| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ihr Computer ist gesperrt GVUWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.01.2013, 19:52
| #1 |
| |  Ihr Computer ist gesperrt GVU Hallo zusammen Mein Computer wurde gesperrt... GVU. Konnte aber alles verlangte abarbeiten und hänge hier die verschiedenen Reports an. Bei OTL kommt nur die OTL.txt - Extras.txt öffnet sich nicht und beim Laptop durchsuchen hab ich auch nichts gefunden. Hab Mbam schon mal laufen lassen bevor ich mir die To Do Liste angeschaut hab - deswegen 2 Reports. So, ich hoffe ich hab alles richtig angearbeitet und ihr könnt mir helfen. Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.15.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 xxx :: xxx-PC [Administrator] 15.01.2013 19:03:53 mbam-log-2013-01-15 (19-03-53).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 343627 Laufzeit: 43 Minute(n), 30 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 4 C:\ProgramData\dsgsdgdsgdsgw.bat (Exploit.Drop.GSA) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\dsgsdgdsgdsgw.reg (Exploit.Drop.GSA) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk (Trojan.Ransom.SUGen) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.16.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 xxx :: xxx-PC [Administrator] 16.01.2013 17:36:31 mbam-log-2013-01-16 (17-36-31).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 229635 Laufzeit: 4 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter
GMER 2.0.18444 - hxxp://www.gmer.net
Rootkit scan 2013-01-16 19:31:28
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.GN00 298,09GB
Running: gmer-2.0.18444.exe; Driver: C:\Users\xxx\AppData\Local\Temp\kxrirfob.sys
---- User code sections - GMER 2.0 ----
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075471401 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075471419 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075471431 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007547144a 2 bytes [47, 75]
.text ... * 9
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000754714dd 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000754714f5 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007547150d 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075471525 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007547153d 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075471555 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007547156d 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075471585 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007547159d 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000754715b5 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000754715cd 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000754716b2 2 bytes [47, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[1088] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000754716bd 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075471401 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075471419 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075471431 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007547144a 2 bytes [47, 75]
.text ... * 9
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000754714dd 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000754714f5 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007547150d 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075471525 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007547153d 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075471555 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007547156d 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075471585 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007547159d 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000754715b5 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000754715cd 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000754716b2 2 bytes [47, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3808] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000754716bd 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075471401 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075471419 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075471431 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007547144a 2 bytes [47, 75]
.text ... * 9
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000754714dd 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000754714f5 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007547150d 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075471525 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007547153d 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075471555 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007547156d 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075471585 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007547159d 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000754715b5 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000754715cd 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000754716b2 2 bytes [47, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5088] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000754716bd 2 bytes [47, 75]
---- Threads - GMER 2.0 ----
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1808:2568] 000000001000e2eb
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1808:2648] 00000000014666e0
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1808:2652] 00000000014666e0
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1808:2656] 00000000014666e0
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1808:2660] 0000000001462560
Thread C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2872:2348] 000000001001c4d1
Thread C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2872:2380] 00000000036a9725
Thread C:\Dolby PCEE4\pcee4.exe [3836:4204] 000007fef4132a14
