Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   tmpu$$.tmp - Trojaner oder was kann das sein? (https://www.trojaner-board.de/135255-tmpu-tmp-trojaner.html)

Selo2 20.05.2013 16:25
tmpu$$.tmp - Trojaner oder was kann das sein?
 
Liebe Expertenrunde,

auf meinem ACER Travel Mate 64bit (W7) taucht nach dem Hochfahren eine Meldung auf in der auf die Datei

"tmpu$$.tmp"

verwiesen wird. Es würde kein Programm existieren um es zu öffnen.

Nach Recherchen im Internet bin ich eigentlich nur auf eure Seite gestoßen und erhoffe mir Hinweise um

1. herauszufinden, um was es sich handelt und
2. wie das Teil zu entfernen ist.

Ich bin nicht untätig geblieben und habe die "Einsteigerhinweise" durchgearbeitet (Defogger, OTL, Gmer). Die generierten Dateien habe ich in den Thread hochgeladen.

Befindet sich jemand hier, der sich der Sache annehmen kann oder eine Idee hat, was das sein könnte? Vielen herzlichen Dank für jede Anregung.

Beste Grüße
Selo2

cosinus 21.05.2013 14:06
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Selo2 22.05.2013 08:34
Hi cosinus,

zuerst einmal herzlichen Dank für Deinen Beitrag.

Ich habe mal einen Blick in meinen Virenscanner geworfen und folgende zwei Meldungen gefunden:

In der Datei 'C:\Users\Müller\AppData\Local\Temp\mpb06232.php'
wurde ein Virus oder unerwünschtes Programm 'HTML/Framer.DO.229' [virus] gefunden.
Ausgeführte Aktion: Übergeben an Scanner

In der Datei 'C:\Users\Müller\AppData\Local\Temp\plugtmp-14\plugin-ca.php'
wurde ein Virus oder unerwünschtes Programm 'HTML/Framer.DO.229' [virus] gefunden.
Ausgeführte Aktion: Übergeben an Scanner

Hilft das evtl. weiter?

PS: zu Deinem zip-Hinweis: werde ich gerne das nächste mal machen. Danke für diese Info.

Vielen Dank für die Hilfe.

cosinus 22.05.2013 09:38
Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Selo2 22.05.2013 09:44
OK Cosinus,

ich mache mich jetzt an die Arbeit und halte mich an die Abfolge. Habe derzeit Urlaub und die Zeit dazu. Bis gleich.

cosinus 22.05.2013 09:53
Ok, aber eine Bitte: lass solche Zwischenrufe, poste nur wenn es Probleme gibt oder wenn du die Logs hast (diese dann auch posten in CODE-Tags)

Selo2 22.05.2013 10:07
Klar.

Zur Sache: ich habe von ComboFix gerade die Nachricht erhalten, dass ich noch eine zweite Version von Spybod - Search & Destroy noch auf meinem Rechner aktive habe. Mir war das nicht bewusst und ich habe jetzt gleich mit der Deinstallation begonnen. Anscheinend habe ich bei der Deinstallation von Spybot vor ein paar Tagen übersehen, dass eine weitere Version installiert habe. Die zweite, noch vorhandene, scheine ich über die mitgelieferte Deinstallationsdatei nicht entfernen zu können. Der Vorgang hängt seit einigen Minuten, der Statusbalken bewegt sich nicht mehr.

Parallel dazu hat sich das ComCoFix Fenster geöffnet:

Die obigen Realt-Time Scanner sind immer noch aktiv aber ComboFix wird trotzdem mit dem Suchlauf fortfahren. Bitte nehm zur Kenntnis, dass dies in eigener Verantwortung geschieht.

Frage hierzu: soll ich jetzt den Vorgang über den Task-Manager abbrechen, das Fenster schließen oder evtl. eine andere Maßnahme starten?

Danke.

cosinus 22.05.2013 10:24
Versuch Spybot zu beenden und cf dann werkeln zu lassen.

Selo2 22.05.2013 11:02
ComboFix ist fertig. Habe das Ergebnis aus der .txt-Datei hier eingestellt. Hoffe es passt so:

