15.0398 5388 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:07:15.0438 5388 vwifibus - ok
18:07:15.0468 5388 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:07:15.0488 5388 vwififlt - ok
18:07:15.0538 5388 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:07:15.0588 5388 W32Time - ok
18:07:15.0608 5388 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:07:15.0638 5388 WacomPen - ok
18:07:15.0658 5388 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:07:15.0728 5388 WANARP - ok
18:07:15.0758 5388 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:07:15.0798 5388 Wanarpv6 - ok
18:07:15.0868 5388 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:07:16.0018 5388 WatAdminSvc - ok
18:07:16.0088 5388 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:07:16.0198 5388 wbengine - ok
18:07:16.0218 5388 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:07:16.0248 5388 WbioSrvc - ok
18:07:16.0268 5388 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:07:16.0308 5388 wcncsvc - ok
18:07:16.0328 5388 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:07:16.0358 5388 WcsPlugInService - ok
18:07:16.0388 5388 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:07:16.0408 5388 Wd - ok
18:07:16.0458 5388 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:07:16.0558 5388 Wdf01000 - ok
18:07:16.0568 5388 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:07:16.0688 5388 WdiServiceHost - ok
18:07:16.0698 5388 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:07:16.0718 5388 WdiSystemHost - ok
18:07:16.0768 5388 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:07:16.0818 5388 WebClient - ok
18:07:16.0828 5388 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:07:16.0898 5388 Wecsvc - ok
18:07:16.0914 5388 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:07:16.0961 5388 wercplsupport - ok
18:07:16.0976 5388 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:07:17.0023 5388 WerSvc - ok
18:07:17.0054 5388 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:07:17.0101 5388 WfpLwf - ok
18:07:17.0117 5388 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:07:17.0132 5388 WIMMount - ok
18:07:17.0163 5388 WinDefend - ok
18:07:17.0163 5388 WinHttpAutoProxySvc - ok
18:07:17.0210 5388 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:07:17.0288 5388 Winmgmt - ok
18:07:17.0351 5388 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:07:17.0491 5388 WinRM - ok
18:07:17.0563 5388 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:07:17.0633 5388 Wlansvc - ok
18:07:17.0703 5388 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:07:17.0723 5388 wlcrasvc - ok
18:07:17.0803 5388 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:07:17.0983 5388 wlidsvc - ok
18:07:18.0013 5388 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:07:18.0043 5388 WmiAcpi - ok
18:07:18.0083 5388 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:07:18.0143 5388 wmiApSrv - ok
18:07:18.0173 5388 WMPNetworkSvc - ok
18:07:18.0193 5388 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:07:18.0243 5388 WPCSvc - ok
18:07:18.0263 5388 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:07:18.0283 5388 WPDBusEnum - ok
18:07:18.0293 5388 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:07:18.0343 5388 ws2ifsl - ok
18:07:18.0393 5388 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:07:18.0453 5388 wscsvc - ok
18:07:18.0453 5388 WSearch - ok
18:07:18.0533 5388 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:07:18.0603 5388 wuauserv - ok
18:07:18.0643 5388 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:07:18.0683 5388 WudfPf - ok
18:07:18.0723 5388 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:07:18.0753 5388 WUDFRd - ok
18:07:18.0773 5388 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:07:18.0793 5388 wudfsvc - ok
18:07:18.0833 5388 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:07:18.0883 5388 WwanSvc - ok
18:07:18.0933 5388 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
18:07:19.0003 5388 xnacc - ok
18:07:19.0023 5388 ================ Scan global ===============================
18:07:19.0053 5388 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:07:19.0093 5388 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
18:07:19.0113 5388 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
18:07:19.0153 5388 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:07:19.0163 5388 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:07:19.0173 5388 [Global] - ok
18:07:19.0173 5388 ================ Scan MBR ==================================
18:07:19.0193 5388 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:07:19.0643 5388 \Device\Harddisk0\DR0 - ok
18:07:19.0653 5388 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
18:07:19.0883 5388 \Device\Harddisk1\DR1 - ok
18:07:19.0883 5388 ================ Scan VBR ==================================
18:07:19.0893 5388 [ EB4D88836718AB3397EB2659975A5A62 ] \Device\Harddisk0\DR0\Partition1
18:07:19.0893 5388 \Device\Harddisk0\DR0\Partition1 - ok
18:07:19.0913 5388 [ 445EEF1C8778D5EDF2A3671ABA5D0575 ] \Device\Harddisk0\DR0\Partition2
18:07:19.0913 5388 \Device\Harddisk0\DR0\Partition2 - ok
18:07:19.0923 5388 [ 4A323A1F47414907BE4709DE26526DA8 ] \Device\Harddisk1\DR1\Partition1
18:07:19.0923 5388 \Device\Harddisk1\DR1\Partition1 - ok
18:07:19.0933 5388 ============================================================
18:07:19.0933 5388 Scan finished
18:07:19.0933 5388 ============================================================
18:07:19.0943 4832 Detected object count: 2
18:07:19.0943 4832 Actual detected object count: 2
18:09:53.0252 4832 AbsoluteNotifier ( UnsignedFile.Multi.Generic ) - skipped by user
18:09:53.0252 4832 AbsoluteNotifier ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:09:53.0262 4832 rpcld ( LockedFile.Multi.Generic ) - skipped by user
18:09:53.0262 4832 rpcld ( LockedFile.Multi.Generic ) - User select action: Skip

