| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.07.2013, 16:19
| #1 |
 |  Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Hallo Leute, also so langsam platzt mir echt der Kragen...! Ich war ja letztens schon hier und hatte ein Viren Problem. Nun hab ich anscheinend wieder eins. Und zwar meldet mein AV-Programm ständig, dass ich folgende Viren habe:
Das sind diese Vieren, die alle erkannt worden sind. Sie liegen laut Avira alle im Verzeichnis "C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}". Also alle, bis auf die letzte... die liegt in "C:\Windows\System32 und heißt "services.exe". Jetzt hab ich bisher nur die ganzen Trojaner gelöscht, die in dem Installer-Verzeichnis waren, weil ich mir bei der letzten nicht sicher war, ob das eine Falschmeldung oder keine war. Kann ich die "services.exe" löschen? Ebenfalls fiel mir auf, als ich die Dateien gelöscht habe, hat es keine 5 Minuten gedauert, da waren die gleichen sofort wieder da. Löschen also unmöglich. Auch meine Firewall geht nicht mehr an. Was kann ich jetzt tun? Hört der Spuk auf, wenn ich die "services.exe" lösche? Benötige schnelle Hilfe!! Danke! Gruß |
|
06.07.2013, 16:38
| #2 |
| /// the machine /// TB-Ausbilder    |  Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
06.07.2013, 17:52
| #3 |
| | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Sorry, das es etwas länger gedauert hat, aber auf dem infizierten PC geht jetzt nicht einmal mehr das Internet.
__________________Hier ist das Logfile: Code:
ATTFilter 18:43:23.0357 5396 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:43:25.0369 5396 ============================================================
18:43:25.0369 5396 Current date / time: 2013/07/06 18:43:25.0369
18:43:25.0369 5396 SystemInfo:
18:43:25.0369 5396
18:43:25.0369 5396 OS Version: 6.1.7601 ServicePack: 1.0
18:43:25.0369 5396 Product type: Workstation
18:43:25.0369 5396 ComputerName: PATRICK-PC
18:43:25.0369 5396 UserName: Patrick
18:43:25.0369 5396 Windows directory: C:\Windows
18:43:25.0369 5396 System windows directory: C:\Windows
18:43:25.0369 5396 Running under WOW64
18:43:25.0369 5396 Processor architecture: Intel x64
18:43:25.0369 5396 Number of processors: 4
18:43:25.0369 5396 Page size: 0x1000
18:43:25.0369 5396 Boot type: Normal boot
18:43:25.0369 5396 ============================================================
18:43:26.0165 5396 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:43:26.0165 5396 Drive \Device\Harddisk1\DR1 - Size: 0x1D9C00000 (7.40 Gb), SectorSize: 0x200, Cylinders: 0x3C6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:43:26.0181 5396 Drive \Device\Harddisk5\DR5 - Size: 0x1D1C1115000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0xE8E088A8, SectorsPerTrack: 0x1, TracksPerCylinder: 0x1, Type 'W'
18:43:26.0181 5396 Drive \Device\Harddisk6\DR6 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:43:26.0181 5396 Drive \Device\Harddisk7\DR7 - Size: 0x78800000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:43:26.0181 5396 ============================================================
18:43:26.0181 5396 \Device\Harddisk0\DR0:
18:43:26.0181 5396 MBR partitions:
18:43:26.0181 5396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2200800, BlocksNum 0x32000
18:43:26.0181 5396 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2232800, BlocksNum 0x3CBDFDB0
18:43:26.0196 5396 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3EE13000, BlocksNum 0x358F2800
18:43:26.0196 5396 \Device\Harddisk1\DR1:
18:43:26.0212 5396 MBR partitions:
18:43:26.0212 5396 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xECC000
18:43:26.0212 5396 \Device\Harddisk5\DR5:
18:43:26.0212 5396 MBR partitions:
18:43:26.0212 5396 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
18:43:26.0212 5396 \Device\Harddisk6\DR6:
18:43:26.0212 5396 MBR partitions:
18:43:26.0212 5396 \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xABD77482
18:43:26.0212 5396 \Device\Harddisk6\DR6\Partition2: MBR, Type 0x7, StartLBA 0xABD77800, BlocksNum 0x3D090000
18:43:26.0212 5396 \Device\Harddisk7\DR7:
18:43:26.0212 5396 MBR partitions:
18:43:26.0212 5396 \Device\Harddisk7\DR7\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3C3FC1
18:43:26.0212 5396 ============================================================
18:43:26.0555 5396 C: <-> \Device\Harddisk0\DR0\Partition2
18:43:26.0586 5396 J: <-> \Device\Harddisk6\DR6\Partition1
18:43:26.0617 5396 L: <-> \Device\Harddisk6\DR6\Partition2
18:43:26.0867 5396 D: <-> \Device\Harddisk0\DR0\Partition3
18:43:26.0883 5396 F: <-> \Device\Harddisk5\DR5\Partition1
18:43:26.0883 5396 ============================================================
18:43:26.0883 5396 Initialize success
18:43:26.0883 5396 ============================================================
18:43:54.0417 4080 ============================================================
18:43:54.0417 4080 Scan started
18:43:54.0417 4080 Mode: Manual; SigCheck; TDLFS;
18:43:54.0417 4080 ============================================================
18:44:00.0204 4080 ================ Scan system memory ========================
18:44:00.0204 4080 System memory - ok
18:44:00.0204 4080 ================ Scan services =============================
18:44:00.0594 4080 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:44:01.0421 4080 1394ohci - ok
18:44:01.0452 4080 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:44:01.0468 4080 ACPI - ok
18:44:01.0530 4080 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:44:01.0608 4080 AcpiPmi - ok
18:44:02.0014 4080 AddonsHelper - ok
18:44:02.0326 4080 [ 01EF7FB1990732F84D8DB4EADFD68DFD ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
18:44:02.0373 4080 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
18:44:02.0373 4080 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
18:44:02.0482 4080 [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
18:44:02.0498 4080 AdobeActiveFileMonitor8.0 - ok
18:44:02.0747 4080 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:44:02.0778 4080 AdobeFlashPlayerUpdateSvc - ok
18:44:03.0059 4080 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:44:03.0075 4080 adp94xx - ok
18:44:03.0122 4080 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:44:03.0137 4080 adpahci - ok
18:44:03.0153 4080 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:44:03.0168 4080 adpu320 - ok
18:44:03.0215 4080 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:44:03.0340 4080 AeLookupSvc - ok
18:44:03.0418 4080 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:44:03.0465 4080 AFD - ok
18:44:03.0512 4080 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:44:03.0527 4080 agp440 - ok
18:44:03.0558 4080 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:44:03.0621 4080 ALG - ok
18:44:03.0652 4080 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:44:03.0668 4080 aliide - ok
18:44:03.0761 4080 [ 8F6C0FF277DBFE5EBED24E3543DA7BFA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:44:03.0995 4080 AMD External Events Utility - ok
18:44:04.0073 4080 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:44:04.0136 4080 amdide - ok
18:44:04.0245 4080 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:44:04.0323 4080 AmdK8 - ok
18:44:04.0853 4080 [ 9673319070166E26660EBA4EDF316FA2 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
18:44:05.0181 4080 amdkmdag - ok
18:44:05.0477 4080 [ 430D06D63952848E64CBBF23B5C1479E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:44:05.0508 4080 amdkmdap - ok
18:44:05.0540 4080 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:44:05.0586 4080 AmdPPM - ok
18:44:05.0664 4080 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:44:05.0680 4080 amdsata - ok
18:44:05.0696 4080 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:44:05.0711 4080 amdsbs - ok
18:44:05.0727 4080 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:44:05.0742 4080 amdxata - ok
18:44:06.0132 4080 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:44:06.0148 4080 AntiVirSchedulerService - ok
18:44:06.0398 4080 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:44:06.0413 4080 AntiVirService - ok
18:44:06.0725 4080 [ 53DDEA96AA407C3E2BCEF68A44E31A59 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:44:06.0741 4080 AntiVirWebService - ok
18:44:06.0975 4080 [ F41E453A90EF19217CEE1675F5256EE7 ] Apache2.2 c:\xampp\apache\bin\httpd.exe
18:44:07.0022 4080 Apache2.2 ( UnsignedFile.Multi.Generic ) - warning
18:44:07.0022 4080 Apache2.2 - detected UnsignedFile.Multi.Generic (1)
18:44:07.0162 4080 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:44:08.0426 4080 AppID - ok
18:44:08.0472 4080 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:44:08.0769 4080 AppIDSvc - ok
18:44:08.0831 4080 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
18:44:08.0878 4080 Appinfo - ok
18:44:08.0956 4080 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:44:08.0972 4080 Apple Mobile Device - ok
18:44:09.0034 4080 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:44:09.0065 4080 arc - ok
18:44:09.0065 4080 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:44:09.0081 4080 arcsas - ok
18:44:09.0128 4080 Aspi32 - ok
18:44:09.0315 4080 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:44:09.0408 4080 aspnet_state - ok
18:44:09.0424 4080 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:44:09.0486 4080 AsyncMac - ok
18:44:09.0533 4080 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:44:09.0549 4080 atapi - ok
18:44:09.0611 4080 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
18:44:09.0658 4080 AtiHdmiService - ok
18:44:09.0705 4080 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:44:09.0752 4080 AudioEndpointBuilder - ok