Thread C:\Dolby PCEE4\pcee4.exe [3836:4520] 000007fef4132a14
Thread C:\Dolby PCEE4\pcee4.exe [3836:4624] 000007fefbff2a7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4260:4484] 000007fefbff2a7c
Thread C:\Windows\System32\svchost.exe [3456:1480] 000007feeab39688
---- Processes - GMER 2.0 ----
Library ? (*** suspicious ***) @ C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1808] 0000000076460000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [3784] 0000000073070000
Library ? (*** suspicious ***) @ C:\Dolby PCEE4\pcee4.exe [3836] 000007fef3dd0000
Library ? (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [4260] 000007feecb60000
Library ? (*** suspicious ***) @ C:\Windows\System32\svchost.exe [3456] 000007fefd760000
---- EOF - GMER 2.0 ----
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:51 on 16/01/2013 (xxx)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter OTL logfile created on: 16.01.2013 18:50:22 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 63,63% Memory free 7,71 Gb Paging File | 6,14 Gb Available in Paging File | 79,70% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 279,99 Gb Total Space | 217,96 Gb Free Space | 77,85% Space Free | Partition Type: NTFS Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\xxx\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe () PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation) PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll () MOD - C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe () MOD - C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation) SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation) DRV:64bit: - (bScsiMSa) -- C:\Windows\SysNative\drivers\bScsiMSa.sys (Broadcom Corporation) DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (bScsiSDa) -- C:\Windows\SysNative\drivers\bScsiSDa.sys (Broadcom Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation) DRV:64bit: - (b57xdmp) -- C:\Windows\SysNative\drivers\b57xdmp.sys (Broadcom Corporation) DRV:64bit: - (b57xdbd) -- C:\Windows\SysNative\drivers\b57xdbd.sys (Broadcom Corporation) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/ IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.09 20:17:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.09 20:17:34 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.02.03 21:05:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions [2012.10.23 06:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\cvj4crib.default\extensions [2012.12.09 20:17:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.12.09 20:17:34 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D354F33-412B-4746-916B-D93389455A7C}: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4563DC3F-AA8C-4348-A6DA-64F0E61C2DA7}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.16 17:38:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe [2013.01.15 18:47:53 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Programs [2012.12.18 21:05:47 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\{D13957C4-2F0B-4241-B074-8E98371D9809} ========== Files - Modified Within 30 Days ========== [2013.01.16 18:50:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.01.16 18:49:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.16 18:48:58 | 829,280,031 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.01.16 18:48:57 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys [2013.01.16 17:51:21 | 000,000,000 | ---- | M] () -- C:\Users\xxx\defogger_reenable [2013.01.16 17:40:15 | 000,365,568 | ---- | M] () -- C:\Users\xxx\Desktop\gmer-2.0.18444.exe [2013.01.16 17:38:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe [2013.01.16 17:37:55 | 000,050,477 | ---- | M] () -- C:\Users\xxx\Desktop\Defogger.exe [2013.01.16 17:36:25 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.16 17:36:25 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.15 19:08:40 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2013.01.15 19:00:28 | 000,317,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.01.15 18:48:10 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.15 18:33:43 | 001,520,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.01.15 18:33:43 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.01.15 18:33:43 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.01.15 18:33:43 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.01.15 18:33:43 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.01.10 07:48:06 | 000,002,938 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.js ========== Files Created - No Company Name ========== [2013.01.16 17:51:21 | 000,000,000 | ---- | C] () -- C:\Users\xxx\defogger_reenable [2013.01.16 17:39:11 | 000,365,568 | ---- | C] () -- C:\Users\xxx\Desktop\gmer-2.0.18444.exe [2013.01.16 17:37:39 | 000,050,477 | ---- | C] () -- C:\Users\xxx\Desktop\Defogger.exe [2013.01.10 07:48:06 | 000,002,938 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.js [2012.02.05 14:36:20 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.02.05 14:36:20 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011.08.12 08:37:09 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.08.12 08:37:07 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.08.12 08:37:05 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.08.12 08:37:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.08.12 08:37:03 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.03.19 17:45:31 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org [2012.01.24 08:59:50 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PowerCinema [2012.01.21 21:53:45 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Screensaver ========== Purity Check ========== < End of report > Gruss Willi |
|
16.01.2013, 20:13
| #2 |
| /// Malware-holic   | Ihr Computer ist gesperrt GVU hi
__________________download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten c: öffnen, tdsskiller-datum-version.txt öffnen, Inhal posten
__________________ |
|
