Verschiedene Trojaner gefunden? Wie entfernen?

kroni25 · 26.11.2012, 23:30

Hallo,

Habe mit Antivir folgenden Trojaner gefunfen und in die Quarantäne gesteckt
EXP/Java.Blacole.CY.1

Avira Free Antivirus
Report file date: Montag, 26. November 2012 20:03

Scanning for 4442860 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available.

Licensee : Avira Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : ALKL
Computer name : ALKL-PC

Version information:
BUILD.DAT : 12.1.9.1236 Bytes 11.10.2012 15:58:00
AVSCAN.EXE : 12.3.0.48 468256 Bytes 14.11.2012 16:47:31
AVSCAN.DLL : 12.3.0.15 54736 Bytes 18.07.2012 16:05:06
LUKE.DLL : 12.3.0.15 68304 Bytes 18.07.2012 16:04:59
AVSCPLR.DLL : 12.3.0.27 97064 Bytes 18.07.2012 16:04:51
AVREG.DLL : 12.3.0.33 232232 Bytes 18.07.2012 16:04:51
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 23:23:21
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 23:32:24
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 09:58:50
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 22:38:13
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 16:05:05
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 07:31:51
VBASE007.VDF : 7.11.50.230 3904512 Bytes 22.11.2012 19:03:14
VBASE008.VDF : 7.11.50.231 2048 Bytes 22.11.2012 19:03:14
VBASE009.VDF : 7.11.50.232 2048 Bytes 22.11.2012 19:03:14
VBASE010.VDF : 7.11.50.233 2048 Bytes 22.11.2012 19:03:14
VBASE011.VDF : 7.11.50.234 2048 Bytes 22.11.2012 19:03:14
VBASE012.VDF : 7.11.50.235 2048 Bytes 22.11.2012 19:03:15
VBASE013.VDF : 7.11.50.236 2048 Bytes 22.11.2012 19:03:15
VBASE014.VDF : 7.11.51.27 133632 Bytes 23.11.2012 12:13:44
VBASE015.VDF : 7.11.51.28 2048 Bytes 23.11.2012 12:13:44
VBASE016.VDF : 7.11.51.29 2048 Bytes 23.11.2012 12:13:44
VBASE017.VDF : 7.11.51.30 2048 Bytes 23.11.2012 12:13:44
VBASE018.VDF : 7.11.51.31 2048 Bytes 23.11.2012 12:13:44
VBASE019.VDF : 7.11.51.32 2048 Bytes 23.11.2012 12:13:45
VBASE020.VDF : 7.11.51.33 2048 Bytes 23.11.2012 12:13:45
VBASE021.VDF : 7.11.51.34 2048 Bytes 23.11.2012 12:13:45
VBASE022.VDF : 7.11.51.35 2048 Bytes 23.11.2012 12:13:45
VBASE023.VDF : 7.11.51.36 2048 Bytes 23.11.2012 12:13:46
VBASE024.VDF : 7.11.51.37 2048 Bytes 23.11.2012 12:13:46
VBASE025.VDF : 7.11.51.38 2048 Bytes 23.11.2012 12:13:46
VBASE026.VDF : 7.11.51.39 2048 Bytes 23.11.2012 12:13:46
VBASE027.VDF : 7.11.51.40 2048 Bytes 23.11.2012 12:13:46
VBASE028.VDF : 7.11.51.41 2048 Bytes 23.11.2012 12:13:46
VBASE029.VDF : 7.11.51.42 2048 Bytes 23.11.2012 12:13:46
VBASE030.VDF : 7.11.51.43 2048 Bytes 23.11.2012 12:13:46
VBASE031.VDF : 7.11.51.72 80896 Bytes 25.11.2012 12:13:47
Engine version : 8.2.10.204
AEVDF.DLL : 8.1.2.10 102772 Bytes 12.08.2012 16:27:19
AESCRIPT.DLL : 8.1.4.68 467324 Bytes 22.11.2012 19:03:43
AESCN.DLL : 8.1.9.4 131445 Bytes 15.11.2012 20:44:22
AESBX.DLL : 8.2.5.12 606578 Bytes 18.07.2012 16:04:48
AERDL.DLL : 8.2.0.74 643445 Bytes 07.11.2012 16:33:15
AEPACK.DLL : 8.3.0.40 815479 Bytes 14.11.2012 16:47:25
AEOFFICE.DLL : 8.1.2.50 201084 Bytes 05.11.2012 13:45:14
AEHEUR.DLL : 8.1.4.142 5566841 Bytes 22.11.2012 19:03:43
AEHELP.DLL : 8.1.25.2 258423 Bytes 12.10.2012 08:08:52
AEGEN.DLL : 8.1.6.10 438646 Bytes 15.11.2012 20:44:06
AEEXP.DLL : 8.2.0.12 119158 Bytes 22.11.2012 19:03:44
AEEMU.DLL : 8.1.3.2 393587 Bytes 12.08.2012 16:26:51
AECORE.DLL : 8.1.29.2 201079 Bytes 07.11.2012 16:33:07
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 13:45:08
AVWINLL.DLL : 12.3.0.15 27344 Bytes 18.07.2012 16:04:53
AVPREF.DLL : 12.3.0.32 50720 Bytes 14.11.2012 16:47:30
AVREP.DLL : 12.3.0.15 179208 Bytes 18.07.2012 16:04:51
AVARKT.DLL : 12.3.0.33 209696 Bytes 14.11.2012 16:47:28
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 18.07.2012 16:04:50
SQLITE3.DLL : 3.7.0.1 398288 Bytes 18.07.2012 16:05:02
AVSMTP.DLL : 12.3.0.32 63480 Bytes 18.07.2012 16:04:52
NETNT.DLL : 12.3.0.15 17104 Bytes 18.07.2012 16:04:59
RCIMAGE.DLL : 12.3.0.31 4445944 Bytes 18.07.2012 16:05:09
RCTEXT.DLL : 12.3.0.32 97056 Bytes 14.11.2012 16:47:07

Configuration settings for the scan:
Jobname.............................: Local Drives
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\alldrives.avp
Logging.............................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, Q:, D:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: extended

Start of the scan: Montag, 26. November 2012 20:03

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Boot sector 'Q:\'
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'DMREngine.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'PhilipsDeviceListener.exe' - '1' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'clear.fiMovieService.exe' - '1' Module(s) have been scanned
Scan process 'nusb3mon.exe' - '1' Module(s) have been scanned
Scan process 'LManager.exe' - '1' Module(s) have been scanned
Scan process 'BackupManagerTray.exe' - '1' Module(s) have been scanned
Scan process 'TomTomHOMERunner.exe' - '1' Module(s) have been scanned
Scan process 'clear.fiAgent.exe' - '1' Module(s) have been scanned

Starting to scan executable files (registry).
The registry was scanned ( '1744' files ).

Starting the file scan:

Begin scan in 'C:\' <Acer>
C:\Users\ALKL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CHS01OFN\sweetimsetup[1].7z
[WARNING] The file could not be read!
C:\Users\ALKL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF6J8Q6R\sweetiesetup[1].7z
[WARNING] The file could not be read!
C:\Users\ALKL\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\31d293c3-3453b1f8
[0] Archive type: ZIP
--> Play.class
[DETECTION] Contains recognition pattern of the EXP/Java.Blacole.CY.1 exploit
Begin scan in 'Q:\'
Search path Q:\ could not be opened!
System error [5]: Zugriff verweigert
Begin scan in 'D:\' <Disk1>

Beginning disinfection:
C:\Users\ALKL\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\31d293c3-3453b1f8
[DETECTION] Contains recognition pattern of the EXP/Java.Blacole.CY.1 exploit
[NOTE] The file was moved to the quarantine directory under the name '544472b6.qua'.

End of the scan: Montag, 26. November 2012 21:30
Used time: 1:26:49 Hour(s)

The scan has been done completely.

30634 Scanned directories
646686 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
646685 Files not concerned
4438 Archives were scanned
2 Warnings
1 Notes

dann mit Malware bites Anitmalware nochmal gescannt und folgende gefunden:
PUP.OfferBundler.ST
sowie
Exploi.Drop.2

Log von denen:

Infizierte Dateien: 2
C:\Users\ALKL\Downloads\SoftonicDownloader_fuer_openoffice.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.
C:\Users\ALKL\AppData\Local\Temp\0.517416384732799.EXE (Exploit.Drop.2) -> Keine Aktion durchgeführt.

Bitte um Hilfe, wie ich die Runterkriege und was da das Thema ist

Danke

cosinus · 27.11.2012, 12:51

Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Zitat:

dann mit Malware bites Anitmalware nochmal gescannt und folgende gefunden:
PUP.OfferBundler.ST

Alle Logs mit Funden bitte immer vollständig posten! Bitte beachten! => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

kroni25 · 27.11.2012, 23:40

hier nochmal das log file von den beiden in Antimalware suchsystem gefundenen Viren:

Malwarebytes Anti-Malware (Test) 1.65.1.1000
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.11.26.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
ALKL :: ALKL-PC [Administrator]

Schutz: Aktiviert

27.11.2012 20:22:31
mbam-log-2012-11-27 (23-36-40).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 376123
Laufzeit: 1 Stunde(n), 11 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\ALKL\Downloads\SoftonicDownloader_fuer_openoffice.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.
C:\Users\ALKL\AppData\Local\Temp\0.517416384732799.EXE (Exploit.Drop.2) -> Keine Aktion durchgeführt.

(Ende)

cosinus · 28.11.2012, 09:17

Sind das alle Logs mit Funden? Es geht auch nicht nur um Malwarebytes

kroni25 · 28.11.2012, 10:48

Ja das von Malwarebytes und am Anfang meines Posts jenes von Avira Virusscanner

Mehr hatte ich nicht gefunden

Glaub dass der erste eh der blödere ist, oder? jedenfalls sagen das die Foren...

cosinus · 28.11.2012, 11:10

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

kroni25 · 28.11.2012, 21:14

soda, nun mal das log file von AVAST!

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-28 20:11:53
-----------------------------
20:11:53.271 OS Version: Windows x64 6.1.7601 Service Pack 1
20:11:53.271 Number of processors: 4 586 0x2A07
20:11:53.271 ComputerName: ALKL-PC UserName: ALKL
20:11:54.519 Initialize success
20:15:37.830 AVAST engine defs: 12112800
20:15:59.545 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:15:59.561 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
20:15:59.576 Disk 0 MBR read successfully
20:15:59.576 Disk 0 MBR scan
20:15:59.592 Disk 0 Windows 7 default MBR code
20:15:59.592 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 16384 MB offset 2048
20:15:59.623 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 33556480
20:15:59.639 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 460454 MB offset 33761280
20:15:59.670 Disk 0 scanning C:\Windows\system32\drivers
20:16:08.406 Service scanning
20:16:34.358 Modules scanning
20:16:34.374 Disk 0 trace - called modules:
20:16:34.390 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:16:34.405 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80068e9060]
20:16:34.405 3 CLASSPNP.SYS[fffff88001ba543f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004aad050]
20:16:36.137 AVAST engine scan C:\Windows
20:16:38.851 AVAST engine scan C:\Windows\system32
20:21:20.505 AVAST engine scan C:\Windows\system32\drivers
20:21:31.707 AVAST engine scan C:\Users\ALKL
20:27:35.826 File: C:\Users\ALKL\AppData\Local\Temp\0.517416384732799.exe **INFECTED** Win32:Rootkit-gen [Rtk]
20:27:47.377 File: C:\Users\ALKL\AppData\Local\Temp\jar_cache4108568453813458730.tmp **INFECTED** Win32:Rootkit-gen [Rtk]
20:31:52.776 AVAST engine scan C:\ProgramData
20:34:04.932 Scan finished successfully
20:38:52.468 Disk 0 MBR has been saved successfully to "C:\Users\ALKL\Desktop\MBR.dat"
20:38:52.484 The log file has been saved successfully to "C:\Users\ALKL\Desktop\aswMBR.txt"