18:44:09.0752 4080 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:44:09.0798 4080 AudioSrv - ok
18:44:09.0908 4080 [ 95D7F9544B6C989D1AEBBBE4664BCD70 ] AVerRemote C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
18:44:09.0986 4080 AVerRemote ( UnsignedFile.Multi.Generic ) - warning
18:44:09.0986 4080 AVerRemote - detected UnsignedFile.Multi.Generic (1)
18:44:10.0095 4080 [ 0DB0AB8415BFF81037981AF1D3BBBE97 ] AVerScheduleService C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
18:44:10.0251 4080 AVerScheduleService ( UnsignedFile.Multi.Generic ) - warning
18:44:10.0251 4080 AVerScheduleService - detected UnsignedFile.Multi.Generic (1)
18:44:10.0344 4080 [ 848C51485C9A11B0403A0F958FDDA2A0 ] AVerUpdateServer C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
18:44:10.0391 4080 AVerUpdateServer ( UnsignedFile.Multi.Generic ) - warning
18:44:10.0391 4080 AVerUpdateServer - detected UnsignedFile.Multi.Generic (1)
18:44:10.0469 4080 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:44:10.0485 4080 avgntflt - ok
18:44:10.0610 4080 [ 34E9A86B0EF71BA72B58D72215EBFABC ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
18:44:10.0641 4080 avgtp - ok
18:44:10.0688 4080 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:44:10.0703 4080 avipbb - ok
18:44:10.0734 4080 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:44:10.0750 4080 avkmgr - ok
18:44:10.0797 4080 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:44:10.0844 4080 AxInstSV - ok
18:44:10.0890 4080 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:44:10.0937 4080 b06bdrv - ok
18:44:11.0000 4080 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:44:11.0031 4080 b57nd60a - ok
18:44:11.0140 4080 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
18:44:11.0156 4080 BBSvc - ok
18:44:11.0202 4080 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
18:44:11.0218 4080 BBUpdate - ok
18:44:11.0249 4080 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:44:11.0280 4080 BDESVC - ok
18:44:11.0296 4080 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:44:11.0343 4080 Beep - ok
18:44:11.0421 4080 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
18:44:11.0483 4080 BITS - ok
18:44:11.0530 4080 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:44:11.0546 4080 blbdrive - ok
18:44:11.0670 4080 [ 7091E0EA045A50952C57EB309B9CEA62 ] bmdrvr C:\Windows\syswow64\drivers\bmdrvr.sys
18:44:11.0717 4080 bmdrvr - ok
18:44:11.0842 4080 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:44:11.0920 4080 Bonjour Service - ok
18:44:11.0967 4080 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:44:12.0014 4080 bowser - ok
18:44:12.0045 4080 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:44:12.0107 4080 BrFiltLo - ok
18:44:12.0107 4080 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:44:12.0154 4080 BrFiltUp - ok
18:44:12.0201 4080 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:44:12.0232 4080 BridgeMP - ok
18:44:13.0964 4080 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:44:14.0042 4080 Browser - ok
18:44:14.0073 4080 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:44:14.0151 4080 Brserid - ok
18:44:14.0166 4080 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:44:14.0229 4080 BrSerWdm - ok
18:44:14.0229 4080 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:44:14.0322 4080 BrUsbMdm - ok
18:44:14.0322 4080 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:44:14.0369 4080 BrUsbSer - ok
18:44:14.0369 4080 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:44:14.0416 4080 BTHMODEM - ok
18:44:14.0478 4080 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:44:14.0572 4080 bthserv - ok
18:44:14.0712 4080 catchme - ok
18:44:14.0744 4080 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:44:14.0806 4080 cdfs - ok
18:44:14.0915 4080 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:44:14.0978 4080 cdrom - ok
18:44:15.0056 4080 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:44:15.0134 4080 CertPropSvc - ok
18:44:15.0726 4080 [ F5B87B2B18D04BDF4EEE621464969D6A ] CGVPNCliSrvc C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
18:44:15.0898 4080 CGVPNCliSrvc - ok
18:44:16.0070 4080 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:44:16.0116 4080 circlass - ok
18:44:16.0179 4080 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:44:16.0194 4080 CLFS - ok
18:44:16.0382 4080 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:44:16.0460 4080 clr_optimization_v2.0.50727_32 - ok
18:44:16.0569 4080 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:44:16.0616 4080 clr_optimization_v2.0.50727_64 - ok
18:44:16.0818 4080 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:44:16.0928 4080 clr_optimization_v4.0.30319_32 - ok
18:44:16.0943 4080 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:44:16.0990 4080 clr_optimization_v4.0.30319_64 - ok
18:44:17.0021 4080 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:44:17.0052 4080 CmBatt - ok
18:44:17.0068 4080 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:44:17.0115 4080 cmdide - ok
18:44:17.0193 4080 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
18:44:17.0224 4080 CNG - ok
18:44:17.0255 4080 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:44:17.0271 4080 Compbatt - ok
18:44:17.0302 4080 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:44:17.0318 4080 CompositeBus - ok
18:44:17.0333 4080 COMSysApp - ok
18:44:17.0364 4080 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:44:17.0380 4080 crcdisk - ok
18:44:17.0474 4080 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:44:17.0552 4080 CryptSvc - ok
18:44:17.0942 4080 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:44:17.0973 4080 cvhsvc - ok
18:44:18.0129 4080 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:44:18.0222 4080 DcomLaunch - ok
18:44:18.0269 4080 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:44:18.0347 4080 defragsvc - ok
18:44:18.0378 4080 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:44:18.0472 4080 DfsC - ok
18:44:18.0597 4080 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:44:18.0690 4080 Dhcp - ok
18:44:18.0784 4080 [ FDD7ABCC822D0CC4E59D0B75B0239A36 ] DigiNet C:\Windows\system32\DRIVERS\diginet.sys
18:44:18.0815 4080 DigiNet - ok
18:44:18.0862 4080 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:44:18.0940 4080 discache - ok
18:44:19.0034 4080 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:44:19.0127 4080 Disk - ok
18:44:19.0174 4080 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:44:19.0205 4080 Dnscache - ok
18:44:19.0221 4080 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:44:19.0283 4080 dot3svc - ok
18:44:19.0346 4080 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:44:19.0439 4080 DPS - ok
18:44:19.0439 4080 DRHARD - ok
18:44:19.0517 4080 [ 2A53AA388EB00FB6C57D43DBFE89C972 ] DRHARD64 C:\Windows\system32\drivers\DRHARD64.sys
18:44:19.0533 4080 DRHARD64 - ok
18:44:19.0580 4080 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:44:19.0611 4080 drmkaud - ok
18:44:19.0767 4080 [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
18:44:19.0782 4080 DrvAgent64 - ok
18:44:19.0860 4080 [ D52EEB224DF107AAD9059597F0EB95CC ] DslMNLwf C:\Windows\system32\DRIVERS\dslmnlwf.sys
18:44:19.0860 4080 DslMNLwf - ok
18:44:19.0923 4080 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:44:19.0954 4080 DXGKrnl - ok
18:44:20.0032 4080 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:44:20.0079 4080 EapHost - ok
18:44:20.0172 4080 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:44:20.0406 4080 ebdrv - ok
18:44:20.0453 4080 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:44:20.0516 4080 EFS - ok
18:44:20.0718 4080 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:44:20.0796 4080 ehRecvr - ok
18:44:20.0812 4080 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:44:20.0890 4080 ehSched - ok
18:44:20.0952 4080 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
18:44:20.0984 4080 ElbyCDIO - ok
18:44:21.0108 4080 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:44:21.0140 4080 elxstor - ok
18:44:21.0171 4080 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:44:21.0202 4080 ErrDev - ok
18:44:21.0264 4080 esgiguard - ok
18:44:21.0311 4080 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:44:21.0358 4080 EventSystem - ok
18:44:21.0374 4080 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:44:21.0436 4080 exfat - ok
18:44:21.0561 4080 Fabs - ok
18:44:21.0592 4080 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:44:21.0670 4080 fastfat - ok
18:44:21.0732 4080 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:44:21.0795 4080 Fax - ok
18:44:21.0810 4080 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:44:21.0826 4080 fdc - ok
18:44:21.0857 4080 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:44:21.0920 4080 fdPHost - ok
18:44:21.0951 4080 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:44:21.0982 4080 FDResPub - ok
18:44:22.0013 4080 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:44:22.0029 4080 FileInfo - ok
18:44:22.0044 4080 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:44:22.0091 4080 Filetrace - ok
18:44:22.0263 4080 [ BF72C20B44B85FD030AEAA721E35D512 ] FileZilla Server c:\xampp\FileZillaFTP\FileZillaServer.exe
18:44:22.0356 4080 FileZilla Server ( UnsignedFile.Multi.Generic ) - warning
18:44:22.0356 4080 FileZilla Server - detected UnsignedFile.Multi.Generic (1)
18:44:22.0419 4080 [ 1A18EBD87AA9FBF6EFE8CFADA08D0275 ] FirebirdGuardianDefaultInstance C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
18:44:22.0419 4080 FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - warning