16.01.2013, 20:27
| #3 |
| | Ihr Computer ist gesperrt GVU Hi
__________________Hier das Log Code:
ATTFilter
20:23:35.0304 1216 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:23:35.0397 1216 ============================================================
20:23:35.0397 1216 Current date / time: 2013/01/16 20:23:35.0397
20:23:35.0397 1216 SystemInfo:
20:23:35.0397 1216
20:23:35.0397 1216 OS Version: 6.1.7601 ServicePack: 1.0
20:23:35.0397 1216 Product type: Workstation
20:23:35.0397 1216 ComputerName: SCHWARZ-PC
20:23:35.0397 1216 UserName: Schwarz
20:23:35.0397 1216 Windows directory: C:\Windows
20:23:35.0397 1216 System windows directory: C:\Windows
20:23:35.0397 1216 Running under WOW64
20:23:35.0397 1216 Processor architecture: Intel x64
20:23:35.0397 1216 Number of processors: 4
20:23:35.0397 1216 Page size: 0x1000
20:23:35.0397 1216 Boot type: Normal boot
20:23:35.0397 1216 ============================================================
20:23:35.0897 1216 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:23:35.0912 1216 ============================================================
20:23:35.0912 1216 \Device\Harddisk0\DR0:
20:23:36.0037 1216 MBR partitions:
20:23:36.0037 1216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
20:23:36.0037 1216 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x22FFB800
20:23:36.0037 1216 ============================================================
20:23:36.0084 1216 C: <-> \Device\Harddisk0\DR0\Partition2
20:23:36.0084 1216 ============================================================
20:23:36.0084 1216 Initialize success
20:23:36.0084 1216 ============================================================
20:24:20.0686 4152 ============================================================
20:24:20.0686 4152 Scan started
20:24:20.0686 4152 Mode: Manual; SigCheck; TDLFS;
20:24:20.0686 4152 ============================================================
20:24:20.0998 4152 ================ Scan system memory ========================
20:24:20.0998 4152 System memory - ok
20:24:20.0998 4152 ================ Scan services =============================
20:24:21.0154 4152 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:24:21.0263 4152 1394ohci - ok
20:24:21.0294 4152 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:24:21.0310 4152 ACPI - ok
20:24:21.0341 4152 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:24:21.0388 4152 AcpiPmi - ok
20:24:21.0466 4152 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:24:21.0481 4152 AdobeARMservice - ok
20:24:21.0606 4152 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:24:21.0622 4152 AdobeFlashPlayerUpdateSvc - ok
20:24:21.0669 4152 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:24:21.0700 4152 adp94xx - ok
20:24:21.0731 4152 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:24:21.0747 4152 adpahci - ok
20:24:21.0747 4152 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:24:21.0762 4152 adpu320 - ok
20:24:21.0793 4152 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:24:21.0856 4152 AeLookupSvc - ok
20:24:21.0903 4152 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:24:21.0949 4152 AFD - ok
20:24:21.0981 4152 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:24:21.0996 4152 agp440 - ok
20:24:22.0027 4152 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:24:22.0074 4152 ALG - ok
20:24:22.0105 4152 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:24:22.0121 4152 aliide - ok
20:24:22.0137 4152 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:24:22.0152 4152 amdide - ok
20:24:22.0152 4152 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:24:22.0199 4152 AmdK8 - ok
20:24:22.0215 4152 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:24:22.0246 4152 AmdPPM - ok
20:24:22.0293 4152 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:24:22.0308 4152 amdsata - ok
20:24:22.0324 4152 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:24:22.0339 4152 amdsbs - ok
20:24:22.0371 4152 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:24:22.0386 4152 amdxata - ok
20:24:22.0433 4152 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:24:22.0449 4152 AntiVirSchedulerService - ok
20:24:22.0480 4152 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:24:22.0495 4152 AntiVirService - ok
20:24:22.0542 4152 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:24:22.0605 4152 AppID - ok
20:24:22.0636 4152 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:24:22.0683 4152 AppIDSvc - ok
20:24:22.0729 4152 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:24:22.0792 4152 Appinfo - ok
20:24:22.0807 4152 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:24:22.0823 4152 arc - ok
20:24:22.0839 4152 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:24:22.0854 4152 arcsas - ok
20:24:22.0885 4152 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:24:22.0948 4152 AsyncMac - ok
20:24:22.0979 4152 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:24:22.0995 4152 atapi - ok
20:24:23.0041 4152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:24:23.0104 4152 AudioEndpointBuilder - ok
20:24:23.0119 4152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:24:23.0151 4152 AudioSrv - ok
20:24:23.0182 4152 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:24:23.0213 4152 avgntflt - ok
20:24:23.0229 4152 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:24:23.0244 4152 avipbb - ok
20:24:23.0260 4152 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:24:23.0275 4152 avkmgr - ok
20:24:23.0307 4152 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:24:23.0369 4152 AxInstSV - ok
20:24:23.0400 4152 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:24:23.0431 4152 b06bdrv - ok
20:24:23.0478 4152 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:24:23.0525 4152 b57nd60a - ok
20:24:23.0572 4152 [ A424CB46A145E5AABF15621550976DF2 ] b57xdbd C:\Windows\system32\DRIVERS\b57xdbd.sys
