Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   deutsche post fehler in der lieferanschrift - aber keine zip datei (https://www.trojaner-board.de/130226-deutsche-post-fehler-lieferanschrift-keine-zip-datei.html)

luis seyfer 28.01.2013 16:28
deutsche post fehler in der lieferanschrift - aber keine zip datei
 
Hallo,

es ist nicht allzulange her, dass ich mit der Post eMail-Verkehr hatte.
Als nun die hier allseits bekannte eMail bei mir eintraf, habe ich gedacht:
"Was ist denn nun schon wieder?!" und geklickt - auch auf den Link!

eMail:
von: support-pakete-2080@deutschepost.de
Betreff: Deutsche Post.Ein Fehler in der Lieferanschrift


Zitat:
Deutche Post
ID: DE76331914-423

Lieber Kunde,

Es ist unserem Boten leider misslungen einen Postsendung an Ihre Adresse zuzustellen.
Grund: Ein Fehler in der Leiferanschrift.
Sie konnen Ihre Postsendung in unserer Postabteilung personlich kriegen.
Sie sollen dieses Postetikett drucken lassen, um Ihre Postsendung in der Postabteilung empfangen zu konnen.


Anbei finden Sie einen Postetikett.

Vielen Dank!
Deutsche Post AG.
© 2012 Deutsche Post AG Deutsche Post DHL - Mail & Logistics Group
Der Link verweist auf:
Zitat:
hxxp://www.historicyongala.com.au/KRAHTHBDWS.php?receipt=714_75155770
Es gab allerdings KEINE zip-Datei, sondern es passierte nichts offensichtliches!

Sicherheitshalber habe ich Malwarebytes Anti-Malware nach der Anleitung durchlaufen lassen:
Code:
Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.28.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
acer :: ACER-PC [Administrator]

Schutz: Aktiviert

28.01.2013 15:57:07
mbam-log-2013-01-28 (15-57-07).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 313807
Laufzeit: 4 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Sollte ich jetzt dennoch mit OTL weitermachen, oder reicht das schon für eine Entwarnung?

Grüsse
Luis

markusg 28.01.2013 17:24
hi
hattest du den link aufgerufen, bitte leite mir in Zukunft Spam mails an die in meiner Signatur angegebene Adresse weiter.
warum klickt man auf einen link in einer offensichtlichen Spam mail.
1. ausdruck etc der mail ist schlecht.
2. der link sieht nicht mal aus, als würde er auf eine seite der Post verweisen :-)
hattest du beim öffnen eine 404 meldung (nicht gefunden)

luis seyfer 28.01.2013 18:25
Hallo Markus,

ich habe dir die betreffende Mail zugesandt (Betreff: Malware: Deutsche Post.Ein Fehler in der Lieferanschrift - von Luis Seyfer).

Die Mail ist als Spam erkennbar, wenn man richtig hinsieht.
Da ich ohnehin gerade Diskussionen mit der Post führte, habe ich nicht richtig hingesehen.

Ja, es wurde keine Seite gefunden.

markusg 29.01.2013 15:49
hi
wollte nur, auch für mitleser, drauf hinweisen.
danke für die Mail.
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten

luis seyfer 29.01.2013 19:37
TDSSKiller.2.8.15.0_29.01.2013_19.26.27_log.txt
Code:
19:26:27.0077 0184  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:26:27.0093 0184  ============================================================
19:26:27.0093 0184  Current date / time: 2013/01/29 19:26:27.0093
19:26:27.0093 0184  SystemInfo:
19:26:27.0093 0184 
19:26:27.0093 0184  OS Version: 6.1.7601 ServicePack: 1.0
19:26:27.0093 0184  Product type: Workstation
19:26:27.0093 0184  ComputerName: ACER-PC
19:26:27.0093 0184  UserName: acer
19:26:27.0093 0184  Windows directory: C:\Windows
19:26:27.0093 0184  System windows directory: C:\Windows
19:26:27.0093 0184  Running under WOW64
19:26:27.0093 0184  Processor architecture: Intel x64
19:26:27.0093 0184  Number of processors: 4
19:26:27.0093 0184  Page size: 0x1000
19:26:27.0093 0184  Boot type: Normal boot
19:26:27.0093 0184  ============================================================
19:26:27.0904 0184  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:26:27.0904 0184  ============================================================
19:26:27.0904 0184  \Device\Harddisk0\DR0:
19:26:27.0904 0184  MBR partitions:
19:26:27.0904 0184  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:26:27.0904 0184  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x8AAB18E
19:26:27.0904 0184  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA8DD98E, BlocksNum 0x2FAA72B3
19:26:27.0904 0184  ============================================================
19:26:27.0951 0184  C: <-> \Device\Harddisk0\DR0\Partition2
19:26:28.0076 0184  D: <-> \Device\Harddisk0\DR0\Partition3
19:26:28.0076 0184  ============================================================
19:26:28.0076 0184  Initialize success
19:26:28.0076 0184  ============================================================
19:27:39.0976 3144  ============================================================
19:27:39.0976 3144  Scan started
19:27:39.0976 3144  Mode: Manual; SigCheck; TDLFS;
19:27:39.0976 3144  ============================================================
19:27:40.0460 3144  ================ Scan system memory ========================
19:27:40.0460 3144  System memory - ok
19:27:40.0460 3144  ================ Scan services =============================
19:27:40.0647 3144  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:27:40.0850 3144  1394ohci - ok
19:27:40.0928 3144  [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
19:27:41.0006 3144  acedrv11 - ok
19:27:41.0021 3144  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:27:41.0037 3144  ACPI - ok
19:27:41.0053 3144  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
19:27:41.0099 3144  AcpiPmi - ok
19:27:41.0224 3144  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:27:41.0224 3144  AdobeARMservice - ok
19:27:41.0365 3144  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:27:41.0380 3144  AdobeFlashPlayerUpdateSvc - ok
19:27:41.0396 3144  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
19:27:41.0427 3144  adp94xx - ok
19:27:41.0458 3144  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
19:27:41.0474 3144  adpahci - ok
19:27:41.0505 3144  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
19:27:41.0521 3144  adpu320 - ok
19:27:41.0567 3144  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
19:27:41.0661 3144  AeLookupSvc - ok
19:27:41.0677 3144  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
19:27:41.0723 3144  AFD - ok
19:27:41.0739 3144  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:27:41.0755 3144  agp440 - ok
19:27:41.0770 3144  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
19:27:41.0833 3144  ALG - ok
19:27:41.0848 3144  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:27:41.0864 3144  aliide - ok
19:27:41.0879 3144  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:27:41.0895 3144  amdide - ok
19:27:41.0895 3144  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
19:27:41.0957 3144  AmdK8 - ok
19:27:41.0973 3144  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:27:42.0020 3144  AmdPPM - ok
19:27:42.0051 3144  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
19:27:42.0067 3144  amdsata - ok
19:27:42.0082 3144  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:27:42.0098 3144  amdsbs - ok
19:27:42.0145 3144  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
19:27:42.0145 3144  amdxata - ok
19:27:42.0238 3144  [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:27:42.0269 3144  AntiVirSchedulerService - ok
19:27:42.0332 3144  [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:27:42.0347 3144  AntiVirService - ok
19:27:42.0488 3144  [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
19:27:42.0550 3144  AppHostSvc - ok
19:27:42.0581 3144  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
19:27:42.0659 3144  AppID - ok
19:27:42.0675 3144  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:27:42.0737 3144  AppIDSvc - ok
19:27:42.0769 3144  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo        C:\Windows\System32\appinfo.dll
19:27:42.0831 3144  Appinfo - ok
19:27:42.0878 3144  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:27:42.0893 3144  Apple Mobile Device - ok
19:27:42.0909 3144  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\DRIVERS\arc.sys
19:27:42.0925 3144  arc - ok
19:27:42.0925 3144  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:27:42.0940 3144  arcsas - ok
19:27:42.0971 3144  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:27:43.0034 3144  AsyncMac - ok
19:27:43.0065 3144  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
19:27:43.0081 3144  atapi - ok
19:27:43.0159 3144  [ FBBE79D7445AA4494E069A0B91F9417B ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
19:27:43.0159 3144  AtherosSvc - ok
19:27:43.0221 3144  [ C8679A07267F030704168E45E27C3D43 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
19:27:43.0408 3144  athr - ok
19:27:43.0471 3144  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:27:43.0580 3144  AudioEndpointBuilder - ok
19:27:43.0611 3144  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:27:43.0642 3144  AudioSrv - ok
19:27:43.0720 3144  [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
19:27:43.0767 3144  avgntflt - ok
19:27:43.0814 3144  [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
19:27:43.0845 3144  avipbb - ok
19:27:43.0861 3144  [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
19:27:43.0892 3144  avkmgr - ok
19:27:43.0923 3144  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:27:43.0985 3144  AxInstSV - ok
19:27:44.0017 3144  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
19:27:44.0063 3144  b06bdrv - ok
19:27:44.0095 3144  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:27:44.0110 3144  b57nd60a - ok
19:27:44.0141 3144  [ A424CB46A145E5AABF15621550976DF2 ] b57xdbd        C:\Windows\system32\DRIVERS\b57xdbd.sys
19:27:44.0173 3144  b57xdbd - ok
19:27:44.0173 3144  [ BE4E6FD5A898812B85D5817AD9754A9F ] b57xdmp        C:\Windows\system32\DRIVERS\b57xdmp.sys
19:27:44.0188 3144  b57xdmp - ok
19:27:44.0235 3144  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:27:44.0266 3144  BDESVC - ok
19:27:44.0282 3144  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:27:44.0329 3144  Beep - ok
19:27:44.0375 3144  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
19:27:44.0453 3144  BFE - ok
19:27:44.0516 3144  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:27:44.0578 3144  BITS - ok
19:27:44.0594 3144  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:27:44.0625 3144  blbdrive - ok
19:27:44.0734 3144  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:27:44.0734 3144  Bonjour Service - ok
19:27:44.0781 3144  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:27:44.0797 3144  bowser - ok
19:27:44.0812 3144  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:27:44.0828 3144  BrFiltLo - ok
19:27:44.0843 3144  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:27:44.0875 3144  BrFiltUp - ok
19:27:44.0906 3144  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
19:27:44.0953 3144  Browser - ok
19:27:44.0984 3144  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
19:27:45.0015 3144  Brserid - ok
19:27:45.0031 3144  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:27:45.0062 3144  BrSerWdm - ok
19:27:45.0062 3144  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:27:45.0093 3144  BrUsbMdm - ok
19:27:45.0093 3144  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:27:45.0124 3144  BrUsbSer - ok
19:27:45.0140 3144  [ 520408CFDB56DE8CDB44B2F11B9C5B5C ] bScsiMSa        C:\Windows\system32\DRIVERS\bScsiMSa.sys
19:27:45.0155 3144  bScsiMSa - ok
19:27:45.0171 3144  [ 9F880F03F4A72215C8B77FD51322C297 ] bScsiSDa        C:\Windows\system32\DRIVERS\bScsiSDa.sys
19:27:45.0187 3144  bScsiSDa - ok
19:27:45.0233 3144  [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS      C:\Windows\system32\DRIVERS\btath_bus.sys
19:27:45.0249 3144  BTATH_BUS - ok
19:27:45.0296 3144  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum        C:\Windows\system32\drivers\BthEnum.sys
19:27:45.0358 3144  BthEnum - ok
19:27:45.0389 3144  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:27:45.0436 3144  BTHMODEM - ok
19:27:45.0467 3144  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
19:27:45.0545 3144  BthPan - ok
19:27:45.0592 3144  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT        C:\Windows\System32\Drivers\BTHport.sys
19:27:45.0655 3144  BTHPORT - ok
19:27:45.0686 3144  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
19:27:45.0764 3144  bthserv - ok
19:27:45.0795 3144  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
19:27:45.0842 3144  BTHUSB - ok
19:27:45.0857 3144  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:27:45.0889 3144  cdfs - ok
19:27:45.0935 3144  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
19:27:45.0951 3144  cdrom - ok
19:27:45.0982 3144  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
19:27:46.0029 3144  CertPropSvc - ok
19:27:46.0045 3144  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:27:46.0076 3144  circlass - ok
19:27:46.0107 3144  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:27:46.0123 3144  CLFS - ok
19:27:46.0216 3144  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:27:46.0232 3144  clr_optimization_v2.0.50727_32 - ok
19:27:46.0279 3144  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:27:46.0294 3144  clr_optimization_v2.0.50727_64 - ok
19:27:46.0341 3144  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:27:46.0357 3144  clr_optimization_v4.0.30319_32 - ok
19:27:46.0403 3144  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:27:46.0419 3144  clr_optimization_v4.0.30319_64 - ok
19:27:46.0435 3144  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:27:46.0466 3144  CmBatt - ok
19:27:46.0497 3144  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:27:46.0497 3144  cmdide - ok
19:27:46.0513 3144  cmnsusbser - ok
19:27:46.0544 3144  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG            C:\Windows\system32\Drivers\cng.sys
19:27:46.0575 3144  CNG - ok
19:27:46.0637 3144  [ 040FF3B09F26926A3792E047DB0F47DD ] cnnctfy2        C:\Windows\system32\DRIVERS\cnnctfy2.sys
19:27:46.0669 3144  cnnctfy2 - ok
19:27:46.0669 3144  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:27:46.0684 3144  Compbatt - ok
19:27:46.0715 3144  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:27:46.0747 3144  CompositeBus - ok
19:27:46.0747 3144  COMSysApp - ok
19:27:46.0825 3144  [ 27A6C0D6DF4734852A9065624F3580D4 ] Connectify      C:\Program Files (x86)\Connectify\ConnectifyService.exe
19:27:46.0856 3144  Connectify ( UnsignedFile.Multi.Generic ) - warning
19:27:46.0856 3144  Connectify - detected UnsignedFile.Multi.Generic (1)
19:27:46.0871 3144  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
19:27:46.0903 3144  crcdisk - ok
19:27:46.0934 3144  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:27:46.0981 3144  CryptSvc - ok
19:27:47.0012 3144  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:27:47.0090 3144  DcomLaunch - ok
19:27:47.0121 3144  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
19:27:47.0168 3144  defragsvc - ok
19:27:47.0246 3144  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:27:47.0355 3144  DfsC - ok
19:27:47.0402 3144  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:27:47.0449 3144  Dhcp - ok
19:27:47.0464 3144  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:27:47.0511 3144  discache - ok
19:27:47.0527 3144  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:27:47.0542 3144  Disk - ok
19:27:47.0573 3144  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:27:47.0605 3144  Dnscache - ok
19:27:47.0636 3144  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
19:27:47.0683 3144  dot3svc - ok
19:27:47.0714 3144  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
19:27:47.0761 3144  DPS - ok
19:27:47.0776 3144  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
19:27:47.0823 3144  drmkaud - ok
19:27:47.0917 3144  [ 228938F848948A0B42BF521F6829A24F ] DsiWMIService  C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:27:47.0917 3144  DsiWMIService - ok
19:27:47.0948 3144  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
19:27:47.0995 3144  DXGKrnl - ok
19:27:48.0041 3144  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
19:27:48.0088 3144  EapHost - ok
19:27:48.0213 3144  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