Code:
ComboFix 13-05-22.01 - Müller 22.05.2013  11:34:32.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.2807.1200 [GMT 2:00]
ausgeführt von:: c:\users\M³ller\Desktop\ComboFix.exe
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Spybot - Search & Destroy *Enabled/Outdated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-04-22 bis 2013-05-22  ))))))))))))))))))))))))))))))
.
.
2013-05-22 09:47 . 2013-05-22 09:47        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-05-22 08:57 . 2013-05-22 08:57        76232        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{51B81451-E19F-40D1-B5C5-E8F88136DE0C}\offreg.dll
2013-05-22 08:52 . 2013-05-22 08:52        --------        d-----w-        C:\ProcAlyzer Dumps
2013-05-22 08:21 . 2013-05-22 08:21        --------        d-----w-        c:\users\Müller\AppData\Roaming\Check Point Software Technologies LTD
2013-05-22 07:25 . 2013-05-13 06:37        9460464        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{51B81451-E19F-40D1-B5C5-E8F88136DE0C}\mpengine.dll
2013-05-17 15:35 . 2013-05-22 07:37        --------        d-----w-        c:\program files (x86)\Mozilla Thunderbird
2013-05-16 19:08 . 2013-05-05 21:36        17818624        ----a-w-        c:\windows\system32\mshtml.dll
2013-05-16 19:08 . 2013-05-05 21:16        2382848        ----a-w-        c:\windows\system32\mshtml.tlb
2013-05-16 19:08 . 2013-05-05 19:12        2382848        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2013-05-16 18:28 . 2013-02-27 05:52        14172672        ----a-w-        c:\windows\system32\shell32.dll
2013-05-16 18:28 . 2013-02-27 05:52        197120        ----a-w-        c:\windows\system32\shdocvw.dll
2013-05-16 18:28 . 2013-02-27 05:48        1930752        ----a-w-        c:\windows\system32\authui.dll
2013-05-16 18:28 . 2013-02-27 06:02        111448        ----a-w-        c:\windows\system32\consent.exe
2013-05-16 18:28 . 2013-02-27 04:49        1796096        ----a-w-        c:\windows\SysWow64\authui.dll
2013-05-16 18:28 . 2013-02-27 05:47        70144        ----a-w-        c:\windows\system32\appinfo.dll
2013-05-16 18:27 . 2013-04-10 06:01        265064        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys
2013-05-16 18:27 . 2013-04-10 06:01        983400        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2013-05-16 18:27 . 2011-02-03 11:25        144384        ----a-w-        c:\windows\system32\cdd.dll
2013-05-16 18:27 . 2013-03-19 05:53        48640        ----a-w-        c:\windows\system32\wwanprotdim.dll
2013-05-16 18:27 . 2013-03-19 05:53        230400        ----a-w-        c:\windows\system32\wwansvc.dll
2013-05-16 18:27 . 2013-04-10 03:30        3153920        ----a-w-        c:\windows\system32\win32k.sys
2013-05-15 19:13 . 2013-05-15 19:13        --------        d-----w-        c:\users\Müller\AppData\Roaming\Malwarebytes
2013-05-15 19:12 . 2013-05-15 19:12        --------        d-----w-        c:\programdata\Malwarebytes
2013-05-15 19:12 . 2013-05-15 19:12        --------        d-----w-        c:\users\Müller\AppData\Local\Programs
2013-05-10 07:57 . 2013-05-10 07:57        187456        ----a-w-        c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-04-24 16:01 . 2013-04-12 14:45        1656680        ----a-w-        c:\windows\system32\drivers\ntfs.sys
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 19:15 . 2011-07-08 19:23        75016696        ----a-w-        c:\windows\system32\MRT.exe
2013-05-15 18:21 . 2012-03-31 04:02        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 18:21 . 2011-07-07 16:58        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 16:21 . 2012-07-17 13:37        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2011-07-05 19:34        278800        ------w-        c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-16 18:27        135168        ----a-w-        c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 18:27        308736        ----a-w-        c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 18:27        350208        ----a-w-        c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 18:27        111104        ----a-w-        c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 18:27        474624        ----a-w-        c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 18:27        2176512        ----a-w-        c:\windows\apppatch\AcGenral.dll
2013-03-19 06:04 . 2013-04-10 18:27        5550424        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 18:27        43520        ----a-w-        c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 18:27        3968856        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 18:27        3913560        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 18:27        6656        ----a-w-        c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 18:27        112640        ----a-w-        c:\windows\system32\smss.exe
2013-02-27 16:07 . 2013-02-27 16:07        0        ----a-w-        c:\windows\SysWow64\sho1B7C.tmp
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-13 18:42        222712        ----a-w-        c:\users\Müller\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-13 18:42        222712        ----a-w-        c:\users\Müller\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-13 18:42        222712        ----a-w-        c:\users\Müller\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE" [2012-01-04 3208032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2011-08-04 3225504]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-03-27 73832]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2012-01-21 220744]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TMPU$$.TMP [2013-5-7 0]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-9-24 704032]
AutoStart IR.lnk - c:\program files (x86)\WinTV\Ir.exe [2011-7-5 117344]
Hardcopy.LNK - c:\program files (x86)\Hardcopy\hardcopy.exe [2011-7-14 3520000]
WinTV Recording Status..lnk - c:\program files (x86)\WinTV\WinTV7\WinTVTray.exe [2011-7-5 82944]
WISO Mein Steuer-Sparbuch heute.lnk - c:\program files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe [2013-5-2 1393744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute        REG_MULTI_SZ          autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2011-08-04 1149864]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys [2011-04-04 658944]
R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys [2011-04-04 19840]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2012-03-26 22528]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 27760]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-09 86224]
S2 BOINC;BOINC;c:\program files\BOINC\boinc.exe [2012-05-15 1194672]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-22 33712]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-22 828072]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 SDFirewallService;Spybot-S&D 2 Firewall Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe [2011-05-10 3585696]
S2 SDMonitorService;Spybot-S&D 2 Monitoring Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe [2011-05-10 3834456]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2011-08-04 1082800]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2011-08-04 169624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2011-03-14 11576]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ISWKL
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 18:21]
.
2013-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-15 20:37]
.
2013-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-15 20:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-13 18:42        261624        ----a-w-        c:\users\Müller\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-13 18:42        261624        ----a-w-        c:\users\Müller\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-13 18:42        261624        ----a-w-        c:\users\Müller\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 438784]
"boincmgr"="c:\program files\BOINC\boincmgr.exe" [2012-05-15 5860016]
"boinctray"="c:\program files\BOINC\boinctray.exe" [2012-05-15 70832]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=515143689ac94bfa93db799b70f05c0e&tu=10GX0006W1B000c&sku=&tstsId=&ver=&
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\users\Müller\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Müller\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Müller\AppData\Roaming\Mozilla\Firefox\Profiles\bcmcfwmt.default\
FF - prefs.js: browser.search.selectedEngine - Search By ZoneAlarm
FF - prefs.js: browser.startup.homepage - hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=515143689ac94bfa93db799b70f05c0e&tu=10GX0008B1B0008&sku=&tstsId=&ver=&
FF - prefs.js: keyword.URL - hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=515143689ac94bfa93db799b70f05c0e&tu=10GX0006W1B000c&sku=&tstsId=&ver=&
FF - ExtSQL: 2013-05-22 10:26; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; c:\program files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - user.js: extensions.zonealarm_i.hmpg - true
FF - user.js: extensions.zonealarm.dfltSrch - true
FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
FF - user.js: extensions.zonealarm.keyWordUrl - hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=515143689ac94bfa93db799b70f05c0e&tu=10GX0006W1B000c&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm_i.dnsErr - true
FF - user.js: extensions.zonealarm_i.newTab - true
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.8.3.1622:08
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.hpOld0 - hxxp://www.google.de/
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?src=tb&tbid=base2013&Lan={dfltLng}&gu=515143689ac94bfa93db799b70f05c0e&tu=10GX0008B1B0008&sku=&tstsId=&ver=&&q=
FF - user.js: extensions.zonealarm.id - d413975300000000000018f46a75d225
FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
FF - user.js: extensions.zonealarm.instlDay - 15847
FF - user.js: extensions.zonealarm.vrsn - 1.8.11.11
FF - user.js: extensions.zonealarm.vrsni - 1.8.11.11
FF - user.js: extensions.zonealarm.vrsnTs - 1.8.11.1110:21
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1025
FF - user.js: extensions.zonealarm.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base2013
FF - user.js: extensions.zonealarm.instlRef - ZLN24578912189901-1025
FF - user.js: extensions.zonealarm.dfltLng - de
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.ffxUnstlRst - false
FF - user.js: extensions.zonealarm.admin - false
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm.rvrt - true
FF - user.js: extensions.zonealarm.hmpg - true
FF - user.js: extensions.zonealarm.hmpgUrl - hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=515143689ac94bfa93db799b70f05c0e&tu=10GX0008B1B0008&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm.newTab - true
FF - user.js: extensions.zonealarm.newTabUrl - hxxp://search.zonealarm.com/?src=nt&tbid=base2013&Lan=de&gu=515143689ac94bfa93db799b70f05c0e&tu=10GX0008B1B0008&sku=&tstsId=&ver=&
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - (no file)
Toolbar-Locked - (no file)
Notify-SDWinLogon - SDWinLogon.dll
Toolbar-Locked - (no file)
WebBrowser-{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-ISW - (no file)
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1642583527-1093831069-1541574401-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-1642583527-1093831069-1541574401-1000)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-1642583527-1093831069-1541574401-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-22  11:52:31
ComboFix-quarantined-files.txt  2013-05-22 09:52
.
Vor Suchlauf: 11 Verzeichnis(se), 90.325.938.176 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 90.719.916.032 Bytes frei
.
- - End Of File - - B2C15C691735B8C7C4DD3C58144F1EB4

cosinus 22.05.2013 11:10
Zitat:
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Spybot - Search & Destroy *Enabled/Outdated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
Bitte beides deinstallieren. ZA ist überflüssig bis kontraproduktiv.
Die andere Spybot-Installation ggf. versuchen mit dem Revo-Uninstaller zu entfernen

Selo2 22.05.2013 11:36
- Spybot erfolgreich mit Revo deinstalliert
- Zonealarm noch nicht deinstalliert, da ich im Moment noch keine Alternative habe -> evtl. Tipp?

Hinweis 1:
Beim Hochfahren hat mich Windows darauf aufmerksam gemacht, dass ich das Windows Starter Set, mit dem ich arbeite, reparieren soll.

Hinweis 2:
Meldung von ZoneAlerm, dass OffSpon.EXE auf das Internet zugreifen will

Zusatzinfo zur OffSpon.EXE:

Anwendung: Q:\140066.deu\Office14\OffSpon.EXE
Ziel-IP: 94.245.117.45 HTTP

cosinus 22.05.2013 11:56
Zitat:
- Zonealarm noch nicht deinstalliert, da ich im Moment noch keine Alternative habe -> evtl. Tipp?
Wieso Alternative, Windows hat bereits ein Bordmittel: Windows-Firewall!
Mehr braucht es wirklich nicht für Software dieser Art!