18:44:22.0419 4080 FirebirdGuardianDefaultInstance - detected UnsignedFile.Multi.Generic (1)
18:44:22.0606 4080 [ 53C740150C082AAF3C7D21C1D6A9FF98 ] FirebirdServerDefaultInstance C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
18:44:22.0700 4080 FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - warning
18:44:22.0700 4080 FirebirdServerDefaultInstance - detected UnsignedFile.Multi.Generic (1)
18:44:23.0074 4080 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
18:44:23.0152 4080 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
18:44:23.0152 4080 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
18:44:23.0355 4080 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:44:23.0526 4080 FLEXnet Licensing Service - ok
18:44:23.0573 4080 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:44:23.0620 4080 flpydisk - ok
18:44:23.0714 4080 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:44:23.0760 4080 FltMgr - ok
18:44:23.0963 4080 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
18:44:24.0072 4080 FontCache - ok
18:44:24.0244 4080 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:44:24.0306 4080 FontCache3.0.0.0 - ok
18:44:24.0353 4080 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:44:24.0384 4080 FsDepends - ok
18:44:24.0462 4080 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:44:24.0478 4080 Fs_Rec - ok
18:44:24.0587 4080 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:44:24.0650 4080 fvevol - ok
18:44:24.0728 4080 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:44:24.0774 4080 gagp30kx - ok
18:44:24.0930 4080 [ 6858C318E8DAA40E747E6FB9B214E104 ] GameConsoleService C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
18:44:25.0024 4080 GameConsoleService - ok
18:44:25.0149 4080 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:44:25.0227 4080 GEARAspiWDM - ok
18:44:25.0492 4080 Giraffic - ok
18:44:25.0710 4080 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:44:25.0773 4080 gpsvc - ok
18:44:26.0054 4080 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
18:44:26.0147 4080 Greg_Service - ok
18:44:26.0303 4080 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:44:26.0319 4080 gupdate - ok
18:44:26.0319 4080 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:44:26.0334 4080 gupdatem - ok
18:44:26.0475 4080 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:44:26.0568 4080 gusvc - ok
18:44:26.0724 4080 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:44:26.0756 4080 hamachi - ok
18:44:27.0239 4080 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:44:27.0442 4080 Hamachi2Svc - ok
18:44:27.0504 4080 hasplms - ok
18:44:27.0738 4080 [ ADB4348DA1345877B04E22203AFC8993 ] hcmon C:\Windows\system32\drivers\hcmon.sys
18:44:27.0785 4080 hcmon - ok
18:44:27.0816 4080 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:44:27.0926 4080 hcw85cir - ok
18:44:28.0066 4080 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:44:28.0144 4080 HdAudAddService - ok
18:44:28.0222 4080 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:44:28.0284 4080 HDAudBus - ok
18:44:28.0347 4080 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:44:28.0394 4080 HidBatt - ok
18:44:28.0409 4080 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:44:28.0440 4080 HidBth - ok
18:44:28.0456 4080 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:44:28.0472 4080 HidIr - ok
18:44:28.0503 4080 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
18:44:28.0534 4080 hidserv - ok
18:44:28.0674 4080 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:44:28.0737 4080 HidUsb - ok
18:44:28.0784 4080 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:44:28.0862 4080 hkmsvc - ok
18:44:28.0924 4080 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:44:29.0002 4080 HomeGroupListener - ok
18:44:29.0033 4080 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:44:29.0080 4080 HomeGroupProvider - ok
18:44:29.0127 4080 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:44:29.0158 4080 HpSAMD - ok
18:44:29.0236 4080 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
18:44:29.0314 4080 HTCAND64 - ok
18:44:29.0439 4080 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
18:44:29.0470 4080 htcnprot - ok
18:44:29.0564 4080 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:44:29.0673 4080 HTTP - ok
18:44:29.0704 4080 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:44:29.0735 4080 hwpolicy - ok
18:44:29.0860 4080 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:44:29.0891 4080 i8042prt - ok
18:44:30.0047 4080 [ 660BF3255A1EB18ED803FD2FBA6AE400 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:44:30.0078 4080 IAANTMON - ok
18:44:30.0156 4080 [ BF5442DC14608D18949DC83DE37E667A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:44:30.0172 4080 iaStor - ok
18:44:30.0312 4080 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:44:30.0375 4080 iaStorV - ok
18:44:30.0484 4080 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:44:30.0546 4080 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:44:30.0546 4080 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:44:30.0749 4080 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:44:30.0796 4080 idsvc - ok
18:44:30.0858 4080 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:44:30.0890 4080 iirsp - ok
18:44:30.0999 4080 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:44:31.0077 4080 IKEEXT - ok
18:44:31.0389 4080 [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:44:31.0451 4080 IntcAzAudAddService - ok
18:44:31.0482 4080 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:44:31.0514 4080 intelide - ok
18:44:31.0576 4080 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:44:31.0623 4080 intelppm - ok
18:44:31.0670 4080 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:44:31.0810 4080 IPBusEnum - ok
18:44:31.0857 4080 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:44:31.0935 4080 IpFilterDriver - ok
18:44:31.0966 4080 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:44:32.0044 4080 IPMIDRV - ok
18:44:32.0138 4080 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:44:32.0216 4080 IPNAT - ok
18:44:32.0621 4080 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:44:32.0637 4080 iPod Service - ok
18:44:32.0699 4080 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:44:32.0996 4080 IRENUM - ok
18:44:33.0074 4080 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:44:33.0105 4080 isapnp - ok
18:44:33.0167 4080 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:44:33.0214 4080 iScsiPrt - ok
18:44:33.0308 4080 [ BE72D2B3A99615F84E270C80F0A18448 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
18:44:33.0354 4080 ISWKL - ok
18:44:33.0510 4080 [ D9A4C1353CC653F8E2FE4D2C6A490E96 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
18:44:33.0588 4080 IswSvc - ok
18:44:33.0744 4080 [ 1DFE5C5FC9E0ED4EBF5C5F4E539EC340 ] JawsServerAE64 C:\Program Files (x86)\GenArts\Monsters-AE64\bin\JawsServerAE64.exe
18:44:33.0807 4080 JawsServerAE64 ( UnsignedFile.Multi.Generic ) - warning
18:44:33.0807 4080 JawsServerAE64 - detected UnsignedFile.Multi.Generic (1)
18:44:33.0854 4080 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:44:33.0885 4080 kbdclass - ok
18:44:33.0932 4080 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:44:33.0978 4080 kbdhid - ok
18:44:34.0010 4080 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:44:34.0025 4080 KeyIso - ok
18:44:34.0056 4080 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:44:34.0134 4080 KSecDD - ok
18:44:34.0197 4080 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:44:34.0228 4080 KSecPkg - ok
18:44:34.0275 4080 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:44:34.0322 4080 ksthunk - ok
18:44:34.0384 4080 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:44:34.0478 4080 KtmRm - ok
18:44:34.0540 4080 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:44:34.0618 4080 LanmanServer - ok
18:44:34.0696 4080 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:44:34.0743 4080 LanmanWorkstation - ok
18:44:34.0946 4080 [ 93B73DED2BC688F140C6AE2FBAD45789 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
18:44:34.0977 4080 Live Updater Service - ok
18:44:35.0086 4080 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:44:35.0133 4080 lltdio - ok
18:44:35.0242 4080 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:44:35.0320 4080 lltdsvc - ok
18:44:35.0336 4080 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:44:35.0414 4080 lmhosts - ok
18:44:35.0570 4080 [ 37EFB026E1A8A79FBE7044A241281B3E ] LoopBeMidi1 C:\Windows\system32\drivers\loopbe1.sys
18:44:35.0648 4080 LoopBeMidi1 - ok
18:44:35.0710 4080 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:44:35.0757 4080 LSI_FC - ok
18:44:35.0772 4080 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:44:35.0804 4080 LSI_SAS - ok
18:44:35.0850 4080 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:44:35.0882 4080 LSI_SAS2 - ok
18:44:35.0928 4080 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:44:35.0960 4080 LSI_SCSI - ok
18:44:36.0038 4080 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:44:36.0147 4080 luafv - ok
18:44:36.0256 4080 [ A014E25D95F7091000B60FF8A1C2E988 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
18:44:36.0287 4080 lvpopf64 - ok
18:44:36.0381 4080 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:44:36.0412 4080 LVPr2M64 - ok
18:44:36.0521 4080 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:44:36.0537 4080 LVPr2Mon - ok
18:44:36.0693 4080 [ 9CD0DC863BE5D40A762F7D84F11A8471 ] LVPrcS64 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
18:44:36.0708 4080 LVPrcS64 - ok
18:44:36.0849 4080 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