Alt 11.01.2013, 20:52   #10
markusg
/// Malware-holic
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 11.01.2013, 21:59   #11
Bobby268
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



Das hat mir der Combo herausgefunden:

Code:
ATTFilter
ComboFix 13-01-11.02 - db 11.01.2013  21:37:08.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3764.2036 [GMT 1:00]
ausgeführt von:: c:\users\db\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Download and Sa
c:\programdata\Download and Sa\50b287d2a397b.ocx
c:\programdata\Download and Sa\50b287d2a39b4.html
c:\programdata\Download and Sa\50b287d2a39ec.js
c:\programdata\Download and Sa\50b28adbef646.ocx
c:\programdata\Download and Sa\50b28adbef67f.html
c:\programdata\Download and Sa\50b28adbef6b8.js
c:\programdata\Download and Sa\godjagbejemlhciaiepenpmbjcaahbcg.crx
c:\programdata\Download and Sa\jifeglccomcphijppcjnigbmneoobioa.crx
c:\programdata\Download and Sa\settings.ini
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-12-11 bis 2013-01-11  ))))))))))))))))))))))))))))))
.
.
2013-01-11 20:43 . 2013-01-11 20:43	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-01-11 19:41 . 2013-01-11 20:08	--------	d-----w-	c:\program files (x86)\Haunted Halls - Die Rache des Dr Blackmore Sammleredition
2013-01-11 16:40 . 2013-01-11 16:40	--------	d-----w-	c:\users\db\AppData\Local\Secunia PSI
2013-01-11 16:39 . 2013-01-11 16:39	--------	d-----w-	c:\program files (x86)\Secunia
2013-01-11 15:50 . 2013-01-11 15:50	--------	d-----w-	c:\users\db\AppData\Roaming\SUPERAntiSpyware.com
2013-01-11 15:50 . 2013-01-11 20:09	--------	d-----w-	c:\program files\SUPERAntiSpyware
2013-01-11 15:50 . 2013-01-11 15:50	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2013-01-11 15:33 . 2013-01-11 15:33	--------	d-----w-	C:\TDSSKiller_Quarantine
2013-01-11 09:25 . 2013-01-11 20:08	--------	d-----w-	c:\program files (x86)\Emsisoft Anti-Malware
2013-01-11 08:31 . 2013-01-11 08:31	--------	d-----w-	c:\program files\Enigma Software Group
2013-01-10 11:27 . 2013-01-11 20:08	--------	d-----w-	c:\program files\Perfect Uninstaller
2013-01-09 19:57 . 2013-01-11 20:08	--------	d-----w-	c:\program files\Microsoft Security Client
2013-01-09 19:40 . 2013-01-09 19:40	--------	d-----w-	c:\users\db\AppData\Roaming\FOP
2013-01-09 18:55 . 2013-01-09 18:55	--------	d-----w-	c:\users\db\AppData\Roaming\Malwarebytes
2013-01-09 18:55 . 2013-01-11 20:08	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-09 18:55 . 2013-01-09 18:55	--------	d-----w-	c:\programdata\Malwarebytes
2013-01-09 18:55 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-01-09 18:55 . 2013-01-09 18:55	--------	d-----w-	c:\users\db\AppData\Local\Programs
2013-01-09 17:03 . 2013-01-09 17:04	--------	d-----w-	c:\program files (x86)\Mystic Legacy - Der maechtige Ring
2013-01-07 14:51 . 2013-01-07 14:52	--------	d-----w-	c:\users\db\AppData\Roaming\Building the Great Wall of China
2013-01-05 15:46 . 2013-01-05 15:48	--------	d-----w-	c:\program files (x86)\Mayan Prophecies - Schiff der Geister Sammleredition
2013-01-05 15:35 . 2013-01-05 15:35	--------	d-----w-	c:\program files (x86)\bfgclient
2013-01-05 15:32 . 2013-01-11 20:04	--------	d-----w-	C:\BigFishGamesCache
2013-01-05 10:12 . 2013-01-05 11:24	--------	d-----w-	c:\programdata\DriverGenius
2013-01-05 10:12 . 2013-01-05 10:12	--------	d-----w-	c:\program files (x86)\Driver-Soft
2013-01-04 19:13 . 2012-11-28 09:35	95184	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-04 18:35 . 2013-01-04 18:35	--------	d-----w-	c:\program files (x86)\SystemRequirementsLab
2013-01-03 08:45 . 2013-01-03 08:45	--------	d-----w-	c:\users\db\AppData\Roaming\EleFun Games
2013-01-02 18:39 . 2013-01-02 18:39	--------	d-----w-	c:\program files (x86)\Bau der Großen Mauer in China
2013-01-02 13:05 . 2013-01-02 13:05	--------	d-----w-	c:\users\db\AppData\Local\Evernote
2013-01-02 11:23 . 2012-08-23 15:09	3584	----a-w-	c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2013-01-02 11:23 . 2012-08-23 13:41	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-01-02 11:23 . 2012-08-23 13:40	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-01-02 11:23 . 2012-08-23 13:24	15360	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2013-01-02 11:23 . 2012-08-23 14:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2013-01-02 11:23 . 2012-08-23 14:08	30208	----a-w-	c:\windows\system32\drivers\TsUsbGD.sys