19:27:48.0431 3144  ebdrv - ok
19:27:48.0463 3144  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
19:27:48.0509 3144  EFS - ok
19:27:48.0541 3144  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
19:27:48.0556 3144  ElbyCDIO - ok
19:27:48.0572 3144  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
19:27:48.0603 3144  elxstor - ok
19:27:48.0697 3144  [ 52BE4D6C72802CEEDCC9997CE8D2FD85 ] ePowerSvc      C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:27:48.0728 3144  ePowerSvc - ok
19:27:48.0775 3144  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:27:48.0821 3144  ErrDev - ok
19:27:48.0868 3144  [ 9D8739A2A2173C9D27C499A3FC6EDA3F ] ETD            C:\Windows\system32\DRIVERS\ETD.sys
19:27:48.0899 3144  ETD - ok
19:27:48.0931 3144  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
19:27:48.0993 3144  EventSystem - ok
19:27:49.0024 3144  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
19:27:49.0055 3144  exfat - ok
19:27:49.0071 3144  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
19:27:49.0133 3144  fastfat - ok
19:27:49.0149 3144  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
19:27:49.0180 3144  fdc - ok
19:27:49.0196 3144  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
19:27:49.0227 3144  fdPHost - ok
19:27:49.0243 3144  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:27:49.0289 3144  FDResPub - ok
19:27:49.0305 3144  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:27:49.0321 3144  FileInfo - ok
19:27:49.0321 3144  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
19:27:49.0367 3144  Filetrace - ok
19:27:49.0399 3144  [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:27:49.0445 3144  FLEXnet Licensing Service - ok
19:27:49.0523 3144  [ A4297244D4F817278A6AE45B1899CA9C ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:27:49.0570 3144  FLEXnet Licensing Service 64 - ok
19:27:49.0586 3144  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:27:49.0601 3144  flpydisk - ok
19:27:49.0617 3144  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:27:49.0633 3144  FltMgr - ok
19:27:49.0679 3144  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache      C:\Windows\system32\FntCache.dll
19:27:49.0757 3144  FontCache - ok
19:27:49.0804 3144  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:27:49.0835 3144  FontCache3.0.0.0 - ok
19:27:49.0851 3144  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
19:27:49.0882 3144  FsDepends - ok
19:27:49.0913 3144  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:27:49.0913 3144  Fs_Rec - ok
19:27:49.0929 3144  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:27:49.0945 3144  fvevol - ok
19:27:49.0960 3144  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:27:49.0976 3144  gagp30kx - ok
19:27:50.0054 3144  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:27:50.0085 3144  GEARAspiWDM - ok
19:27:50.0101 3144  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
19:27:50.0163 3144  gpsvc - ok
19:27:50.0225 3144  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService    C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
19:27:50.0241 3144  GREGService - ok
19:27:50.0381 3144  [ 4EF269048CE43C543B800EAD7495AEFD ] GSService      C:\Windows\SysWOW64\GSService.exe
19:27:50.0444 3144  GSService ( UnsignedFile.Multi.Generic ) - warning
19:27:50.0444 3144  GSService - detected UnsignedFile.Multi.Generic (1)
19:27:50.0475 3144  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:27:50.0537 3144  hcw85cir - ok
19:27:50.0569 3144  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:27:50.0647 3144  HdAudAddService - ok
19:27:50.0662 3144  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:27:50.0693 3144  HDAudBus - ok
19:27:50.0725 3144  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
19:27:50.0740 3144  HidBatt - ok
19:27:50.0756 3144  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:27:50.0803 3144  HidBth - ok
19:27:50.0849 3144  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
19:27:50.0865 3144  HidIr - ok
19:27:50.0881 3144  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
19:27:50.0927 3144  hidserv - ok
19:27:50.0959 3144  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:27:50.0959 3144  HidUsb - ok
19:27:50.0990 3144  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:27:51.0037 3144  hkmsvc - ok
19:27:51.0083 3144  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:27:51.0099 3144  HomeGroupListener - ok
19:27:51.0130 3144  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:27:51.0161 3144  HomeGroupProvider - ok
19:27:51.0177 3144  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:27:51.0193 3144  HpSAMD - ok
19:27:51.0224 3144  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:27:51.0302 3144  HTTP - ok
19:27:51.0317 3144  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:27:51.0333 3144  hwpolicy - ok
19:27:51.0364 3144  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:27:51.0411 3144  i8042prt - ok
19:27:51.0442 3144  [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:27:51.0458 3144  iaStor - ok
19:27:51.0520 3144  [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:27:51.0551 3144  IAStorDataMgrSvc - ok
19:27:51.0583 3144  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
19:27:51.0645 3144  iaStorV - ok
19:27:51.0770 3144  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:27:51.0801 3144  IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:27:51.0801 3144  IDriverT - detected UnsignedFile.Multi.Generic (1)
19:27:51.0863 3144  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:27:51.0941 3144  idsvc - ok
19:27:52.0222 3144  [ EFE5A0AF39A8E179624117C521F1E012 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:27:52.0628 3144  igfx - ok
19:27:52.0659 3144  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
19:27:52.0675 3144  iirsp - ok
19:27:52.0737 3144  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:27:52.0799 3144  IKEEXT - ok
19:27:52.0909 3144  [ DD1FC331286A33F396945115AE4E5E8A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:27:53.0096 3144  IntcAzAudAddService - ok
19:27:53.0143 3144  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:27:53.0205 3144  IntcDAud - ok
19:27:53.0267 3144  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:27:53.0283 3144  intelide - ok
19:27:53.0330 3144  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:27:53.0377 3144  intelppm - ok
19:27:53.0423 3144  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
19:27:53.0501 3144  IPBusEnum - ok
19:27:53.0533 3144  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:27:53.0579 3144  IpFilterDriver - ok
19:27:53.0626 3144  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:27:53.0720 3144  iphlpsvc - ok
19:27:53.0751 3144  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
19:27:53.0813 3144  IPMIDRV - ok
19:27:53.0845 3144  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
19:27:53.0876 3144  IPNAT - ok
19:27:53.0969 3144  [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:27:53.0985 3144  iPod Service - ok
19:27:54.0001 3144  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:27:54.0016 3144  IRENUM - ok
19:27:54.0032 3144  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:27:54.0032 3144  isapnp - ok
19:27:54.0047 3144  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:27:54.0079 3144  iScsiPrt - ok
19:27:54.0110 3144  [ 0469BFF65BBDEE9E46D0C45EE32A08BD ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
19:27:54.0141 3144  k57nd60a - ok
19:27:54.0141 3144  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
19:27:54.0157 3144  kbdclass - ok
19:27:54.0172 3144  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:27:54.0203 3144  kbdhid - ok
19:27:54.0219 3144  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:27:54.0250 3144  KeyIso - ok
19:27:54.0266 3144  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:27:54.0281 3144  KSecDD - ok
19:27:54.0313 3144  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
19:27:54.0328 3144  KSecPkg - ok
19:27:54.0344 3144  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
19:27:54.0391 3144  ksthunk - ok
19:27:54.0437 3144  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
19:27:54.0469 3144  KtmRm - ok
19:27:54.0500 3144  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:27:54.0547 3144  LanmanServer - ok
19:27:54.0578 3144  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:27:54.0609 3144  LanmanWorkstation - ok
19:27:54.0625 3144  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:27:54.0656 3144  lltdio - ok
19:27:54.0687 3144  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
19:27:54.0765 3144  lltdsvc - ok
19:27:54.0796 3144  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
19:27:54.0874 3144  lmhosts - ok
19:27:54.0921 3144  [ 50C7CE53EF461870410355F1F2E7D515 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:27:54.0921 3144  LMS - ok
19:27:54.0952 3144  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:27:54.0968 3144  LSI_FC - ok
19:27:54.0983 3144  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
19:27:54.0999 3144  LSI_SAS - ok
19:27:54.0999 3144  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:27:55.0015 3144  LSI_SAS2 - ok
19:27:55.0030 3144  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:27:55.0046 3144  LSI_SCSI - ok
19:27:55.0077 3144  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
19:27:55.0108 3144  luafv - ok
19:27:55.0124 3144  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
19:27:55.0139 3144  megasas - ok
19:27:55.0171 3144  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:27:55.0202 3144  MegaSR - ok
19:27:55.0249 3144  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:27:55.0264 3144  MEIx64 - ok
19:27:55.0280 3144  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
19:27:55.0327 3144  MMCSS - ok
19:27:55.0327 3144  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
19:27:55.0373 3144  Modem - ok
19:27:55.0373 3144  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
19:27:55.0389 3144  monitor - ok
19:27:55.0405 3144  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:27:55.0420 3144  mouclass - ok
19:27:55.0436 3144  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:27:55.0451 3144  mouhid - ok
19:27:55.0483 3144  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:27:55.0483 3144  mountmgr - ok
19:27:55.0529 3144  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:27:55.0545 3144  mpio - ok
19:27:55.0561 3144  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:27:55.0592 3144  mpsdrv - ok
19:27:55.0623 3144  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:27:55.0685 3144  MpsSvc - ok
19:27:55.0717 3144  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:27:55.0748 3144  MRxDAV - ok
19:27:55.0779 3144  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:27:55.0795 3144  mrxsmb - ok
19:27:55.0841 3144  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:27:55.0873 3144  mrxsmb10 - ok
19:27:55.0904 3144  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:27:55.0919 3144  mrxsmb20 - ok
19:27:55.0935 3144  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:27:55.0951 3144  msahci - ok
19:27:55.0951 3144  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
19:27:55.0982 3144  msdsm - ok
19:27:55.0997 3144  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
19:27:56.0029 3144  MSDTC - ok
19:27:56.0044 3144  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:27:56.0075 3144  Msfs - ok
19:27:56.0091 3144  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
19:27:56.0138 3144  mshidkmdf - ok
19:27:56.0153 3144  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:27:56.0153 3144  msisadrv - ok
19:27:56.0185 3144  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
19:27:56.0247 3144  MSiSCSI - ok
19:27:56.0247 3144  msiserver - ok
19:27:56.0263 3144  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
19:27:56.0341 3144  MSKSSRV - ok
19:27:56.0341 3144  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:27:56.0372 3144  MSPCLOCK - ok
19:27:56.0403 3144  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
19:27:56.0434 3144  MSPQM - ok
19:27:56.0481 3144  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
19:27:56.0497 3144  MsRPC - ok
19:27:56.0528 3144  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:27:56.0528 3144  mssmbios - ok
19:27:56.0559 3144  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
19:27:56.0575 3144  MSTEE - ok
19:27:56.0590 3144  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:27:56.0590 3144  MTConfig - ok
19:27:56.0606 3144  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
19:27:56.0621 3144  Mup - ok
19:27:56.0668 3144  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:27:56.0715 3144  napagent - ok
19:27:56.0746 3144  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
19:27:56.0824 3144  NativeWifiP - ok
19:27:56.0871 3144  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:27:56.0918 3144  NDIS - ok
19:27:56.0933 3144  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
19:27:56.0980 3144  NdisCap - ok
19:27:57.0011 3144  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:27:57.0089 3144  NdisTapi - ok
19:27:57.0121 3144  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
19:27:57.0167 3144  Ndisuio - ok
19:27:57.0199 3144  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
19:27:57.0245 3144  NdisWan - ok