18:44:37.0332 4080 LVRS64 - ok
18:44:38.0284 4080 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
18:44:38.0424 4080 LVUVC64 - ok
18:44:38.0518 4080 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
18:44:38.0534 4080 MarvinBus - ok
18:44:38.0612 4080 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:44:38.0658 4080 Mcx2Svc - ok
18:44:38.0955 4080 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
18:44:39.0033 4080 MDM - ok
18:44:39.0048 4080 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:44:39.0111 4080 megasas - ok
18:44:39.0173 4080 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:44:39.0189 4080 MegaSR - ok
18:44:39.0282 4080 [ 1C12E44F3C1EB5CDA1477088B0CA3D30 ] mlkumidi C:\Windows\system32\drivers\mlkumidi.sys
18:44:39.0314 4080 mlkumidi - ok
18:44:39.0376 4080 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:44:39.0470 4080 MMCSS - ok
18:44:39.0485 4080 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:44:39.0579 4080 Modem - ok
18:44:39.0626 4080 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:44:39.0641 4080 monitor - ok
18:44:39.0719 4080 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:44:39.0735 4080 mouclass - ok
18:44:39.0797 4080 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:44:39.0844 4080 mouhid - ok
18:44:39.0891 4080 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:44:39.0906 4080 mountmgr - ok
18:44:40.0062 4080 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:44:40.0109 4080 MozillaMaintenance - ok
18:44:40.0203 4080 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:44:40.0250 4080 mpio - ok
18:44:40.0296 4080 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:44:40.0374 4080 mpsdrv - ok
18:44:40.0406 4080 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:44:40.0562 4080 MRxDAV - ok
18:44:40.0608 4080 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:44:40.0671 4080 mrxsmb - ok
18:44:40.0686 4080 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:44:40.0718 4080 mrxsmb10 - ok
18:44:40.0733 4080 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:44:40.0764 4080 mrxsmb20 - ok
18:44:40.0858 4080 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:44:40.0889 4080 msahci - ok
18:44:41.0092 4080 [ B7A248E6BCAE3B17791A51A836DAE264 ] MsDepSvc C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
18:44:41.0123 4080 MsDepSvc - ok
18:44:41.0154 4080 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:44:41.0201 4080 msdsm - ok
18:44:41.0232 4080 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:44:41.0295 4080 MSDTC - ok
18:44:41.0342 4080 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:44:41.0404 4080 Msfs - ok
18:44:41.0420 4080 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:44:41.0482 4080 mshidkmdf - ok
18:44:41.0513 4080 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:44:41.0529 4080 msisadrv - ok
18:44:41.0654 4080 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:44:41.0747 4080 MSiSCSI - ok
18:44:41.0763 4080 msiserver - ok
18:44:41.0810 4080 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:44:41.0856 4080 MSKSSRV - ok
18:44:41.0903 4080 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:44:41.0950 4080 MSPCLOCK - ok
18:44:42.0012 4080 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:44:42.0075 4080 MSPQM - ok
18:44:42.0122 4080 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:44:42.0153 4080 MsRPC - ok
18:44:42.0200 4080 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:44:42.0200 4080 mssmbios - ok
18:44:42.0371 4080 MSSQL$SQLEXPRESS - ok
18:44:42.0512 4080 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:44:42.0558 4080 MSSQLServerADHelper100 - ok
18:44:42.0605 4080 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:44:42.0652 4080 MSTEE - ok
18:44:43.0448 4080 [ 0F4DD44765A7D23E0CD9965EE900558F ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
18:44:43.0744 4080 msvsmon90 - ok
18:44:43.0760 4080 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:44:43.0775 4080 MTConfig - ok
18:44:43.0853 4080 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:44:43.0900 4080 Mup - ok
18:44:43.0994 4080 mysql - ok
18:44:44.0025 4080 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:44:44.0087 4080 napagent - ok
18:44:44.0228 4080 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:44:44.0321 4080 NativeWifiP - ok
18:44:44.0477 4080 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:44:44.0508 4080 NDIS - ok
18:44:44.0540 4080 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:44:44.0618 4080 NdisCap - ok
18:44:44.0664 4080 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:44:44.0742 4080 NdisTapi - ok
18:44:44.0789 4080 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:44:44.0867 4080 Ndisuio - ok
18:44:44.0914 4080 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:44:44.0992 4080 NdisWan - ok
18:44:45.0039 4080 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:44:45.0101 4080 NDProxy - ok
18:44:45.0382 4080 [ 0FF3C6AA3E0FE0EB316DF5449B569463 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
18:44:45.0413 4080 Nero BackItUp Scheduler 4.0 - ok
18:44:45.0476 4080 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:44:45.0554 4080 NetBIOS - ok
18:44:45.0569 4080 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:44:45.0647 4080 NetBT - ok
18:44:45.0678 4080 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:44:45.0678 4080 Netlogon - ok
18:44:45.0803 4080 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:44:45.0850 4080 Netman - ok
18:44:45.0959 4080 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:46.0271 4080 NetMsmqActivator - ok
18:44:46.0287 4080 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:46.0287 4080 NetPipeActivator - ok
18:44:46.0412 4080 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:44:46.0474 4080 netprofm - ok
18:44:46.0474 4080 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:46.0490 4080 NetTcpActivator - ok
18:44:46.0490 4080 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:46.0505 4080 NetTcpPortSharing - ok
18:44:46.0583 4080 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:44:46.0614 4080 nfrd960 - ok
18:44:46.0724 4080 [ 0ECAAFE210CD89D14992A53300FEBF45 ] NIWinCDEmu C:\Windows\system32\DRIVERS\NIWinCDEmu.sys
18:44:46.0755 4080 NIWinCDEmu - ok
18:44:46.0895 4080 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:44:46.0989 4080 NlaSvc - ok
18:44:47.0145 4080 nocashio - ok
18:44:47.0192 4080 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:44:47.0285 4080 Npfs - ok
18:44:47.0332 4080 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:44:47.0394 4080 nsi - ok
18:44:47.0426 4080 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:44:47.0488 4080 nsiproxy - ok
18:44:47.0800 4080 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:44:48.0065 4080 Ntfs - ok
18:44:48.0346 4080 [ F6F0C3C031BF8260EB687DADA0D487DD ] NTI BackupNowEZSvr C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
18:44:48.0362 4080 NTI BackupNowEZSvr - ok
18:44:48.0440 4080 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
18:44:48.0471 4080 NTIDrvr - ok
18:44:48.0518 4080 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:44:48.0596 4080 Null - ok
18:44:48.0658 4080 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:44:48.0689 4080 nvraid - ok
18:44:48.0720 4080 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:44:48.0767 4080 nvstor - ok
18:44:48.0814 4080 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:44:48.0845 4080 nv_agp - ok
18:44:48.0876 4080 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:44:48.0970 4080 ohci1394 - ok
18:44:49.0110 4080 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:44:49.0235 4080 ose - ok
18:44:50.0421 4080 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:44:50.0748 4080 osppsvc - ok
18:44:50.0842 4080 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:44:50.0920 4080 p2pimsvc - ok
18:44:50.0936 4080 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:44:50.0967 4080 p2psvc - ok
18:44:51.0216 4080 [ 673E36852E2F9FA778D5D3DDCEFA591B ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
18:44:51.0326 4080 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - warning
18:44:51.0326 4080 PaceLicenseDServices - detected UnsignedFile.Multi.Generic (1)
18:44:51.0372 4080 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:44:51.0388 4080 Parport - ok
18:44:51.0419 4080 Partizan - ok
18:44:51.0450 4080 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:44:51.0466 4080 partmgr - ok
18:44:51.0560 4080 [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
18:44:51.0606 4080 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
18:44:51.0606 4080 PassThru Service - detected UnsignedFile.Multi.Generic (1)
18:44:51.0700 4080 [ 7C0582921913D00180EC2B8518BA135C ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
18:44:51.0716 4080 pbfilter - ok
18:44:51.0778 4080 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:44:51.0825 4080 PcaSvc - ok
18:44:51.0934 4080 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:44:51.0950 4080 pci - ok
18:44:51.0981 4080 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:44:51.0996 4080 pciide - ok
18:44:52.0074 4080 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:44:52.0184 4080 pcmcia - ok
18:44:52.0293 4080 [ A2AC545AB59AB2A564058B9A60F6456F ] PCPitstop Scheduling C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
18:44:52.0340 4080 PCPitstop Scheduling - ok
18:44:52.0355 4080 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:44:52.0386 4080 pcw - ok
18:44:52.0605 4080 [ A1688A4FB2EC49D040C027EF6DC7A87B ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
18:44:52.0652 4080 PDF Architect Helper Service - ok