Selo2 22.05.2013 12:35
Zusatzinfo:

Zone Alarm deinstalliert - Windows Firewall war bereits aktiv

cosinus 22.05.2013 12:46
Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten


MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Selo2 22.05.2013 13:18
Nach Durchlauf von Malware: kein Fund.

Hier Log-Datei:

Code:
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.22.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Müller :: MÜLLER-PC [administrator]

22.05.2013 14:11:28
mbar-log-2013-05-22 (14-11-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30090
Time elapsed: 14 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Fahre jetzt fort mit den anderen beiden Programmen.

Ergebnis aswMBR:

Code:
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-22 14:30:45
-----------------------------
14:30:45.428    OS Version: Windows x64 6.1.7601 Service Pack 1
14:30:45.429    Number of processors: 4 586 0x2505
14:30:45.430    ComputerName: MÜLLER-PC  UserName: Müller
14:30:47.030    Initialize success
14:34:57.756    AVAST engine defs: 13052200
14:35:10.751    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:35:10.751    Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
14:35:10.892    Disk 0 MBR read successfully
14:35:10.892    Disk 0 MBR scan
14:35:10.923    Disk 0 Windows 7 default MBR code
14:35:10.923    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        14336 MB offset 2048
14:35:10.938    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 29362176
14:35:10.970    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      290807 MB offset 29566976
14:35:11.001    Disk 0 scanning C:\Windows\system32\drivers
14:35:24.776    Service scanning
14:35:54.150    Modules scanning
14:35:54.166    Disk 0 trace - called modules:
14:35:54.213    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
14:35:54.213    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800656c060]
14:35:54.228    3 CLASSPNP.SYS[fffff88001a9143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800459e050]
14:35:55.539    AVAST engine scan C:\Windows
14:36:00.515    AVAST engine scan C:\Windows\system32
14:40:12.783    AVAST engine scan C:\Windows\system32\drivers
14:40:30.879    AVAST engine scan C:\Users\Müller
15:00:47.437    AVAST engine scan C:\ProgramData
15:03:37.091    Scan finished successfully
15:07:13.449    Disk 0 MBR has been saved successfully to "C:\Users\Müller\Desktop\MBR.dat"
15:07:13.460    The log file has been saved successfully to "C:\Users\Müller\Desktop\aswMBR.txt"
Fahre jetzt fort mit tdsskiller