20:24:23.0587 4152 b57xdbd - ok
20:24:23.0587 4152 [ BE4E6FD5A898812B85D5817AD9754A9F ] b57xdmp C:\Windows\system32\DRIVERS\b57xdmp.sys
20:24:23.0603 4152 b57xdmp - ok
20:24:23.0728 4152 [ 11F844B46B631337395651ABE9C4167B ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:24:23.0837 4152 BCM43XX - ok
20:24:23.0853 4152 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:24:23.0884 4152 BDESVC - ok
20:24:23.0931 4152 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:24:23.0993 4152 Beep - ok
20:24:24.0055 4152 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:24:24.0118 4152 BFE - ok
20:24:24.0165 4152 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:24:24.0243 4152 BITS - ok
20:24:24.0258 4152 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:24:24.0289 4152 blbdrive - ok
20:24:24.0321 4152 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:24:24.0352 4152 bowser - ok
20:24:24.0383 4152 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:24:24.0414 4152 BrFiltLo - ok
20:24:24.0414 4152 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:24:24.0430 4152 BrFiltUp - ok
20:24:24.0477 4152 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:24:24.0492 4152 Browser - ok
20:24:24.0523 4152 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:24:24.0570 4152 Brserid - ok
20:24:24.0601 4152 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:24:24.0633 4152 BrSerWdm - ok
20:24:24.0633 4152 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:24:24.0664 4152 BrUsbMdm - ok
20:24:24.0679 4152 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:24:24.0726 4152 BrUsbSer - ok
20:24:24.0757 4152 [ 0970D8B7151E9113BF8D44CE2E954DF7 ] bScsiMSa C:\Windows\system32\DRIVERS\bScsiMSa.sys
20:24:24.0773 4152 bScsiMSa - ok
20:24:24.0789 4152 [ 0C1EEE5AF32402D306874B110DE237EC ] bScsiSDa C:\Windows\system32\DRIVERS\bScsiSDa.sys
20:24:24.0804 4152 bScsiSDa - ok
20:24:24.0804 4152 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:24:24.0835 4152 BTHMODEM - ok
20:24:24.0882 4152 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:24:24.0913 4152 bthserv - ok
20:24:24.0945 4152 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:24:25.0007 4152 cdfs - ok
20:24:25.0038 4152 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:24:25.0054 4152 cdrom - ok
20:24:25.0101 4152 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:24:25.0163 4152 CertPropSvc - ok
20:24:25.0210 4152 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:24:25.0241 4152 circlass - ok
20:24:25.0288 4152 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:24:25.0303 4152 CLFS - ok
20:24:25.0381 4152 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:24:25.0397 4152 clr_optimization_v2.0.50727_32 - ok
20:24:25.0413 4152 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:24:25.0428 4152 clr_optimization_v2.0.50727_64 - ok
20:24:25.0506 4152 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:24:25.0522 4152 clr_optimization_v4.0.30319_32 - ok
20:24:25.0553 4152 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:24:25.0569 4152 clr_optimization_v4.0.30319_64 - ok
20:24:25.0600 4152 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:24:25.0615 4152 CmBatt - ok
20:24:25.0647 4152 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:24:25.0662 4152 cmdide - ok
20:24:25.0693 4152 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:24:25.0725 4152 CNG - ok
20:24:25.0771 4152 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:24:25.0787 4152 Compbatt - ok
20:24:25.0803 4152 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:24:25.0849 4152 CompositeBus - ok
20:24:25.0881 4152 COMSysApp - ok
20:24:25.0896 4152 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:24:25.0896 4152 crcdisk - ok
20:24:25.0943 4152 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:24:25.0974 4152 CryptSvc - ok
20:24:26.0037 4152 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
20:24:26.0083 4152 dc3d - ok
20:24:26.0146 4152 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:24:26.0208 4152 DcomLaunch - ok
20:24:26.0239 4152 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:24:26.0317 4152 defragsvc - ok
20:24:26.0349 4152 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:24:26.0395 4152 DfsC - ok
20:24:26.0442 4152 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:24:26.0505 4152 Dhcp - ok
20:24:26.0536 4152 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:24:26.0598 4152 discache - ok
20:24:26.0629 4152 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:24:26.0645 4152 Disk - ok
20:24:26.0676 4152 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:24:26.0723 4152 Dnscache - ok
20:24:26.0739 4152 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:24:26.0801 4152 dot3svc - ok
20:24:26.0801 4152 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:24:26.0832 4152 DPS - ok
20:24:26.0895 4152 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:24:26.0926 4152 drmkaud - ok
20:24:26.0988 4152 [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
20:24:27.0019 4152 DsiWMIService - ok
20:24:27.0066 4152 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:24:27.0097 4152 DXGKrnl - ok
20:24:27.0129 4152 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:24:27.0191 4152 EapHost - ok
20:24:27.0285 4152 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:24:27.0363 4152 ebdrv - ok
20:24:27.0409 4152 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:24:27.0456 4152 EFS - ok
20:24:27.0534 4152 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:24:27.0581 4152 ehRecvr - ok
20:24:27.0612 4152 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:24:27.0643 4152 ehSched - ok
20:24:27.0706 4152 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:24:27.0721 4152 elxstor - ok
20:24:27.0815 4152 [ 48425C93B6F36529707206E4FA680CF3 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:24:27.0846 4152 ePowerSvc - ok
20:24:27.0862 4152 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:24:27.0893 4152 ErrDev - ok