2013-01-02 11:23 . 2012-08-23 14:07	57856	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2013-01-01 18:17 . 2013-01-01 18:17	--------	d-----w-	c:\users\db\AppData\Roaming\Artifex Mundi
2012-12-31 13:52 . 2012-12-31 13:54	--------	d-----w-	c:\program files (x86)\Dark Arcana - Die Spiegelwelt
2012-12-31 11:16 . 2013-01-02 12:04	--------	d-----w-	c:\users\db\AppData\Local\LogMeIn Rescue Applet
2012-12-29 14:05 . 2012-12-29 14:05	--------	d-----w-	c:\program files (x86)\Garden Rescue - Weihnachtsedition
2012-12-27 10:43 . 2012-12-27 10:45	--------	d-----w-	c:\program files (x86)\Shadow Wolf Mysteries - Der Fluch des Vollmonds
2012-12-27 10:35 . 2012-12-27 10:37	--------	d-----w-	c:\program files (x86)\Shadow Wolf Mysteries - Das Leid der Familie
2012-12-26 21:01 . 2012-12-26 21:01	--------	d-----w-	c:\users\db\AppData\Roaming\Amazon
2012-12-26 21:01 . 2012-12-26 21:01	--------	d-----w-	c:\program files (x86)\Amazon
2012-12-26 18:41 . 2012-12-26 18:43	--------	d-----w-	c:\program files (x86)\Shadow Wolf Mysteries - Die verfluchte Hochzeit Sammleredition
2012-12-26 17:39 . 2012-12-26 17:39	--------	d-----w-	c:\windows\SysWow64\Wat
2012-12-26 17:39 . 2012-12-26 17:39	--------	d-----w-	c:\windows\system32\Wat
2012-12-26 08:54 . 2012-12-26 08:55	--------	d-----w-	c:\program files (x86)\Witch Hunters - Gestohlene Schoenheit
2012-12-25 20:17 . 2012-12-25 20:17	--------	d-----w-	c:\users\db\AppData\Roaming\Top Evidence
2012-12-25 20:17 . 2012-12-25 20:17	--------	d-----w-	c:\programdata\Top Evidence
2012-12-25 17:17 . 2012-12-25 17:17	--------	d-----w-	c:\users\db\AppData\Roaming\BlamGames
2012-12-23 19:06 . 2012-12-23 19:06	--------	d-----w-	c:\users\db\AppData\Roaming\Elephant Games
2012-12-23 19:06 . 2012-12-23 19:06	--------	d-----w-	c:\programdata\Elephant Games
2012-12-22 06:02 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-22 06:02 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-22 06:02 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-22 06:02 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 15:04 . 2012-12-16 15:04	--------	d-----w-	c:\users\db\AppData\Local\fotokasten comfort
2012-12-16 15:03 . 2012-12-16 15:03	--------	d-----w-	c:\programdata\fotokasten comfort
2012-12-16 15:02 . 2012-12-16 15:03	--------	d-----w-	c:\program files (x86)\fotokasten comfort
2012-12-16 14:56 . 2012-12-16 14:56	--------	d-----w-	c:\windows\Sun
2012-12-15 06:21 . 2012-12-15 06:22	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-15 06:21 . 2012-12-15 06:22	--------	d-----w-	c:\program files\iTunes
2012-12-15 06:21 . 2012-12-15 06:22	--------	d-----w-	c:\program files (x86)\iTunes
2012-12-15 06:21 . 2012-12-15 06:21	--------	d-----w-	c:\program files\iPod
2012-12-14 18:33 . 2012-12-14 18:33	--------	d-----w-	c:\users\db\restore
2012-12-14 17:27 . 2012-12-15 17:44	--------	d-----w-	c:\programdata\hps
2012-12-14 17:27 . 2012-12-14 17:28	--------	d-----w-	c:\programdata\tmp
2012-12-14 17:21 . 2012-12-14 17:21	--------	d-----w-	c:\program files (x86)\OnlineFotoservice
2012-12-13 15:42 . 2012-12-13 15:42	17920	----a-w-	c:\windows\SysWow64\rpcnetp.dll
2012-12-13 15:41 . 2013-01-11 20:45	17920	----a-w-	c:\windows\system32\rpcnetp.exe
2012-12-13 15:41 . 2012-12-13 15:41	17920	----a-w-	c:\windows\SysWow64\rpcnetp.exe
2012-12-13 15:18 . 2012-12-13 15:18	--------	d-----w-	C:\HELI-X4
2012-12-13 06:28 . 2012-11-14 07:06	17811968	----a-w-	c:\windows\system32\mshtml.dll
2012-12-13 06:28 . 2012-11-14 06:32	10925568	----a-w-	c:\windows\system32\ieframe.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-11 20:45 . 2012-12-01 13:38	58288	----a-w-	c:\windows\SysWow64\rpcnet.dll
2013-01-09 06:53 . 2012-11-23 19:38	697864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 06:53 . 2012-01-10 12:48	74248	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-13 06:31 . 2012-11-25 07:26	67413224	----a-w-	c:\windows\system32\MRT.exe
2012-12-10 13:14 . 2012-11-26 11:34	99912	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-12-10 13:14 . 2012-11-26 11:34	129216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-12-08 10:54 . 2012-12-08 10:54	821736	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-12-08 10:54 . 2012-12-08 10:54	746984	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-12-01 12:37 . 2012-12-01 13:38	58288	------w-	c:\windows\SysWow64\rpcnet.exe
2012-12-01 12:37 . 2012-12-01 12:37	6258808	----a-w-	c:\users\db\AppData\Roaming\LoJackSetup.exe
2012-11-26 11:33 . 2012-11-26 11:34	27800	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-11-23 18:03 . 2011-03-29 02:36	19696	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-11-22 03:26 . 2012-12-12 15:55	3149824	----a-w-	c:\windows\system32\win32k.sys