nun der TDSS Killer file- bzw. report:
20:57:47.0271 4752 TDSS rootkit removing tool 2.8.14.0 Oct 30 2012 13:37:33
20:57:55.0625 4752 ============================================================
20:57:55.0625 4752 Current date / time: 2012/11/28 20:57:55.0625
20:57:55.0640 4752 SystemInfo:
20:57:55.0640 4752
20:57:55.0640 4752 OS Version: 6.1.7601 ServicePack: 1.0
20:57:55.0640 4752 Product type: Workstation
20:57:55.0640 4752 ComputerName: ALKL-PC
20:57:55.0640 4752 UserName: ALKL
20:57:55.0640 4752 Windows directory: C:\Windows
20:57:55.0640 4752 System windows directory: C:\Windows
20:57:55.0640 4752 Running under WOW64
20:57:55.0640 4752 Processor architecture: Intel x64
20:57:55.0640 4752 Number of processors: 4
20:57:55.0640 4752 Page size: 0x1000
20:57:55.0640 4752 Boot type: Normal boot
20:57:55.0640 4752 ============================================================
20:57:56.0139 4752 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:57:56.0202 4752 ============================================================
20:57:56.0202 4752 \Device\Harddisk0\DR0:
20:57:56.0202 4752 MBR partitions:
20:57:56.0202 4752 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2000800, BlocksNum 0x32000
20:57:56.0202 4752 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2032800, BlocksNum 0x38353000
20:57:56.0202 4752 ============================================================
20:57:56.0217 4752 C: <-> \Device\Harddisk0\DR0\Partition2
20:57:56.0217 4752 ============================================================
20:57:56.0217 4752 Initialize success
20:57:56.0217 4752 ============================================================
20:58:10.0930 5432 ============================================================
20:58:10.0930 5432 Scan started
20:58:10.0930 5432 Mode: Manual; SigCheck; TDLFS;
20:58:10.0930 5432 ============================================================
20:58:11.0133 5432 ================ Scan system memory ========================
20:58:11.0133 5432 System memory - ok
20:58:11.0133 5432 ================ Scan services =============================
20:58:11.0383 5432 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:58:11.0507 5432 1394ohci - ok
20:58:11.0663 5432 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:58:11.0710 5432 ACDaemon - ok
20:58:11.0773 5432 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:58:11.0819 5432 ACPI - ok
20:58:11.0866 5432 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:58:11.0929 5432 AcpiPmi - ok
20:58:12.0069 5432 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:58:12.0100 5432 AdobeFlashPlayerUpdateSvc - ok
20:58:12.0131 5432 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:58:12.0163 5432 adp94xx - ok
20:58:12.0194 5432 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:58:12.0209 5432 adpahci - ok
20:58:12.0225 5432 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:58:12.0241 5432 adpu320 - ok
20:58:12.0256 5432 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:58:12.0350 5432 AeLookupSvc - ok
20:58:12.0428 5432 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:58:12.0459 5432 AFD - ok
20:58:12.0475 5432 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:58:12.0490 5432 agp440 - ok
20:58:12.0506 5432 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:58:12.0568 5432 ALG - ok
20:58:12.0615 5432 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:58:12.0631 5432 aliide - ok
20:58:12.0677 5432 [ E4DA723458A20FBA693FB1F5924483DB ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:58:12.0724 5432 AMD External Events Utility - ok
20:58:12.0787 5432 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:58:12.0802 5432 amdide - ok
20:58:12.0833 5432 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:58:12.0896 5432 AmdK8 - ok
20:58:13.0097 5432 [ F894BFB5817718D50CE0122B7806B457 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:58:13.0317 5432 amdkmdag - ok
20:58:13.0327 5432 [ B12E7BE6715F3EE1A913A806F6B0AB94 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:58:13.0347 5432 amdkmdap - ok
20:58:13.0357 5432 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:58:13.0387 5432 AmdPPM - ok
20:58:13.0417 5432 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:58:13.0447 5432 amdsata - ok
20:58:13.0487 5432 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:58:13.0507 5432 amdsbs - ok
20:58:13.0537 5432 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:58:13.0547 5432 amdxata - ok
20:58:13.0657 5432 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:58:13.0677 5432 AntiVirSchedulerService - ok
20:58:13.0717 5432 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:58:13.0737 5432 AntiVirService - ok
20:58:13.0827 5432 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:58:13.0877 5432 AppID - ok
20:58:13.0907 5432 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:58:14.0017 5432 AppIDSvc - ok
20:58:14.0037 5432 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:58:14.0107 5432 Appinfo - ok
20:58:14.0187 5432 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:58:14.0207 5432 Apple Mobile Device - ok
20:58:14.0227 5432 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:58:14.0247 5432 arc - ok
20:58:14.0277 5432 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:58:14.0307 5432 arcsas - ok
20:58:14.0337 5432 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:58:14.0457 5432 AsyncMac - ok
20:58:14.0497 5432 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:58:14.0527 5432 atapi - ok
20:58:14.0567 5432 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
20:58:14.0587 5432 AtiHDAudioService - ok
20:58:14.0637 5432 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:58:14.0747 5432 AudioEndpointBuilder - ok
20:58:14.0767 5432 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:58:14.0797 5432 AudioSrv - ok
20:58:14.0827 5432 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:58:14.0837 5432 avgntflt - ok
20:58:14.0897 5432 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:58:14.0917 5432 avipbb - ok
20:58:14.0937 5432 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:58:14.0957 5432 avkmgr - ok
20:58:14.0997 5432 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:58:15.0097 5432 AxInstSV - ok
20:58:15.0127 5432 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:58:15.0217 5432 b06bdrv - ok
20:58:15.0267 5432 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:58:15.0307 5432 b57nd60a - ok
20:58:15.0387 5432 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:58:15.0417 5432 BBSvc - ok
20:58:15.0507 5432 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:58:15.0537 5432 BBUpdate - ok
20:58:15.0667 5432 [ 11F844B46B631337395651ABE9C4167B ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:58:15.0807 5432 BCM43XX - ok
20:58:15.0827 5432 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:58:15.0858 5432 BDESVC - ok
20:58:15.0898 5432 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:58:15.0968 5432 Beep - ok
20:58:16.0028 5432 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:58:16.0138 5432 BFE - ok
20:58:16.0178 5432 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:58:16.0308 5432 BITS - ok
20:58:16.0328 5432 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:58:16.0348 5432 blbdrive - ok
20:58:16.0428 5432 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:58:16.0458 5432 Bonjour Service - ok
20:58:16.0498 5432 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:58:16.0528 5432 bowser - ok
20:58:16.0558 5432 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:58:16.0598 5432 BrFiltLo - ok
20:58:16.0618 5432 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:58:16.0658 5432 BrFiltUp - ok
20:58:16.0708 5432 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:58:16.0748 5432 Browser - ok
20:58:16.0768 5432 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:58:16.0828 5432 Brserid - ok
20:58:16.0868 5432 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:58:16.0908 5432 BrSerWdm - ok
20:58:16.0938 5432 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:58:16.0968 5432 BrUsbMdm - ok
20:58:16.0978 5432 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:58:17.0008 5432 BrUsbSer - ok
20:58:17.0028 5432 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:58:17.0078 5432 BTHMODEM - ok
20:58:17.0128 5432 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:58:17.0198 5432 bthserv - ok
20:58:17.0218 5432 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:58:17.0258 5432 cdfs - ok
20:58:17.0308 5432 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:58:17.0328 5432 cdrom - ok
20:58:17.0358 5432 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:58:17.0398 5432 CertPropSvc - ok
20:58:17.0428 5432 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:58:17.0478 5432 circlass - ok
20:58:17.0518 5432 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:58:17.0548 5432 CLFS - ok
20:58:17.0608 5432 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:58:17.0638 5432 clr_optimization_v2.0.50727_32 - ok
20:58:17.0668 5432 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:58:17.0698 5432 clr_optimization_v2.0.50727_64 - ok
20:58:17.0798 5432 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:58:17.0855 5432 clr_optimization_v4.0.30319_32 - ok
20:58:17.0886 5432 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:58:17.0917 5432 clr_optimization_v4.0.30319_64 - ok
20:58:17.0948 5432 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:58:17.0995 5432 CmBatt - ok
20:58:18.0042 5432 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:58:18.0058 5432 cmdide - ok
20:58:18.0120 5432 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:58:18.0136 5432 CNG - ok
20:58:18.0151 5432 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:58:18.0151 5432 Compbatt - ok
20:58:18.0198 5432 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:58:18.0245 5432 CompositeBus - ok
20:58:18.0292 5432 COMSysApp - ok
20:58:18.0323 5432 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:58:18.0354 5432 crcdisk - ok
20:58:18.0401 5432 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:58:18.0448 5432 CryptSvc - ok
20:58:18.0572 5432 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:58:18.0619 5432 cvhsvc - ok
20:58:18.0666 5432 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:58:18.0744 5432 DcomLaunch - ok
20:58:18.0791 5432 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:58:18.0869 5432 defragsvc - ok
20:58:18.0900 5432 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:58:18.0978 5432 DfsC - ok
20:58:19.0025 5432 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:58:19.0087 5432 Dhcp - ok
20:58:19.0118 5432 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:58:19.0165 5432 discache - ok
20:58:19.0212 5432 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:58:19.0243 5432 Disk - ok
20:58:19.0243 5432 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:58:19.0321 5432 Dnscache - ok
20:58:19.0337 5432 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:58:19.0430 5432 dot3svc - ok
20:58:19.0430 5432 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:58:19.0477 5432 DPS - ok
20:58:19.0508 5432 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:58:19.0571 5432 drmkaud - ok
20:58:19.0622 5432 [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
20:58:19.0652 5432 DsiWMIService - ok
20:58:19.0672 5432 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:58:19.0702 5432 DXGKrnl - ok
20:58:19.0742 5432 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:58:19.0812 5432 EapHost - ok
20:58:19.0892 5432 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:58:19.0992 5432 ebdrv - ok
20:58:20.0022 5432 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:58:20.0072 5432 EFS - ok
20:58:20.0112 5432 [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
20:58:20.0132 5432 EgisTec Ticket Service - ok
20:58:20.0192 5432 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:58:20.0242 5432 ehRecvr - ok
20:58:20.0262 5432 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:58:20.0302 5432 ehSched - ok
20:58:20.0362 5432 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:58:20.0392 5432 elxstor - ok
20:58:20.0472 5432 [ 48425C93B6F36529707206E4FA680CF3 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:58:20.0522 5432 ePowerSvc - ok
20:58:20.0532 5432 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:58:20.0552 5432 ErrDev - ok
20:58:20.0592 5432 [ 9D8739A2A2173C9D27C499A3FC6EDA3F ] ETD C:\Windows\system32\DRIVERS\ETD.sys
20:58:20.0602 5432 ETD - ok
20:58:20.0642 5432 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:58:20.0722 5432 EventSystem - ok
20:58:20.0752 5432 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:58:20.0782 5432 exfat - ok
20:58:20.0792 5432 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:58:20.0832 5432 fastfat - ok
20:58:20.0852 5432 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:58:20.0902 5432 Fax - ok
20:58:20.0922 5432 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:58:20.0942 5432 fdc - ok
20:58:20.0962 5432 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:58:21.0012 5432 fdPHost - ok
20:58:21.0032 5432 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:58:21.0062 5432 FDResPub - ok
20:58:21.0092 5432 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:58:21.0112 5432 FileInfo - ok
20:58:21.0132 5432 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:58:21.0202 5432 Filetrace - ok
20:58:21.0232 5432 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:58:21.0252 5432 FLEXnet Licensing Service - ok
20:58:21.0282 5432 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:58:21.0292 5432 flpydisk - ok
20:58:21.0312 5432 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:58:21.0322 5432 FltMgr - ok
20:58:21.0382 5432 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:58:21.0502 5432 FontCache - ok
20:58:21.0602 5432 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:58:21.0622 5432 FontCache3.0.0.0 - ok
20:58:21.0642 5432 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:58:21.0658 5432 FsDepends - ok
20:58:21.0704 5432 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:58:21.0720 5432 Fs_Rec - ok
20:58:21.0736 5432 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:58:21.0751 5432 fvevol - ok
20:58:21.0782 5432 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:58:21.0782 5432 gagp30kx - ok
20:58:21.0829 5432 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:58:21.0860 5432 GamesAppService - ok
20:58:21.0907 5432 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:58:21.0923 5432 GEARAspiWDM - ok
20:58:22.0001 5432 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:58:22.0079 5432 gpsvc - ok
20:58:22.0126 5432 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
20:58:22.0141 5432 GREGService - ok
20:58:22.0219 5432 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:58:22.0235 5432 gupdate - ok
20:58:22.0266 5432 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:58:22.0282 5432 gupdatem - ok
20:58:22.0297 5432 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:58:22.0360 5432 hcw85cir - ok
20:58:22.0391 5432 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:58:22.0438 5432 HdAudAddService - ok
20:58:22.0453 5432 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:58:22.0500 5432 HDAudBus - ok
20:58:22.0516 5432 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:58:22.0531 5432 HidBatt - ok
20:58:22.0562 5432 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:58:22.0578 5432 HidBth - ok
20:58:22.0609 5432 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:58:22.0625 5432 HidIr - ok
20:58:22.0640 5432 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:58:22.0687 5432 hidserv - ok
20:58:22.0718 5432 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:58:22.0718 5432 HidUsb - ok
20:58:22.0750 5432 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:58:22.0796 5432 hkmsvc - ok
20:58:22.0812 5432 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:58:22.0859 5432 HomeGroupListener - ok
20:58:22.0890 5432 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:58:22.0921 5432 HomeGroupProvider - ok