18:44:52.0714 4080 [ E23FF9B2F8EEAB2BDDA681C21C48E843 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
18:44:52.0745 4080 PDF Architect Service - ok
18:44:52.0776 4080 PDIDRV - ok
18:44:52.0839 4080 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:44:52.0886 4080 PEAUTH - ok
18:44:53.0322 4080 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:44:53.0369 4080 PerfHost - ok
18:44:53.0744 4080 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:44:53.0806 4080 pla - ok
18:44:54.0102 4080 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:44:54.0602 4080 PlugPlay - ok
18:44:54.0633 4080 PnkBstrA - ok
18:44:54.0648 4080 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:44:54.0680 4080 PNRPAutoReg - ok
18:44:54.0711 4080 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:44:54.0726 4080 PNRPsvc - ok
18:44:54.0882 4080 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:44:54.0976 4080 PolicyAgent - ok
18:44:55.0023 4080 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:44:55.0070 4080 Power - ok
18:44:55.0101 4080 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:44:55.0132 4080 PptpMiniport - ok
18:44:55.0194 4080 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:44:55.0226 4080 Processor - ok
18:44:55.0257 4080 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:44:55.0272 4080 ProfSvc - ok
18:44:55.0288 4080 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:44:55.0304 4080 ProtectedStorage - ok
18:44:55.0335 4080 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:44:55.0397 4080 Psched - ok
18:44:55.0506 4080 [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
18:44:55.0522 4080 PSI - ok
18:44:55.0569 4080 [ BC08F7F3C53CBEE68670ED1314E290FD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:44:55.0584 4080 PxHlpa64 - ok
18:44:55.0616 4080 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:44:55.0647 4080 ql2300 - ok
18:44:55.0709 4080 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:44:55.0725 4080 ql40xx - ok
18:44:55.0772 4080 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:44:55.0803 4080 QWAVE - ok
18:44:55.0803 4080 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:44:55.0850 4080 QWAVEdrv - ok
18:44:55.0865 4080 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:44:55.0912 4080 RasAcd - ok
18:44:55.0990 4080 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:44:56.0052 4080 RasAgileVpn - ok
18:44:56.0084 4080 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:44:56.0162 4080 RasAuto - ok
18:44:56.0224 4080 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:44:56.0349 4080 Rasl2tp - ok
18:44:56.0458 4080 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:44:56.0614 4080 RasMan - ok
18:44:56.0692 4080 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:44:56.0739 4080 RasPppoe - ok
18:44:56.0770 4080 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:44:56.0817 4080 RasSstp - ok
18:44:56.0910 4080 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:44:56.0973 4080 rdbss - ok
18:44:57.0020 4080 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:44:57.0051 4080 rdpbus - ok
18:44:57.0066 4080 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:44:57.0129 4080 RDPCDD - ok
18:44:57.0191 4080 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:44:57.0269 4080 RDPENCDD - ok
18:44:57.0285 4080 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:44:57.0332 4080 RDPREFMP - ok
18:44:57.0410 4080 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:44:57.0441 4080 RdpVideoMiniport - ok
18:44:57.0472 4080 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:44:57.0503 4080 RDPWD - ok
18:44:57.0534 4080 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:44:57.0566 4080 rdyboost - ok
18:44:57.0628 4080 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
18:44:57.0644 4080 RealNetworks Downloader Resolver Service - ok
18:44:57.0706 4080 [ EA569D48B2E755AF6D96F03F3335D98A ] Realtek11nSU C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe
18:44:57.0722 4080 Realtek11nSU ( UnsignedFile.Multi.Generic ) - warning
18:44:57.0722 4080 Realtek11nSU - detected UnsignedFile.Multi.Generic (1)
18:44:57.0784 4080 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:44:57.0831 4080 RemoteAccess - ok
18:44:57.0893 4080 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:44:57.0940 4080 RemoteRegistry - ok
18:44:58.0065 4080 [ 0B169FE016039571ECC6DB70073F8979 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
18:44:58.0080 4080 RichVideo64 - ok
18:44:58.0112 4080 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:44:58.0174 4080 RpcEptMapper - ok
18:44:58.0221 4080 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:44:58.0252 4080 RpcLocator - ok
18:44:58.0283 4080 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:44:58.0314 4080 RpcSs - ok
18:44:58.0377 4080 [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105 C:\Windows\system32\DRIVERS\RsFx0105.sys
18:44:58.0424 4080 RsFx0105 - ok
18:44:58.0486 4080 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:44:58.0533 4080 rspndr - ok
18:44:58.0595 4080 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:44:58.0611 4080 RTL8167 - ok
18:44:58.0642 4080 [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
18:44:58.0673 4080 RTL8192su - ok
18:44:58.0704 4080 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:44:58.0720 4080 SamSs - ok
18:44:58.0767 4080 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:44:58.0782 4080 sbp2port - ok
18:44:58.0954 4080 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
18:44:59.0032 4080 SBSDWSCService - ok
18:44:59.0110 4080 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:44:59.0157 4080 SCardSvr - ok
18:44:59.0235 4080 [ C81EB41E9FFC35560E5025891DC01A6E ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
18:44:59.0250 4080 SCDEmu - ok
18:44:59.0344 4080 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:44:59.0406 4080 scfilter - ok
18:44:59.0484 4080 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:44:59.0531 4080 Schedule - ok
18:44:59.0640 4080 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:44:59.0672 4080 SCPolicySvc - ok
18:44:59.0765 4080 [ 490B0B68BB938D5C628EC4A67277BE75 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
18:44:59.0781 4080 ScreamBAudioSvc - ok
18:44:59.0796 4080 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:44:59.0812 4080 SDRSVC - ok
18:44:59.0968 4080 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\Patrick\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
18:45:00.0093 4080 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
18:45:00.0093 4080 SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
18:45:00.0124 4080 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:45:00.0186 4080 secdrv - ok
18:45:00.0233 4080 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:45:00.0280 4080 seclogon - ok
18:45:00.0452 4080 [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:45:00.0483 4080 Secunia PSI Agent - ok
18:45:00.0514 4080 [ CB2D183E27D1443F7D4CF10665B2BDED ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
18:45:00.0545 4080 Secunia Update Agent - ok
18:45:00.0576 4080 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
18:45:00.0639 4080 SENS - ok
18:45:00.0654 4080 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:45:00.0686 4080 SensrSvc - ok
18:45:00.0732 4080 [ 84AC127242DD3CCDE02F9A4673214B1F ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys
18:45:00.0748 4080 Sentinel64 - ok
18:45:00.0779 4080 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:45:00.0795 4080 Serenum - ok
18:45:00.0810 4080 Serial - ok
18:45:00.0842 4080 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:45:00.0873 4080 sermouse - ok
18:45:00.0904 4080 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:45:00.0951 4080 SessionEnv - ok
18:45:00.0982 4080 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:45:01.0044 4080 sffdisk - ok
18:45:01.0107 4080 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:45:01.0138 4080 sffp_mmc - ok
18:45:01.0185 4080 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:45:01.0216 4080 sffp_sd - ok
18:45:01.0232 4080 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:45:01.0247 4080 sfloppy - ok
18:45:01.0310 4080 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:45:01.0325 4080 Sftfs - ok
18:45:01.0528 4080 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:45:01.0575 4080 sftlist - ok
18:45:01.0606 4080 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:45:01.0622 4080 Sftplay - ok
18:45:01.0653 4080 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:45:01.0653 4080 Sftredir - ok
18:45:01.0668 4080 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:45:01.0684 4080 Sftvol - ok
18:45:01.0746 4080 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:45:01.0746 4080 sftvsa - ok
18:45:01.0840 4080 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:45:01.0902 4080 ShellHWDetection - ok
18:45:01.0949 4080 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:45:01.0965 4080 SiSRaid2 - ok
18:45:01.0965 4080 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:45:01.0980 4080 SiSRaid4 - ok
18:45:02.0136 4080 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:45:02.0199 4080 Skype C2C Service - ok
18:45:02.0277 4080 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:45:02.0308 4080 SkypeUpdate - ok
18:45:02.0339 4080 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:45:02.0433 4080 Smb - ok
18:45:02.0511 4080 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:45:02.0542 4080 SNMPTRAP - ok
18:45:02.0636 4080 [ 3610DA8868163D53A288636B1EAD77B8 ] SnugTV Service C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