2012-11-09 05:45 . 2012-12-12 15:55	2048	----a-w-	c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 15:55	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 15:54	478208	----a-w-	c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 15:54	376832	----a-w-	c:\windows\SysWow64\dpnet.dll
2012-10-16 08:38 . 2012-11-28 06:52	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 06:52	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 06:52	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-10-29 1521872]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-10-29 16:33	1521872	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-10-29 1521872]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-12-18 38112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"OOTag"="c:\program files (x86)\Acer\OOBEOffer\OOTag.exe" [2010-02-23 13856]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-04-19 1097808]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-10-29 1573584]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-10 384800]
"Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2011-05-10 85672]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2012-1-10 723560]
Audible Download Manager.lnk - c:\program files (x86)\Audible\Bin\AudibleDownloadHelper.exe [2011-3-14 2125472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-12-10 400160]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-12-10 565024]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-26 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-26 27800]
S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2011-05-10 10920]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-10 85280]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-04-19 353872]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
S2 rpcld;Remote Procedure Call (RPC) LD;c:\programdata\Rpcnet\Bin\rpcld.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-09-16 2538520]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-26 158976]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2011-05-10 425000]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-23 06:53]
.
2013-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-28 12:19]
.
2013-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-28 12:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-20 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-20 416024]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-05-10 1831528]
"OOTag"="c:\program files (x86)\Acer\OOBEOffer\ootag.exe" [2010-02-23 13856]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\db\AppData\Roaming\Mozilla\Firefox\Profiles\mi00ran3.default\
FF - prefs.js: browser.search.selectedEngine - WhiteSmoke US New Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=13&CUI=SB_CUI
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=20640472-1969-4d11-82c2-834246508765&apn_ptnrs=^AGS&apn_sauid=82AC06EA-282B-40D9-89E3-E55D2F0818BF&apn_dtid=^YYYYYY^YY^DE&&q=
FF - ExtSQL: 2012-11-23 19:06; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\db\AppData\Roaming\Mozilla\Firefox\Profiles\mi00ran3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-11-25 22:04; 50b287d2a380e@50b287d2a3848.com; c:\users\db\AppData\Roaming\Mozilla\Firefox\Profiles\mi00ran3.default\extensions\50b287d2a380e@50b287d2a3848.com
FF - ExtSQL: 2012-11-25 22:17; 50b28adbef4b6@50b28adbef4ef.com; c:\users\db\AppData\Roaming\Mozilla\Firefox\Profiles\mi00ran3.default\extensions\50b28adbef4b6@50b28adbef4ef.com
FF - ExtSQL: 2012-12-28 08:57; {9AA46F4F-4DC7-4c06-97AF-5035170634FE}; c:\users\db\AppData\Roaming\Mozilla\Firefox\Profiles\mi00ran3.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{5576F4DF-AA1B-2C02-3D82-EE2565D02F5A} - c:\programdata\Download and Sa\50b287d2a397b.ocx
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-BFG-A Gnome's Home - Der Kristall des Lebens - c:\program files (x86)\A Gnome's Home - Der Kristall des Lebens\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\SysWOW64\rpcnet.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-11  21:50:27 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-01-11 20:50
.
Vor Suchlauf: 10 Verzeichnis(se), 403.791.560.704 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 404.733.427.712 Bytes frei
.
- - End Of File - - 17C548052F175E8A62282556668D918C
         