Hier das Ergebnis von tdsskiller

Code:
15:10:17.0652 3672  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:10:17.0913 3672  ============================================================
15:10:17.0913 3672  Current date / time: 2013/05/22 15:10:17.0913
15:10:17.0913 3672  SystemInfo:
15:10:17.0913 3672 
15:10:17.0914 3672  OS Version: 6.1.7601 ServicePack: 1.0
15:10:17.0914 3672  Product type: Workstation
15:10:17.0914 3672  ComputerName: MÜLLER-PC
15:10:17.0917 3672  UserName: Müller
15:10:17.0917 3672  Windows directory: C:\Windows
15:10:17.0917 3672  System windows directory: C:\Windows
15:10:17.0917 3672  Running under WOW64
15:10:17.0917 3672  Processor architecture: Intel x64
15:10:17.0917 3672  Number of processors: 4
15:10:17.0917 3672  Page size: 0x1000
15:10:17.0917 3672  Boot type: Normal boot
15:10:17.0917 3672  ============================================================
15:10:18.0501 3672  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:10:18.0505 3672  ============================================================
15:10:18.0505 3672  \Device\Harddisk0\DR0:
15:10:18.0506 3672  MBR partitions:
15:10:18.0506 3672  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
15:10:18.0506 3672  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x237FB800
15:10:18.0506 3672  ============================================================
15:10:18.0538 3672  C: <-> \Device\Harddisk0\DR0\Partition2
15:10:18.0538 3672  ============================================================
15:10:18.0538 3672  Initialize success
15:10:18.0538 3672  ============================================================
15:10:26.0130 3356  ============================================================
15:10:26.0130 3356  Scan started
15:10:26.0130 3356  Mode: Manual; SigCheck; TDLFS;
15:10:26.0130 3356  ============================================================
15:10:26.0650 3356  ================ Scan system memory ========================
15:10:26.0650 3356  System memory - ok
15:10:26.0652 3356  ================ Scan services =============================
15:10:27.0014 3356  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:10:27.0451 3356  1394ohci - ok
15:10:27.0514 3356  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:10:27.0568 3356  ACPI - ok
15:10:27.0649 3356  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
15:10:27.0752 3356  AcpiPmi - ok
15:10:27.0919 3356  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:10:27.0954 3356  AdobeARMservice - ok
15:10:28.0169 3356  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:10:28.0208 3356  AdobeFlashPlayerUpdateSvc - ok
15:10:28.0299 3356  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
15:10:28.0362 3356  adp94xx - ok
15:10:28.0428 3356  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
15:10:28.0479 3356  adpahci - ok
15:10:28.0543 3356  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
15:10:28.0585 3356  adpu320 - ok
15:10:28.0678 3356  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
15:10:28.0977 3356  AeLookupSvc - ok
15:10:29.0086 3356  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
15:10:29.0179 3356  AFD - ok
15:10:29.0235 3356  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:10:29.0271 3356  agp440 - ok
15:10:29.0327 3356  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
15:10:29.0400 3356  ALG - ok
15:10:29.0460 3356  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:10:29.0494 3356  aliide - ok
15:10:29.0517 3356  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:10:29.0550 3356  amdide - ok
15:10:29.0599 3356  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
15:10:29.0695 3356  AmdK8 - ok
15:10:29.0744 3356  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:10:29.0815 3356  AmdPPM - ok
15:10:29.0889 3356  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
15:10:29.0929 3356  amdsata - ok
15:10:29.0968 3356  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:10:30.0011 3356  amdsbs - ok
15:10:30.0044 3356  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
15:10:30.0082 3356  amdxata - ok
15:10:30.0221 3356  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:10:30.0255 3356  AntiVirSchedulerService - ok
15:10:30.0326 3356  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:10:30.0356 3356  AntiVirService - ok
15:10:30.0431 3356  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
15:10:30.0811 3356  AppID - ok
15:10:30.0913 3356  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:10:31.0082 3356  AppIDSvc - ok
15:10:31.0177 3356  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo        C:\Windows\System32\appinfo.dll
15:10:31.0243 3356  Appinfo - ok
15:10:31.0403 3356  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:10:31.0433 3356  Apple Mobile Device - ok
15:10:31.0503 3356  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\DRIVERS\arc.sys
15:10:31.0553 3356  arc - ok
15:10:31.0593 3356  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:10:31.0653 3356  arcsas - ok
15:10:31.0843 3356  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:10:31.0883 3356  aspnet_state - ok
15:10:31.0913 3356  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:10:32.0013 3356  AsyncMac - ok
15:10:32.0083 3356  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
15:10:32.0103 3356  atapi - ok
15:10:32.0183 3356  [ E642491F64E58CD5BC8FB8B347DCF65F ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:10:32.0313 3356  athr - ok
15:10:32.0383 3356  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:10:32.0523 3356  AudioEndpointBuilder - ok
15:10:32.0543 3356  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:10:32.0653 3356  AudioSrv - ok
15:10:32.0713 3356  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:10:32.0793 3356  avgntflt - ok
15:10:32.0843 3356  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:10:32.0863 3356  avipbb - ok
15:10:32.0893 3356  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:10:32.0913 3356  avkmgr - ok
15:10:32.0963 3356  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:10:33.0073 3356  AxInstSV - ok
15:10:33.0123 3356  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
15:10:33.0223 3356  b06bdrv - ok
15:10:33.0253 3356  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:10:33.0313 3356  b57nd60a - ok
15:10:33.0443 3356  [ 2D659B569A76CDB83B815675A80D7096 ] BCM43XX        C:\Windows\system32\DRIVERS\bcmwl664.sys
15:10:33.0693 3356  BCM43XX - ok
15:10:33.0723 3356  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:10:33.0773 3356  BDESVC - ok
15:10:33.0793 3356  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:10:33.0894 3356  Beep - ok
15:10:33.0994 3356  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
15:10:34.0114 3356  BFE - ok
15:10:34.0154 3356  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
15:10:34.0344 3356  BITS - ok
15:10:34.0374 3356  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:10:34.0414 3356  blbdrive - ok
15:10:34.0524 3356  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:10:34.0554 3356  Bonjour Service - ok
15:10:34.0624 3356  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:10:34.0674 3356  bowser - ok
15:10:34.0724 3356  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:10:34.0804 3356  BrFiltLo - ok
15:10:34.0824 3356  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:10:34.0894 3356  BrFiltUp - ok
15:10:34.0954 3356  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:10:35.0054 3356  BridgeMP - ok
15:10:35.0114 3356  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
15:10:35.0174 3356  Browser - ok
15:10:35.0204 3356  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
15:10:35.0274 3356  Brserid - ok
15:10:35.0304 3356  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:10:35.0354 3356  BrSerWdm - ok
15:10:35.0374 3356  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:10:35.0424 3356  BrUsbMdm - ok
15:10:35.0444 3356  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:10:35.0484 3356  BrUsbSer - ok
15:10:35.0514 3356  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:10:35.0564 3356  BTHMODEM - ok
15:10:35.0604 3356  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
15:10:35.0694 3356  bthserv - ok
15:10:35.0724 3356  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:10:35.0834 3356  cdfs - ok
15:10:35.0914 3356  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\drivers\cdrom.sys
15:10:35.0954 3356  cdrom - ok
15:10:36.0004 3356  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
15:10:36.0104 3356  CertPropSvc - ok
15:10:36.0144 3356  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:10:36.0174 3356  circlass - ok
15:10:36.0204 3356  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:10:36.0244 3356  CLFS - ok
15:10:36.0304 3356  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:10:36.0324 3356  clr_optimization_v2.0.50727_32 - ok
15:10:36.0364 3356  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:10:36.0384 3356  clr_optimization_v2.0.50727_64 - ok
15:10:36.0534 3356  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:10:36.0554 3356  clr_optimization_v4.0.30319_32 - ok
15:10:36.0594 3356  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:10:36.0644 3356  clr_optimization_v4.0.30319_64 - ok
15:10:36.0704 3356  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:10:36.0734 3356  CmBatt - ok
15:10:36.0794 3356  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:10:36.0814 3356  cmdide - ok
15:10:36.0884 3356  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\Windows\system32\Drivers\cng.sys
15:10:36.0954 3356  CNG - ok
15:10:36.0994 3356  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:10:37.0024 3356  Compbatt - ok
15:10:37.0074 3356  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:10:37.0144 3356  CompositeBus - ok
15:10:37.0154 3356  COMSysApp - ok
15:10:37.0184 3356  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
15:10:37.0204 3356  crcdisk - ok
15:10:37.0264 3356  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:10:37.0314 3356  CryptSvc - ok
15:10:37.0404 3356  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:10:37.0464 3356  cvhsvc - ok
15:10:37.0534 3356  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:10:37.0664 3356  DcomLaunch - ok
15:10:37.0694 3356  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
15:10:37.0804 3356  defragsvc - ok