20:24:27.0924 4152 [ DBAA0C650C9549DC5C599D1E81DEDAAD ] ETD C:\Windows\system32\DRIVERS\ETD.sys
20:24:27.0924 4152 ETD - ok
20:24:27.0971 4152 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:24:28.0033 4152 EventSystem - ok
20:24:28.0065 4152 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:24:28.0096 4152 exfat - ok
20:24:28.0111 4152 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:24:28.0174 4152 fastfat - ok
20:24:28.0221 4152 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:24:28.0267 4152 Fax - ok
20:24:28.0299 4152 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:24:28.0330 4152 fdc - ok
20:24:28.0361 4152 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:24:28.0408 4152 fdPHost - ok
20:24:28.0408 4152 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:24:28.0455 4152 FDResPub - ok
20:24:28.0470 4152 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:24:28.0486 4152 FileInfo - ok
20:24:28.0486 4152 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:24:28.0533 4152 Filetrace - ok
20:24:28.0595 4152 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:24:28.0626 4152 FLEXnet Licensing Service - ok
20:24:28.0642 4152 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:24:28.0657 4152 flpydisk - ok
20:24:28.0673 4152 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:24:28.0689 4152 FltMgr - ok
20:24:28.0751 4152 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:24:28.0798 4152 FontCache - ok
20:24:28.0845 4152 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:28.0860 4152 FontCache3.0.0.0 - ok
20:24:28.0891 4152 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:24:28.0891 4152 FsDepends - ok
20:24:28.0938 4152 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:24:28.0954 4152 Fs_Rec - ok
20:24:28.0969 4152 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:24:29.0001 4152 fvevol - ok
20:24:29.0032 4152 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:24:29.0047 4152 gagp30kx - ok
20:24:29.0110 4152 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:24:29.0125 4152 GamesAppService - ok
20:24:29.0172 4152 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:24:29.0219 4152 gpsvc - ok
20:24:29.0266 4152 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
20:24:29.0281 4152 GREGService - ok
20:24:29.0328 4152 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:24:29.0359 4152 hcw85cir - ok
20:24:29.0406 4152 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:24:29.0453 4152 HdAudAddService - ok
20:24:29.0469 4152 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:24:29.0500 4152 HDAudBus - ok
20:24:29.0531 4152 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:24:29.0562 4152 HidBatt - ok
20:24:29.0562 4152 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:24:29.0593 4152 HidBth - ok
20:24:29.0625 4152 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:24:29.0656 4152 HidIr - ok
20:24:29.0671 4152 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:24:29.0718 4152 hidserv - ok
20:24:29.0781 4152 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:24:29.0796 4152 HidUsb - ok
20:24:29.0827 4152 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:24:29.0890 4152 hkmsvc - ok
20:24:29.0921 4152 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:24:29.0952 4152 HomeGroupListener - ok
20:24:29.0983 4152 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:24:30.0015 4152 HomeGroupProvider - ok
20:24:30.0061 4152 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:24:30.0077 4152 HpSAMD - ok
20:24:30.0108 4152 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:24:30.0171 4152 HTTP - ok
20:24:30.0186 4152 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:24:30.0202 4152 hwpolicy - ok
20:24:30.0217 4152 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:24:30.0233 4152 i8042prt - ok
20:24:30.0264 4152 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:24:30.0280 4152 iaStor - ok
20:24:30.0358 4152 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:24:30.0373 4152 IAStorDataMgrSvc - ok
20:24:30.0405 4152 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:24:30.0420 4152 iaStorV - ok
20:24:30.0483 4152 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:24:30.0514 4152 idsvc - ok
20:24:30.0795 4152 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:24:31.0122 4152 igfx - ok
20:24:31.0169 4152 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:24:31.0169 4152 iirsp - ok
20:24:31.0216 4152 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:24:31.0294 4152 IKEEXT - ok
20:24:31.0387 4152 [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:24:31.0450 4152 IntcAzAudAddService - ok
20:24:31.0497 4152 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:24:31.0512 4152 IntcDAud - ok
20:24:31.0543 4152 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:24:31.0543 4152 intelide - ok
20:24:31.0575 4152 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:24:31.0606 4152 intelppm - ok
20:24:31.0653 4152 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:24:31.0715 4152 IPBusEnum - ok
20:24:31.0746 4152 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:24:31.0777 4152 IpFilterDriver - ok
20:24:31.0840 4152 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:24:31.0871 4152 iphlpsvc - ok
20:24:31.0871 4152 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:24:31.0902 4152 IPMIDRV - ok
20:24:31.0933 4152 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:24:31.0980 4152 IPNAT - ok
20:24:32.0027 4152 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:24:32.0043 4152 IRENUM - ok
20:24:32.0043 4152 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:24:32.0058 4152 isapnp - ok
20:24:32.0074 4152 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:24:32.0105 4152 iScsiPrt - ok
20:24:32.0152 4152 [ 455B75C19BF3F1F2EE3AC10E1169826C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
20:24:32.0167 4152 k57nd60a - ok