19:27:57.0277 3144  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
19:27:57.0323 3144  NDProxy - ok
19:27:57.0339 3144  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
19:27:57.0401 3144  NetBIOS - ok
19:27:57.0417 3144  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
19:27:57.0448 3144  NetBT - ok
19:27:57.0464 3144  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:27:57.0479 3144  Netlogon - ok
19:27:57.0511 3144  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:27:57.0557 3144  Netman - ok
19:27:57.0620 3144  [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:27:57.0635 3144  NetMsmqActivator - ok
19:27:57.0667 3144  [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:27:57.0667 3144  NetPipeActivator - ok
19:27:57.0682 3144  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:27:57.0729 3144  netprofm - ok
19:27:57.0745 3144  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:27:57.0745 3144  NetTcpActivator - ok
19:27:57.0745 3144  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:27:57.0760 3144  NetTcpPortSharing - ok
19:27:57.0776 3144  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
19:27:57.0791 3144  nfrd960 - ok
19:27:57.0807 3144  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:27:57.0838 3144  NlaSvc - ok
19:27:57.0838 3144  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:27:57.0869 3144  Npfs - ok
19:27:57.0901 3144  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
19:27:57.0994 3144  nsi - ok
19:27:58.0010 3144  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:27:58.0041 3144  nsiproxy - ok
19:27:58.0119 3144  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:27:58.0197 3144  Ntfs - ok
19:27:58.0291 3144  [ 8F59A2506AF43F96F5397B3C79938AE9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:27:58.0322 3144  NTI IScheduleSvc - ok
19:27:58.0337 3144  [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr        C:\Windows\system32\drivers\NTIDrvr.sys
19:27:58.0337 3144  NTIDrvr - ok
19:27:58.0369 3144  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:27:58.0400 3144  Null - ok
19:27:58.0431 3144  [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
19:27:58.0478 3144  nusb3hub - ok
19:27:58.0509 3144  [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:27:58.0556 3144  nusb3xhc - ok
19:27:58.0790 3144  [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:27:59.0242 3144  nvlddmkm - ok
19:27:59.0258 3144  [ 54C7D4E3A31888FA4BE822F506FE905B ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
19:27:59.0273 3144  nvpciflt - ok
19:27:59.0305 3144  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:27:59.0320 3144  nvraid - ok
19:27:59.0336 3144  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:27:59.0351 3144  nvstor - ok
19:27:59.0445 3144  [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc          C:\Windows\system32\nvvsvc.exe
19:27:59.0476 3144  nvsvc - ok
19:27:59.0554 3144  [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:27:59.0632 3144  nvUpdatusService - ok
19:27:59.0663 3144  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:27:59.0679 3144  nv_agp - ok
19:27:59.0726 3144  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:27:59.0757 3144  ohci1394 - ok
19:27:59.0788 3144  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:27:59.0851 3144  p2pimsvc - ok
19:27:59.0897 3144  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:27:59.0929 3144  p2psvc - ok
19:27:59.0960 3144  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
19:28:00.0007 3144  Parport - ok
19:28:00.0053 3144  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
19:28:00.0069 3144  partmgr - ok
19:28:00.0085 3144  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:28:00.0116 3144  PcaSvc - ok
19:28:00.0163 3144  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
19:28:00.0194 3144  pci - ok
19:28:00.0225 3144  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:28:00.0241 3144  pciide - ok
19:28:00.0256 3144  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:28:00.0272 3144  pcmcia - ok
19:28:00.0287 3144  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
19:28:00.0303 3144  pcw - ok
19:28:00.0319 3144  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:28:00.0381 3144  PEAUTH - ok
19:28:00.0459 3144  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:28:00.0475 3144  PerfHost - ok
19:28:00.0537 3144  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
19:28:00.0631 3144  pla - ok
19:28:00.0693 3144  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:28:00.0724 3144  PlugPlay - ok
19:28:00.0771 3144  [ F485770EEC8959684CC4C4786B63C06C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:28:00.0771 3144  Pml Driver HPZ12 - ok
19:28:00.0802 3144  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
19:28:00.0818 3144  PNRPAutoReg - ok
19:28:00.0833 3144  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
19:28:00.0849 3144  PNRPsvc - ok
19:28:00.0880 3144  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
19:28:00.0943 3144  PolicyAgent - ok
19:28:00.0989 3144  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
19:28:01.0021 3144  Power - ok
19:28:01.0036 3144  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:28:01.0083 3144  PptpMiniport - ok
19:28:01.0114 3144  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\DRIVERS\processr.sys
19:28:01.0130 3144  Processor - ok
19:28:01.0177 3144  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
19:28:01.0208 3144  ProfSvc - ok
19:28:01.0223 3144  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:28:01.0255 3144  ProtectedStorage - ok
19:28:01.0286 3144  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:28:01.0348 3144  Psched - ok
19:28:01.0411 3144  [ 595A22C4CCE855E72D475835F3DF2D53 ] pwdrvio        C:\Windows\system32\pwdrvio.sys
19:28:01.0457 3144  pwdrvio - ok
19:28:01.0520 3144  [ 70EB529F6FEDAC79D0A8E3BB79999277 ] pwdspio        C:\Windows\system32\pwdspio.sys
19:28:01.0551 3144  pwdspio - ok
19:28:01.0613 3144  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:28:01.0754 3144  ql2300 - ok
19:28:01.0769 3144  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:28:01.0785 3144  ql40xx - ok
19:28:01.0816 3144  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
19:28:01.0832 3144  QWAVE - ok
19:28:01.0847 3144  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:28:01.0879 3144  QWAVEdrv - ok
19:28:01.0894 3144  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:28:01.0972 3144  RasAcd - ok
19:28:02.0003 3144  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
19:28:02.0066 3144  RasAgileVpn - ok
19:28:02.0097 3144  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
19:28:02.0128 3144  RasAuto - ok
19:28:02.0159 3144  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
19:28:02.0206 3144  Rasl2tp - ok
19:28:02.0237 3144  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:28:02.0300 3144  RasMan - ok
19:28:02.0300 3144  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:28:02.0347 3144  RasPppoe - ok
19:28:02.0362 3144  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
19:28:02.0409 3144  RasSstp - ok
19:28:02.0440 3144  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
19:28:02.0503 3144  rdbss - ok
19:28:02.0518 3144  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:28:02.0565 3144  rdpbus - ok
19:28:02.0581 3144  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:28:02.0596 3144  RDPCDD - ok
19:28:02.0612 3144  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:28:02.0643 3144  RDPENCDD - ok
19:28:02.0659 3144  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:28:02.0690 3144  RDPREFMP - ok
19:28:02.0768 3144  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:28:02.0830 3144  RdpVideoMiniport - ok
19:28:02.0861 3144  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
19:28:02.0908 3144  RDPWD - ok
19:28:02.0939 3144  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:28:02.0971 3144  rdyboost - ok
19:28:03.0033 3144  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:28:03.0080 3144  RemoteAccess - ok
19:28:03.0111 3144  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:28:03.0173 3144  RemoteRegistry - ok
19:28:03.0220 3144  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
19:28:03.0329 3144  RFCOMM - ok
19:28:03.0361 3144  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:28:03.0439 3144  RpcEptMapper - ok
19:28:03.0470 3144  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:28:03.0501 3144  RpcLocator - ok
19:28:03.0548 3144  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
19:28:03.0610 3144  RpcSs - ok
19:28:03.0610 3144  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:28:03.0641 3144  rspndr - ok
19:28:03.0688 3144  [ C8D0CA461D647165DD5C8DE1FF5EA822 ] rsvcdwdr        C:\Windows\system32\DRIVERS\rsvcdwdr.sys
19:28:03.0704 3144  rsvcdwdr - ok
19:28:03.0704 3144  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
19:28:03.0719 3144  SamSs - ok
19:28:03.0751 3144  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:28:03.0766 3144  sbp2port - ok
19:28:03.0797 3144  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:28:03.0829 3144  SCardSvr - ok
19:28:03.0860 3144  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:28:03.0907 3144  scfilter - ok
19:28:03.0922 3144  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:28:04.0000 3144  Schedule - ok
19:28:04.0031 3144  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
19:28:04.0063 3144  SCPolicySvc - ok
19:28:04.0078 3144  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus          C:\Windows\system32\drivers\sdbus.sys
19:28:04.0125 3144  sdbus - ok
19:28:04.0141 3144  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:28:04.0172 3144  SDRSVC - ok
19:28:04.0187 3144  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:28:04.0219 3144  secdrv - ok
19:28:04.0250 3144  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:28:04.0297 3144  seclogon - ok
19:28:04.0328 3144  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:28:04.0390 3144  SENS - ok
19:28:04.0406 3144  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:28:04.0453 3144  SensrSvc - ok
19:28:04.0468 3144  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
19:28:04.0484 3144  Serenum - ok
19:28:04.0499 3144  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:28:04.0515 3144  Serial - ok
19:28:04.0546 3144  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:28:04.0562 3144  sermouse - ok
19:28:04.0593 3144  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:28:04.0624 3144  SessionEnv - ok
19:28:04.0640 3144  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
19:28:04.0655 3144  sffdisk - ok
19:28:04.0671 3144  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:28:04.0702 3144  sffp_mmc - ok
19:28:04.0718 3144  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
19:28:04.0733 3144  sffp_sd - ok
19:28:04.0749 3144  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
19:28:04.0765 3144  sfloppy - ok
19:28:04.0827 3144  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:28:04.0874 3144  SharedAccess - ok
19:28:04.0936 3144  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:28:04.0967 3144  ShellHWDetection - ok
19:28:04.0983 3144  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:28:04.0999 3144  SiSRaid2 - ok
19:28:05.0014 3144  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:28:05.0030 3144  SiSRaid4 - ok
19:28:05.0030 3144  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
19:28:05.0061 3144  Smb - ok
19:28:05.0108 3144  [ 906DD7D9B267EFCEE0B415D26480EA6A ] SMServer        C:\Windows\SysWOW64\snmvtsvc.exe
19:28:05.0186 3144  SMServer ( UnsignedFile.Multi.Generic ) - warning
19:28:05.0186 3144  SMServer - detected UnsignedFile.Multi.Generic (1)
19:28:05.0264 3144  [ 9AD0DB04B2F5279F6144E475ABF61D01 ] SndTAudio      C:\Windows\system32\drivers\SndTAudio.sys
19:28:05.0279 3144  SndTAudio - ok
19:28:05.0311 3144  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:28:05.0342 3144  SNMPTRAP - ok
19:28:05.0357 3144  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
19:28:05.0373 3144  spldr - ok
19:28:05.0404 3144  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
19:28:05.0420 3144  Spooler - ok
19:28:05.0513 3144  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:28:05.0623 3144  sppsvc - ok
19:28:05.0638 3144  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
19:28:05.0685 3144  sppuinotify - ok
19:28:05.0716 3144  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
19:28:05.0747 3144  srv - ok
19:28:05.0779 3144  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:28:05.0810 3144  srv2 - ok
19:28:05.0857 3144  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:28:05.0888 3144  srvnet - ok
19:28:05.0903 3144  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
19:28:05.0950 3144  SSDPSRV - ok
19:28:05.0950 3144  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
19:28:05.0997 3144  SstpSvc - ok
19:28:06.0013 3144  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:28:06.0013 3144  stexstor - ok
19:28:06.0059 3144  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:28:06.0091 3144  stisvc - ok
19:28:06.0122 3144  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:28:06.0137 3144  swenum - ok
19:28:06.0153 3144  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
19:28:06.0215 3144  swprv - ok
19:28:06.0309 3144  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