18:45:02.0667 4080 SnugTV Service ( UnsignedFile.Multi.Generic ) - warning
18:45:02.0667 4080 SnugTV Service - detected UnsignedFile.Multi.Generic (1)
18:45:02.0776 4080 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
18:45:02.0792 4080 speedfan - ok
18:45:02.0823 4080 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:45:02.0885 4080 spldr - ok
18:45:02.0916 4080 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:45:02.0948 4080 Spooler - ok
18:45:03.0088 4080 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:45:03.0213 4080 sppsvc - ok
18:45:03.0228 4080 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:45:03.0275 4080 sppuinotify - ok
18:45:03.0384 4080 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
18:45:03.0384 4080 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
18:45:03.0400 4080 sptd ( LockedFile.Multi.Generic ) - warning
18:45:03.0400 4080 sptd - detected LockedFile.Multi.Generic (1)
18:45:03.0478 4080 [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
18:45:03.0509 4080 SQLAgent$SQLEXPRESS - ok
18:45:03.0556 4080 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:45:03.0587 4080 SQLBrowser - ok
18:45:03.0650 4080 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:45:03.0665 4080 SQLWriter - ok
18:45:03.0696 4080 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:45:03.0712 4080 srv - ok
18:45:03.0743 4080 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:45:03.0790 4080 srv2 - ok
18:45:03.0790 4080 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:45:03.0821 4080 srvnet - ok
18:45:03.0852 4080 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:45:03.0899 4080 SSDPSRV - ok
18:45:03.0930 4080 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:45:03.0962 4080 SstpSvc - ok
18:45:04.0024 4080 [ EF806D212D34B0E173BAEB3564D53E37 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
18:45:04.0071 4080 ss_bbus - ok
18:45:04.0102 4080 [ 08B1B34ABEBEB6AC2DEA06900C56411E ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
18:45:04.0102 4080 ss_bmdfl - ok
18:45:04.0118 4080 [ 71A9DA6BEAA4CB54DFB827FB78600A5D ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
18:45:04.0133 4080 ss_bmdm - ok
18:45:04.0196 4080 Steam Client Service - ok
18:45:04.0196 4080 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:45:04.0211 4080 stexstor - ok
18:45:04.0274 4080 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:45:04.0336 4080 stisvc - ok
18:45:04.0352 4080 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:45:04.0367 4080 swenum - ok
18:45:04.0539 4080 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:45:04.0570 4080 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
18:45:04.0570 4080 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
18:45:04.0586 4080 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:45:04.0632 4080 swprv - ok
18:45:04.0835 4080 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:45:04.0913 4080 SysMain - ok
18:45:04.0944 4080 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:45:04.0960 4080 TabletInputService - ok
18:45:04.0991 4080 [ 4EF44915E522F3ECD1A3FF540AA64126 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
18:45:05.0054 4080 tap0901 - ok
18:45:05.0069 4080 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:45:05.0132 4080 TapiSrv - ok
18:45:05.0178 4080 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:45:05.0225 4080 TBS - ok
18:45:05.0288 4080 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:45:05.0381 4080 Tcpip - ok
18:45:05.0412 4080 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:45:05.0444 4080 TCPIP6 - ok
18:45:05.0522 4080 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:45:05.0537 4080 tcpipreg - ok
18:45:05.0584 4080 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:45:05.0615 4080 TDPIPE - ok
18:45:05.0693 4080 [ 1226A953D4FDBDFD570DA5CEE66EAA55 ] TDslMgrService C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe
18:45:05.0709 4080 TDslMgrService ( UnsignedFile.Multi.Generic ) - warning
18:45:05.0709 4080 TDslMgrService - detected UnsignedFile.Multi.Generic (1)
18:45:05.0724 4080 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:45:05.0756 4080 TDTCP - ok
18:45:05.0787 4080 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:45:05.0818 4080 tdx - ok
18:45:05.0849 4080 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:45:05.0865 4080 TermDD - ok
18:45:05.0896 4080 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:45:05.0943 4080 TermService - ok
18:45:05.0974 4080 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:45:05.0990 4080 Themes - ok
18:45:06.0005 4080 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:45:06.0052 4080 THREADORDER - ok
18:45:06.0099 4080 [ BA73D503348F3323BD8E995860323442 ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
18:45:06.0114 4080 Tpkd - ok
18:45:06.0146 4080 [ 46DD8D38A8787A49DA80AF1E6D46B665 ] TRIDCap C:\Windows\system32\DRIVERS\AVerTM62_x64.sys
18:45:06.0239 4080 TRIDCap - ok
18:45:06.0255 4080 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:45:06.0302 4080 TrkWks - ok
18:45:06.0348 4080 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:45:06.0395 4080 TrustedInstaller - ok
18:45:06.0458 4080 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:45:06.0504 4080 tssecsrv - ok
18:45:06.0598 4080 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:45:06.0645 4080 TsUsbFlt - ok
18:45:06.0692 4080 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:45:06.0754 4080 tunnel - ok
18:45:06.0785 4080 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:45:06.0801 4080 uagp35 - ok
18:45:06.0832 4080 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
18:45:06.0832 4080 UBHelper - ok
18:45:06.0848 4080 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:45:06.0894 4080 udfs - ok
18:45:06.0926 4080 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:45:06.0941 4080 UI0Detect - ok
18:45:06.0957 4080 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:45:06.0972 4080 uliagpkx - ok
18:45:07.0004 4080 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:45:07.0019 4080 umbus - ok
18:45:07.0050 4080 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:45:07.0113 4080 UmPass - ok
18:45:07.0206 4080 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
18:45:07.0238 4080 UMVPFSrv - ok
18:45:07.0394 4080 [ 93B73DED2BC688F140C6AE2FBAD45789 ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
18:45:07.0394 4080 Updater Service - ok
18:45:07.0472 4080 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:45:07.0534 4080 upnphost - ok
18:45:07.0581 4080 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:45:07.0581 4080 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
18:45:07.0581 4080 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
18:45:07.0612 4080 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:45:07.0643 4080 usbaudio - ok
18:45:07.0659 4080 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:45:07.0690 4080 usbccgp - ok
18:45:07.0721 4080 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:45:07.0752 4080 usbcir - ok
18:45:07.0784 4080 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:45:07.0784 4080 usbehci - ok
18:45:07.0799 4080 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:45:07.0846 4080 usbhub - ok
18:45:07.0862 4080 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:45:07.0893 4080 usbohci - ok
18:45:07.0924 4080 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:45:07.0940 4080 usbprint - ok
18:45:08.0064 4080 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
18:45:08.0064 4080 USBS3S4Detection - ok
18:45:08.0142 4080 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:45:08.0174 4080 usbscan - ok
18:45:08.0220 4080 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:45:08.0252 4080 USBSTOR - ok
18:45:08.0283 4080 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:45:08.0330 4080 usbuhci - ok
18:45:08.0361 4080 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:45:08.0376 4080 usbvideo - ok
18:45:08.0408 4080 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
18:45:08.0423 4080 usb_rndisx - ok
18:45:08.0439 4080 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:45:08.0470 4080 UxSms - ok
18:45:08.0501 4080 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:45:08.0517 4080 VaultSvc - ok
18:45:08.0579 4080 [ 780B472A8392771EF31031BA6238BF9E ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
18:45:08.0595 4080 VBoxDrv - ok
18:45:08.0657 4080 [ E705A3A384E7569FA2F1A3A29BDC5240 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
18:45:08.0657 4080 VBoxNetAdp - ok
18:45:08.0704 4080 [ D00756D69EFCFBF90F759D338E4B16EB ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
18:45:08.0720 4080 VBoxNetFlt - ok
18:45:08.0766 4080 [ 815E54E21908488BC545659A76D57D2F ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
18:45:08.0782 4080 VBoxUSB - ok
18:45:08.0813 4080 [ 508CFD271CFDD2B686A0FC5D370070E6 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
18:45:08.0829 4080 VBoxUSBMon - ok
18:45:08.0891 4080 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
18:45:08.0922 4080 VClone - ok
18:45:08.0969 4080 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:45:08.0985 4080 vdrvroot - ok
18:45:09.0016 4080 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:45:09.0047 4080 vds - ok
18:45:09.0094 4080 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:45:09.0141 4080 vga - ok
18:45:09.0141 4080 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:45:09.0172 4080 VgaSave - ok
18:45:09.0219 4080 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:45:09.0234 4080 vhdmp - ok
18:45:09.0250 4080 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:45:09.0266 4080 viaide - ok