20:24:32.0193 4152 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:24:32.0203 4152 kbdclass - ok
20:24:32.0233 4152 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:24:32.0273 4152 kbdhid - ok
20:24:32.0303 4152 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:24:32.0333 4152 KeyIso - ok
20:24:32.0353 4152 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:24:32.0373 4152 KSecDD - ok
20:24:32.0383 4152 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:24:32.0403 4152 KSecPkg - ok
20:24:32.0423 4152 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:24:32.0473 4152 ksthunk - ok
20:24:32.0523 4152 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:24:32.0583 4152 KtmRm - ok
20:24:32.0623 4152 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:24:32.0683 4152 LanmanServer - ok
20:24:32.0713 4152 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:24:32.0773 4152 LanmanWorkstation - ok
20:24:32.0833 4152 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:24:32.0853 4152 Live Updater Service - ok
20:24:32.0893 4152 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:24:32.0923 4152 lltdio - ok
20:24:32.0963 4152 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:24:33.0033 4152 lltdsvc - ok
20:24:33.0053 4152 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:24:33.0103 4152 lmhosts - ok
20:24:33.0153 4152 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:24:33.0173 4152 LMS - ok
20:24:33.0203 4152 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:24:33.0223 4152 LSI_FC - ok
20:24:33.0233 4152 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:24:33.0253 4152 LSI_SAS - ok
20:24:33.0253 4152 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:24:33.0263 4152 LSI_SAS2 - ok
20:24:33.0283 4152 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:24:33.0293 4152 LSI_SCSI - ok
20:24:33.0313 4152 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:24:33.0373 4152 luafv - ok
20:24:33.0433 4152 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:24:33.0453 4152 MBAMProtector - ok
20:24:33.0523 4152 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:24:33.0543 4152 MBAMScheduler - ok
20:24:33.0593 4152 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:24:33.0613 4152 MBAMService - ok
20:24:33.0643 4152 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:24:33.0683 4152 Mcx2Svc - ok
20:24:33.0733 4152 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:24:33.0743 4152 megasas - ok
20:24:33.0763 4152 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:24:33.0773 4152 MegaSR - ok
20:24:33.0833 4152 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:24:33.0843 4152 MEIx64 - ok
20:24:33.0873 4152 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:24:33.0923 4152 MMCSS - ok
20:24:33.0963 4152 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:24:34.0013 4152 Modem - ok
20:24:34.0043 4152 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:24:34.0073 4152 monitor - ok
20:24:34.0103 4152 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:24:34.0123 4152 mouclass - ok
20:24:34.0143 4152 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:24:34.0173 4152 mouhid - ok
20:24:34.0203 4152 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:24:34.0213 4152 mountmgr - ok
20:24:34.0270 4152 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:24:34.0301 4152 MozillaMaintenance - ok
20:24:34.0317 4152 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:24:34.0332 4152 mpio - ok
20:24:34.0363 4152 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:24:34.0395 4152 mpsdrv - ok
20:24:34.0426 4152 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:24:34.0488 4152 MpsSvc - ok
20:24:34.0488 4152 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:24:34.0519 4152 MRxDAV - ok
20:24:34.0566 4152 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:24:34.0597 4152 mrxsmb - ok
20:24:34.0644 4152 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:24:34.0660 4152 mrxsmb10 - ok
20:24:34.0660 4152 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:24:34.0675 4152 mrxsmb20 - ok
20:24:34.0691 4152 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:24:34.0707 4152 msahci - ok
20:24:34.0707 4152 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:24:34.0722 4152 msdsm - ok
20:24:34.0738 4152 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:24:34.0753 4152 MSDTC - ok
20:24:34.0785 4152 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:24:34.0816 4152 Msfs - ok
20:24:34.0847 4152 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:24:34.0894 4152 mshidkmdf - ok
20:24:34.0909 4152 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:24:34.0925 4152 msisadrv - ok
20:24:34.0941 4152 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:24:35.0003 4152 MSiSCSI - ok
20:24:35.0003 4152 msiserver - ok
20:24:35.0050 4152 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:24:35.0112 4152 MSKSSRV - ok
20:24:35.0128 4152 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:24:35.0190 4152 MSPCLOCK - ok
20:24:35.0206 4152 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:24:35.0268 4152 MSPQM - ok
20:24:35.0299 4152 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:24:35.0315 4152 MsRPC - ok
20:24:35.0346 4152 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:24:35.0346 4152 mssmbios - ok
20:24:35.0362 4152 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:24:35.0424 4152 MSTEE - ok
20:24:35.0424 4152 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:24:35.0440 4152 MTConfig - ok
20:24:35.0440 4152 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:24:35.0455 4152 Mup - ok
20:24:35.0487 4152 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:24:35.0565 4152 napagent - ok
20:24:35.0611 4152 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:24:35.0643 4152 NativeWifiP - ok
20:24:35.0705 4152 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:24:35.0752 4152 NDIS - ok