15:10:37.0864 3356  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:10:37.0984 3356  DfsC - ok
15:10:38.0064 3356  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:10:38.0134 3356  Dhcp - ok
15:10:38.0134 3356  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:10:38.0234 3356  discache - ok
15:10:38.0274 3356  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:10:38.0304 3356  Disk - ok
15:10:38.0344 3356  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:10:38.0414 3356  Dnscache - ok
15:10:38.0464 3356  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
15:10:38.0564 3356  dot3svc - ok
15:10:38.0624 3356  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
15:10:38.0724 3356  DPS - ok
15:10:38.0754 3356  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
15:10:38.0784 3356  drmkaud - ok
15:10:38.0884 3356  [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService  C:\Program Files (x86)\Launch Manager\dsiwmis.exe
15:10:38.0924 3356  DsiWMIService - ok
15:10:38.0994 3356  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
15:10:39.0084 3356  DXGKrnl - ok
15:10:39.0124 3356  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
15:10:39.0254 3356  EapHost - ok
15:10:39.0344 3356  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
15:10:39.0514 3356  ebdrv - ok
15:10:39.0574 3356  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
15:10:39.0624 3356  EFS - ok
15:10:39.0704 3356  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
15:10:39.0784 3356  ehRecvr - ok
15:10:39.0804 3356  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
15:10:39.0864 3356  ehSched - ok
15:10:39.0894 3356  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
15:10:39.0944 3356  elxstor - ok
15:10:40.0044 3356  [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc      C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
15:10:40.0104 3356  ePowerSvc - ok
15:10:40.0134 3356  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:10:40.0174 3356  ErrDev - ok
15:10:40.0204 3356  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
15:10:40.0314 3356  EventSystem - ok
15:10:40.0344 3356  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
15:10:40.0434 3356  exfat - ok
15:10:40.0464 3356  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
15:10:40.0554 3356  fastfat - ok
15:10:40.0634 3356  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
15:10:40.0714 3356  Fax - ok
15:10:40.0734 3356  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
15:10:40.0794 3356  fdc - ok
15:10:40.0804 3356  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
15:10:40.0914 3356  fdPHost - ok
15:10:40.0934 3356  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:10:41.0044 3356  FDResPub - ok
15:10:41.0064 3356  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:10:41.0094 3356  FileInfo - ok
15:10:41.0114 3356  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
15:10:41.0224 3356  Filetrace - ok
15:10:41.0254 3356  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:10:41.0294 3356  flpydisk - ok
15:10:41.0374 3356  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:10:41.0404 3356  FltMgr - ok
15:10:41.0504 3356  [ C4C183E6551084039EC862DA1C945E3D ] FontCache      C:\Windows\system32\FntCache.dll
15:10:41.0594 3356  FontCache - ok
15:10:41.0674 3356  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:10:41.0703 3356  FontCache3.0.0.0 - ok
15:10:41.0725 3356  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
15:10:41.0762 3356  FsDepends - ok
15:10:41.0809 3356  [ B16B626996C74B564005BA855C5DEE90 ] fssfltr        C:\Windows\system32\DRIVERS\fssfltr.sys
15:10:41.0853 3356  fssfltr - ok
15:10:42.0020 3356  [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:10:42.0160 3356  fsssvc - ok
15:10:42.0212 3356  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:10:42.0242 3356  Fs_Rec - ok
15:10:42.0302 3356  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:10:42.0354 3356  fvevol - ok
15:10:42.0398 3356  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:10:42.0430 3356  gagp30kx - ok
15:10:42.0512 3356  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:10:42.0534 3356  GEARAspiWDM - ok
15:10:42.0610 3356  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
15:10:42.0765 3356  gpsvc - ok
15:10:42.0837 3356  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService    C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
15:10:42.0857 3356  GREGService - ok
15:10:43.0166 3356  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:10:43.0187 3356  gupdate - ok
15:10:43.0233 3356  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:10:43.0254 3356  gupdatem - ok
15:10:43.0328 3356  [ 335F1796AB4AE621D34A7229D6EEFA95 ] HauppaugeTVServer C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
15:10:43.0371 3356  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - warning
15:10:43.0371 3356  HauppaugeTVServer - detected UnsignedFile.Multi.Generic (1)
15:10:43.0394 3356  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:10:43.0448 3356  hcw85cir - ok
15:10:43.0520 3356  [ 7927EB9E64902FCAF126538F009C824C ] hcw95bda        C:\Windows\system32\Drivers\hcw95bda.sys
15:10:43.0578 3356  hcw95bda - ok
15:10:43.0597 3356  [ 6CC035E4B3FD9702ABEB71D3FF8B899E ] hcw95rc        C:\Windows\system32\DRIVERS\hcw95rc.sys
15:10:43.0630 3356  hcw95rc - ok
15:10:43.0707 3356  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:10:43.0767 3356  HdAudAddService - ok
15:10:43.0808 3356  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:10:43.0854 3356  HDAudBus - ok
15:10:43.0892 3356  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64        C:\Windows\system32\DRIVERS\HECIx64.sys
15:10:43.0913 3356  HECIx64 - ok
15:10:43.0938 3356  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
15:10:43.0975 3356  HidBatt - ok
15:10:43.0995 3356  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:10:44.0030 3356  HidBth - ok
15:10:44.0048 3356  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
15:10:44.0092 3356  HidIr - ok
15:10:44.0137 3356  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\System32\hidserv.dll
15:10:44.0242 3356  hidserv - ok
15:10:44.0263 3356  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:10:44.0286 3356  HidUsb - ok
15:10:44.0341 3356  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:10:44.0449 3356  hkmsvc - ok
15:10:44.0538 3356  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:10:44.0601 3356  HomeGroupListener - ok
15:10:44.0687 3356  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:10:44.0730 3356  HomeGroupProvider - ok
15:10:44.0753 3356  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:10:44.0775 3356  HpSAMD - ok
15:10:44.0857 3356  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:10:44.0976 3356  HTTP - ok
15:10:45.0051 3356  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:10:45.0070 3356  hwpolicy - ok
15:10:45.0124 3356  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:10:45.0146 3356  i8042prt - ok
15:10:45.0198 3356  [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:10:45.0228 3356  iaStor - ok
15:10:45.0296 3356  [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:10:45.0309 3356  IAStorDataMgrSvc - ok
15:10:45.0338 3356  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
15:10:45.0377 3356  iaStorV - ok
15:10:45.0435 3356  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:10:45.0484 3356  idsvc - ok
15:10:45.0733 3356  [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:10:46.0123 3356  igfx - ok
15:10:46.0161 3356  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
15:10:46.0183 3356  iirsp - ok
15:10:46.0224 3356  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:10:46.0344 3356  IKEEXT - ok
15:10:46.0395 3356  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd          C:\Windows\system32\DRIVERS\Impcd.sys
15:10:46.0449 3356  Impcd - ok
15:10:46.0543 3356  [ A3BCBD0F710580A07D1B929D787D36CE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:10:46.0654 3356  IntcAzAudAddService - ok
15:10:46.0695 3356  [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:10:46.0742 3356  IntcDAud - ok
15:10:46.0759 3356  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:10:46.0775 3356  intelide - ok
15:10:46.0811 3356  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:10:46.0845 3356  intelppm - ok
15:10:46.0876 3356  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
15:10:46.0954 3356  IPBusEnum - ok
15:10:47.0006 3356  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:10:47.0092 3356  IpFilterDriver - ok
15:10:47.0157 3356  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:10:47.0230 3356  iphlpsvc - ok
15:10:47.0281 3356  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
15:10:47.0315 3356  IPMIDRV - ok
15:10:47.0337 3356  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
15:10:47.0404 3356  IPNAT - ok
15:10:47.0511 3356  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:10:47.0543 3356  iPod Service - ok
15:10:47.0562 3356  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:10:47.0624 3356  IRENUM - ok
15:10:47.0676 3356  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:10:47.0693 3356  isapnp - ok
15:10:47.0752 3356  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:10:47.0775 3356  iScsiPrt - ok
15:10:47.0820 3356  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr      C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:10:47.0836 3356  IviRegMgr - ok
15:10:47.0876 3356  [ C9B4ECC187581E5BF3F76648884B7829 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
15:10:47.0900 3356  k57nd60a - ok
15:10:47.0937 3356  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:10:47.0953 3356  kbdclass - ok
15:10:48.0019 3356  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:10:48.0054 3356  kbdhid - ok
15:10:48.0079 3356  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:10:48.0095 3356  KeyIso - ok
15:10:48.0148 3356  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:10:48.0165 3356  KSecDD - ok
15:10:48.0227 3356  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
15:10:48.0248 3356  KSecPkg - ok
15:10:48.0264 3356  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
15:10:48.0327 3356  ksthunk - ok
15:10:48.0372 3356  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
15:10:48.0457 3356  KtmRm - ok
15:10:48.0517 3356  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:10:48.0603 3356  LanmanServer - ok