20:58:22.0968 5432 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:58:22.0968 5432 HpSAMD - ok
20:58:23.0015 5432 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:58:23.0093 5432 HTTP - ok
20:58:23.0108 5432 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:58:23.0124 5432 hwpolicy - ok
20:58:23.0155 5432 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:58:23.0155 5432 i8042prt - ok
20:58:23.0186 5432 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:58:23.0186 5432 iaStor - ok
20:58:23.0249 5432 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:58:23.0249 5432 IAStorDataMgrSvc - ok
20:58:23.0296 5432 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:58:23.0311 5432 iaStorV - ok
20:58:23.0362 5432 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:58:23.0382 5432 idsvc - ok
20:58:23.0412 5432 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:58:23.0422 5432 iirsp - ok
20:58:23.0452 5432 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:58:23.0502 5432 IKEEXT - ok
20:58:23.0612 5432 [ B60ACCD29F8FAFC4A6344CD2BD5CA3A5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:58:23.0712 5432 IntcAzAudAddService - ok
20:58:23.0742 5432 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:58:23.0752 5432 intelide - ok
20:58:23.0772 5432 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:58:23.0782 5432 intelppm - ok
20:58:23.0812 5432 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:58:23.0862 5432 IPBusEnum - ok
20:58:23.0882 5432 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:58:23.0912 5432 IpFilterDriver - ok
20:58:23.0972 5432 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:58:24.0012 5432 iphlpsvc - ok
20:58:24.0022 5432 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:58:24.0042 5432 IPMIDRV - ok
20:58:24.0062 5432 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:58:24.0102 5432 IPNAT - ok
20:58:24.0142 5432 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:58:24.0162 5432 iPod Service - ok
20:58:24.0192 5432 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:58:24.0202 5432 IRENUM - ok
20:58:24.0212 5432 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:58:24.0222 5432 isapnp - ok
20:58:24.0242 5432 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:58:24.0262 5432 iScsiPrt - ok
20:58:24.0292 5432 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:58:24.0312 5432 kbdclass - ok
20:58:24.0342 5432 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:58:24.0372 5432 kbdhid - ok
20:58:24.0392 5432 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:58:24.0402 5432 KeyIso - ok
20:58:24.0452 5432 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:58:24.0472 5432 KSecDD - ok
20:58:24.0522 5432 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:58:24.0542 5432 KSecPkg - ok
20:58:24.0582 5432 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:58:24.0652 5432 ksthunk - ok
20:58:24.0682 5432 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:58:24.0722 5432 KtmRm - ok
20:58:24.0752 5432 [ 0E154DA6CA9105354A07D0C576804037 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
20:58:24.0762 5432 L1C - ok
20:58:24.0802 5432 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:58:24.0842 5432 LanmanServer - ok
20:58:24.0882 5432 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:58:24.0922 5432 LanmanWorkstation - ok
20:58:24.0972 5432 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:58:24.0972 5432 Live Updater Service - ok
20:58:25.0012 5432 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:58:25.0032 5432 lltdio - ok
20:58:25.0082 5432 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:58:25.0122 5432 lltdsvc - ok
20:58:25.0142 5432 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:58:25.0192 5432 lmhosts - ok
20:58:25.0242 5432 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:58:25.0262 5432 LMS - ok
20:58:25.0292 5432 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:58:25.0302 5432 LSI_FC - ok
20:58:25.0332 5432 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:58:25.0332 5432 LSI_SAS - ok
20:58:25.0352 5432 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:58:25.0362 5432 LSI_SAS2 - ok
20:58:25.0382 5432 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:58:25.0392 5432 LSI_SCSI - ok
20:58:25.0402 5432 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:58:25.0434 5432 luafv - ok
20:58:25.0496 5432 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:58:25.0512 5432 MBAMProtector - ok
20:58:25.0652 5432 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:58:25.0668 5432 MBAMScheduler - ok
20:58:25.0699 5432 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:58:25.0714 5432 MBAMService - ok
20:58:25.0761 5432 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:58:25.0792 5432 Mcx2Svc - ok
20:58:25.0808 5432 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:58:25.0824 5432 megasas - ok
20:58:25.0870 5432 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:58:25.0902 5432 MegaSR - ok
20:58:25.0948 5432 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
20:58:25.0964 5432 MEIx64 - ok
20:58:25.0995 5432 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:58:26.0042 5432 MMCSS - ok
20:58:26.0042 5432 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:58:26.0089 5432 Modem - ok
20:58:26.0120 5432 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:58:26.0151 5432 monitor - ok
20:58:26.0182 5432 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:58:26.0198 5432 mouclass - ok
20:58:26.0214 5432 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:58:26.0245 5432 mouhid - ok
20:58:26.0276 5432 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:58:26.0292 5432 mountmgr - ok
20:58:26.0292 5432 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:58:26.0307 5432 mpio - ok
20:58:26.0323 5432 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:58:26.0354 5432 mpsdrv - ok
20:58:26.0557 5432 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:58:26.0650 5432 MpsSvc - ok
20:58:26.0666 5432 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:58:26.0697 5432 MRxDAV - ok
20:58:26.0713 5432 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:58:26.0744 5432 mrxsmb - ok
20:58:26.0775 5432 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:58:26.0806 5432 mrxsmb10 - ok
20:58:26.0838 5432 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:58:26.0853 5432 mrxsmb20 - ok
20:58:26.0900 5432 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:58:26.0916 5432 msahci - ok
20:58:26.0931 5432 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:58:26.0947 5432 msdsm - ok
20:58:26.0978 5432 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:58:27.0009 5432 MSDTC - ok
20:58:27.0025 5432 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:58:27.0056 5432 Msfs - ok
20:58:27.0087 5432 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:58:27.0150 5432 mshidkmdf - ok
20:58:27.0150 5432 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:58:27.0165 5432 msisadrv - ok
20:58:27.0181 5432 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:58:27.0228 5432 MSiSCSI - ok
20:58:27.0228 5432 msiserver - ok
20:58:27.0259 5432 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:58:27.0321 5432 MSKSSRV - ok
20:58:27.0321 5432 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:58:27.0368 5432 MSPCLOCK - ok
20:58:27.0384 5432 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:58:27.0415 5432 MSPQM - ok
20:58:27.0430 5432 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:58:27.0446 5432 MsRPC - ok
20:58:27.0446 5432 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:58:27.0462 5432 mssmbios - ok
20:58:27.0477 5432 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:58:27.0508 5432 MSTEE - ok
20:58:27.0524 5432 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:58:27.0540 5432 MTConfig - ok
20:58:27.0555 5432 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:58:27.0555 5432 Mup - ok
20:58:27.0571 5432 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:58:27.0571 5432 mwlPSDFilter - ok
20:58:27.0602 5432 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:58:27.0602 5432 mwlPSDNServ - ok
20:58:27.0618 5432 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:58:27.0618 5432 mwlPSDVDisk - ok
20:58:27.0649 5432 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:58:27.0696 5432 napagent - ok
20:58:27.0742 5432 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:58:27.0774 5432 NativeWifiP - ok
20:58:27.0852 5432 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:58:27.0914 5432 NDIS - ok
20:58:27.0930 5432 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:58:27.0976 5432 NdisCap - ok
20:58:27.0992 5432 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:58:28.0023 5432 NdisTapi - ok
20:58:28.0054 5432 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:58:28.0086 5432 Ndisuio - ok
20:58:28.0086 5432 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:58:28.0132 5432 NdisWan - ok
20:58:28.0148 5432 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:58:28.0164 5432 NDProxy - ok
20:58:28.0195 5432 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:58:28.0257 5432 NetBIOS - ok
20:58:28.0273 5432 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:58:28.0304 5432 NetBT - ok
20:58:28.0335 5432 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:58:28.0366 5432 Netlogon - ok
20:58:28.0413 5432 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:58:28.0491 5432 Netman - ok
20:58:28.0491 5432 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:58:28.0538 5432 netprofm - ok
20:58:28.0569 5432 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:58:28.0569 5432 NetTcpPortSharing - ok
20:58:28.0616 5432 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:58:28.0616 5432 nfrd960 - ok
20:58:28.0647 5432 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:58:28.0663 5432 NlaSvc - ok
20:58:28.0803 5432 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
20:58:28.0897 5432 NOBU - ok
20:58:28.0912 5432 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:58:28.0944 5432 Npfs - ok
20:58:28.0959 5432 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:58:28.0990 5432 nsi - ok
20:58:29.0006 5432 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:58:29.0053 5432 nsiproxy - ok
20:58:29.0100 5432 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:58:29.0146 5432 Ntfs - ok
20:58:29.0224 5432 [ 1873214666F6F0A883742DF91FBC48C9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
20:58:29.0256 5432 NTI IScheduleSvc - ok
20:58:29.0287 5432 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
20:58:29.0302 5432 NTIDrvr - ok
20:58:29.0318 5432 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:58:29.0365 5432 Null - ok
20:58:29.0412 5432 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:58:29.0443 5432 nusb3hub - ok
20:58:29.0474 5432 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:58:29.0521 5432 nusb3xhc - ok
20:58:29.0568 5432 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:58:29.0599 5432 nvraid - ok
20:58:29.0614 5432 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:58:29.0630 5432 nvstor - ok
20:58:29.0646 5432 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:58:29.0661 5432 nv_agp - ok
20:58:29.0677 5432 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:58:29.0724 5432 ohci1394 - ok
20:58:29.0739 5432 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:58:29.0755 5432 ose - ok
20:58:29.0942 5432 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:58:30.0036 5432 osppsvc - ok
20:58:30.0051 5432 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:58:30.0114 5432 p2pimsvc - ok
20:58:30.0129 5432 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:58:30.0160 5432 p2psvc - ok
20:58:30.0192 5432 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:58:30.0207 5432 Parport - ok
20:58:30.0238 5432 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:58:30.0238 5432 partmgr - ok
20:58:30.0254 5432 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:58:30.0316 5432 PcaSvc - ok
20:58:30.0332 5432 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:58:30.0348 5432 pci - ok
20:58:30.0363 5432 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:58:30.0379 5432 pciide - ok
20:58:30.0394 5432 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:58:30.0410 5432 pcmcia - ok
20:58:30.0426 5432 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:58:30.0441 5432 pcw - ok
20:58:30.0457 5432 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:58:30.0504 5432 PEAUTH - ok
20:58:30.0582 5432 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:58:30.0628 5432 PerfHost - ok
20:58:30.0706 5432 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:58:30.0800 5432 pla - ok
20:58:30.0831 5432 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:58:30.0878 5432 PlugPlay - ok
20:58:30.0894 5432 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:58:30.0925 5432 PNRPAutoReg - ok
20:58:30.0940 5432 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:58:30.0972 5432 PNRPsvc - ok
20:58:31.0128 5432 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:58:31.0221 5432 PolicyAgent - ok
20:58:31.0237 5432 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:58:31.0268 5432 Power - ok
20:58:31.0315 5432 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:58:31.0393 5432 PptpMiniport - ok
20:58:31.0408 5432 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:58:31.0424 5432 Processor - ok
20:58:31.0471 5432 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:58:31.0549 5432 ProfSvc - ok
20:58:31.0564 5432 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:58:31.0580 5432 ProtectedStorage - ok
20:58:31.0596 5432 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:58:31.0658 5432 Psched - ok
20:58:31.0705 5432 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:58:31.0752 5432 ql2300 - ok
20:58:31.0783 5432 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:58:31.0783 5432 ql40xx - ok
20:58:31.0814 5432 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:58:31.0830 5432 QWAVE - ok
20:58:31.0845 5432 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:58:31.0876 5432 QWAVEdrv - ok
20:58:31.0892 5432 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:58:31.0923 5432 RasAcd - ok
20:58:31.0970 5432 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:58:32.0064 5432 RasAgileVpn - ok
20:58:32.0095 5432 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:58:32.0204 5432 RasAuto - ok
20:58:32.0220 5432 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:58:32.0266 5432 Rasl2tp - ok
20:58:32.0282 5432 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:58:32.0313 5432 RasMan - ok
20:58:32.0329 5432 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:58:32.0376 5432 RasPppoe - ok
20:58:32.0391 5432 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:58:32.0422 5432 RasSstp - ok
20:58:32.0454 5432 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:58:32.0485 5432 rdbss - ok
20:58:32.0485 5432 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:58:32.0500 5432 rdpbus - ok
20:58:32.0516 5432 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:58:32.0547 5432 RDPCDD - ok
20:58:32.0563 5432 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:58:32.0594 5432 RDPENCDD - ok
20:58:32.0610 5432 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:58:32.0641 5432 RDPREFMP - ok
20:58:32.0703 5432 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:58:32.0734 5432 RDPWD - ok
20:58:32.0781 5432 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:58:32.0781 5432 rdyboost - ok
20:58:32.0828 5432 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:58:32.0922 5432 RemoteAccess - ok
20:58:32.0984 5432 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:58:33.0031 5432 RemoteRegistry - ok
20:58:33.0046 5432 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:58:33.0078 5432 RpcEptMapper - ok
20:58:33.0093 5432 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:58:33.0109 5432 RpcLocator - ok
20:58:33.0124 5432 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:58:33.0156 5432 RpcSs - ok
20:58:33.0187 5432 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:58:33.0218 5432 rspndr - ok