20:24:35.0767 4152 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:24:35.0814 4152 NdisCap - ok
20:24:35.0830 4152 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:24:35.0861 4152 NdisTapi - ok
20:24:35.0892 4152 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:24:35.0939 4152 Ndisuio - ok
20:24:35.0939 4152 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:24:35.0986 4152 NdisWan - ok
20:24:35.0986 4152 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:24:36.0017 4152 NDProxy - ok
20:24:36.0064 4152 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:24:36.0126 4152 NetBIOS - ok
20:24:36.0126 4152 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:24:36.0157 4152 NetBT - ok
20:24:36.0189 4152 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:24:36.0204 4152 Netlogon - ok
20:24:36.0235 4152 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:24:36.0298 4152 Netman - ok
20:24:36.0298 4152 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:24:36.0345 4152 netprofm - ok
20:24:36.0376 4152 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:24:36.0423 4152 NetTcpPortSharing - ok
20:24:36.0454 4152 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:24:36.0469 4152 nfrd960 - ok
20:24:36.0501 4152 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:24:36.0547 4152 NlaSvc - ok
20:24:36.0563 4152 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:24:36.0594 4152 Npfs - ok
20:24:36.0625 4152 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:24:36.0657 4152 nsi - ok
20:24:36.0672 4152 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:24:36.0719 4152 nsiproxy - ok
20:24:36.0781 4152 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:24:36.0828 4152 Ntfs - ok
20:24:36.0891 4152 [ 1873214666F6F0A883742DF91FBC48C9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
20:24:36.0906 4152 NTI IScheduleSvc - ok
20:24:36.0937 4152 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
20:24:36.0953 4152 NTIDrvr - ok
20:24:37.0000 4152 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
20:24:37.0000 4152 NuidFltr - ok
20:24:37.0015 4152 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:24:37.0047 4152 Null - ok
20:24:37.0327 4152 [ 73DC184AF4D2ADDC41B37344636D2CC7 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:24:37.0717 4152 nvlddmkm - ok
20:24:37.0749 4152 [ 477A3CF725C4040F77EB9E2C17B922A0 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
20:24:37.0764 4152 nvpciflt - ok
20:24:37.0780 4152 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:24:37.0795 4152 nvraid - ok
20:24:37.0827 4152 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:24:37.0842 4152 nvstor - ok
20:24:37.0889 4152 [ 6D1056430AFC72A6097409A70A716C15 ] NVSvc C:\Windows\system32\nvvsvc.exe
20:24:37.0920 4152 NVSvc - ok
20:24:38.0014 4152 [ A072423C3812472D326BC774610055CF ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:24:38.0061 4152 nvUpdatusService - ok
20:24:38.0092 4152 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:24:38.0107 4152 nv_agp - ok
20:24:38.0107 4152 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:24:38.0139 4152 ohci1394 - ok
20:24:38.0170 4152 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:24:38.0201 4152 p2pimsvc - ok
20:24:38.0248 4152 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:24:38.0263 4152 p2psvc - ok
20:24:38.0295 4152 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:24:38.0310 4152 Parport - ok
20:24:38.0326 4152 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:24:38.0341 4152 partmgr - ok
20:24:38.0373 4152 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:24:38.0419 4152 PcaSvc - ok
20:24:38.0451 4152 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:24:38.0466 4152 pci - ok
20:24:38.0497 4152 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:24:38.0513 4152 pciide - ok
20:24:38.0513 4152 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:24:38.0529 4152 pcmcia - ok
20:24:38.0544 4152 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:24:38.0560 4152 pcw - ok
20:24:38.0575 4152 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:24:38.0638 4152 PEAUTH - ok
20:24:38.0700 4152 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:24:38.0731 4152 PerfHost - ok
20:24:38.0809 4152 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:24:38.0872 4152 pla - ok
20:24:38.0950 4152 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:24:38.0997 4152 PlugPlay - ok
20:24:39.0028 4152 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:24:39.0059 4152 PNRPAutoReg - ok
20:24:39.0090 4152 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:24:39.0106 4152 PNRPsvc - ok
20:24:39.0137 4152 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
20:24:39.0153 4152 Point64 - ok
20:24:39.0184 4152 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:24:39.0246 4152 PolicyAgent - ok
20:24:39.0262 4152 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:24:39.0324 4152 Power - ok
20:24:39.0371 4152 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:24:39.0433 4152 PptpMiniport - ok
20:24:39.0449 4152 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:24:39.0480 4152 Processor - ok
20:24:39.0527 4152 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:24:39.0543 4152 ProfSvc - ok
20:24:39.0558 4152 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:24:39.0589 4152 ProtectedStorage - ok
20:24:39.0621 4152 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:24:39.0667 4152 Psched - ok
20:24:39.0745 4152 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:24:39.0777 4152 ql2300 - ok
20:24:39.0777 4152 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:24:39.0792 4152 ql40xx - ok
20:24:39.0823 4152 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:24:39.0855 4152 QWAVE - ok
20:24:39.0870 4152 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:24:39.0917 4152 QWAVEdrv - ok
20:24:39.0917 4152 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:24:39.0964 4152 RasAcd - ok