15:10:48.0655 3356  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:10:48.0734 3356  LanmanWorkstation - ok
15:10:48.0765 3356  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:10:48.0843 3356  lltdio - ok
15:10:48.0882 3356  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
15:10:48.0967 3356  lltdsvc - ok
15:10:48.0988 3356  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
15:10:49.0065 3356  lmhosts - ok
15:10:49.0133 3356  [ DBC1136A62BD4DECC3632DF650284C2E ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:10:49.0154 3356  LMS - ok
15:10:49.0197 3356  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:10:49.0215 3356  LSI_FC - ok
15:10:49.0226 3356  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
15:10:49.0244 3356  LSI_SAS - ok
15:10:49.0266 3356  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:10:49.0285 3356  LSI_SAS2 - ok
15:10:49.0302 3356  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:10:49.0321 3356  LSI_SCSI - ok
15:10:49.0354 3356  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
15:10:49.0440 3356  luafv - ok
15:10:49.0495 3356  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
15:10:49.0527 3356  Mcx2Svc - ok
15:10:49.0542 3356  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
15:10:49.0559 3356  megasas - ok
15:10:49.0579 3356  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:10:49.0608 3356  MegaSR - ok
15:10:49.0629 3356  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
15:10:49.0732 3356  MMCSS - ok
15:10:49.0753 3356  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
15:10:49.0842 3356  Modem - ok
15:10:49.0859 3356  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
15:10:49.0893 3356  monitor - ok
15:10:49.0948 3356  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:10:49.0965 3356  mouclass - ok
15:10:49.0993 3356  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:10:50.0028 3356  mouhid - ok
15:10:50.0087 3356  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:10:50.0105 3356  mountmgr - ok
15:10:50.0211 3356  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:10:50.0233 3356  MozillaMaintenance - ok
15:10:50.0289 3356  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:10:50.0313 3356  mpio - ok
15:10:50.0330 3356  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:10:50.0395 3356  mpsdrv - ok
15:10:50.0460 3356  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:10:50.0564 3356  MpsSvc - ok
15:10:50.0610 3356  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:10:50.0656 3356  MRxDAV - ok
15:10:50.0689 3356  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:10:50.0737 3356  mrxsmb - ok
15:10:50.0800 3356  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:10:50.0840 3356  mrxsmb10 - ok
15:10:50.0877 3356  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:10:50.0918 3356  mrxsmb20 - ok
15:10:50.0951 3356  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:10:50.0968 3356  msahci - ok
15:10:50.0991 3356  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
15:10:51.0010 3356  msdsm - ok
15:10:51.0052 3356  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
15:10:51.0089 3356  MSDTC - ok
15:10:51.0134 3356  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:10:51.0199 3356  Msfs - ok
15:10:51.0222 3356  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
15:10:51.0300 3356  mshidkmdf - ok
15:10:51.0361 3356  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:10:51.0378 3356  msisadrv - ok
15:10:51.0427 3356  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
15:10:51.0497 3356  MSiSCSI - ok
15:10:51.0504 3356  msiserver - ok
15:10:51.0529 3356  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
15:10:51.0605 3356  MSKSSRV - ok
15:10:51.0620 3356  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:10:51.0676 3356  MSPCLOCK - ok
15:10:51.0697 3356  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
15:10:51.0761 3356  MSPQM - ok
15:10:51.0823 3356  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
15:10:51.0848 3356  MsRPC - ok
15:10:51.0860 3356  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:10:51.0876 3356  mssmbios - ok
15:10:51.0884 3356  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
15:10:51.0949 3356  MSTEE - ok
15:10:51.0971 3356  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:10:51.0997 3356  MTConfig - ok
15:10:52.0028 3356  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
15:10:52.0046 3356  Mup - ok
15:10:52.0109 3356  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:10:52.0191 3356  napagent - ok
15:10:52.0242 3356  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
15:10:52.0272 3356  NativeWifiP - ok
15:10:52.0345 3356  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:10:52.0390 3356  NDIS - ok
15:10:52.0411 3356  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
15:10:52.0468 3356  NdisCap - ok
15:10:52.0503 3356  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:10:52.0560 3356  NdisTapi - ok
15:10:52.0614 3356  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
15:10:52.0670 3356  Ndisuio - ok
15:10:52.0729 3356  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
15:10:52.0787 3356  NdisWan - ok
15:10:52.0836 3356  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
15:10:52.0902 3356  NDProxy - ok
15:10:52.0968 3356  [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl        C:\Windows\system32\DRIVERS\netaapl64.sys
15:10:53.0019 3356  Netaapl - ok
15:10:53.0031 3356  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
15:10:53.0097 3356  NetBIOS - ok
15:10:53.0160 3356  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
15:10:53.0229 3356  NetBT - ok
15:10:53.0245 3356  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:10:53.0261 3356  Netlogon - ok
15:10:53.0302 3356  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:10:53.0383 3356  Netman - ok
15:10:53.0447 3356  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:10:53.0463 3356  NetMsmqActivator - ok
15:10:53.0470 3356  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:10:53.0485 3356  NetPipeActivator - ok
15:10:53.0509 3356  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:10:53.0577 3356  netprofm - ok
15:10:53.0598 3356  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:10:53.0613 3356  NetTcpActivator - ok
15:10:53.0620 3356  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:10:53.0635 3356  NetTcpPortSharing - ok
15:10:53.0660 3356  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
15:10:53.0677 3356  nfrd960 - ok
15:10:53.0740 3356  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:10:53.0785 3356  NlaSvc - ok
15:10:53.0899 3356  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess      C:\Windows\SysWOW64\NMSAccess32.exe
15:10:53.0913 3356  NMSAccess - ok
15:10:53.0924 3356  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:10:53.0989 3356  Npfs - ok
15:10:54.0003 3356  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
15:10:54.0086 3356  nsi - ok
15:10:54.0114 3356  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:10:54.0185 3356  nsiproxy - ok
15:10:54.0269 3356  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:10:54.0356 3356  Ntfs - ok
15:10:54.0417 3356  [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
15:10:54.0434 3356  NTI IScheduleSvc - ok
15:10:54.0469 3356  [ 28C59F594044CBF8598B18C927097091 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:10:54.0481 3356  NTIBackupSvc - ok
15:10:54.0567 3356  [ 710263B44C1D1AEE07525A53401FBE48 ] NTIDrvr        C:\Windows\system32\drivers\NTIDrvr.sys
15:10:54.0580 3356  NTIDrvr - ok
15:10:54.0612 3356  [ B8D903B2894FF9AFBD99CA51C35590D7 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:10:54.0657 3356  NTISchedulerSvc - ok
15:10:54.0678 3356  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:10:54.0767 3356  Null - ok
15:10:54.0839 3356  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:10:54.0858 3356  nvraid - ok
15:10:54.0874 3356  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:10:54.0894 3356  nvstor - ok
15:10:54.0950 3356  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:10:54.0968 3356  nv_agp - ok
15:10:55.0022 3356  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:10:55.0057 3356  ohci1394 - ok
15:10:55.0107 3356  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:10:55.0124 3356  ose - ok
15:10:55.0276 3356  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:10:55.0467 3356  osppsvc - ok
15:10:55.0496 3356  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:10:55.0545 3356  p2pimsvc - ok
15:10:55.0574 3356  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:10:55.0610 3356  p2psvc - ok
15:10:55.0629 3356  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
15:10:55.0661 3356  Parport - ok
15:10:55.0716 3356  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
15:10:55.0733 3356  partmgr - ok
15:10:55.0754 3356  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:10:55.0793 3356  PcaSvc - ok
15:10:55.0809 3356  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
15:10:55.0829 3356  pci - ok
15:10:55.0848 3356  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:10:55.0863 3356  pciide - ok
15:10:55.0882 3356  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:10:55.0903 3356  pcmcia - ok
15:10:55.0928 3356  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
15:10:55.0945 3356  pcw - ok
15:10:55.0966 3356  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:10:56.0050 3356  PEAUTH - ok
15:10:56.0087 3356  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:10:56.0117 3356  PerfHost - ok
15:10:56.0206 3356  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
15:10:56.0320 3356  pla - ok
15:10:56.0367 3356  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:10:56.0421 3356  PlugPlay - ok
15:10:56.0505 3356  [ F485770EEC8959684CC4C4786B63C06C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:10:56.0571 3356  Pml Driver HPZ12 - ok
15:10:56.0592 3356  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
15:10:56.0609 3356  PNRPAutoReg - ok
15:10:56.0630 3356  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
15:10:56.0651 3356  PNRPsvc - ok
15:10:56.0706 3356  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
15:10:56.0786 3356  PolicyAgent - ok
15:10:56.0820 3356  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
15:10:56.0883 3356  Power - ok