20:58:33.0265 5432 [ 9BEB5F18A418FF70659CE2E356829568 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
20:58:33.0265 5432 RSUSBSTOR - ok
20:58:33.0280 5432 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:58:33.0280 5432 SamSs - ok
20:58:33.0312 5432 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:58:33.0312 5432 sbp2port - ok
20:58:33.0343 5432 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:58:33.0374 5432 SCardSvr - ok
20:58:33.0390 5432 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:58:33.0421 5432 scfilter - ok
20:58:33.0468 5432 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:58:33.0514 5432 Schedule - ok
20:58:33.0530 5432 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:58:33.0561 5432 SCPolicySvc - ok
20:58:33.0592 5432 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:58:33.0639 5432 SDRSVC - ok
20:58:33.0670 5432 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:58:33.0748 5432 secdrv - ok
20:58:33.0764 5432 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:58:33.0795 5432 seclogon - ok
20:58:33.0826 5432 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:58:33.0858 5432 SENS - ok
20:58:33.0873 5432 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:58:33.0920 5432 SensrSvc - ok
20:58:33.0967 5432 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:58:33.0998 5432 Serenum - ok
20:58:34.0045 5432 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:58:34.0076 5432 Serial - ok
20:58:34.0107 5432 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:58:34.0138 5432 sermouse - ok
20:58:34.0170 5432 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:58:34.0232 5432 SessionEnv - ok
20:58:34.0248 5432 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:58:34.0263 5432 sffdisk - ok
20:58:34.0279 5432 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:58:34.0310 5432 sffp_mmc - ok
20:58:34.0310 5432 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:58:34.0341 5432 sffp_sd - ok
20:58:34.0372 5432 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:58:34.0419 5432 sfloppy - ok
20:58:34.0482 5432 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:58:34.0528 5432 Sftfs - ok
20:58:34.0638 5432 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:58:34.0684 5432 sftlist - ok
20:58:34.0747 5432 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:58:34.0778 5432 Sftplay - ok
20:58:34.0825 5432 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:58:34.0856 5432 Sftredir - ok
20:58:34.0903 5432 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:58:34.0918 5432 Sftvol - ok
20:58:34.0950 5432 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:58:34.0965 5432 sftvsa - ok
20:58:35.0012 5432 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:58:35.0074 5432 SharedAccess - ok
20:58:35.0106 5432 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:58:35.0152 5432 ShellHWDetection - ok
20:58:35.0168 5432 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:58:35.0184 5432 SiSRaid2 - ok
20:58:35.0215 5432 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:58:35.0215 5432 SiSRaid4 - ok
20:58:35.0293 5432 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:58:35.0308 5432 SkypeUpdate - ok
20:58:35.0340 5432 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:58:35.0418 5432 Smb - ok
20:58:35.0449 5432 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:58:35.0480 5432 SNMPTRAP - ok
20:58:35.0511 5432 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:58:35.0527 5432 spldr - ok
20:58:35.0574 5432 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:58:35.0636 5432 Spooler - ok
20:58:35.0730 5432 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:58:35.0854 5432 sppsvc - ok
20:58:35.0870 5432 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:58:35.0901 5432 sppuinotify - ok
20:58:35.0917 5432 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:58:35.0948 5432 srv - ok
20:58:35.0964 5432 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:58:35.0979 5432 srv2 - ok
20:58:35.0995 5432 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:58:36.0010 5432 srvnet - ok
20:58:36.0026 5432 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:58:36.0104 5432 SSDPSRV - ok
20:58:36.0120 5432 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:58:36.0151 5432 SstpSvc - ok
20:58:36.0166 5432 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:58:36.0182 5432 stexstor - ok
20:58:36.0229 5432 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:58:36.0291 5432 stisvc - ok
20:58:36.0307 5432 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:58:36.0322 5432 swenum - ok
20:58:36.0354 5432 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:58:36.0400 5432 swprv - ok
20:58:36.0447 5432 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:58:36.0525 5432 SysMain - ok
20:58:36.0541 5432 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:58:36.0556 5432 TabletInputService - ok
20:58:36.0572 5432 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:58:36.0603 5432 TapiSrv - ok
20:58:36.0619 5432 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:58:36.0650 5432 TBS - ok
20:58:36.0728 5432 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:58:36.0822 5432 Tcpip - ok
20:58:36.0868 5432 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:58:36.0900 5432 TCPIP6 - ok
20:58:36.0931 5432 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:58:36.0962 5432 tcpipreg - ok
20:58:36.0993 5432 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:58:37.0040 5432 TDPIPE - ok
20:58:37.0071 5432 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:58:37.0102 5432 TDTCP - ok
20:58:37.0118 5432 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:58:37.0165 5432 tdx - ok
20:58:37.0196 5432 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:58:37.0227 5432 TermDD - ok
20:58:37.0274 5432 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:58:37.0321 5432 TermService - ok
20:58:37.0352 5432 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:58:37.0352 5432 Themes - ok
20:58:37.0383 5432 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:58:37.0399 5432 THREADORDER - ok
20:58:37.0492 5432 [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
20:58:37.0524 5432 TomTomHOMEService - ok
20:58:37.0539 5432 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:58:37.0602 5432 TrkWks - ok
20:58:37.0695 5432 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:58:37.0758 5432 TrustedInstaller - ok
20:58:37.0789 5432 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:58:37.0867 5432 tssecsrv - ok
20:58:37.0898 5432 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:58:37.0929 5432 TsUsbFlt - ok
20:58:37.0945 5432 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:58:37.0976 5432 TsUsbGD - ok
20:58:38.0007 5432 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:58:38.0070 5432 tunnel - ok
20:58:38.0132 5432 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:58:38.0163 5432 TurboB - ok
20:58:38.0241 5432 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:58:38.0272 5432 TurboBoost - ok
20:58:38.0304 5432 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:58:38.0319 5432 uagp35 - ok
20:58:38.0335 5432 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
20:58:38.0350 5432 UBHelper - ok
20:58:38.0366 5432 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:58:38.0428 5432 udfs - ok
20:58:38.0460 5432 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:58:38.0491 5432 UI0Detect - ok
20:58:38.0506 5432 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:58:38.0522 5432 uliagpkx - ok
20:58:38.0538 5432 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:58:38.0569 5432 umbus - ok
20:58:38.0584 5432 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:58:38.0616 5432 UmPass - ok
20:58:38.0850 5432 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:58:38.0896 5432 UNS - ok
20:58:38.0912 5432 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:58:39.0006 5432 upnphost - ok
20:58:39.0052 5432 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:58:39.0115 5432 USBAAPL64 - ok
20:58:39.0146 5432 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:58:39.0162 5432 usbccgp - ok
20:58:39.0197 5432 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:58:39.0227 5432 usbcir - ok
20:58:39.0247 5432 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:58:39.0277 5432 usbehci - ok
20:58:39.0307 5432 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
20:58:39.0347 5432 usbhub - ok
20:58:39.0357 5432 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:58:39.0387 5432 usbohci - ok
20:58:39.0407 5432 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:58:39.0447 5432 usbprint - ok
20:58:39.0467 5432 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:58:39.0497 5432 USBSTOR - ok
20:58:39.0527 5432 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:58:39.0567 5432 usbuhci - ok
20:58:39.0597 5432 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:58:39.0637 5432 usbvideo - ok
20:58:39.0677 5432 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:58:39.0727 5432 UxSms - ok
20:58:39.0747 5432 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:58:39.0757 5432 VaultSvc - ok
20:58:39.0787 5432 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:58:39.0787 5432 vdrvroot - ok
20:58:39.0807 5432 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:58:39.0847 5432 vds - ok
20:58:39.0877 5432 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:58:39.0887 5432 vga - ok
20:58:39.0907 5432 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:58:39.0937 5432 VgaSave - ok
20:58:39.0957 5432 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:58:39.0967 5432 vhdmp - ok
20:58:39.0997 5432 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:58:40.0017 5432 viaide - ok
20:58:40.0037 5432 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:58:40.0047 5432 volmgr - ok
20:58:40.0067 5432 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:58:40.0077 5432 volmgrx - ok
20:58:40.0087 5432 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:58:40.0097 5432 volsnap - ok
20:58:40.0117 5432 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:58:40.0127 5432 vsmraid - ok
20:58:40.0197 5432 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:58:40.0297 5432 VSS - ok
20:58:40.0307 5432 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:58:40.0327 5432 vwifibus - ok
20:58:40.0337 5432 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:58:40.0367 5432 vwififlt - ok
20:58:40.0407 5432 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:58:40.0417 5432 vwifimp - ok
20:58:40.0447 5432 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:58:40.0477 5432 W32Time - ok
20:58:40.0487 5432 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:58:40.0517 5432 WacomPen - ok
20:58:40.0547 5432 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:58:40.0607 5432 WANARP - ok
20:58:40.0607 5432 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:58:40.0637 5432 Wanarpv6 - ok
20:58:40.0717 5432 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:58:40.0767 5432 WatAdminSvc - ok
20:58:40.0847 5432 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:58:40.0957 5432 wbengine - ok
20:58:40.0977 5432 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:58:40.0997 5432 WbioSrvc - ok
20:58:41.0017 5432 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:58:41.0037 5432 wcncsvc - ok
20:58:41.0047 5432 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:58:41.0117 5432 WcsPlugInService - ok
20:58:41.0147 5432 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:58:41.0157 5432 Wd - ok
20:58:41.0207 5432 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:58:41.0270 5432 Wdf01000 - ok
20:58:41.0285 5432 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:58:41.0394 5432 WdiServiceHost - ok
20:58:41.0394 5432 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:58:41.0410 5432 WdiSystemHost - ok
20:58:41.0426 5432 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:58:41.0457 5432 WebClient - ok
20:58:41.0488 5432 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:58:41.0535 5432 Wecsvc - ok
20:58:41.0550 5432 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:58:41.0582 5432 wercplsupport - ok
20:58:41.0597 5432 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:58:41.0644 5432 WerSvc - ok
20:58:41.0660 5432 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:58:41.0691 5432 WfpLwf - ok
20:58:41.0706 5432 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:58:41.0722 5432 WIMMount - ok
20:58:41.0738 5432 WinDefend - ok
20:58:41.0738 5432 WinHttpAutoProxySvc - ok
20:58:41.0784 5432 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:58:41.0847 5432 Winmgmt - ok
20:58:41.0940 5432 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:58:42.0034 5432 WinRM - ok
20:58:42.0096 5432 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:58:42.0143 5432 WinUsb - ok
20:58:42.0174 5432 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:58:42.0237 5432 Wlansvc - ok
20:58:42.0299 5432 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:58:42.0315 5432 wlcrasvc - ok
20:58:42.0408 5432 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:58:42.0440 5432 wlidsvc - ok
20:58:42.0471 5432 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:58:42.0502 5432 WmiAcpi - ok
20:58:42.0533 5432 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:58:42.0564 5432 wmiApSrv - ok
20:58:42.0611 5432 WMPNetworkSvc - ok
20:58:42.0720 5432 [ 495284CF894336E9512ED7C9ACB3548E ] WOTUpdater C:\Users\ALKL\AppData\LocalLow\WOT\IE\WOTUpdater.exe
20:58:42.0736 5432 WOTUpdater ( UnsignedFile.Multi.Generic ) - warning
20:58:42.0736 5432 WOTUpdater - detected UnsignedFile.Multi.Generic (1)
20:58:42.0767 5432 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:58:42.0814 5432 WPCSvc - ok
20:58:42.0845 5432 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:58:42.0861 5432 WPDBusEnum - ok
20:58:42.0886 5432 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:58:42.0918 5432 ws2ifsl - ok
20:58:42.0933 5432 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:58:42.0949 5432 wscsvc - ok
20:58:42.0949 5432 WSearch - ok
20:58:43.0027 5432 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:58:43.0136 5432 wuauserv - ok
20:58:43.0183 5432 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:58:43.0245 5432 WudfPf - ok
20:58:43.0292 5432 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:58:43.0323 5432 WUDFRd - ok
20:58:43.0370 5432 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:58:43.0417 5432 wudfsvc - ok
20:58:43.0432 5432 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:58:43.0495 5432 WwanSvc - ok
20:58:43.0526 5432 ================ Scan global ===============================
20:58:43.0557 5432 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:58:43.0588 5432 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:58:43.0620 5432 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:58:43.0651 5432 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:58:43.0682 5432 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:58:43.0698 5432 [Global] - ok
20:58:43.0698 5432 ================ Scan MBR ==================================
20:58:43.0713 5432 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:58:44.0337 5432 \Device\Harddisk0\DR0 - ok
20:58:44.0337 5432 ================ Scan VBR ==================================
20:58:44.0337 5432 [ 63F505F739F3D7FCCABDBEE348030360 ] \Device\Harddisk0\DR0\Partition1
20:58:44.0337 5432 \Device\Harddisk0\DR0\Partition1 - ok
20:58:44.0368 5432 [ 149CD9229AE634167A7282034F2EE62F ] \Device\Harddisk0\DR0\Partition2
20:58:44.0384 5432 \Device\Harddisk0\DR0\Partition2 - ok
20:58:44.0384 5432 ============================================================
20:58:44.0384 5432 Scan finished
20:58:44.0384 5432 ============================================================
20:58:44.0384 6248 Detected object count: 1
20:58:44.0384 6248 Actual detected object count: 1
20:59:06.0049 6248 WOTUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
20:59:06.0049 6248 WOTUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 29.11.2012, 10:58