18:45:09.0328 4080 [ 94CF2D157C8FD9089AFA5DA78AA64C65 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
18:45:09.0375 4080 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
18:45:09.0375 4080 VMAuthdService - detected UnsignedFile.Multi.Generic (1)
18:45:09.0422 4080 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
18:45:09.0437 4080 vmci - ok
18:45:09.0484 4080 [ 0B13268268B3D2C99BA5021593D0F767 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
18:45:09.0578 4080 vmkbd - ok
18:45:09.0671 4080 [ 091E009EF749C9D65CF9ADFAD316D251 ] vmm C:\Windows\system32\Treiber\vmm.sys
18:45:09.0671 4080 vmm - ok
18:45:09.0765 4080 [ B259C31378BC855AFD1B53F59311C251 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
18:45:09.0874 4080 VMnetAdapter - ok
18:45:10.0061 4080 [ DEC4CE720FFEDA939CF1BA315CFBD993 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
18:45:10.0077 4080 VMnetBridge - ok
18:45:10.0139 4080 VMnetDHCP - ok
18:45:10.0155 4080 [ EC9456D3E0E194D67D7430C7AB4EAB2C ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
18:45:10.0170 4080 VMnetuserif - ok
18:45:10.0217 4080 [ 415B167695C4B5960A13098622EF3D80 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
18:45:10.0233 4080 vmusb - ok
18:45:10.0326 4080 [ 18903CA7936912C337C9D28858880CF2 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
18:45:10.0358 4080 VMUSBArbService - ok
18:45:10.0404 4080 VMware NAT Service - ok
18:45:10.0467 4080 [ 75BC28F58C95B90DFFA5367310BC82EB ] vmware-converter-agent C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
18:45:10.0482 4080 vmware-converter-agent - ok
18:45:10.0560 4080 [ 3B7FF15F4F50D3AA3983A3D41FBE2835 ] vmware-converter-server C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
18:45:10.0576 4080 vmware-converter-server - ok
18:45:10.0592 4080 [ 3B7FF15F4F50D3AA3983A3D41FBE2835 ] vmware-converter-worker C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
18:45:10.0607 4080 vmware-converter-worker - ok
18:45:11.0871 4080 [ 8C01AE115E9E6806A25A9B5136FD6FC0 ] VMwareHostd C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
18:45:12.0230 4080 VMwareHostd ( UnsignedFile.Multi.Generic ) - warning
18:45:12.0230 4080 VMwareHostd - detected UnsignedFile.Multi.Generic (1)
18:45:12.0276 4080 [ 940933DEF15495D50DC1232E28C70B48 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
18:45:12.0323 4080 vmx86 - ok
18:45:12.0354 4080 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:45:12.0370 4080 volmgr - ok
18:45:12.0401 4080 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:45:12.0464 4080 volmgrx - ok
18:45:12.0495 4080 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:45:12.0510 4080 volsnap - ok
18:45:12.0542 4080 [ 1065A957523ED51AAFFF737CC63010A6 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
18:45:12.0557 4080 Vsdatant - ok
18:45:12.0682 4080 vsmon - ok
18:45:12.0713 4080 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:45:12.0729 4080 vsmraid - ok
18:45:12.0900 4080 [ F972436B5ED08069A1E7D623B77C226A ] VSPerfDrv110 C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
18:45:12.0916 4080 VSPerfDrv110 - ok
18:45:13.0010 4080 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:45:13.0119 4080 VSS - ok
18:45:13.0290 4080 [ 65EFAEC68FA234F36880533A79D7B1C1 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
18:45:13.0306 4080 vstor2-mntapi10-shared - ok
18:45:13.0509 4080 [ 254E8F9BA44E9F55416B0E51DBFF3C5F ] vToolbarUpdater15.3.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
18:45:13.0540 4080 vToolbarUpdater15.3.0 - ok
18:45:13.0556 4080 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:45:13.0587 4080 vwifibus - ok
18:45:13.0618 4080 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:45:13.0649 4080 vwififlt - ok
18:45:13.0680 4080 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:45:13.0727 4080 W32Time - ok
18:45:13.0790 4080 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:45:13.0836 4080 WacomPen - ok
18:45:13.0899 4080 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:45:13.0977 4080 WANARP - ok
18:45:13.0992 4080 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:45:14.0024 4080 Wanarpv6 - ok
18:45:14.0195 4080 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:45:14.0242 4080 WatAdminSvc - ok
18:45:14.0351 4080 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:45:14.0445 4080 wbengine - ok
18:45:14.0445 4080 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:45:14.0460 4080 WbioSrvc - ok
18:45:14.0523 4080 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:45:14.0601 4080 wcncsvc - ok
18:45:14.0616 4080 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:45:14.0632 4080 WcsPlugInService - ok
18:45:14.0663 4080 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:45:14.0679 4080 Wd - ok
18:45:14.0726 4080 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:45:14.0788 4080 Wdf01000 - ok
18:45:14.0804 4080 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:45:14.0850 4080 WdiServiceHost - ok
18:45:14.0850 4080 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:45:14.0866 4080 WdiSystemHost - ok
18:45:14.0928 4080 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:45:14.0960 4080 WebClient - ok
18:45:14.0975 4080 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:45:15.0022 4080 Wecsvc - ok
18:45:15.0038 4080 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:45:15.0084 4080 wercplsupport - ok
18:45:15.0131 4080 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:45:15.0194 4080 WerSvc - ok
18:45:15.0240 4080 [ C48CA80FDC6926A9FC2F520379BDB635 ] WFMC_VAD C:\Windows\system32\DRIVERS\wfmcvad.sys
18:45:15.0256 4080 WFMC_VAD - ok
18:45:15.0287 4080 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:45:15.0318 4080 WfpLwf - ok
18:45:15.0412 4080 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
18:45:15.0443 4080 WimFltr - ok
18:45:15.0459 4080 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:45:15.0490 4080 WIMMount - ok
18:45:15.0506 4080 WinHttpAutoProxySvc - ok
18:45:15.0615 4080 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:45:15.0724 4080 Winmgmt - ok
18:45:15.0786 4080 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:45:15.0927 4080 WinRM - ok
18:45:15.0974 4080 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:45:16.0005 4080 WinUsb - ok
18:45:16.0020 4080 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:45:16.0052 4080 Wlansvc - ok
18:45:16.0145 4080 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:45:16.0208 4080 wlidsvc - ok
18:45:16.0239 4080 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:45:16.0254 4080 WmiAcpi - ok
18:45:16.0270 4080 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:45:16.0332 4080 wmiApSrv - ok
18:45:16.0410 4080 WMPNetworkSvc - ok
18:45:16.0426 4080 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:45:16.0426 4080 WPCSvc - ok
18:45:16.0442 4080 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:45:16.0473 4080 WPDBusEnum - ok
18:45:16.0488 4080 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:45:16.0520 4080 ws2ifsl - ok
18:45:16.0613 4080 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
18:45:16.0644 4080 WSDPrintDevice - ok
18:45:16.0644 4080 WSearch - ok
18:45:16.0847 4080 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:45:16.0894 4080 wuauserv - ok
18:45:16.0956 4080 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:45:16.0988 4080 WudfPf - ok
18:45:17.0019 4080 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:45:17.0034 4080 WUDFRd - ok
18:45:17.0066 4080 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:45:17.0097 4080 wudfsvc - ok
18:45:17.0128 4080 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:45:17.0159 4080 WwanSvc - ok
18:45:17.0222 4080 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
18:45:17.0284 4080 xnacc - ok
18:45:17.0346 4080 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
18:45:17.0362 4080 xusb21 - ok
18:45:17.0456 4080 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:45:17.0487 4080 YahooAUService - ok
18:45:17.0534 4080 [ 01BB59BED139965DF5964E021512942B ] YMIDUSBW C:\Windows\system32\drivers\ymidusbx64.sys
18:45:17.0549 4080 YMIDUSBW - ok
18:45:17.0612 4080 ================ Scan global ===============================
18:45:17.0643 4080 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:45:17.0674 4080 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:45:17.0690 4080 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:45:17.0721 4080 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:45:17.0846 4080 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
18:45:17.0846 4080 Suspicious file (NoAccess): C:\Windows\system32\services.exe. md5: 50BEA589F7D7958BDD2528A8F69D05CC
18:45:17.0846 4080 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
18:45:17.0846 4080 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
18:45:17.0846 4080 ================ Scan MBR ==================================
18:45:17.0861 4080 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:45:18.0236 4080 \Device\Harddisk0\DR0 - ok
18:45:18.0251 4080 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
18:45:18.0454 4080 \Device\Harddisk1\DR1 - ok
18:45:18.0454 4080 [ 08B26729634452D0C2889C002B1BB97C ] \Device\Harddisk5\DR5
18:45:19.0047 4080 \Device\Harddisk5\DR5 - ok
18:45:19.0062 4080 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
18:45:19.0140 4080 \Device\Harddisk6\DR6 - ok
18:45:19.0156 4080 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk7\DR7
18:45:19.0640 4080 \Device\Harddisk7\DR7 - ok
18:45:19.0640 4080 ================ Scan VBR ==================================
18:45:19.0655 4080 [ C8A982E1C406822FB989FB83DD6DED53 ] \Device\Harddisk0\DR0\Partition1