15:10:56.0942 3356  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:10:57.0009 3356  PptpMiniport - ok
15:10:57.0030 3356  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\DRIVERS\processr.sys
15:10:57.0056 3356  Processor - ok
15:10:57.0116 3356  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
15:10:57.0152 3356  ProfSvc - ok
15:10:57.0167 3356  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:10:57.0184 3356  ProtectedStorage - ok
15:10:57.0243 3356  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:10:57.0324 3356  Psched - ok
15:10:57.0363 3356  [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2      C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:10:57.0379 3356  PSI_SVC_2 - ok
15:10:57.0420 3356  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:10:57.0496 3356  ql2300 - ok
15:10:57.0519 3356  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:10:57.0538 3356  ql40xx - ok
15:10:57.0560 3356  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
15:10:57.0591 3356  QWAVE - ok
15:10:57.0615 3356  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:10:57.0656 3356  QWAVEdrv - ok
15:10:57.0674 3356  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:10:57.0737 3356  RasAcd - ok
15:10:57.0766 3356  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
15:10:57.0854 3356  RasAgileVpn - ok
15:10:57.0882 3356  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
15:10:57.0962 3356  RasAuto - ok
15:10:58.0017 3356  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
15:10:58.0093 3356  Rasl2tp - ok
15:10:58.0159 3356  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:10:58.0258 3356  RasMan - ok
15:10:58.0283 3356  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:10:58.0367 3356  RasPppoe - ok
15:10:58.0386 3356  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
15:10:58.0456 3356  RasSstp - ok
15:10:58.0518 3356  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
15:10:58.0596 3356  rdbss - ok
15:10:58.0612 3356  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:10:58.0636 3356  rdpbus - ok
15:10:58.0651 3356  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:10:58.0709 3356  RDPCDD - ok
15:10:58.0748 3356  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:10:58.0818 3356  RDPENCDD - ok
15:10:58.0829 3356  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:10:58.0900 3356  RDPREFMP - ok
15:10:58.0949 3356  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
15:10:59.0006 3356  RDPWD - ok
15:10:59.0058 3356  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:10:59.0079 3356  rdyboost - ok
15:10:59.0119 3356  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:10:59.0193 3356  RemoteAccess - ok
15:10:59.0214 3356  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:10:59.0276 3356  RemoteRegistry - ok
15:10:59.0311 3356  [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:10:59.0339 3356  RimUsb - ok
15:10:59.0361 3356  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:10:59.0437 3356  RpcEptMapper - ok
15:10:59.0469 3356  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:10:59.0502 3356  RpcLocator - ok
15:10:59.0557 3356  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
15:10:59.0622 3356  RpcSs - ok
15:10:59.0642 3356  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:10:59.0714 3356  rspndr - ok
15:10:59.0778 3356  [ 763AE0C6D9DF4C24B7E2C26036A8188A ] RSUSBSTOR      C:\Windows\system32\Drivers\RtsUStor.sys
15:10:59.0797 3356  RSUSBSTOR - ok
15:10:59.0862 3356  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service      C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
15:10:59.0882 3356  RS_Service - ok
15:10:59.0901 3356  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
15:10:59.0919 3356  SamSs - ok
15:10:59.0967 3356  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:10:59.0984 3356  sbp2port - ok
15:11:00.0005 3356  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:11:00.0069 3356  SCardSvr - ok
15:11:00.0123 3356  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:11:00.0194 3356  scfilter - ok
15:11:00.0268 3356  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:11:00.0380 3356  Schedule - ok
15:11:00.0433 3356  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
15:11:00.0494 3356  SCPolicySvc - ok
15:11:00.0555 3356  SDFirewallService - ok
15:11:00.0569 3356  SDMonitorService - ok
15:11:00.0639 3356  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:11:00.0669 3356  SDRSVC - ok
15:11:00.0675 3356  SDScannerService - ok
15:11:00.0684 3356  SDUpdateService - ok
15:11:00.0694 3356  SDWSCService - ok
15:11:00.0761 3356  [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort        C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:11:00.0783 3356  SeaPort - ok
15:11:00.0825 3356  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:11:00.0891 3356  secdrv - ok
15:11:00.0949 3356  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:11:01.0018 3356  seclogon - ok
15:11:01.0042 3356  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
15:11:01.0116 3356  SENS - ok
15:11:01.0144 3356  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:11:01.0202 3356  SensrSvc - ok
15:11:01.0220 3356  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
15:11:01.0260 3356  Serenum - ok
15:11:01.0287 3356  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:11:01.0305 3356  Serial - ok
15:11:01.0355 3356  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:11:01.0390 3356  sermouse - ok
15:11:01.0467 3356  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:11:01.0530 3356  SessionEnv - ok
15:11:01.0578 3356  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
15:11:01.0623 3356  sffdisk - ok
15:11:01.0642 3356  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:11:01.0666 3356  sffp_mmc - ok
15:11:01.0687 3356  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
15:11:01.0716 3356  sffp_sd - ok
15:11:01.0723 3356  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
15:11:01.0739 3356  sfloppy - ok
15:11:01.0811 3356  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs          C:\Windows\system32\DRIVERS\Sftfslh.sys
15:11:01.0844 3356  Sftfs - ok
15:11:01.0929 3356  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist        C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:11:01.0954 3356  sftlist - ok
15:11:02.0001 3356  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay        C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:11:02.0021 3356  Sftplay - ok
15:11:02.0032 3356  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:11:02.0044 3356  Sftredir - ok
15:11:02.0065 3356  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
15:11:02.0077 3356  Sftvol - ok
15:11:02.0128 3356  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:11:02.0146 3356  sftvsa - ok
15:11:02.0194 3356  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:11:02.0266 3356  SharedAccess - ok
15:11:02.0328 3356  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:11:02.0407 3356  ShellHWDetection - ok
15:11:02.0443 3356  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:11:02.0459 3356  SiSRaid2 - ok
15:11:02.0466 3356  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:11:02.0482 3356  SiSRaid4 - ok
15:11:02.0546 3356  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
15:11:02.0561 3356  SkypeUpdate - ok
15:11:02.0578 3356  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
15:11:02.0650 3356  Smb - ok
15:11:02.0695 3356  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:11:02.0731 3356  SNMPTRAP - ok
15:11:02.0796 3356  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
15:11:02.0812 3356  speedfan - ok
15:11:02.0820 3356  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
15:11:02.0835 3356  spldr - ok
15:11:02.0892 3356  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
15:11:02.0934 3356  Spooler - ok
15:11:03.0040 3356  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:11:03.0207 3356  sppsvc - ok
15:11:03.0229 3356  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
15:11:03.0296 3356  sppuinotify - ok
15:11:03.0326 3356  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
15:11:03.0380 3356  srv - ok
15:11:03.0406 3356  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:11:03.0440 3356  srv2 - ok
15:11:03.0467 3356  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:11:03.0485 3356  srvnet - ok
15:11:03.0529 3356  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
15:11:03.0603 3356  SSDPSRV - ok
15:11:03.0661 3356  [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
15:11:03.0674 3356  SSPORT - ok
15:11:03.0692 3356  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
15:11:03.0767 3356  SstpSvc - ok
15:11:03.0782 3356  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:11:03.0797 3356  stexstor - ok
15:11:03.0864 3356  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:11:03.0910 3356  stisvc - ok
15:11:03.0953 3356  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:11:03.0968 3356  swenum - ok
15:11:03.0988 3356  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
15:11:04.0074 3356  swprv - ok
15:11:04.0123 3356  [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
15:11:04.0147 3356  SynTP - ok
15:11:04.0226 3356  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
15:11:04.0325 3356  SysMain - ok
15:11:04.0378 3356  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:11:04.0425 3356  TabletInputService - ok
15:11:04.0484 3356  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
15:11:04.0566 3356  TapiSrv - ok
15:11:04.0582 3356  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
15:11:04.0657 3356  TBS - ok
15:11:04.0742 3356  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
15:11:04.0841 3356  Tcpip - ok
15:11:04.0884 3356  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:11:04.0948 3356  TCPIP6 - ok
15:11:05.0004 3356  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:11:05.0037 3356  tcpipreg - ok
15:11:05.0078 3356  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:11:05.0128 3356  TDPIPE - ok
15:11:05.0182 3356  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
15:11:05.0202 3356  TDTCP - ok
15:11:05.0261 3356  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
15:11:05.0341 3356  tdx - ok
15:11:05.0390 3356  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:11:05.0413 3356  TermDD - ok
15:11:05.0474 3356  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