Ich hab dich doch in den ersten Hinweisen gebeten, die Logs alle in CODE-Tags zu posten, warum machst du das nicht?

kroni25 · 29.11.2012, 18:16

Zitat:

Zitat von cosinus

Ich hab dich doch in den ersten Hinweisen gebeten, die Logs alle in CODE-Tags zu posten, warum machst du das nicht?

Sorry, bin da neu und da hat mir das nichts gesagt- ich probiers einfach nocheinmal - lt. Info im Net- das Ganze markieren und dann auf # da oben drücken- hoffe das stimmt - sonst bitte um Info

Code:

ATTFilter

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-28 20:11:53
-----------------------------
20:11:53.271 OS Version: Windows x64 6.1.7601 Service Pack 1
20:11:53.271 Number of processors: 4 586 0x2A07
20:11:53.271 ComputerName: ALKL-PC UserName: ALKL
20:11:54.519 Initialize success
20:15:37.830 AVAST engine defs: 12112800
20:15:59.545 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:15:59.561 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
20:15:59.576 Disk 0 MBR read successfully
20:15:59.576 Disk 0 MBR scan
20:15:59.592 Disk 0 Windows 7 default MBR code
20:15:59.592 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 16384 MB offset 2048
20:15:59.623 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 33556480
20:15:59.639 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 460454 MB offset 33761280
20:15:59.670 Disk 0 scanning C:\Windows\system32\drivers
20:16:08.406 Service scanning
20:16:34.358 Modules scanning
20:16:34.374 Disk 0 trace - called modules:
20:16:34.390 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
20:16:34.405 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80068e9060]
20:16:34.405 3 CLASSPNP.SYS[fffff88001ba543f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004aad050]
20:16:36.137 AVAST engine scan C:\Windows
20:16:38.851 AVAST engine scan C:\Windows\system32
20:21:20.505 AVAST engine scan C:\Windows\system32\drivers
20:21:31.707 AVAST engine scan C:\Users\ALKL
20:27:35.826 File: C:\Users\ALKL\AppData\Local\Temp\0.517416384732799.exe **INFECTED** Win32:Rootkit-gen [Rtk]
20:27:47.377 File: C:\Users\ALKL\AppData\Local\Temp\jar_cache4108568453813458730.tmp **INFECTED** Win32:Rootkit-gen [Rtk]
20:31:52.776 AVAST engine scan C:\ProgramData
20:34:04.932 Scan finished successfully
20:38:52.468 Disk 0 MBR has been saved successfully to "C:\Users\ALKL\Desktop\MBR.dat"
20:38:52.484 The log file has been saved successfully to "C:\Users\ALKL\Desktop\aswMBR.txt"