19:28:06.0403 3144  SysMain - ok
19:28:06.0449 3144  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:28:06.0465 3144  TabletInputService - ok
19:28:06.0512 3144  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
19:28:06.0590 3144  TapiSrv - ok
19:28:06.0637 3144  [ 93F0F5EF8A4CA261372DF98B31B2BD05 ] tbhsd          C:\Windows\system32\drivers\tbhsd.sys
19:28:06.0637 3144  tbhsd - ok
19:28:06.0668 3144  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
19:28:06.0715 3144  TBS - ok
19:28:06.0793 3144  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
19:28:06.0933 3144  Tcpip - ok
19:28:06.0949 3144  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:28:06.0980 3144  TCPIP6 - ok
19:28:07.0011 3144  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:28:07.0042 3144  tcpipreg - ok
19:28:07.0073 3144  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:28:07.0089 3144  TDPIPE - ok
19:28:07.0120 3144  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
19:28:07.0136 3144  TDTCP - ok
19:28:07.0183 3144  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
19:28:07.0214 3144  tdx - ok
19:28:07.0245 3144  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:28:07.0261 3144  TermDD - ok
19:28:07.0292 3144  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
19:28:07.0354 3144  TermService - ok
19:28:07.0385 3144  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:28:07.0401 3144  Themes - ok
19:28:07.0448 3144  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
19:28:07.0479 3144  THREADORDER - ok
19:28:07.0495 3144  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:28:07.0541 3144  TrkWks - ok
19:28:07.0588 3144  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:28:07.0666 3144  TrustedInstaller - ok
19:28:07.0682 3144  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:28:07.0713 3144  tssecsrv - ok
19:28:07.0729 3144  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:28:07.0760 3144  TsUsbFlt - ok
19:28:07.0838 3144  [ 92010D59383302086C635B7D25A05A33 ] TuneUp.Defrag  C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
19:28:07.0900 3144  TuneUp.Defrag - ok
19:28:07.0947 3144  [ 6525DD751ECBE7FEAFF75E3B178AACC1 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
19:28:07.0994 3144  TuneUp.UtilitiesSvc - ok
19:28:08.0072 3144  [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
19:28:08.0103 3144  TuneUpUtilitiesDrv - ok
19:28:08.0119 3144  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:28:08.0197 3144  tunnel - ok
19:28:08.0243 3144  [ 48743B69EA47C020A792D8649F753F44 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
19:28:08.0259 3144  TurboB - ok
19:28:08.0337 3144  [ 759F59E3EA3802FF23F93DCDB6FE9171 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:28:08.0353 3144  TurboBoost - ok
19:28:08.0384 3144  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:28:08.0399 3144  uagp35 - ok
19:28:08.0415 3144  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
19:28:08.0431 3144  UBHelper - ok
19:28:08.0477 3144  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:28:08.0509 3144  udfs - ok
19:28:08.0540 3144  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
19:28:08.0571 3144  UI0Detect - ok
19:28:08.0587 3144  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:28:08.0602 3144  uliagpkx - ok
19:28:08.0633 3144  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\drivers\umbus.sys
19:28:08.0665 3144  umbus - ok
19:28:08.0680 3144  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:28:08.0711 3144  UmPass - ok
19:28:08.0836 3144  [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:28:08.0914 3144  UNS - ok
19:28:08.0977 3144  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:28:08.0977 3144  Updater Service - ok
19:28:09.0008 3144  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:28:09.0055 3144  upnphost - ok
19:28:09.0101 3144  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
19:28:09.0117 3144  usbccgp - ok
19:28:09.0164 3144  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:28:09.0211 3144  usbcir - ok
19:28:09.0226 3144  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\drivers\usbehci.sys
19:28:09.0257 3144  usbehci - ok
19:28:09.0273 3144  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:28:09.0320 3144  usbhub - ok
19:28:09.0351 3144  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
19:28:09.0382 3144  usbohci - ok
19:28:09.0413 3144  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:28:09.0429 3144  usbprint - ok
19:28:09.0491 3144  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
19:28:09.0554 3144  usbscan - ok
19:28:09.0601 3144  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:28:09.0616 3144  USBSTOR - ok
19:28:09.0647 3144  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
19:28:09.0679 3144  usbuhci - ok
19:28:09.0694 3144  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:28:09.0725 3144  usbvideo - ok
19:28:09.0772 3144  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
19:28:09.0819 3144  usb_rndisx - ok
19:28:09.0835 3144  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
19:28:09.0881 3144  UxSms - ok
19:28:09.0928 3144  [ C8EB4193D33A48A4AD2D5D7CA121CF88 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
19:28:09.0944 3144  UxTuneUp - ok
19:28:09.0959 3144  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:28:09.0991 3144  VaultSvc - ok
19:28:10.0022 3144  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
19:28:10.0037 3144  VClone - ok
19:28:10.0053 3144  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:28:10.0069 3144  vdrvroot - ok
19:28:10.0115 3144  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
19:28:10.0209 3144  vds - ok
19:28:10.0225 3144  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
19:28:10.0240 3144  vga - ok
19:28:10.0256 3144  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
19:28:10.0303 3144  VgaSave - ok
19:28:10.0349 3144  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
19:28:10.0365 3144  vhdmp - ok
19:28:10.0381 3144  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:28:10.0396 3144  viaide - ok
19:28:10.0490 3144  [ A6F27954F541B9D325491844F7F8431D ] Virtual CDAudio Service C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe
19:28:10.0505 3144  Virtual CDAudio Service - ok
19:28:10.0521 3144  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:28:10.0537 3144  volmgr - ok
19:28:10.0552 3144  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
19:28:10.0568 3144  volmgrx - ok
19:28:10.0599 3144  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
19:28:10.0615 3144  volsnap - ok
19:28:10.0646 3144  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
19:28:10.0661 3144  vsmraid - ok
19:28:10.0724 3144  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
19:28:10.0802 3144  VSS - ok
19:28:10.0817 3144  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:28:10.0849 3144  vwifibus - ok
19:28:10.0864 3144  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:28:10.0895 3144  vwififlt - ok
19:28:10.0927 3144  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
19:28:10.0942 3144  vwifimp - ok
19:28:10.0958 3144  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
19:28:11.0005 3144  W32Time - ok
19:28:11.0114 3144  [ B32009DB1972E7F2C227499289C4384A ] W3SVC          C:\Windows\system32\inetsrv\iisw3adm.dll
19:28:11.0176 3144  W3SVC - ok
19:28:11.0192 3144  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:28:11.0239 3144  WacomPen - ok
19:28:11.0254 3144  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:28:11.0301 3144  WANARP - ok
19:28:11.0301 3144  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:28:11.0332 3144  Wanarpv6 - ok
19:28:11.0395 3144  [ B32009DB1972E7F2C227499289C4384A ] WAS            C:\Windows\system32\inetsrv\iisw3adm.dll
19:28:11.0441 3144  WAS - ok
19:28:11.0488 3144  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:28:11.0551 3144  wbengine - ok
19:28:11.0566 3144  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:28:11.0597 3144  WbioSrvc - ok
19:28:11.0629 3144  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
19:28:11.0660 3144  wcncsvc - ok
19:28:11.0675 3144  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:28:11.0707 3144  WcsPlugInService - ok
19:28:11.0722 3144  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:28:11.0738 3144  Wd - ok
19:28:11.0785 3144  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:28:11.0831 3144  Wdf01000 - ok
19:28:11.0847 3144  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:28:11.0878 3144  WdiServiceHost - ok
19:28:11.0878 3144  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
19:28:11.0894 3144  WdiSystemHost - ok
19:28:11.0925 3144  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
19:28:11.0972 3144  WebClient - ok
19:28:11.0987 3144  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:28:12.0034 3144  Wecsvc - ok
19:28:12.0050 3144  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
19:28:12.0097 3144  wercplsupport - ok
19:28:12.0128 3144  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:28:12.0175 3144  WerSvc - ok
19:28:12.0190 3144  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:28:12.0221 3144  WfpLwf - ok
19:28:12.0237 3144  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:28:12.0253 3144  WIMMount - ok
19:28:12.0268 3144  WinDefend - ok
19:28:12.0377 3144  [ CA84C2A0D1F70AF0A990130BB3CF4AAD ] Windows7FirewallService C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
19:28:12.0393 3144  Windows7FirewallService ( UnsignedFile.Multi.Generic ) - warning
19:28:12.0393 3144  Windows7FirewallService - detected UnsignedFile.Multi.Generic (1)
19:28:12.0409 3144  WinHttpAutoProxySvc - ok
19:28:12.0471 3144  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
19:28:12.0518 3144  Winmgmt - ok
19:28:12.0596 3144  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
19:28:12.0752 3144  WinRM - ok
19:28:12.0830 3144  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
19:28:12.0892 3144  Wlansvc - ok
19:28:12.0923 3144  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
19:28:12.0923 3144  WmiAcpi - ok
19:28:12.0955 3144  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:28:12.0986 3144  wmiApSrv - ok
19:28:13.0001 3144  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:28:13.0001 3144  WPCSvc - ok
19:28:13.0048 3144  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:28:13.0064 3144  WPDBusEnum - ok
19:28:13.0079 3144  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
19:28:13.0111 3144  ws2ifsl - ok
19:28:13.0126 3144  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:28:13.0157 3144  wscsvc - ok
19:28:13.0189 3144  WSearch - ok
19:28:13.0298 3144  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:28:13.0391 3144  wuauserv - ok
19:28:13.0469 3144  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:28:13.0532 3144  WudfPf - ok
19:28:13.0579 3144  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
19:28:13.0594 3144  wudfsvc - ok
19:28:13.0610 3144  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
19:28:13.0657 3144  WwanSvc - ok
19:28:13.0703 3144  ================ Scan global ===============================
19:28:13.0719 3144  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:28:13.0750 3144  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:28:13.0766 3144  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:28:13.0797 3144  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:28:13.0828 3144  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:28:13.0844 3144  [Global] - ok
19:28:13.0844 3144  ================ Scan MBR ==================================
19:28:13.0859 3144  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:28:14.0234 3144  \Device\Harddisk0\DR0 - ok
19:28:14.0234 3144  ================ Scan VBR ==================================
19:28:14.0249 3144  [ 37AF2614256FFD1594598B7E6C062A72 ] \Device\Harddisk0\DR0\Partition1
19:28:14.0249 3144  \Device\Harddisk0\DR0\Partition1 - ok
19:28:14.0265 3144  [ 62A4F926DA17D099A949C32B14D0C537 ] \Device\Harddisk0\DR0\Partition2
19:28:14.0265 3144  \Device\Harddisk0\DR0\Partition2 - ok
19:28:14.0281 3144  [ 802EA41A67404C825F19031191FAF29D ] \Device\Harddisk0\DR0\Partition3
19:28:14.0281 3144  \Device\Harddisk0\DR0\Partition3 - ok
19:28:14.0281 3144  ============================================================
19:28:14.0281 3144  Scan finished
19:28:14.0281 3144  ============================================================
19:28:14.0296 3376  Detected object count: 5
19:28:14.0296 3376  Actual detected object count: 5
19:30:47.0473 3376  Connectify ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:47.0473 3376  Connectify ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:30:47.0473 3376  GSService ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:47.0473 3376  GSService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:30:47.0473 3376  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:47.0473 3376  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:30:47.0473 3376  SMServer ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:47.0473 3376  SMServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:30:47.0473 3376  Windows7FirewallService ( UnsignedFile.Multi.Generic ) - skipped by user
19:30:47.0473 3376  Windows7FirewallService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:31:36.0660 3768  Deinitialize success