15:11:05.0557 3356  TermService - ok
15:11:05.0589 3356  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:11:05.0617 3356  Themes - ok
15:11:05.0640 3356  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
15:11:05.0705 3356  THREADORDER - ok
15:11:05.0724 3356  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:11:05.0792 3356  TrkWks - ok
15:11:05.0864 3356  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:11:05.0945 3356  TrustedInstaller - ok
15:11:06.0001 3356  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:11:06.0068 3356  tssecsrv - ok
15:11:06.0126 3356  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:11:06.0191 3356  TsUsbFlt - ok
15:11:06.0282 3356  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:11:06.0366 3356  tunnel - ok
15:11:06.0383 3356  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:11:06.0401 3356  uagp35 - ok
15:11:06.0431 3356  [ 40079B0B801C5432BA435B5AD61CE6E3 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
15:11:06.0447 3356  UBHelper - ok
15:11:06.0532 3356  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:11:06.0600 3356  udfs - ok
15:11:06.0628 3356  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
15:11:06.0671 3356  UI0Detect - ok
15:11:06.0697 3356  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:11:06.0714 3356  uliagpkx - ok
15:11:06.0780 3356  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\drivers\umbus.sys
15:11:06.0811 3356  umbus - ok
15:11:06.0831 3356  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:11:06.0865 3356  UmPass - ok
15:11:06.0967 3356  [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:11:07.0091 3356  UNS - ok
15:11:07.0143 3356  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:11:07.0168 3356  Updater Service - ok
15:11:07.0186 3356  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:11:07.0271 3356  upnphost - ok
15:11:07.0339 3356  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
15:11:07.0375 3356  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
15:11:07.0375 3356  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
15:11:07.0399 3356  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
15:11:07.0425 3356  usbccgp - ok
15:11:07.0474 3356  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:11:07.0515 3356  usbcir - ok
15:11:07.0534 3356  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\drivers\usbehci.sys
15:11:07.0564 3356  usbehci - ok
15:11:07.0586 3356  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:11:07.0623 3356  usbhub - ok
15:11:07.0650 3356  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
15:11:07.0676 3356  usbohci - ok
15:11:07.0697 3356  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:11:07.0719 3356  usbprint - ok
15:11:07.0778 3356  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
15:11:07.0804 3356  usbscan - ok
15:11:07.0829 3356  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:11:07.0857 3356  USBSTOR - ok
15:11:07.0876 3356  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
15:11:07.0904 3356  usbuhci - ok
15:11:07.0942 3356  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:11:07.0982 3356  usbvideo - ok
15:11:08.0009 3356  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
15:11:08.0092 3356  UxSms - ok
15:11:08.0134 3356  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:11:08.0154 3356  VaultSvc - ok
15:11:08.0251 3356  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:11:08.0268 3356  vdrvroot - ok
15:11:08.0320 3356  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
15:11:08.0396 3356  vds - ok
15:11:08.0415 3356  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
15:11:08.0440 3356  vga - ok
15:11:08.0462 3356  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
15:11:08.0525 3356  VgaSave - ok
15:11:08.0546 3356  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
15:11:08.0571 3356  vhdmp - ok
15:11:08.0621 3356  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:11:08.0637 3356  viaide - ok
15:11:08.0657 3356  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:11:08.0674 3356  volmgr - ok
15:11:08.0733 3356  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
15:11:08.0760 3356  volmgrx - ok
15:11:08.0779 3356  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
15:11:08.0803 3356  volsnap - ok
15:11:08.0827 3356  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
15:11:08.0847 3356  vsmraid - ok
15:11:08.0929 3356  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
15:11:09.0040 3356  VSS - ok
15:11:09.0056 3356  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:11:09.0081 3356  vwifibus - ok
15:11:09.0095 3356  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:11:09.0133 3356  vwififlt - ok
15:11:09.0165 3356  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
15:11:09.0191 3356  vwifimp - ok
15:11:09.0220 3356  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
15:11:09.0293 3356  W32Time - ok
15:11:09.0309 3356  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:11:09.0342 3356  WacomPen - ok
15:11:09.0383 3356  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:11:09.0463 3356  WANARP - ok
15:11:09.0469 3356  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:11:09.0533 3356  Wanarpv6 - ok
15:11:09.0615 3356  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
15:11:09.0689 3356  WatAdminSvc - ok
15:11:09.0755 3356  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:11:09.0856 3356  wbengine - ok
15:11:09.0877 3356  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:11:09.0917 3356  WbioSrvc - ok
15:11:09.0975 3356  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
15:11:10.0027 3356  wcncsvc - ok
15:11:10.0043 3356  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:11:10.0082 3356  WcsPlugInService - ok
15:11:10.0102 3356  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:11:10.0119 3356  Wd - ok
15:11:10.0195 3356  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:11:10.0237 3356  Wdf01000 - ok
15:11:10.0253 3356  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:11:10.0332 3356  WdiServiceHost - ok
15:11:10.0337 3356  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
15:11:10.0369 3356  WdiSystemHost - ok
15:11:10.0461 3356  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
15:11:10.0515 3356  WebClient - ok
15:11:10.0534 3356  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:11:10.0622 3356  Wecsvc - ok
15:11:10.0642 3356  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
15:11:10.0708 3356  wercplsupport - ok
15:11:10.0731 3356  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:11:10.0806 3356  WerSvc - ok
15:11:10.0836 3356  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:11:10.0897 3356  WfpLwf - ok
15:11:10.0915 3356  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:11:10.0931 3356  WIMMount - ok
15:11:10.0960 3356  WinDefend - ok
15:11:10.0972 3356  WinHttpAutoProxySvc - ok
15:11:11.0044 3356  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
15:11:11.0112 3356  Winmgmt - ok
15:11:11.0203 3356  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
15:11:11.0347 3356  WinRM - ok
15:11:11.0409 3356  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:11:11.0449 3356  WinUsb - ok
15:11:11.0499 3356  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
15:11:11.0543 3356  Wlansvc - ok
15:11:11.0741 3356  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:11:11.0852 3356  wlidsvc - ok
15:11:11.0891 3356  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
15:11:11.0907 3356  WmiAcpi - ok
15:11:11.0963 3356  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:11:11.0997 3356  wmiApSrv - ok
15:11:12.0019 3356  WMPNetworkSvc - ok
15:11:12.0039 3356  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:11:12.0067 3356  WPCSvc - ok
15:11:12.0123 3356  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:11:12.0161 3356  WPDBusEnum - ok
15:11:12.0200 3356  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
15:11:12.0260 3356  ws2ifsl - ok
15:11:12.0277 3356  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
15:11:12.0313 3356  wscsvc - ok
15:11:12.0319 3356  WSearch - ok
15:11:12.0421 3356  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:11:12.0528 3356  wuauserv - ok
15:11:12.0572 3356  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:11:12.0639 3356  WudfPf - ok
15:11:12.0668 3356  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:11:12.0687 3356  WUDFRd - ok
15:11:12.0738 3356  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
15:11:12.0774 3356  wudfsvc - ok
15:11:12.0821 3356  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc        C:\Windows\System32\wwansvc.dll
15:11:12.0873 3356  WwanSvc - ok
15:11:12.0913 3356  ================ Scan global ===============================
15:11:12.0943 3356  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:11:13.0001 3356  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:11:13.0012 3356  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:11:13.0041 3356  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:11:13.0078 3356  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:11:13.0083 3356  [Global] - ok
15:11:13.0084 3356  ================ Scan MBR ==================================
15:11:13.0126 3356  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:11:13.0497 3356  \Device\Harddisk0\DR0 - ok
15:11:13.0498 3356  ================ Scan VBR ==================================
15:11:13.0502 3356  [ 8E81E6D845553703D5FE2517C319756C ] \Device\Harddisk0\DR0\Partition1
15:11:13.0504 3356  \Device\Harddisk0\DR0\Partition1 - ok
15:11:13.0540 3356  [ 450B139333C593F50796E62F938EFE69 ] \Device\Harddisk0\DR0\Partition2
15:11:13.0542 3356  \Device\Harddisk0\DR0\Partition2 - ok
15:11:13.0543 3356  ============================================================
15:11:13.0543 3356  Scan finished
15:11:13.0543 3356  ============================================================
15:11:13.0564 3000  Detected object count: 2
15:11:13.0564 3000  Actual detected object count: 2
15:12:01.0543 3000  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:01.0544 3000  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:12:01.0545 3000  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:01.0545 3000  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:39 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27