nun der TDSS Killer file- bzw. report:
20:57:47.0271 4752 TDSS rootkit removing tool 2.8.14.0 Oct 30 2012 13:37:33
20:57:55.0625 4752 ============================================================
20:57:55.0625 4752 Current date / time: 2012/11/28 20:57:55.0625
20:57:55.0640 4752 SystemInfo:
20:57:55.0640 4752 
20:57:55.0640 4752 OS Version: 6.1.7601 ServicePack: 1.0
20:57:55.0640 4752 Product type: Workstation
20:57:55.0640 4752 ComputerName: ALKL-PC
20:57:55.0640 4752 UserName: ALKL
20:57:55.0640 4752 Windows directory: C:\Windows
20:57:55.0640 4752 System windows directory: C:\Windows
20:57:55.0640 4752 Running under WOW64
20:57:55.0640 4752 Processor architecture: Intel x64
20:57:55.0640 4752 Number of processors: 4
20:57:55.0640 4752 Page size: 0x1000
20:57:55.0640 4752 Boot type: Normal boot
20:57:55.0640 4752 ============================================================
20:57:56.0139 4752 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:57:56.0202 4752 ============================================================
20:57:56.0202 4752 \Device\Harddisk0\DR0:
20:57:56.0202 4752 MBR partitions:
20:57:56.0202 4752 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2000800, BlocksNum 0x32000
20:57:56.0202 4752 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2032800, BlocksNum 0x38353000
20:57:56.0202 4752 ============================================================
20:57:56.0217 4752 C: <-> \Device\Harddisk0\DR0\Partition2
20:57:56.0217 4752 ============================================================
20:57:56.0217 4752 Initialize success
20:57:56.0217 4752 ============================================================
20:58:10.0930 5432 ============================================================
20:58:10.0930 5432 Scan started
20:58:10.0930 5432 Mode: Manual; SigCheck; TDLFS; 
20:58:10.0930 5432 ============================================================
20:58:11.0133 5432 ================ Scan system memory ========================
20:58:11.0133 5432 System memory - ok
20:58:11.0133 5432 ================ Scan services =============================
20:58:11.0383 5432 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:58:11.0507 5432 1394ohci - ok
20:58:11.0663 5432 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:58:11.0710 5432 ACDaemon - ok
20:58:11.0773 5432 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:58:11.0819 5432 ACPI - ok
20:58:11.0866 5432 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:58:11.0929 5432 AcpiPmi - ok
20:58:12.0069 5432 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:58:12.0100 5432 AdobeFlashPlayerUpdateSvc - ok
20:58:12.0131 5432 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:58:12.0163 5432 adp94xx - ok
20:58:12.0194 5432 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:58:12.0209 5432 adpahci - ok
20:58:12.0225 5432 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:58:12.0241 5432 adpu320 - ok
20:58:12.0256 5432 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:58:12.0350 5432 AeLookupSvc - ok
20:58:12.0428 5432 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:58:12.0459 5432 AFD - ok
20:58:12.0475 5432 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:58:12.0490 5432 agp440 - ok
20:58:12.0506 5432 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:58:12.0568 5432 ALG - ok
20:58:12.0615 5432 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:58:12.0631 5432 aliide - ok
20:58:12.0677 5432 [ E4DA723458A20FBA693FB1F5924483DB ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:58:12.0724 5432 AMD External Events Utility - ok
20:58:12.0787 5432 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:58:12.0802 5432 amdide - ok
20:58:12.0833 5432 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:58:12.0896 5432 AmdK8 - ok
20:58:13.0097 5432 [ F894BFB5817718D50CE0122B7806B457 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:58:13.0317 5432 amdkmdag - ok
20:58:13.0327 5432 [ B12E7BE6715F3EE1A913A806F6B0AB94 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:58:13.0347 5432 amdkmdap - ok
20:58:13.0357 5432 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:58:13.0387 5432 AmdPPM - ok
20:58:13.0417 5432 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:58:13.0447 5432 amdsata - ok
20:58:13.0487 5432 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:58:13.0507 5432 amdsbs - ok
20:58:13.0537 5432 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:58:13.0547 5432 amdxata - ok
20:58:13.0657 5432 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:58:13.0677 5432 AntiVirSchedulerService - ok
20:58:13.0717 5432 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:58:13.0737 5432 AntiVirService - ok
20:58:13.0827 5432 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:58:13.0877 5432 AppID - ok
20:58:13.0907 5432 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:58:14.0017 5432 AppIDSvc - ok
20:58:14.0037 5432 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:58:14.0107 5432 Appinfo - ok
20:58:14.0187 5432 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:58:14.0207 5432 Apple Mobile Device - ok
20:58:14.0227 5432 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:58:14.0247 5432 arc - ok
20:58:14.0277 5432 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:58:14.0307 5432 arcsas - ok
20:58:14.0337 5432 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:58:14.0457 5432 AsyncMac - ok
20:58:14.0497 5432 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:58:14.0527 5432 atapi - ok
20:58:14.0567 5432 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
20:58:14.0587 5432 AtiHDAudioService - ok
20:58:14.0637 5432 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:58:14.0747 5432 AudioEndpointBuilder - ok
20:58:14.0767 5432 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:58:14.0797 5432 AudioSrv - ok
20:58:14.0827 5432 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:58:14.0837 5432 avgntflt - ok
20:58:14.0897 5432 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:58:14.0917 5432 avipbb - ok
20:58:14.0937 5432 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:58:14.0957 5432 avkmgr - ok
20:58:14.0997 5432 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:58:15.0097 5432 AxInstSV - ok
20:58:15.0127 5432 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:58:15.0217 5432 b06bdrv - ok
20:58:15.0267 5432 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:58:15.0307 5432 b57nd60a - ok
20:58:15.0387 5432 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:58:15.0417 5432 BBSvc - ok
20:58:15.0507 5432 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:58:15.0537 5432 BBUpdate - ok
20:58:15.0667 5432 [ 11F844B46B631337395651ABE9C4167B ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:58:15.0807 5432 BCM43XX - ok
20:58:15.0827 5432 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:58:15.0858 5432 BDESVC - ok
20:58:15.0898 5432 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:58:15.0968 5432 Beep - ok
20:58:16.0028 5432 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:58:16.0138 5432 BFE - ok
20:58:16.0178 5432 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:58:16.0308 5432 BITS - ok
20:58:16.0328 5432 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:58:16.0348 5432 blbdrive - ok
20:58:16.0428 5432 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:58:16.0458 5432 Bonjour Service - ok
20:58:16.0498 5432 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:58:16.0528 5432 bowser - ok
20:58:16.0558 5432 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:58:16.0598 5432 BrFiltLo - ok
20:58:16.0618 5432 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:58:16.0658 5432 BrFiltUp - ok
20:58:16.0708 5432 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:58:16.0748 5432 Browser - ok
20:58:16.0768 5432 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:58:16.0828 5432 Brserid - ok
20:58:16.0868 5432 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:58:16.0908 5432 BrSerWdm - ok
20:58:16.0938 5432 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:58:16.0968 5432 BrUsbMdm - ok
20:58:16.0978 5432 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:58:17.0008 5432 BrUsbSer - ok
20:58:17.0028 5432 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:58:17.0078 5432 BTHMODEM - ok
20:58:17.0128 5432 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:58:17.0198 5432 bthserv - ok
20:58:17.0218 5432 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:58:17.0258 5432 cdfs - ok
20:58:17.0308 5432 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:58:17.0328 5432 cdrom - ok
20:58:17.0358 5432 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:58:17.0398 5432 CertPropSvc - ok
20:58:17.0428 5432 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:58:17.0478 5432 circlass - ok
20:58:17.0518 5432 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:58:17.0548 5432 CLFS - ok
20:58:17.0608 5432 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:58:17.0638 5432 clr_optimization_v2.0.50727_32 - ok
20:58:17.0668 5432 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:58:17.0698 5432 clr_optimization_v2.0.50727_64 - ok
20:58:17.0798 5432 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:58:17.0855 5432 clr_optimization_v4.0.30319_32 - ok
20:58:17.0886 5432 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:58:17.0917 5432 clr_optimization_v4.0.30319_64 - ok
20:58:17.0948 5432 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:58:17.0995 5432 CmBatt - ok
20:58:18.0042 5432 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:58:18.0058 5432 cmdide - ok
20:58:18.0120 5432 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:58:18.0136 5432 CNG - ok
20:58:18.0151 5432 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:58:18.0151 5432 Compbatt - ok
20:58:18.0198 5432 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:58:18.0245 5432 CompositeBus - ok
20:58:18.0292 5432 COMSysApp - ok
20:58:18.0323 5432 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:58:18.0354 5432 crcdisk - ok
20:58:18.0401 5432 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:58:18.0448 5432 CryptSvc - ok
20:58:18.0572 5432 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:58:18.0619 5432 cvhsvc - ok
20:58:18.0666 5432 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:58:18.0744 5432 DcomLaunch - ok
20:58:18.0791 5432 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:58:18.0869 5432 defragsvc - ok
20:58:18.0900 5432 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:58:18.0978 5432 DfsC - ok
20:58:19.0025 5432 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:58:19.0087 5432 Dhcp - ok
20:58:19.0118 5432 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:58:19.0165 5432 discache - ok
20:58:19.0212 5432 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:58:19.0243 5432 Disk - ok
20:58:19.0243 5432 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:58:19.0321 5432 Dnscache - ok
20:58:19.0337 5432 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:58:19.0430 5432 dot3svc - ok
20:58:19.0430 5432 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:58:19.0477 5432 DPS - ok
20:58:19.0508 5432 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:58:19.0571 5432 drmkaud - ok
20:58:19.0622 5432 [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
20:58:19.0652 5432 DsiWMIService - ok
20:58:19.0672 5432 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:58:19.0702 5432 DXGKrnl - ok
20:58:19.0742 5432 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:58:19.0812 5432 EapHost - ok
20:58:19.0892 5432 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:58:19.0992 5432 ebdrv - ok
20:58:20.0022 5432 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:58:20.0072 5432 EFS - ok
20:58:20.0112 5432 [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
20:58:20.0132 5432 EgisTec Ticket Service - ok
20:58:20.0192 5432 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:58:20.0242 5432 ehRecvr - ok
20:58:20.0262 5432 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:58:20.0302 5432 ehSched - ok
20:58:20.0362 5432 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:58:20.0392 5432 elxstor - ok
20:58:20.0472 5432 [ 48425C93B6F36529707206E4FA680CF3 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:58:20.0522 5432 ePowerSvc - ok
20:58:20.0532 5432 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:58:20.0552 5432 ErrDev - ok
20:58:20.0592 5432 [ 9D8739A2A2173C9D27C499A3FC6EDA3F ] ETD C:\Windows\system32\DRIVERS\ETD.sys
20:58:20.0602 5432 ETD - ok
20:58:20.0642 5432 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:58:20.0722 5432 EventSystem - ok
20:58:20.0752 5432 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:58:20.0782 5432 exfat - ok
20:58:20.0792 5432 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:58:20.0832 5432 fastfat - ok
20:58:20.0852 5432 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:58:20.0902 5432 Fax - ok
20:58:20.0922 5432 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:58:20.0942 5432 fdc - ok
20:58:20.0962 5432 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:58:21.0012 5432 fdPHost - ok
20:58:21.0032 5432 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:58:21.0062 5432 FDResPub - ok
20:58:21.0092 5432 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:58:21.0112 5432 FileInfo - ok
20:58:21.0132 5432 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:58:21.0202 5432 Filetrace - ok
20:58:21.0232 5432 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:58:21.0252 5432 FLEXnet Licensing Service - ok
20:58:21.0282 5432 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:58:21.0292 5432 flpydisk - ok
20:58:21.0312 5432 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:58:21.0322 5432 FltMgr - ok
20:58:21.0382 5432 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:58:21.0502 5432 FontCache - ok
20:58:21.0602 5432 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:58:21.0622 5432 FontCache3.0.0.0 - ok
20:58:21.0642 5432 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:58:21.0658 5432 FsDepends - ok
20:58:21.0704 5432 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:58:21.0720 5432 Fs_Rec - ok
20:58:21.0736 5432 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:58:21.0751 5432 fvevol - ok
20:58:21.0782 5432 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:58:21.0782 5432 gagp30kx - ok
20:58:21.0829 5432 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:58:21.0860 5432 GamesAppService - ok
20:58:21.0907 5432 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:58:21.0923 5432 GEARAspiWDM - ok
20:58:22.0001 5432 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:58:22.0079 5432 gpsvc - ok
20:58:22.0126 5432 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
20:58:22.0141 5432 GREGService - ok
20:58:22.0219 5432 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:58:22.0235 5432 gupdate - ok
20:58:22.0266 5432 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:58:22.0282 5432 gupdatem - ok
20:58:22.0297 5432 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:58:22.0360 5432 hcw85cir - ok
20:58:22.0391 5432 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:58:22.0438 5432 HdAudAddService - ok
20:58:22.0453 5432 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:58:22.0500 5432 HDAudBus - ok
20:58:22.0516 5432 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:58:22.0531 5432 HidBatt - ok
20:58:22.0562 5432 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:58:22.0578 5432 HidBth - ok
20:58:22.0609 5432 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:58:22.0625 5432 HidIr - ok
20:58:22.0640 5432 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:58:22.0687 5432 hidserv - ok
20:58:22.0718 5432 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:58:22.0718 5432 HidUsb - ok
20:58:22.0750 5432 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:58:22.0796 5432 hkmsvc - ok
20:58:22.0812 5432 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:58:22.0859 5432 HomeGroupListener - ok
20:58:22.0890 5432 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:58:22.0921 5432 HomeGroupProvider - ok
20:58:22.0968 5432 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:58:22.0968 5432 HpSAMD - ok
20:58:23.0015 5432 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:58:23.0093 5432 HTTP - ok
20:58:23.0108 5432 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:58:23.0124 5432 hwpolicy - ok
20:58:23.0155 5432 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:58:23.0155 5432 i8042prt - ok
20:58:23.0186 5432 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:58:23.0186 5432 iaStor - ok
20:58:23.0249 5432 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:58:23.0249 5432 IAStorDataMgrSvc - ok
20:58:23.0296 5432 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:58:23.0311 5432 iaStorV - ok
20:58:23.0362 5432 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:58:23.0382 5432 idsvc - ok
20:58:23.0412 5432 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:58:23.0422 5432 iirsp - ok
20:58:23.0452 5432 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:58:23.0502 5432 IKEEXT - ok
20:58:23.0612 5432 [ B60ACCD29F8FAFC4A6344CD2BD5CA3A5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:58:23.0712 5432 IntcAzAudAddService - ok
20:58:23.0742 5432 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:58:23.0752 5432 intelide - ok
20:58:23.0772 5432 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:58:23.0782 5432 intelppm - ok
20:58:23.0812 5432 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:58:23.0862 5432 IPBusEnum - ok
20:58:23.0882 5432 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:58:23.0912 5432 IpFilterDriver - ok
20:58:23.0972 5432 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:58:24.0012 5432 iphlpsvc - ok
20:58:24.0022 5432 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:58:24.0042 5432 IPMIDRV - ok
20:58:24.0062 5432 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:58:24.0102 5432 IPNAT - ok
20:58:24.0142 5432 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:58:24.0162 5432 iPod Service - ok
20:58:24.0192 5432 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:58:24.0202 5432 IRENUM - ok
20:58:24.0212 5432 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:58:24.0222 5432 isapnp - ok
20:58:24.0242 5432 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:58:24.0262 5432 iScsiPrt - ok
20:58:24.0292 5432 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:58:24.0312 5432 kbdclass - ok
20:58:24.0342 5432 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:58:24.0372 5432 kbdhid - ok
20:58:24.0392 5432 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:58:24.0402 5432 KeyIso - ok
20:58:24.0452 5432 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:58:24.0472 5432 KSecDD - ok
20:58:24.0522 5432 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:58:24.0542 5432 KSecPkg - ok
20:58:24.0582 5432 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:58:24.0652 5432 ksthunk - ok
20:58:24.0682 5432 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:58:24.0722 5432 KtmRm - ok
20:58:24.0752 5432 [ 0E154DA6CA9105354A07D0C576804037 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
20:58:24.0762 5432 L1C - ok
20:58:24.0802 5432 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:58:24.0842 5432 LanmanServer - ok
20:58:24.0882 5432 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:58:24.0922 5432 LanmanWorkstation - ok
20:58:24.0972 5432 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:58:24.0972 5432 Live Updater Service - ok
20:58:25.0012 5432 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:58:25.0032 5432 lltdio - ok
20:58:25.0082 5432 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:58:25.0122 5432 lltdsvc - ok
20:58:25.0142 5432 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:58:25.0192 5432 lmhosts - ok
20:58:25.0242 5432 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:58:25.0262 5432 LMS - ok
20:58:25.0292 5432 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:58:25.0302 5432 LSI_FC - ok
20:58:25.0332 5432 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:58:25.0332 5432 LSI_SAS - ok
20:58:25.0352 5432 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:58:25.0362 5432 LSI_SAS2 - ok
20:58:25.0382 5432 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:58:25.0392 5432 LSI_SCSI - ok
20:58:25.0402 5432 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:58:25.0434 5432 luafv - ok
20:58:25.0496 5432 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:58:25.0512 5432 MBAMProtector - ok
20:58:25.0652 5432 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:58:25.0668 5432 MBAMScheduler - ok
20:58:25.0699 5432 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:58:25.0714 5432 MBAMService - ok
20:58:25.0761 5432 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:58:25.0792 5432 Mcx2Svc - ok
20:58:25.0808 5432 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:58:25.0824 5432 megasas - ok
20:58:25.0870 5432 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:58:25.0902 5432 MegaSR - ok
20:58:25.0948 5432 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
20:58:25.0964 5432 MEIx64 - ok
20:58:25.0995 5432 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:58:26.0042 5432 MMCSS - ok
20:58:26.0042 5432 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:58:26.0089 5432 Modem - ok
20:58:26.0120 5432 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:58:26.0151 5432 monitor - ok
20:58:26.0182 5432 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:58:26.0198 5432 mouclass - ok
20:58:26.0214 5432 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:58:26.0245 5432 mouhid - ok
20:58:26.0276 5432 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:58:26.0292 5432 mountmgr - ok
20:58:26.0292 5432 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:58:26.0307 5432 mpio - ok
20:58:26.0323 5432 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:58:26.0354 5432 mpsdrv - ok
20:58:26.0557 5432 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:58:26.0650 5432 MpsSvc - ok
20:58:26.0666 5432 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:58:26.0697 5432 MRxDAV - ok
20:58:26.0713 5432 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:58:26.0744 5432 mrxsmb - ok
20:58:26.0775 5432 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:58:26.0806 5432 mrxsmb10 - ok
20:58:26.0838 5432 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:58:26.0853 5432 mrxsmb20 - ok
20:58:26.0900 5432 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:58:26.0916 5432 msahci - ok
20:58:26.0931 5432 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:58:26.0947 5432 msdsm - ok
20:58:26.0978 5432 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:58:27.0009 5432 MSDTC - ok
20:58:27.0025 5432 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:58:27.0056 5432 Msfs - ok
20:58:27.0087 5432 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:58:27.0150 5432 mshidkmdf - ok
20:58:27.0150 5432 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:58:27.0165 5432 msisadrv - ok
20:58:27.0181 5432 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:58:27.0228 5432 MSiSCSI - ok
20:58:27.0228 5432 msiserver - ok
20:58:27.0259 5432 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:58:27.0321 5432 MSKSSRV - ok
20:58:27.0321 5432 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:58:27.0368 5432 MSPCLOCK - ok
20:58:27.0384 5432 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:58:27.0415 5432 MSPQM - ok
20:58:27.0430 5432 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:58:27.0446 5432 MsRPC - ok
20:58:27.0446 5432 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:58:27.0462 5432 mssmbios - ok
20:58:27.0477 5432 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:58:27.0508 5432 MSTEE - ok
20:58:27.0524 5432 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:58:27.0540 5432 MTConfig - ok
20:58:27.0555 5432 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:58:27.0555 5432 Mup - ok
20:58:27.0571 5432 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:58:27.0571 5432 mwlPSDFilter - ok
20:58:27.0602 5432 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:58:27.0602 5432 mwlPSDNServ - ok