markusg 29.01.2013 19:40
hi
lade hitmanpro:
HitmanPro - Download - Filepony
doppelklick, lizenz, testlizenz aktivieren.
dann auf scan, am ende nichts löschen, log als xml exportieren und anhängen

luis seyfer 29.01.2013 20:41
Sorry, jetzt hab ich es doch gelöscht.
Hoffe, ich habe keine Spuren beseitigt.
Code:

       
Code:

       
HitmanPro 3.7.1.186
www.hitmanpro.com

   Computer name . . . . : ACER-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : acer-PC\acer
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)

   Scan date . . . . . . : 2013-01-29 20:30:15
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 4m 32s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1

   Objects scanned . . . : 2.044.654
   Files scanned . . . . : 24.588
   Remnants scanned  . . : 540.037 files / 1.480.029 keys

Cookies _____________________________________________________________________

   C:\Users\acer\AppData\Local\Temp\Cookies\EQWX0U8J.txt

...Ich kann die Datei wieder herstellen!
Soll ich das tun?

markusg 31.01.2013 14:33
nein, lass das so :-)
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

luis seyfer 31.01.2013 20:36
Auch wenn das Log anderes behauptet,
Avira und Defender habe ich in den Diensten gestoppt.
Code:
ComboFix 13-01-31.03 - acer 31.01.2013  20:00:51.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3948.1413 [GMT 1:00]
ausgeführt von:: c:\users\worker.acer-PC\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R147AAI.inf_amd64_neutral_2485f81ced67332f\amd64\secubus.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R147AAI.inf_amd64_neutral_2485f81ced67332f\amd64\secuwhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R19TF8Z\WsAudio_DeviceS(1).sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R1DMF3V.inf_amd64_neutral_9bb4b9312ba5263c\amd64\ssadcmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R1DMF3V.inf_amd64_neutral_9bb4b9312ba5263c\amd64\ssadserd.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R1MTOZH.inf_amd64_neutral_e37043d36926d065\amd64\sseccrnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R1MTOZH.inf_amd64_neutral_e37043d36926d065\amd64\ssecunic.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R1MTOZH.inf_amd64_neutral_e37043d36926d065\amd64\ssecwhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R1RBJVV.inf_amd64_neutral_72b3fac558336713\amd64\mbtusbser.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R21CMVP.inf_amd64_neutral_247138a6ed3708d0\nmwcdclsx64.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R21CMVP.inf_amd64_neutral_247138a6ed3708d0\nmwcdnsux64.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R390JIH.inf_amd64_neutral_9cd8f3ee460b4435\ccdcmbox64.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R390JIH.inf_amd64_neutral_9cd8f3ee460b4435\nmwcdclsx64.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R4GSUC6.inf_amd64_neutral_8a6ed9e25774e477\amd64\ssm_cmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R4GSUC6.inf_amd64_neutral_8a6ed9e25774e477\amd64\ssm_mdfl.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R4GSUC6.inf_amd64_neutral_8a6ed9e25774e477\amd64\ssm_mdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R4J6X7W\de-DE\DiagPackage.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R4J6X7W\DiagPackage.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R4VUL92.inf_amd64_neutral_f251edfe6ddfd1bf\amd64\ssaecrnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R4VUL92.inf_amd64_neutral_f251edfe6ddfd1bf\amd64\ssaeunic.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R4VUL92.inf_amd64_neutral_f251edfe6ddfd1bf\amd64\ssaewhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5CG4ME.inf_amd64_neutral_3dfc8f4f4d2c1b34\amd64\ssadcmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5CG4ME.inf_amd64_neutral_3dfc8f4f4d2c1b34\amd64\ssadmdfl.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5CG4ME.inf_amd64_neutral_3dfc8f4f4d2c1b34\amd64\ssadmdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\mpvis.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\setup_wm.exe.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\wmlaunch.exe.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\WMPDMC.exe.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\WMPDMCCore.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\wmplayer.exe.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\WMPMediaSharing.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\wmpnetwk.exe.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\wmpnscfg.exe.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\wmpnssci.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\wmpnssui.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R5SF7CH\WMPSideShowGadget.exe.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R60IKUN\de-DE\DiagPackage.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R60IKUN\DiagPackage.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R6USTFM.inf_amd64_neutral_1a6f106eaa620fcc\amd64\sssdcmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R6USTFM.inf_amd64_neutral_1a6f106eaa620fcc\amd64\sssdmdfl.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R6USTFM.inf_amd64_neutral_1a6f106eaa620fcc\amd64\sssdmdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R7PFGC2.inf_amd64_neutral_910b5c17945c9460\amd64\sscebus.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R7PFGC2.inf_amd64_neutral_910b5c17945c9460\amd64\sscewhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R8AP3FQ.inf_amd64_neutral_4732a16017f7bb26\VT64\C7xPHNV6.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R8AP3FQ.inf_amd64_neutral_4732a16017f7bb26\W764\C7xPHN76.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R8AP3FQ.inf_amd64_neutral_4732a16017f7bb26\XP64\C7xPHNX6.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R8LL2AC.inf_amd64_neutral_3188a136cdb27f07\amd64\secucmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R8LL2AC.inf_amd64_neutral_3188a136cdb27f07\amd64\secumdfl.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R8LL2AC.inf_amd64_neutral_3188a136cdb27f07\amd64\secumdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R8XHGKF.inf_amd64_neutral_aa9384c434d5a484\amd64\HSPUSB.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R9859YZ.inf_amd64_neutral_0745b2a227fcff7a\amd64\ssecbus.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R9859YZ.inf_amd64_neutral_0745b2a227fcff7a\amd64\ssecwhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R99U5I9.inf_amd64_neutral_1590293219a7096e\SndTAudio.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R9NBTDK.inf_amd64_neutral_52d5c961892b3d6b\amd64\ssaebus.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$R9NBTDK.inf_amd64_neutral_52d5c961892b3d6b\amd64\ssaewhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RAG0TID.inf_amd64_neutral_0b4d9aff4bff4834\amd64\ss_bcmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RAG0TID.inf_amd64_neutral_0b4d9aff4bff4834\amd64\ss_bmdfl.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RAG0TID.inf_amd64_neutral_0b4d9aff4bff4834\amd64\ss_bmdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RAXAQ2J.inf_amd64_neutral_1590293219a7096e\SndTAudio.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RBF7S5L.inf_amd64_neutral_f10c2995a60f0dbb\amd64\sscdcmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RBF7S5L.inf_amd64_neutral_f10c2995a60f0dbb\amd64\sscdmdfl.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RBF7S5L.inf_amd64_neutral_f10c2995a60f0dbb\amd64\sscdmdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RBJ1X5U.inf_amd64_neutral_2c086231d5030ed1\amd64\sssdbus.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RBJ1X5U.inf_amd64_neutral_2c086231d5030ed1\amd64\sssdwhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RCA36NL.inf_amd64_neutral_5ba67db7c890f91a\amd64\sscecmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RCA36NL.inf_amd64_neutral_5ba67db7c890f91a\amd64\ssceserd.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RCKJ3GH.inf_amd64_neutral_2a09a18b89bd4cb6\amd64\ssaend5.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RCXBMSC.inf_amd64_neutral_aab4956d58316cca\amd64\ssaecmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RCXBMSC.inf_amd64_neutral_aab4956d58316cca\amd64\ssaemdfl.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RCXBMSC.inf_amd64_neutral_aab4956d58316cca\amd64\ssaemdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RD6UA3X.inf_amd64_neutral_fc7eab7847447728\nmwcdclsx64.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RD6UA3X.inf_amd64_neutral_fc7eab7847447728\nmwcdnsucx64.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RELJO80.inf_amd64_neutral_90500022f5ee5502\amd64\ssm_cmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RELJO80.inf_amd64_neutral_90500022f5ee5502\amd64\ssm_mdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$REWVLLJ.inf_amd64_neutral_6a1c3221782e911c\PCCSWpdDriver.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$REWVLLJ.inf_amd64_neutral_6a1c3221782e911c\WUDFUpdate_01009.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RFELMXL.inf_amd64_neutral_8924f3d5ce0e50f4\ndisrd.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RFHI8WU.inf_amd64_neutral_f8f2e725ef31735d\amd64\sseccmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RFHI8WU.inf_amd64_neutral_f8f2e725ef31735d\amd64\ssecmgmt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RH2WPQ1.inf_amd64_neutral_282b82799728f1c6\amd64\ssm_bus.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RH2WPQ1.inf_amd64_neutral_282b82799728f1c6\amd64\ssm_whnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RHFQPW5.inf_amd64_neutral_81a4504f027ce380\amd64\sscdcmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RHFQPW5.inf_amd64_neutral_81a4504f027ce380\amd64\sscdserd.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RJA1CIK\de-DE\DiagPackage.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RJA1CIK\DiagPackage.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RJETNOL.inf_amd64_neutral_32a5bf0b0f557644\amd64\ssadadb.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RJETNOL.inf_amd64_neutral_32a5bf0b0f557644\amd64\WdfCoInstaller01005.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RKYM4TZ.inf_amd64_neutral_2358dcbee0e9f747\VIA_USB_MODEM.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RLINF1D.inf_amd64_neutral_28cee263fdbd49c1\amd64\sseccmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RLINF1D.inf_amd64_neutral_28cee263fdbd49c1\amd64\ssecobex.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RLMPDNF.inf_amd64_neutral_0a371e51eb1c4f49\amd64\ss_bcmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RLMPDNF.inf_amd64_neutral_0a371e51eb1c4f49\amd64\ss_bserd.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RN08OBM.inf_amd64_neutral_69aa90ad28d14403\AmpPal.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RN08OBM.inf_amd64_neutral_69aa90ad28d14403\WdfCoInstaller01009.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RN6NSPK.inf_amd64_neutral_94106b83bf720bfd\Netwcw00.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RN6NSPK.inf_amd64_neutral_94106b83bf720bfd\Netwrw00.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RN6NSPK.inf_amd64_neutral_94106b83bf720bfd\Netwsw00.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RNAOM2F.inf_amd64_neutral_cfba50e5812e4b6f\ccdcmbwux64.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RNAOM2F.inf_amd64_neutral_cfba50e5812e4b6f\ccdcmbx64.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RNAOM2F.inf_amd64_neutral_cfba50e5812e4b6f\nmwcdclsx64.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RNAOM2F.inf_amd64_neutral_cfba50e5812e4b6f\nmwcdcoclsx64.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RNAOM2F.inf_amd64_neutral_cfba50e5812e4b6f\wdfcoinstaller01009.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RNMDUM0.inf_amd64_neutral_172aee87bb6725e8\NETwNc64.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RNMDUM0.inf_amd64_neutral_172aee87bb6725e8\NETwNr64.