18:45:19.0655 4080 \Device\Harddisk0\DR0\Partition1 - ok
18:45:19.0655 4080 [ 37C4825C1AB5B7E4FA384F6659B74700 ] \Device\Harddisk0\DR0\Partition2
18:45:19.0655 4080 \Device\Harddisk0\DR0\Partition2 - ok
18:45:19.0671 4080 [ 9C5E3917D4657DD4AA6ABD74432E956F ] \Device\Harddisk0\DR0\Partition3
18:45:19.0671 4080 \Device\Harddisk0\DR0\Partition3 - ok
18:45:19.0686 4080 [ 4B48B5157AE3D769BFD1E4A34CADD8D3 ] \Device\Harddisk1\DR1\Partition1
18:45:19.0686 4080 \Device\Harddisk1\DR1\Partition1 - ok
18:45:19.0686 4080 [ 378082F227E6B4E6A40CF06DDABC690F ] \Device\Harddisk5\DR5\Partition1
18:45:19.0686 4080 \Device\Harddisk5\DR5\Partition1 - ok
18:45:19.0702 4080 [ 8EEBB8E3486767CDBADABA7A235E2A56 ] \Device\Harddisk6\DR6\Partition1
18:45:19.0702 4080 \Device\Harddisk6\DR6\Partition1 - ok
18:45:19.0702 4080 [ 1A7FA95D122677089CF1D2B1F8E673C1 ] \Device\Harddisk6\DR6\Partition2
18:45:19.0702 4080 \Device\Harddisk6\DR6\Partition2 - ok
18:45:19.0702 4080 [ 6CB053519DA4E42915301A05273D5C29 ] \Device\Harddisk7\DR7\Partition1
18:45:19.0702 4080 \Device\Harddisk7\DR7\Partition1 - ok
18:45:19.0702 4080 ============================================================
18:45:19.0702 4080 Scan finished
18:45:19.0702 4080 ============================================================
18:45:19.0718 5664 Detected object count: 23
18:45:19.0718 5664 Actual detected object count: 23
18:45:59.0810 5664 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0810 5664 Apache2.2 ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664 Apache2.2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0810 5664 AVerRemote ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664 AVerRemote ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0810 5664 AVerScheduleService ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664 AVerScheduleService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0810 5664 AVerUpdateServer ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664 AVerUpdateServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0810 5664 FileZilla Server ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664 FileZilla Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0810 5664 FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664 FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0810 5664 FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664 FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0810 5664 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 JawsServerAE64 ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 JawsServerAE64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 Realtek11nSU ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 Realtek11nSU ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 SnugTV Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 SnugTV Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 sptd ( LockedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 TDslMgrService ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 TDslMgrService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 VMwareHostd ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664 VMwareHostd ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:45:59.0825 5664 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - skipped by user
18:45:59.0825 5664 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Skip
|
|
06.07.2013, 17:56
| #4 |
| /// the machine /// TB-Ausbilder | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Bei dem Fund mit Services.exe Cure wählen und laufen lassen. Reboot. Log posten, frischen Scan mit TDSSKiller machen und das Log posten. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.07.2013, 18:45
| #5 |
| | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) So... ich habe hier nun mal alle Logs von tdsskiller und frst als .zip-Datei zusammengebunden. Jetzt scheinen die Viren zwar verschwunden zu sein, aber ich komme immer noch nicht ins Internet, obwohl er verbunden ist. Die Logfile vom tdsskiller ist einmal die mit dem ausgeführten Cure-Befehl und ...(2) und einmal die nach dem Reboot. Achja... ich habe die Logs deswegen gepackt, weil sie zu groß für das Forum waren. |
|
07.07.2013, 06:29
| #6 |
| /// the machine /// TB-Ausbilder | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Wir sind ja auch noch lange nicht fertig  Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter ZeroAccess:
C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}
C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}\L
C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}\U
C:\Windows\SysWOW64\WinMonitor.exe
C:\Windows\SysWOW64\libs.exe
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
und ein frisches FRST Scanlog bitte. Logs bitte in Codetags posten.
__________________ --> Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) |
|
07.07.2013, 10:26
| #7 |
| | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Also guten Morgen erstmal und sorry für die etwas verspätete Antwort Hier nun der Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-07-2013
Ran by Patrick at 2013-07-07 11:14:30 Run:1
Running from C:\Users\Patrick\Desktop
Boot Mode: Normal
==============================================
C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102} => Moved successfully.
"C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}\L" => File/Directory not found.
"C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}\U" => File/Directory not found.
C:\Windows\SysWOW64\WinMonitor.exe => Moved successfully.
C:\Windows\SysWOW64\libs.exe => Moved successfully.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender\de-DE" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCommu.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpRTP.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.
==== End of Fixlog ====
|
|
07.07.2013, 10:31
| #8 |
| /// the machine /// TB-Ausbilder | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Dann ein frisches Scanlog mit FRST bitte
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.07.2013, 10:48
| #9 |
| | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) So... da der Log anscheinend wieder nicht direkt in den Beitrag passt, habe ich ihn als Anhang beigelegt. |
|
07.07.2013, 11:19
| #10 | |
| /// the machine /// TB-Ausbilder | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.07.2013, 11:42
| #11 |
| | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Ich habe ein Problem... die Virensoftware sei angeblich noch aktiv, obwohl ich sie eigentlich beendet habe. Wenn ich im Taskmanager schaue, ist diese auch aktiv, aber ich kann sie nicht beenden. Was soll ich jetzt machen? ComboFix mit laufendem Virenscanner starten? |
|
07.07.2013, 12:43
| #12 |
| /// the machine /// TB-Ausbilder | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Welcher Virenscanner? Wenn du ihn unten in der Taskleiste deaktiviert hast passt das, einfach OK klicken.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.07.2013, 12:46
| #13 |
| | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Das ist der von Avira (Free-Edition) P.S.: Mein Internet geht nun wieder... und das, obwohl ich ComboFix jetzt gar nicht benutzt habe!  Jedoch verstehe ich immer noch nicht, warum bei meinem AV-Programm der Browserschutz noch nicht wieder funktioniert... |
|
07.07.2013, 12:57
| #14 |
| /// the machine /// TB-Ausbilder | Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Lesestoff:Warum wir Avira nicht mehr empfehlen Avira liefert seit einiger Zeit mit der Standardinstallation die Ask Toolbar mit aus. Diese Toolbar ist Voraussetzung dafür, dass der Webguard zuverlässig funktioniert. Die Ask Toolbar ist dafür bekannt, dass sie das Surfverhalten des Benutzers ausspioniert, um damit in letzter Konsequenz Geld zu verdienen. Daher wird von uns auf diesem Board als "schädlich" eingestuft. Mehr Informationen. Eine Sicherheitsfirma, die dem Benutzer praktisch ungefragt schädliche Software "unterjubelt", scheidet für uns daher aus. Wir empfehlen daher allen Nutzern von Avira aufgrund dieser Geschäftspraktik, der teilweise äußerst schlechten Erkennungsrate und der überaus nervtötenden Werbung Avira zu deinstallieren und auf ein alternatives Produkt auszuweichen. Solltest du dich zu einem Wechsel entscheiden, empfehlen wir dir nach der Deinstallation mit dem Avira-Cleaner alle Reste zu entfernen. Und weil wir adware und malware entfernen geht der Browserschutz nicht mehr. Bitte combofix laufen lassen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.07.2013, 12:35
| #15 |
| |  Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) Hallo und sorry erstmal, dass ich mich etwas zu spät melde. Also das mit Avira hab ich mittlerweile gecheckt und hab ihn einfach nochmal neu installiert. Nun funktioniert auch der WebGuard-Dienst wieder so, wie er soll! ComboFix hab ich bis jetzt noch nicht laufen lassen, da im Moment alles i.O. scheint und er auch nichts neues findet oder nach Viren meckert. Ich werde das aber nachholen, wenn es hier unbedingt empfohlen wird. Aber für's erste bedanke ich mich hier für die echt super Tipps und die Hilfe... das Forum ist echt super, werde es bei jedem weiterempfehlen, denn dank euch habe ich gelernt, dass man nicht immer gleich sein System neu aufsetzen muss, wenn es ein Virenproblem gibt.  Gruß |
|
| Themen zu Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) |
| avira, c:\windows, dateien, dateien gelöscht, erkannt, firewall, folge, folgende, geht nicht mehr, gelöscht, hilfe!, langsam, leute, löschen, melde, meldet, nicht mehr, platzt, services.exe, system, system32, tr/atraps.gen, trojaner, vieren, viren, windows |
Linear-Darstellung