20:58:27.0618 5432 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:58:27.0618 5432 mwlPSDVDisk - ok
20:58:27.0649 5432 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:58:27.0696 5432 napagent - ok
20:58:27.0742 5432 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:58:27.0774 5432 NativeWifiP - ok
20:58:27.0852 5432 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:58:27.0914 5432 NDIS - ok
20:58:27.0930 5432 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:58:27.0976 5432 NdisCap - ok
20:58:27.0992 5432 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:58:28.0023 5432 NdisTapi - ok
20:58:28.0054 5432 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:58:28.0086 5432 Ndisuio - ok
20:58:28.0086 5432 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:58:28.0132 5432 NdisWan - ok
20:58:28.0148 5432 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:58:28.0164 5432 NDProxy - ok
20:58:28.0195 5432 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:58:28.0257 5432 NetBIOS - ok
20:58:28.0273 5432 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:58:28.0304 5432 NetBT - ok
20:58:28.0335 5432 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:58:28.0366 5432 Netlogon - ok
20:58:28.0413 5432 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:58:28.0491 5432 Netman - ok
20:58:28.0491 5432 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:58:28.0538 5432 netprofm - ok
20:58:28.0569 5432 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:58:28.0569 5432 NetTcpPortSharing - ok
20:58:28.0616 5432 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:58:28.0616 5432 nfrd960 - ok
20:58:28.0647 5432 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:58:28.0663 5432 NlaSvc - ok
20:58:28.0803 5432 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
20:58:28.0897 5432 NOBU - ok
20:58:28.0912 5432 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:58:28.0944 5432 Npfs - ok
20:58:28.0959 5432 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:58:28.0990 5432 nsi - ok
20:58:29.0006 5432 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:58:29.0053 5432 nsiproxy - ok
20:58:29.0100 5432 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:58:29.0146 5432 Ntfs - ok
20:58:29.0224 5432 [ 1873214666F6F0A883742DF91FBC48C9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
20:58:29.0256 5432 NTI IScheduleSvc - ok
20:58:29.0287 5432 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
20:58:29.0302 5432 NTIDrvr - ok
20:58:29.0318 5432 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:58:29.0365 5432 Null - ok
20:58:29.0412 5432 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:58:29.0443 5432 nusb3hub - ok
20:58:29.0474 5432 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:58:29.0521 5432 nusb3xhc - ok
20:58:29.0568 5432 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:58:29.0599 5432 nvraid - ok
20:58:29.0614 5432 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:58:29.0630 5432 nvstor - ok
20:58:29.0646 5432 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:58:29.0661 5432 nv_agp - ok
20:58:29.0677 5432 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:58:29.0724 5432 ohci1394 - ok
20:58:29.0739 5432 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:58:29.0755 5432 ose - ok
20:58:29.0942 5432 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:58:30.0036 5432 osppsvc - ok
20:58:30.0051 5432 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:58:30.0114 5432 p2pimsvc - ok
20:58:30.0129 5432 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:58:30.0160 5432 p2psvc - ok
20:58:30.0192 5432 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:58:30.0207 5432 Parport - ok
20:58:30.0238 5432 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:58:30.0238 5432 partmgr - ok
20:58:30.0254 5432 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:58:30.0316 5432 PcaSvc - ok
20:58:30.0332 5432 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:58:30.0348 5432 pci - ok
20:58:30.0363 5432 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:58:30.0379 5432 pciide - ok
20:58:30.0394 5432 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:58:30.0410 5432 pcmcia - ok
20:58:30.0426 5432 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:58:30.0441 5432 pcw - ok
20:58:30.0457 5432 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:58:30.0504 5432 PEAUTH - ok
20:58:30.0582 5432 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:58:30.0628 5432 PerfHost - ok
20:58:30.0706 5432 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:58:30.0800 5432 pla - ok
20:58:30.0831 5432 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:58:30.0878 5432 PlugPlay - ok
20:58:30.0894 5432 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:58:30.0925 5432 PNRPAutoReg - ok
20:58:30.0940 5432 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:58:30.0972 5432 PNRPsvc - ok
20:58:31.0128 5432 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:58:31.0221 5432 PolicyAgent - ok
20:58:31.0237 5432 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:58:31.0268 5432 Power - ok
20:58:31.0315 5432 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:58:31.0393 5432 PptpMiniport - ok
20:58:31.0408 5432 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:58:31.0424 5432 Processor - ok
20:58:31.0471 5432 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:58:31.0549 5432 ProfSvc - ok
20:58:31.0564 5432 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:58:31.0580 5432 ProtectedStorage - ok
20:58:31.0596 5432 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:58:31.0658 5432 Psched - ok
20:58:31.0705 5432 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:58:31.0752 5432 ql2300 - ok
20:58:31.0783 5432 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:58:31.0783 5432 ql40xx - ok
20:58:31.0814 5432 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:58:31.0830 5432 QWAVE - ok
20:58:31.0845 5432 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:58:31.0876 5432 QWAVEdrv - ok
20:58:31.0892 5432 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:58:31.0923 5432 RasAcd - ok
20:58:31.0970 5432 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:58:32.0064 5432 RasAgileVpn - ok
20:58:32.0095 5432 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:58:32.0204 5432 RasAuto - ok
20:58:32.0220 5432 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:58:32.0266 5432 Rasl2tp - ok
20:58:32.0282 5432 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:58:32.0313 5432 RasMan - ok
20:58:32.0329 5432 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:58:32.0376 5432 RasPppoe - ok
20:58:32.0391 5432 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:58:32.0422 5432 RasSstp - ok
20:58:32.0454 5432 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:58:32.0485 5432 rdbss - ok
20:58:32.0485 5432 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:58:32.0500 5432 rdpbus - ok
20:58:32.0516 5432 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:58:32.0547 5432 RDPCDD - ok
20:58:32.0563 5432 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:58:32.0594 5432 RDPENCDD - ok
20:58:32.0610 5432 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:58:32.0641 5432 RDPREFMP - ok
20:58:32.0703 5432 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:58:32.0734 5432 RDPWD - ok
20:58:32.0781 5432 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:58:32.0781 5432 rdyboost - ok
20:58:32.0828 5432 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:58:32.0922 5432 RemoteAccess - ok
20:58:32.0984 5432 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:58:33.0031 5432 RemoteRegistry - ok
20:58:33.0046 5432 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:58:33.0078 5432 RpcEptMapper - ok
20:58:33.0093 5432 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:58:33.0109 5432 RpcLocator - ok
20:58:33.0124 5432 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:58:33.0156 5432 RpcSs - ok
20:58:33.0187 5432 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:58:33.0218 5432 rspndr - ok
20:58:33.0265 5432 [ 9BEB5F18A418FF70659CE2E356829568 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
20:58:33.0265 5432 RSUSBSTOR - ok
20:58:33.0280 5432 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:58:33.0280 5432 SamSs - ok
20:58:33.0312 5432 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:58:33.0312 5432 sbp2port - ok
20:58:33.0343 5432 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:58:33.0374 5432 SCardSvr - ok
20:58:33.0390 5432 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:58:33.0421 5432 scfilter - ok
20:58:33.0468 5432 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:58:33.0514 5432 Schedule - ok
20:58:33.0530 5432 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:58:33.0561 5432 SCPolicySvc - ok
20:58:33.0592 5432 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:58:33.0639 5432 SDRSVC - ok
20:58:33.0670 5432 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:58:33.0748 5432 secdrv - ok
20:58:33.0764 5432 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:58:33.0795 5432 seclogon - ok
20:58:33.0826 5432 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:58:33.0858 5432 SENS - ok
20:58:33.0873 5432 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:58:33.0920 5432 SensrSvc - ok
20:58:33.0967 5432 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:58:33.0998 5432 Serenum - ok
20:58:34.0045 5432 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:58:34.0076 5432 Serial - ok
20:58:34.0107 5432 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:58:34.0138 5432 sermouse - ok
20:58:34.0170 5432 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:58:34.0232 5432 SessionEnv - ok
20:58:34.0248 5432 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:58:34.0263 5432 sffdisk - ok
20:58:34.0279 5432 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:58:34.0310 5432 sffp_mmc - ok
20:58:34.0310 5432 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:58:34.0341 5432 sffp_sd - ok
20:58:34.0372 5432 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:58:34.0419 5432 sfloppy - ok
20:58:34.0482 5432 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:58:34.0528 5432 Sftfs - ok
20:58:34.0638 5432 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:58:34.0684 5432 sftlist - ok
20:58:34.0747 5432 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:58:34.0778 5432 Sftplay - ok
20:58:34.0825 5432 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:58:34.0856 5432 Sftredir - ok
20:58:34.0903 5432 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:58:34.0918 5432 Sftvol - ok
20:58:34.0950 5432 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:58:34.0965 5432 sftvsa - ok
20:58:35.0012 5432 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:58:35.0074 5432 SharedAccess - ok
20:58:35.0106 5432 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:58:35.0152 5432 ShellHWDetection - ok
20:58:35.0168 5432 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:58:35.0184 5432 SiSRaid2 - ok
20:58:35.0215 5432 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:58:35.0215 5432 SiSRaid4 - ok
20:58:35.0293 5432 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:58:35.0308 5432 SkypeUpdate - ok
20:58:35.0340 5432 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:58:35.0418 5432 Smb - ok
20:58:35.0449 5432 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:58:35.0480 5432 SNMPTRAP - ok
20:58:35.0511 5432 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:58:35.0527 5432 spldr - ok
20:58:35.0574 5432 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:58:35.0636 5432 Spooler - ok
20:58:35.0730 5432 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:58:35.0854 5432 sppsvc - ok
20:58:35.0870 5432 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:58:35.0901 5432 sppuinotify - ok
20:58:35.0917 5432 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:58:35.0948 5432 srv - ok
20:58:35.0964 5432 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:58:35.0979 5432 srv2 - ok
20:58:35.0995 5432 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:58:36.0010 5432 srvnet - ok
20:58:36.0026 5432 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:58:36.0104 5432 SSDPSRV - ok
20:58:36.0120 5432 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:58:36.0151 5432 SstpSvc - ok
20:58:36.0166 5432 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:58:36.0182 5432 stexstor - ok
20:58:36.0229 5432 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:58:36.0291 5432 stisvc - ok
20:58:36.0307 5432 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:58:36.0322 5432 swenum - ok
20:58:36.0354 5432 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:58:36.0400 5432 swprv - ok
20:58:36.0447 5432 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:58:36.0525 5432 SysMain - ok
20:58:36.0541 5432 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:58:36.0556 5432 TabletInputService - ok
20:58:36.0572 5432 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:58:36.0603 5432 TapiSrv - ok
20:58:36.0619 5432 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:58:36.0650 5432 TBS - ok
20:58:36.0728 5432 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:58:36.0822 5432 Tcpip - ok
20:58:36.0868 5432 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:58:36.0900 5432 TCPIP6 - ok
20:58:36.0931 5432 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:58:36.0962 5432 tcpipreg - ok
20:58:36.0993 5432 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:58:37.0040 5432 TDPIPE - ok
20:58:37.0071 5432 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:58:37.0102 5432 TDTCP - ok
20:58:37.0118 5432 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:58:37.0165 5432 tdx - ok
20:58:37.0196 5432 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:58:37.0227 5432 TermDD - ok
20:58:37.0274 5432 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:58:37.0321 5432 TermService - ok
20:58:37.0352 5432 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:58:37.0352 5432 Themes - ok
20:58:37.0383 5432 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:58:37.0399 5432 THREADORDER - ok
20:58:37.0492 5432 [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
20:58:37.0524 5432 TomTomHOMEService - ok
20:58:37.0539 5432 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:58:37.0602 5432 TrkWks - ok
20:58:37.0695 5432 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:58:37.0758 5432 TrustedInstaller - ok
20:58:37.0789 5432 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:58:37.0867 5432 tssecsrv - ok
20:58:37.0898 5432 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:58:37.0929 5432 TsUsbFlt - ok
20:58:37.0945 5432 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:58:37.0976 5432 TsUsbGD - ok
20:58:38.0007 5432 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:58:38.0070 5432 tunnel - ok
20:58:38.0132 5432 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:58:38.0163 5432 TurboB - ok
20:58:38.0241 5432 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:58:38.0272 5432 TurboBoost - ok
20:58:38.0304 5432 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:58:38.0319 5432 uagp35 - ok
20:58:38.0335 5432 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
20:58:38.0350 5432 UBHelper - ok
20:58:38.0366 5432 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:58:38.0428 5432 udfs - ok
20:58:38.0460 5432 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:58:38.0491 5432 UI0Detect - ok
20:58:38.0506 5432 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:58:38.0522 5432 uliagpkx - ok
20:58:38.0538 5432 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:58:38.0569 5432 umbus - ok
20:58:38.0584 5432 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:58:38.0616 5432 UmPass - ok
20:58:38.0850 5432 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:58:38.0896 5432 UNS - ok
20:58:38.0912 5432 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:58:39.0006 5432 upnphost - ok
20:58:39.0052 5432 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:58:39.0115 5432 USBAAPL64 - ok
20:58:39.0146 5432 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:58:39.0162 5432 usbccgp - ok
20:58:39.0197 5432 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:58:39.0227 5432 usbcir - ok
20:58:39.0247 5432 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:58:39.0277 5432 usbehci - ok
20:58:39.0307 5432 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
20:58:39.0347 5432 usbhub - ok
20:58:39.0357 5432 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:58:39.0387 5432 usbohci - ok
20:58:39.0407 5432 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:58:39.0447 5432 usbprint - ok
20:58:39.0467 5432 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:58:39.0497 5432 USBSTOR - ok
20:58:39.0527 5432 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:58:39.0567 5432 usbuhci - ok
20:58:39.0597 5432 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:58:39.0637 5432 usbvideo - ok
20:58:39.0677 5432 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:58:39.0727 5432 UxSms - ok
20:58:39.0747 5432 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:58:39.0757 5432 VaultSvc - ok
20:58:39.0787 5432 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:58:39.0787 5432 vdrvroot - ok
20:58:39.0807 5432 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:58:39.0847 5432 vds - ok
20:58:39.0877 5432 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:58:39.0887 5432 vga - ok
20:58:39.0907 5432 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:58:39.0937 5432 VgaSave - ok
20:58:39.0957 5432 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:58:39.0967 5432 vhdmp - ok
20:58:39.0997 5432 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:58:40.0017 5432 viaide - ok
20:58:40.0037 5432 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:58:40.0047 5432 volmgr - ok
20:58:40.0067 5432 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:58:40.0077 5432 volmgrx - ok
20:58:40.0087 5432 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:58:40.0097 5432 volsnap - ok
20:58:40.0117 5432 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:58:40.0127 5432 vsmraid - ok
20:58:40.0197 5432 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:58:40.0297 5432 VSS - ok
20:58:40.0307 5432 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:58:40.0327 5432 vwifibus - ok
20:58:40.0337 5432 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:58:40.0367 5432 vwififlt - ok
20:58:40.0407 5432 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:58:40.0417 5432 vwifimp - ok
20:58:40.0447 5432 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:58:40.0477 5432 W32Time - ok
20:58:40.0487 5432 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:58:40.0517 5432 WacomPen - ok
20:58:40.0547 5432 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:58:40.0607 5432 WANARP - ok
20:58:40.0607 5432 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:58:40.0637 5432 Wanarpv6 - ok
20:58:40.0717 5432 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:58:40.0767 5432 WatAdminSvc - ok
20:58:40.0847 5432 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:58:40.0957 5432 wbengine - ok
20:58:40.0977 5432 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:58:40.0997 5432 WbioSrvc - ok
20:58:41.0017 5432 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:58:41.0037 5432 wcncsvc - ok
20:58:41.0047 5432 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:58:41.0117 5432 WcsPlugInService - ok
20:58:41.0147 5432 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:58:41.0157 5432 Wd - ok
20:58:41.0207 5432 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:58:41.0270 5432 Wdf01000 - ok
20:58:41.0285 5432 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:58:41.0394 5432 WdiServiceHost - ok
20:58:41.0394 5432 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:58:41.0410 5432 WdiSystemHost - ok
20:58:41.0426 5432 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:58:41.0457 5432 WebClient - ok
20:58:41.0488 5432 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:58:41.0535 5432 Wecsvc - ok
20:58:41.0550 5432 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:58:41.0582 5432 wercplsupport - ok
20:58:41.0597 5432 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:58:41.0644 5432 WerSvc - ok
20:58:41.0660 5432 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:58:41.0691 5432 WfpLwf - ok
20:58:41.0706 5432 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:58:41.0722 5432 WIMMount - ok
20:58:41.0738 5432 WinDefend - ok
20:58:41.0738 5432 WinHttpAutoProxySvc - ok
20:58:41.0784 5432 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:58:41.0847 5432 Winmgmt - ok
20:58:41.0940 5432 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:58:42.0034 5432 WinRM - ok
20:58:42.0096 5432 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:58:42.0143 5432 WinUsb - ok
20:58:42.0174 5432 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:58:42.0237 5432 Wlansvc - ok
20:58:42.0299 5432 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:58:42.0315 5432 wlcrasvc - ok
20:58:42.0408 5432 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:58:42.0440 5432 wlidsvc - ok
20:58:42.0471 5432 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:58:42.0502 5432 WmiAcpi - ok
20:58:42.0533 5432 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:58:42.0564 5432 wmiApSrv - ok
20:58:42.0611 5432 WMPNetworkSvc - ok
20:58:42.0720 5432 [ 495284CF894336E9512ED7C9ACB3548E ] WOTUpdater C:\Users\ALKL\AppData\LocalLow\WOT\IE\WOTUpdater.exe
20:58:42.0736 5432 WOTUpdater ( UnsignedFile.Multi.Generic ) - warning
20:58:42.0736 5432 WOTUpdater - detected UnsignedFile.Multi.Generic (1)
20:58:42.0767 5432 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:58:42.0814 5432 WPCSvc - ok
20:58:42.0845 5432 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:58:42.0861 5432 WPDBusEnum - ok
20:58:42.0886 5432 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:58:42.0918 5432 ws2ifsl - ok
20:58:42.0933 5432 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:58:42.0949 5432 wscsvc - ok
20:58:42.0949 5432 WSearch - ok
20:58:43.0027 5432 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:58:43.0136 5432 wuauserv - ok
20:58:43.0183 5432 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:58:43.0245 5432 WudfPf - ok
20:58:43.0292 5432 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:58:43.0323 5432 WUDFRd - ok
20:58:43.0370 5432 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:58:43.0417 5432 wudfsvc - ok
20:58:43.0432 5432 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:58:43.0495 5432 WwanSvc - ok
20:58:43.0526 5432 ================ Scan global ===============================
20:58:43.0557 5432 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:58:43.0588 5432 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:58:43.0620 5432 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
20:58:43.0651 5432 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:58:43.0682 5432 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:58:43.0698 5432 [Global] - ok
20:58:43.0698 5432 ================ Scan MBR ==================================
20:58:43.0713 5432 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:58:44.0337 5432 \Device\Harddisk0\DR0 - ok
20:58:44.0337 5432 ================ Scan VBR ==================================
20:58:44.0337 5432 [ 63F505F739F3D7FCCABDBEE348030360 ] \Device\Harddisk0\DR0\Partition1
20:58:44.0337 5432 \Device\Harddisk0\DR0\Partition1 - ok
20:58:44.0368 5432 [ 149CD9229AE634167A7282034F2EE62F ] \Device\Harddisk0\DR0\Partition2
20:58:44.0384 5432 \Device\Harddisk0\DR0\Partition2 - ok
20:58:44.0384 5432 ============================================================
20:58:44.0384 5432 Scan finished
20:58:44.0384 5432 ============================================================
20:58:44.0384 6248 Detected object count: 1
20:58:44.0384 6248 Actual detected object count: 1
20:59:06.0049 6248 WOTUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
20:59:06.0049 6248 WOTUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip

Log von Antimalware:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.65.1.1000
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.11.26.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
ALKL :: ALKL-PC [Administrator]

Schutz: Aktiviert

27.11.2012 20:22:31
mbam-log-2012-11-27 (23-36-40).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 376123
Laufzeit: 1 Stunde(n), 11 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\ALKL\Downloads\SoftonicDownloader_fuer_openoffice.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.
C:\Users\ALKL\AppData\Local\Temp\0.517416384732799.EXE (Exploit.Drop.2) -> Keine Aktion durchgeführt.

(Ende)

Logfile von Antivir:

Code:

ATTFilter

Avira Free Antivirus
Report file date: Montag, 26. November 2012 20:03

Scanning for 4442860 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available.

Licensee : Avira Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : ALKL
Computer name : ALKL-PC

Version information:
BUILD.DAT : 12.1.9.1236 Bytes 11.10.2012 15:58:00
AVSCAN.EXE : 12.3.0.48 468256 Bytes 14.11.2012 16:47:31
AVSCAN.DLL : 12.3.0.15 54736 Bytes 18.07.2012 16:05:06
LUKE.DLL : 12.3.0.15 68304 Bytes 18.07.2012 16:04:59
AVSCPLR.DLL : 12.3.0.27 97064 Bytes 18.07.2012 16:04:51
AVREG.DLL : 12.3.0.33 232232 Bytes 18.07.2012 16:04:51
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 23:23:21
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 23:32:24
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 09:58:50
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 22:38:13
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 16:05:05
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 07:31:51
VBASE007.VDF : 7.11.50.230 3904512 Bytes 22.11.2012 19:03:14
VBASE008.VDF : 7.11.50.231 2048 Bytes 22.11.2012 19:03:14
VBASE009.VDF : 7.11.50.232 2048 Bytes 22.11.2012 19:03:14
VBASE010.VDF : 7.11.50.233 2048 Bytes 22.11.2012 19:03:14
VBASE011.VDF : 7.11.50.234 2048 Bytes 22.11.2012 19:03:14
VBASE012.VDF : 7.11.50.235 2048 Bytes 22.11.2012 19:03:15
VBASE013.VDF : 7.11.50.236 2048 Bytes 22.11.2012 19:03:15
VBASE014.VDF : 7.11.51.27 133632 Bytes 23.11.2012 12:13:44
VBASE015.VDF : 7.11.51.28 2048 Bytes 23.11.2012 12:13:44
VBASE016.VDF : 7.11.51.29 2048 Bytes 23.11.2012 12:13:44
VBASE017.VDF : 7.11.51.30 2048 Bytes 23.11.2012 12:13:44
VBASE018.VDF : 7.11.51.31 2048 Bytes 23.11.2012 12:13:44
VBASE019.VDF : 7.11.51.32 2048 Bytes 23.11.2012 12:13:45
VBASE020.VDF : 7.11.51.33 2048 Bytes 23.11.2012 12:13:45
VBASE021.VDF : 7.11.51.34 2048 Bytes 23.11.2012 12:13:45
VBASE022.VDF : 7.11.51.35 2048 Bytes 23.11.2012 12:13:45
VBASE023.VDF : 7.11.51.36 2048 Bytes 23.11.2012 12:13:46
VBASE024.VDF : 7.11.51.37 2048 Bytes 23.11.2012 12:13:46
VBASE025.VDF : 7.11.51.38 2048 Bytes 23.11.2012 12:13:46
VBASE026.VDF : 7.11.51.39 2048 Bytes 23.11.2012 12:13:46
VBASE027.VDF : 7.11.51.40 2048 Bytes 23.11.2012 12:13:46
VBASE028.VDF : 7.11.51.41 2048 Bytes 23.11.2012 12:13:46
VBASE029.VDF : 7.11.51.42 2048 Bytes 23.11.2012 12:13:46
VBASE030.VDF : 7.11.51.43 2048 Bytes 23.11.2012 12:13:46
VBASE031.VDF : 7.11.51.72 80896 Bytes 25.11.2012 12:13:47
Engine version : 8.2.10.204
AEVDF.DLL : 8.1.2.10 102772 Bytes 12.08.2012 16:27:19
AESCRIPT.DLL : 8.1.4.68 467324 Bytes 22.11.2012 19:03:43
AESCN.DLL : 8.1.9.4 131445 Bytes 15.11.2012 20:44:22
AESBX.DLL : 8.2.5.12 606578 Bytes 18.07.2012 16:04:48
AERDL.DLL : 8.2.0.74 643445 Bytes 07.11.2012 16:33:15
AEPACK.DLL : 8.3.0.40 815479 Bytes 14.11.2012 16:47:25
AEOFFICE.DLL : 8.1.2.50 201084 Bytes 05.11.2012 13:45:14
AEHEUR.DLL : 8.1.4.142 5566841 Bytes 22.11.2012 19:03:43
AEHELP.DLL : 8.1.25.2 258423 Bytes 12.10.2012 08:08:52
AEGEN.DLL : 8.1.6.10 438646 Bytes 15.11.2012 20:44:06
AEEXP.DLL : 8.2.0.12 119158 Bytes 22.11.2012 19:03:44
AEEMU.DLL : 8.1.3.2 393587 Bytes 12.08.2012 16:26:51
AECORE.DLL : 8.1.29.2 201079 Bytes 07.11.2012 16:33:07
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 13:45:08
AVWINLL.DLL : 12.3.0.15 27344 Bytes 18.07.2012 16:04:53
AVPREF.DLL : 12.3.0.32 50720 Bytes 14.11.2012 16:47:30
AVREP.DLL : 12.3.0.15 179208 Bytes 18.07.2012 16:04:51
AVARKT.DLL : 12.3.0.33 209696 Bytes 14.11.2012 16:47:28
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 18.07.2012 16:04:50
SQLITE3.DLL : 3.7.0.1 398288 Bytes 18.07.2012 16:05:02
AVSMTP.DLL : 12.3.0.32 63480 Bytes 18.07.2012 16:04:52
NETNT.DLL : 12.3.0.15 17104 Bytes 18.07.2012 16:04:59
RCIMAGE.DLL : 12.3.0.31 4445944 Bytes 18.07.2012 16:05:09
RCTEXT.DLL : 12.3.0.32 97056 Bytes 14.11.2012 16:47:07

Configuration settings for the scan:
Jobname.............................: Local Drives
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\alldrives.avp
Logging.............................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, Q:, D:, 
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: extended

Start of the scan: Montag, 26. November 2012 20:03

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Boot sector 'Q:\'
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'DMREngine.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'PhilipsDeviceListener.exe' - '1' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'clear.fiMovieService.exe' - '1' Module(s) have been scanned
Scan process 'nusb3mon.exe' - '1' Module(s) have been scanned
Scan process 'LManager.exe' - '1' Module(s) have been scanned
Scan process 'BackupManagerTray.exe' - '1' Module(s) have been scanned
Scan process 'TomTomHOMERunner.exe' - '1' Module(s) have been scanned
Scan process 'clear.fiAgent.exe' - '1' Module(s) have been scanned

Starting to scan executable files (registry).
The registry was scanned ( '1744' files ).


Starting the file scan:

Begin scan in 'C:\' <Acer>
C:\Users\ALKL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CHS01OFN\sweetimsetup[1].7z
[WARNING] The file could not be read!
C:\Users\ALKL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF6J8Q6R\sweetiesetup[1].7z
[WARNING] The file could not be read!
C:\Users\ALKL\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\31d293c3-3453b1f8
[0] Archive type: ZIP
--> Play.class
[DETECTION] Contains recognition pattern of the EXP/Java.Blacole.CY.1 exploit
Begin scan in 'Q:\'
Search path Q:\ could not be opened!
System error [5]: Zugriff verweigert
Begin scan in 'D:\' <Disk1>

Beginning disinfection:
C:\Users\ALKL\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\31d293c3-3453b1f8
[DETECTION] Contains recognition pattern of the EXP/Java.Blacole.CY.1 exploit
[NOTE] The file was moved to the quarantine directory under the name '544472b6.qua'.


End of the scan: Montag, 26. November 2012 21:30
Used time: 1:26:49 Hour(s)

The scan has been done completely.

30634 Scanned directories
646686 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
646685 Files not concerned
4438 Archives were scanned
2 Warnings
1 Notes

cosinus · 29.11.2012, 20:24

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

kroni25 · 02.12.2012, 20:16

die log Datei von combofix:
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-12-01.02 - ALKL 02.12.2012  20:06:38.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.4078.1868 [GMT 1:00]
ausgeführt von:: c:\users\ALKL\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\sdelevURL.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-02 bis 2012-12-02  ))))))))))))))))))))))))))))))
.
.
2012-12-02 19:12 . 2012-12-02 19:12	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-11-30 19:51 . 2012-11-08 17:24	9125352	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0E2BF391-B0C0-47CE-B13B-C5A104DDA8CC}\mpengine.dll
2012-11-26 22:29 . 2012-11-26 22:29	--------	d-----w-	c:\users\ALKL\AppData\Roaming\TrojanHunter
2012-11-26 21:45 . 2012-11-26 21:46	--------	d-----w-	c:\programdata\TrojanHunter
2012-11-26 21:45 . 2012-11-26 21:52	--------	d-----w-	c:\program files (x86)\TrojanHunter 5.5
2012-11-26 21:43 . 2012-11-26 21:43	--------	d-----w-	c:\users\ALKL\AppData\Roaming\Malwarebytes
2012-11-26 21:42 . 2012-11-26 21:42	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-26 21:42 . 2012-11-26 21:42	--------	d-----w-	c:\programdata\Malwarebytes
2012-11-26 21:42 . 2012-09-29 18:54	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-11-21 18:56 . 2012-11-21 18:56	--------	d-----w-	c:\program files (x86)\QuickTime
2012-11-15 20:47 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-11-15 20:47 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 20:47 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 20:47 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2012-11-15 20:43 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2012-11-15 20:43 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2012-11-15 20:43 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 20:43 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 20:43 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2012-11-15 20:43 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2012-11-15 20:43 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2012-11-14 17:57 . 2012-10-03 17:56	1914248	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-11-14 17:57 . 2012-10-03 17:44	70656	----a-w-	c:\windows\system32\nlaapi.dll
2012-11-14 17:57 . 2012-10-03 17:44	303104	----a-w-	c:\windows\system32\nlasvc.dll
2012-11-14 17:57 . 2012-10-03 17:44	246272	----a-w-	c:\windows\system32\netcorehc.dll
2012-11-14 17:57 . 2012-10-03 17:44	216576	----a-w-	c:\windows\system32\ncsi.dll
2012-11-14 17:57 . 2012-10-03 17:42	569344	----a-w-	c:\windows\system32\iphlpsvc.dll
2012-11-14 17:57 . 2012-10-03 16:42	18944	----a-w-	c:\windows\SysWow64\netevent.dll
2012-11-14 17:57 . 2012-10-03 16:42	175104	----a-w-	c:\windows\SysWow64\netcorehc.dll
2012-11-14 17:57 . 2012-10-03 16:42	156672	----a-w-	c:\windows\SysWow64\ncsi.dll
2012-11-14 17:57 . 2012-10-03 16:07	45568	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2012-11-14 17:57 . 2012-01-13 07:12	52224	----a-w-	c:\windows\SysWow64\nlaapi.dll
2012-11-14 17:57 . 2012-10-03 17:44	18944	----a-w-	c:\windows\system32\netevent.dll
2012-11-14 17:43 . 2012-10-09 18:17	55296	----a-w-	c:\windows\system32\dhcpcsvc6.dll
2012-11-14 17:43 . 2012-10-09 18:17	226816	----a-w-	c:\windows\system32\dhcpcore6.dll
2012-11-14 17:43 . 2012-10-09 17:40	44032	----a-w-	c:\windows\SysWow64\dhcpcsvc6.dll
2012-11-14 17:43 . 2012-10-09 17:40	193536	----a-w-	c:\windows\SysWow64\dhcpcore6.dll
2012-11-14 17:42 . 2012-10-18 18:25	3149824	----a-w-	c:\windows\system32\win32k.sys
2012-11-14 17:23 . 2012-09-25 22:47	78336	----a-w-	c:\windows\SysWow64\synceng.dll
2012-11-14 17:23 . 2012-09-25 22:46	95744	----a-w-	c:\windows\system32\synceng.dll
2012-11-14 17:14 . 2012-11-16 16:47	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2012-11-14 17:14 . 2012-11-16 16:47	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-15 20:44 . 2012-04-01 16:51	66395536	----a-w-	c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-28 19:22	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 19:22	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 19:22	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-10-09 17:17 . 2012-08-06 12:25	696760	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 17:17 . 2011-08-12 08:01	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-14 19:19 . 2012-10-10 11:46	2048	----a-w-	c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 11:46	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{9E571C81-21E7-496B-9E6B-127E60263022}]
2012-01-12 10:23	269312	----a-w-	c:\users\ALKL\AppData\LocalLow\WOT\IE\WOT.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-06-21 341360]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-02-08 336384]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-02-03 506712]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-05-09 177448]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Smart File Advisor"="c:\program files (x86)\Smart File Advisor\sfa.exe" [2011-04-04 280824]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"Philips Device Listener"="c:\program files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe" [2012-02-20 380416]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]
"THGuard"="c:\program files (x86)\TrojanHunter 5.5\THGuard.exe" [2011-10-04 1088280]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\ALKL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Device Monitor.lnk - c:\program files (x86)\ArcSoft\MediaConverter 7\Monitor.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 WOTUpdater;WOT Updater;c:\users\ALKL\AppData\LocalLow\WOT\IE\WOTUpdater.exe [2012-01-12 18432]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-20 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-08-12 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-08-12 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-08-12 62776]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-02-08 203776]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-16 115216]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-09-27 76912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-06 17:17]
.
2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-09 17:01]
.
2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-09 17:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-10 11785832]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-09 2189416]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.at/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\users\ALKL\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\ALKL\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Call of Duty - c:\games\call of duty\Uninstall\Unwise.exe
AddRemove-S2TNG - c:\games\siedler\Die Siedler II - Die nächste Generation\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1868255889-3165829622-3007753671-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:09,bc,9a,8a,72,57,72,d6,5f,ea,0e,15,3e,20,ed,75,3a,a6,4d,8b,c7,d3,1d,
   ad,ad,f9,d7,04,ef,1d,74,3a,f5,61,8b,c9,f9,a0,e9,19,5c,c7,0c,51,91,66,0f,99,\
"??"=hex:24,c4,6f,fd,13,44,46,ae,a0,ff,2f,e4,63,bb,26,bf
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-02  20:14:35
ComboFix-quarantined-files.txt  2012-12-02 19:14
.
Vor Suchlauf: 12 Verzeichnis(se), 357.361.717.248 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 359.249.350.656 Bytes frei
.
- - End Of File - - 03482DA905694265E34DE8B4BEEE4835

--- --- ---

cosinus · 03.12.2012, 13:14

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

kroni25 · 03.12.2012, 17:57

# AdwCleaner v2.011 - Datei am 03/12/2012 um 17:55:06 erstellt
# Aktualisiert am 02/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : ALKL - ALKL-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\ALKL\Downloads\adwcleaner.exe
# Option [Suche]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\ALKL\AppData\Local\Temp\Uninstall.exe
Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Ordner Gefunden : C:\Users\ALKL\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Softonic

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Opera v12.0.1467.0

Datei : C:\Users\ALKL\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [906 octets] - [03/12/2012 17:55:06]

########## EOF - C:\AdwCleaner[R1].txt - [965 octets] ##########

cosinus · 03.12.2012, 19:51

Die Logs bitte in CODE-Tags!

Versuch bitte alle im adwCleaner-Log erwähnten Einträge (zB pdfforge Toolbar) über die Systemsteuerung zu deinstallieren, danach ein neues Suchlog mit dem adwCleaner machen.
Reste und was sich nicht deinstallieren lassen will machen wir mit dem adwCleaner weg.

kroni25 · 05.12.2012, 18:56

gemacht:

Code:

ATTFilter

# AdwCleaner v2.011 - Datei am 05/12/2012 um 18:50:24 erstellt
# Aktualisiert am 02/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : ALKL - ALKL-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\ALKL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HOKWZ8MI\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Gelöscht mit Neustart : C:\Users\ALKL\AppData\Local\Temp\Zynga
Ordner Gelöscht : C:\Users\ALKL\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Softonic

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Opera v12.0.1467.0

Datei : C:\Users\ALKL\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1033 octets] - [03/12/2012 17:55:06]
AdwCleaner[R2].txt - [1111 octets] - [05/12/2012 18:49:42]
AdwCleaner[S1].txt - [1044 octets] - [05/12/2012 18:50:24]

########## EOF - C:\AdwCleaner[S1].txt - [1104 octets] ##########

28.11.2012, 09:17	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Verschiedene Trojaner gefunden? Wie entfernen? Sind das alle Logs mit Funden? Es geht auch nicht nur um Malwarebytes __________________ Logfiles bitte immer in CODE-Tags posten

29.11.2012, 10:58	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Verschiedene Trojaner gefunden? Wie entfernen? Ich hab dich doch in den ersten Hinweisen gebeten, die Logs alle in CODE-Tags zu posten, warum machst du das nicht? __________________ Logfiles bitte immer in CODE-Tags posten

Verschiedene Trojaner gefunden? Wie entfernen?

Plagegeister aller Art und deren Bekämpfung: Verschiedene Trojaner gefunden? Wie entfernen?