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RNMDUM0.inf_amd64_neutral_172aee87bb6725e8\NETwNs64.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$ROADGYY.inf_amd64_neutral_c15b1b62bb89ce93\amd64\ss_bbus.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$ROADGYY.inf_amd64_neutral_c15b1b62bb89ce93\amd64\ss_bwhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$ROGB8PK.inf_amd64_neutral_7650de2ad52e799c\amd64\sseccmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$ROGB8PK.inf_amd64_neutral_7650de2ad52e799c\amd64\ssecmdfl.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$ROGB8PK.inf_amd64_neutral_7650de2ad52e799c\amd64\ssecmdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$ROKW32K.inf_amd64_neutral_2a0c3f17bb114932\flashusb.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$ROVJ89K.inf_amd64_neutral_213d8cdcfe2b0ef6\amd64\ssbccmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$ROVJ89K.inf_amd64_neutral_213d8cdcfe2b0ef6\amd64\ssbcmdfl.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$ROVJ89K.inf_amd64_neutral_213d8cdcfe2b0ef6\amd64\ssbcmdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RPTRU93.inf_amd64_neutral_f294881192f4464a\usbser_lowerfltx64.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RQKZXL4.inf_amd64_neutral_6d955f904c10c7ea\amd64\ss_bus.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RQKZXL4.inf_amd64_neutral_6d955f904c10c7ea\amd64\ss_whnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RQLID3S.inf_amd64_neutral_6a998f5fe26c7a34\amd64\ssbcbus.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RQLID3S.inf_amd64_neutral_6a998f5fe26c7a34\amd64\ssbcwhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RQQNK9S.inf_amd64_neutral_3fd1f638c64396f1\amd64\sssdcmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RQQNK9S.inf_amd64_neutral_3fd1f638c64396f1\amd64\sssdobex.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RR7N3J0.inf_amd64_neutral_c3c9e76d1fa7b1be\amd64\ssecnd5.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RRTXVFZ\Acrobat\ActiveX\AcroIEHelper.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RRTXVFZ\Acrobat\ActiveX\AcroIEHelperShim.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RRTXVFZ\Acrobat\ActiveX\AcroPDF.DEU
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RRTXVFZ\Acrobat\ActiveX\AcroPDF.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RRTXVFZ\Acrobat\ActiveX\PDFShell.DEU
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RRTXVFZ\Acrobat\ActiveX\pdfshell.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVCRTAX.inf_amd64_neutral_37d73903829cd3b4\NETwLc64.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVCRTAX.inf_amd64_neutral_37d73903829cd3b4\NETwLr64.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVCRTAX.inf_amd64_neutral_37d73903829cd3b4\NETwLv64.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVHIA0F.inf_amd64_neutral_7eeff5625f2bcb3c\amppal.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVPHBHZ.inf_amd64_neutral_be801ca834b05d87\amd64\ssaeadb.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVPHBHZ.inf_amd64_neutral_be801ca834b05d87\amd64\ssaeCoInstaller01005.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVPRFM1.inf_amd64_neutral_74f4a27de2bbc485\amd64\sscecmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVPRFM1.inf_amd64_neutral_74f4a27de2bbc485\amd64\sscemdfl.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVPRFM1.inf_amd64_neutral_74f4a27de2bbc485\amd64\sscemdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\de-DE\mpvis.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\de-DE\setup_wm.exe.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\de-DE\wmlaunch.exe.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\de-DE\WMPDMC.exe.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\de-DE\WMPDMCCore.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\de-DE\wmplayer.exe.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\de-DE\WMPMediaSharing.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\de-DE\wmpnssci.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\de-DE\wmpnssui.dll.mui
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\mpvis.DLL
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\setup_wm.exe
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\wmlaunch.exe
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\wmpconfig.exe
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\WMPDMC.exe
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\WMPDMCCore.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\wmpenc.exe
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\wmplayer.exe
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\WMPMediaSharing.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\wmpnssci.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\WMPNSSUI.dll
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\wmprph.exe
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RVT268W\wmpshare.exe
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RWEP1T8.inf_amd64_neutral_1590293219a7096e\SndTAudio.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RX8OGMB.inf_amd64_neutral_29ac14b64340ac80\amd64\sssdcmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RX8OGMB.inf_amd64_neutral_29ac14b64340ac80\amd64\sssdmgmt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RXDK5CF.inf_amd64_neutral_74f37c1f9f7c8ec2\VIA_USB_ETS.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RXLQAG3.inf_amd64_neutral_cf1c4663ef7c9a1d\amd64\ss_cmnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RXLQAG3.inf_amd64_neutral_cf1c4663ef7c9a1d\amd64\ss_mdfl.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RXLQAG3.inf_amd64_neutral_cf1c4663ef7c9a1d\amd64\ss_mdm.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RXN5J1W.inf_amd64_neutral_72f5a9944a4aacbd\amd64\ssdudfu.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RXN5J1W.inf_amd64_neutral_72f5a9944a4aacbd\amd64\ssduwhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RXRX2DB.inf_amd64_neutral_778ff86e71c86806\amd64\sscdbus.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RXRX2DB.inf_amd64_neutral_778ff86e71c86806\amd64\sscdwhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RYP1RAE.inf_amd64_neutral_1590293219a7096e\SndTAudio.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RZ19OYZ.inf_amd64_neutral_d0d780fe82c4e8c4\amd64\ssadbus.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RZ19OYZ.inf_amd64_neutral_d0d780fe82c4e8c4\amd64\ssadwhnt.sys
c:\$recycle.bin\S-1-5-21-3757843432-3838628989-1904919285-1001\$RZT2QOK.inf_amd64_neutral_8a0167a099e6b547\usbser_lowerfltjx64.sys
c:\programdata\FullRemove.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-12-28 bis 2013-01-31  ))))))))))))))))))))))))))))))
.
.
2013-01-31 19:06 . 2013-01-31 19:06        --------        d-----w-        c:\users\worker\AppData\Local\temp
2013-01-30 06:11 . 2013-01-30 06:11        76232        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{7BEE3694-BE49-42D9-B0F7-7292F9C7DE88}\offreg.dll
2013-01-29 19:27 . 2013-01-29 19:27        --------        d-----w-        c:\program files\HitmanPro
2013-01-29 19:27 . 2013-01-29 19:49        --------        d-----w-        c:\programdata\HitmanPro
2013-01-29 18:24 . 2013-01-08 05:32        9161176        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{7BEE3694-BE49-42D9-B0F7-7292F9C7DE88}\mpengine.dll
2013-01-28 14:54 . 2013-01-28 14:54        --------        d-----w-        c:\users\acer\AppData\Roaming\Malwarebytes
2013-01-28 14:54 . 2013-01-28 14:54        --------        d-----w-        c:\programdata\Malwarebytes
2013-01-28 14:54 . 2013-01-29 07:22        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-28 10:43 . 2013-01-28 10:43        --------        d-----w-        c:\windows\CheckSur
2013-01-28 07:55 . 2013-01-28 08:32        --------        d-----w-        c:\program files (x86)\Connectify
2013-01-28 07:55 . 2013-01-28 07:58        --------        d-----w-        c:\programdata\Connectify
2013-01-27 13:39 . 2013-01-31 18:10        --------        d-----w-        c:\users\worker.acer-PC\AppData\Roaming\foobar2000
2013-01-27 13:39 . 2013-01-27 13:39        --------        d-----w-        c:\users\acer\AppData\Roaming\foobar2000
2013-01-27 13:38 . 2013-01-27 13:43        --------        d-----w-        c:\program files (x86)\foobar2000
2013-01-26 22:29 . 2013-01-27 09:36        --------        d-----w-        c:\users\acer\AppData\Roaming\MarySoft
2013-01-26 21:55 . 2013-01-26 21:55        --------        d-----w-        c:\users\acer\AppData\Local\mHotspot
2013-01-26 21:26 . 2013-01-26 21:26        --------        d-----w-        c:\windows\SysWow64\BestPractices
2013-01-26 21:26 . 2013-01-26 21:26        --------        d-----w-        c:\windows\system32\BestPractices
2013-01-26 21:23 . 2013-01-26 21:23        --------        d-----w-        c:\users\worker.acer-PC\AppData\Local\DanuSoft
2013-01-22 22:37 . 2013-01-22 22:37        --------        d-----w-        c:\program files\Bitdreamers
2013-01-11 16:39 . 2013-01-12 00:38        --------        d-----w-        c:\program files (x86)\Common Files\Adobe
2013-01-09 10:38 . 2012-12-07 11:20        23552        ----a-w-        c:\windows\system32\oflc.rs
2013-01-08 20:46 . 2013-01-08 20:46        --------        d-----w-        c:\users\worker.acer-PC\AppData\Roaming\mp3DirectCut
2013-01-08 20:45 . 2013-01-08 20:45        --------        d-----w-        c:\program files (x86)\mp3DirectCut
2013-01-08 19:03 . 2013-01-08 19:03        --------        d-----w-        c:\users\acer\AppData\Local\Macromedia
2013-01-08 19:02 . 2013-01-08 19:02        --------        d-----w-        C:\PPF_Scan2
2013-01-07 14:02 . 2013-01-07 14:02        --------        d-----w-        c:\users\worker.acer-PC\AppData\Local\Daedalic Entertainment
2013-01-06 21:19 . 2013-01-06 21:19        --------        d-----w-        c:\users\acer\AppData\Roaming\pdfforge
2013-01-06 21:19 . 2012-10-28 17:32        103936        ----a-w-        c:\windows\system32\pdfcmon.dll
2013-01-06 21:19 . 2012-05-05 09:54        137000        ----a-w-        c:\windows\SysWow64\MSMAPI32.OCX
2013-01-06 21:19 . 2013-01-06 21:19        --------        d-----w-        c:\program files (x86)\PDFCreator
2013-01-06 21:19 . 2012-05-05 09:54        23552        ----a-w-        c:\windows\SysWow64\MSMPIDE.DLL
2013-01-06 21:19 . 1998-07-06 16:56        125712        ----a-w-        c:\windows\SysWow64\VB6DE.DLL
2013-01-06 21:19 . 1998-07-06 16:55        158208        ----a-w-        c:\windows\SysWow64\MSCMCDE.DLL
2013-01-06 21:19 . 1998-07-06 16:55        64512        ----a-w-        c:\windows\SysWow64\MSCC2DE.DLL
2013-01-06 21:17 . 2013-01-06 21:17        --------        d-----w-        c:\users\acer\AppData\Local\Programs
2013-01-06 21:15 . 2013-01-06 21:15        --------        d-----w-        c:\users\acer\AppData\Roaming\Jumping Bytes
2013-01-06 21:15 . 2013-01-06 21:15        --------        d-----w-        c:\program files (x86)\PureSync
2013-01-06 21:15 . 2013-01-06 21:15        --------        d-----w-        c:\program files (x86)\Common Files\Jumping Bytes
2013-01-06 10:12 . 2013-01-06 12:26        --------        d-----w-        c:\users\worker.acer-PC\AppData\Local\SpookyManor
2013-01-05 16:51 . 2013-01-29 19:22        --------        d-----w-        c:\windows\rescache
2013-01-04 05:56 . 2013-01-04 05:56        --------        d-----w-        c:\users\acer\AppData\Roaming\QTTabBar
2013-01-02 13:52 . 2013-01-02 13:52        --------        d-----w-        c:\users\acer\AppData\Local\Mozilla
2013-01-02 13:52 . 2013-01-28 08:53        --------        d-----w-        c:\program files (x86)\SeaMonkey
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 19:12 . 2012-03-30 22:06        697864        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 19:12 . 2012-03-01 22:06        74248        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 15:05 . 2011-06-14 22:56        67599240        ----a-w-        c:\windows\system32\MRT.exe