Alt 13.01.2013, 18:49   #12
markusg
/// Malware-holic
 
Deal Finder Nervensäge - Standard

Deal Finder Nervensäge



Hi
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Deal Finder Nervensäge
andere, bilder, board, browse to save, deal finder, dinge, ebay, einfach, funde, nervt, neues, neueste, nicht öffnen, nutze, problem, sache, sachen, scan, scanner, schlägt, seite, stelle, suche, suchfunktion, suchmaschine, super, threads, total, öffnen




Ähnliche Themen: Deal Finder Nervensäge


  1. Deal-Finder und Java Update
    Log-Analyse und Auswertung - 18.05.2014 (16)
  2. Deal Finder entfernen
    Anleitungen, FAQs & Links - 18.12.2013 (2)
  3. Problem mit Firefox - Deal Finder & rot unterstrichene Wörter
    Plagegeister aller Art und deren Bekämpfung - 01.11.2013 (9)
  4. Deal Finder, Delta Search verhindern
    Plagegeister aller Art und deren Bekämpfung - 20.10.2013 (5)
  5. Deal Finder eingefangen!
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (7)
  6. Kriege Deal Finder nicht entfernt
    Log-Analyse und Auswertung - 04.10.2013 (3)
  7. Deal Finder - bin ebenfalls betroffen...
    Plagegeister aller Art und deren Bekämpfung - 21.08.2013 (7)
  8. Plus Hd taucht immer wieder auf+Deal Finder
    Plagegeister aller Art und deren Bekämpfung - 19.08.2013 (5)
  9. Deal Finder unter Windows 8 entfernen
    Plagegeister aller Art und deren Bekämpfung - 13.08.2013 (5)
  10. Deal Finder kann nicht gelöscht werden!
    Plagegeister aller Art und deren Bekämpfung - 03.08.2013 (1)
  11. Deal-Finder und unzählbare Werbeseiten
    Plagegeister aller Art und deren Bekämpfung - 31.07.2013 (20)
  12. Superfish Deal Finder Preisvergleich bei ebay
    Plagegeister aller Art und deren Bekämpfung - 22.07.2013 (12)
  13. Deal Finder auf amazon + stij.exe
    Plagegeister aller Art und deren Bekämpfung - 08.07.2013 (11)
  14. Deal Finder und Links Bilder
    Plagegeister aller Art und deren Bekämpfung - 07.07.2013 (7)
  15. Deal Finder löschen?
    Plagegeister aller Art und deren Bekämpfung - 05.07.2013 (19)
  16. Browse to Save Deal Finder und Webseach
    Plagegeister aller Art und deren Bekämpfung - 19.04.2013 (3)
  17. superfish Deal Finder Malware im Firefox Broser
    Log-Analyse und Auswertung - 20.09.2012 (1)

Zum Thema Deal Finder Nervensäge - Ich bin über eine Suchmaschine auf euer sehr hilfreiches Board gestossen. Das erste Problem (browse to save) ist bereits durch die Suchfunktion erledigt. Nur den Deal Finder werde ich einfach - Deal Finder Nervensäge...
Archiv
Du betrachtest: Deal Finder Nervensäge auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.