2012-12-16 17:11 . 2012-12-22 08:54        46080        ----a-w-        c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 08:54        367616        ----a-w-        c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 08:54        295424        ----a-w-        c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 08:54        34304        ----a-w-        c:\windows\SysWow64\atmlib.dll
2012-12-11 21:25 . 2012-10-16 19:16        99912        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2012-12-11 21:25 . 2012-10-16 19:16        129216        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-12-03 15:47 . 2012-12-24 13:41        983936        ----a-w-        c:\windows\system32\nvumdshimx.dll
2012-12-03 15:47 . 2012-12-24 13:41        9271352        ----a-w-        c:\windows\system32\nvcuda.dll
2012-12-03 15:47 . 2012-12-24 13:41        841272        ----a-w-        c:\windows\SysWow64\nvumdshim.dll
2012-12-03 15:47 . 2012-12-24 13:41        7819016        ----a-w-        c:\windows\SysWow64\nvcuda.dll
2012-12-03 15:47 . 2012-12-24 13:41        7446192        ----a-w-        c:\windows\system32\nvopencl.dll
2012-12-03 15:47 . 2012-12-24 13:41        6149904        ----a-w-        c:\windows\SysWow64\nvopencl.dll
2012-12-03 15:47 . 2012-12-24 13:41        30056        ----a-w-        c:\windows\system32\drivers\nvpciflt.sys
2012-12-03 15:47 . 2012-12-24 13:41        2816824        ----a-w-        c:\windows\system32\nvapi64.dll
2012-12-03 15:47 . 2012-12-24 13:41        2784104        ----a-w-        c:\windows\system32\nvcuvid.dll
2012-12-03 15:47 . 2012-12-24 13:41        26811240        ----a-w-        c:\windows\system32\nvoglv64.dll
2012-12-03 15:47 . 2012-12-24 13:41        2606440        ----a-w-        c:\windows\SysWow64\nvcuvid.dll
2012-12-03 15:47 . 2012-12-24 13:41        25256296        ----a-w-        c:\windows\system32\nvcompiler.dll
2012-12-03 15:47 . 2012-12-24 13:41        2496976        ----a-w-        c:\windows\SysWow64\nvapi.dll
2012-12-03 15:47 . 2012-12-24 13:41        245432        ----a-w-        c:\windows\system32\nvinitx.dll
2012-12-03 15:47 . 2012-12-24 13:41        2226024        ----a-w-        c:\windows\system32\nvcuvenc.dll
2012-12-03 15:47 . 2012-12-24 13:41        20335976        ----a-w-        c:\windows\SysWow64\nvoglv32.dll
2012-12-03 15:47 . 2012-12-24 13:41        201136        ----a-w-        c:\windows\SysWow64\nvinit.dll
2012-12-03 15:47 . 2012-12-24 13:41        1874280        ----a-w-        c:\windows\SysWow64\nvcuvenc.dll
2012-12-03 15:47 . 2012-12-24 13:41        1805672        ----a-w-        c:\windows\system32\nvdispco64.dll
2012-12-03 15:47 . 2012-12-24 13:41        18045968        ----a-w-        c:\windows\system32\nvd3dumx.dll
2012-12-03 15:47 . 2012-12-24 13:41        17559912        ----a-w-        c:\windows\SysWow64\nvcompiler.dll
2012-12-03 15:47 . 2012-12-24 13:41        15122280        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2012-12-03 15:47 . 2012-12-24 13:41        1504104        ----a-w-        c:\windows\system32\nvdispgenco64.dll
2012-12-03 15:47 . 2012-12-24 13:41        15016256        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2012-12-03 15:47 . 2012-12-24 13:41        12603960        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2012-12-03 15:47 . 2012-12-24 13:41        11532648        ----a-w-        c:\windows\system32\drivers\nvlddmkm.sys
2012-12-01 05:49 . 2012-12-24 13:47        3663213        ----a-w-        c:\windows\system32\nvcoproc.bin
2012-12-01 05:49 . 2012-12-24 13:47        2557800        ----a-w-        c:\windows\system32\nvsvcr.dll
2012-12-01 05:49 . 2012-12-24 13:47        63336        ----a-w-        c:\windows\system32\nvshext.dll
2012-12-01 05:49 . 2012-12-24 13:47        55144        ----a-w-        c:\windows\system32\nv3dappshextr.dll
2012-12-01 05:49 . 2012-12-24 13:47        118120        ----a-w-        c:\windows\system32\nvmctray.dll
2012-12-01 05:49 . 2012-12-24 13:47        890216        ----a-w-        c:\windows\system32\nvvsvc.exe
2012-12-01 05:49 . 2012-12-24 13:47        877928        ----a-w-        c:\windows\system32\nv3dappshext.dll
2012-12-01 05:48 . 2012-12-24 13:47        6223208        ----a-w-        c:\windows\system32\nvcpl.dll
2012-12-01 05:48 . 2012-12-24 13:47        3311464        ----a-w-        c:\windows\system32\nvsvc64.dll
2012-11-30 04:45 . 2013-01-09 10:38        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-11 21:32        17811968        ----a-w-        c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-11 21:32        10925568        ----a-w-        c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-11 21:32        2312704        ----a-w-        c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-11 21:32        1346048        ----a-w-        c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-11 21:32        1392128        ----a-w-        c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-11 21:32        1494528        ----a-w-        c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-11 21:32        237056        ----a-w-        c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-11 21:32        85504        ----a-w-        c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-11 21:32        816640        ----a-w-        c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-11 21:32        599040        ----a-w-        c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-11 21:32        173056        ----a-w-        c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-11 21:32        2144768        ----a-w-        c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-11 21:32        729088        ----a-w-        c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-11 21:32        96768        ----a-w-        c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-11 21:32        2382848        ----a-w-        c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-11 21:32        248320        ----a-w-        c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-11 21:32        1800704        ----a-w-        c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-11 21:32        1427968        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-11 21:32        1129472        ----a-w-        c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-11 21:32        142848        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-11 21:32        420864        ----a-w-        c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-11 21:32        2382848        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-11 21:31        2048        ----a-w-        c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-11 21:31        2048        ----a-w-        c:\windows\SysWow64\tzres.dll
2012-04-21 10:48 . 2012-05-04 05:20        59904        ----a-w-        c:\program files (x86)\DontSleep-2.7.2.exe
2011-07-05 10:30 . 2011-07-05 20:14        2983412        ----a-w-        c:\program files (x86)\Quex-0.2.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2010-11-12 296768]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-02-24 1078352]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
c:\users\worker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MemInfo.lnk - c:\program files (x86)\MemInfo\meminfo.exe [2010-6-11 821760]
.
c:\users\worker.acer-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
foobar2000.exe - Verknüpfung.lnk - c:\program files (x86)\foobar2000\foobar2000.exe [2013-1-18 1787904]
meminfo.exe - Verknüpfung.lnk - c:\program files (x86)\MemInfo\meminfo.exe [2010-6-11 821760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\DRIVERS\cmnsusbser.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-07-06 1436424]
R3 GSService;GSService;c:\windows\SysWOW64\GSService.exe [2012-04-25 250880]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-09-02 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-09-02 13280]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SMServer;SMServer;c:\windows\SysWOW64\snmvtsvc.exe [2012-04-25 260608]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R4 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-05-10 1403208]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-03 30056]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2012-01-01 31344]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-01-20 76448]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2012-11-09 65536]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-02-24 347216]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-06 868224]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe [2011-08-29 178528]
S2 Windows7FirewallService;Windows7FirewallService;c:\program files\Windows7FirewallControl\Windows7FirewallService.exe [2012-09-21 764416]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2011-01-20 67624]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2011-01-20 19496]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [2011-01-19 52264]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2011-01-13 85544]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-01-20 28832]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2011-01-17 412712]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
S3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys [2011-08-29 45160]
S3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [2012-04-26 34048]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs        REG_MULTI_SZ          w3svc was
apphost        REG_MULTI_SZ          apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 19:12]
.
2013-01-31 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2012-06-07 23:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-10 2186856]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 418328]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-06 860040]
"Windows7FirewallControl"="c:\program files\Windows7FirewallControl\Windows7FirewallControl.exe" [2012-09-21 1131008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://mhotspot.com/search.html
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://acer.msn.com
TCP: DhcpNameServer = 192.168.43.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3757843432-3838628989-1904919285-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*II¬8\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-01-31  20:09:46
ComboFix-quarantined-files.txt  2013-01-31 19:09
.
Vor Suchlauf: 12 Verzeichnis(se), 15.370.227.712 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 14.951.555.072 Bytes frei
.
- - End Of File - - 1DDA7A2E8013495841564E207150EF35
Nebenbei würde mich interessieren,
was ich mit dem Rechner derzeit NICHT machen sollte.
Ich habe ihn die letzten Tage nicht genutzt,
aber wäre das schädlich/gefährlich?

Ich nutze derzeit ein Android-Phone als Hotspot.
Gibt es für dieses Risiken es "anzustecken"?

markusg 31.01.2013 20:51
passt
avira wieder an, defender kann aus bleiben

malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.

luis seyfer 01.02.2013 02:34
Code:
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.31.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
worker :: ACER-PC [limited]

Protection: Enabled

01.02.2013 00:55:17
mbam-log-2013-02-01 (00-55-17).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 433360
Time elapsed: 1 hour(s), 33 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

markusg 02.02.2013 20:07
Hi

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

luis seyfer 04.02.2013 20:28
Hallo Markus,

erst einmal Danke für deine bisherige Hilfe.
Ich denke, es wäre für mich einfacher ein Knoppix/ntfs-clone-Backup zurückzuspielen.
Das letzte ist von Weihnachten.

Inwieweit besteht Gefahr, dass andere Partitionen,
wie der MBR oder die Acer-Backup-Partition infiziert sind?

Grüsse
Luis

markusg 04.02.2013 21:14
hi
da ist keine gefahr, warum machst du kein Backup mit sammt mbr?


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:13 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131