20:24:40.0011 4152 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:24:40.0042 4152 RasAgileVpn - ok
20:24:40.0073 4152 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:24:40.0135 4152 RasAuto - ok
20:24:40.0167 4152 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:24:40.0229 4152 Rasl2tp - ok
20:24:40.0276 4152 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:24:40.0307 4152 RasMan - ok
20:24:40.0323 4152 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:24:40.0385 4152 RasPppoe - ok
20:24:40.0416 4152 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:24:40.0479 4152 RasSstp - ok
20:24:40.0479 4152 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:24:40.0525 4152 rdbss - ok
20:24:40.0557 4152 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:24:40.0588 4152 rdpbus - ok
20:24:40.0635 4152 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:24:40.0666 4152 RDPCDD - ok
20:24:40.0681 4152 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:24:40.0728 4152 RDPENCDD - ok
20:24:40.0759 4152 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:24:40.0791 4152 RDPREFMP - ok
20:24:40.0806 4152 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:24:40.0822 4152 RDPWD - ok
20:24:40.0853 4152 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:24:40.0869 4152 rdyboost - ok
20:24:40.0915 4152 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:24:40.0978 4152 RemoteAccess - ok
20:24:41.0025 4152 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:24:41.0087 4152 RemoteRegistry - ok
20:24:41.0118 4152 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:24:41.0165 4152 RpcEptMapper - ok
20:24:41.0196 4152 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:24:41.0227 4152 RpcLocator - ok
20:24:41.0274 4152 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:24:41.0321 4152 RpcSs - ok
20:24:41.0337 4152 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:24:41.0368 4152 rspndr - ok
20:24:41.0383 4152 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:24:41.0399 4152 SamSs - ok
20:24:41.0399 4152 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:24:41.0415 4152 sbp2port - ok
20:24:41.0461 4152 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:24:41.0493 4152 SCardSvr - ok
20:24:41.0524 4152 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:24:41.0586 4152 scfilter - ok
20:24:41.0617 4152 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:24:41.0695 4152 Schedule - ok
20:24:41.0727 4152 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:24:41.0758 4152 SCPolicySvc - ok
20:24:41.0773 4152 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:24:41.0820 4152 sdbus - ok
20:24:41.0851 4152 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:24:41.0883 4152 SDRSVC - ok
20:24:41.0914 4152 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:24:41.0976 4152 secdrv - ok
20:24:41.0992 4152 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:24:42.0054 4152 seclogon - ok
20:24:42.0101 4152 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:24:42.0148 4152 SENS - ok
20:24:42.0179 4152 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:24:42.0210 4152 SensrSvc - ok
20:24:42.0241 4152 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:24:42.0273 4152 Serenum - ok
20:24:42.0304 4152 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:24:42.0335 4152 Serial - ok
20:24:42.0351 4152 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:24:42.0366 4152 sermouse - ok
20:24:42.0397 4152 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:24:42.0444 4152 SessionEnv - ok
20:24:42.0475 4152 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:24:42.0507 4152 sffdisk - ok
20:24:42.0522 4152 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:24:42.0569 4152 sffp_mmc - ok
20:24:42.0569 4152 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:24:42.0585 4152 sffp_sd - ok
20:24:42.0600 4152 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:24:42.0647 4152 sfloppy - ok
20:24:42.0694 4152 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:24:42.0741 4152 SharedAccess - ok
20:24:42.0787 4152 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:24:42.0850 4152 ShellHWDetection - ok
20:24:42.0881 4152 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:24:42.0897 4152 SiSRaid2 - ok
20:24:42.0912 4152 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:24:42.0928 4152 SiSRaid4 - ok
20:24:43.0006 4152 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:24:43.0053 4152 SkypeUpdate - ok
20:24:43.0084 4152 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:24:43.0131 4152 Smb - ok
20:24:43.0162 4152 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:24:43.0209 4152 SNMPTRAP - ok
20:24:43.0240 4152 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:24:43.0255 4152 spldr - ok
20:24:43.0287 4152 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:24:43.0318 4152 Spooler - ok
20:24:43.0411 4152 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:24:43.0505 4152 sppsvc - ok
20:24:43.0536 4152 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:24:43.0567 4152 sppuinotify - ok
20:24:43.0599 4152 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:24:43.0645 4152 srv - ok
20:24:43.0645 4152 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:24:43.0677 4152 srv2 - ok
20:24:43.0692 4152 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:24:43.0708 4152 srvnet - ok
20:24:43.0739 4152 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:24:43.0786 4152 SSDPSRV - ok
20:24:43.0786 4152 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:24:43.0817 4152 SstpSvc - ok
20:24:43.0848 4152 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:24:43.0864 4152 stexstor - ok
20:24:43.0895 4152 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:24:43.0942 4152 stisvc - ok
20:24:43.0957 4152 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:24:43.0973 4152 swenum - ok
20:24:44.0004 4152 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:24:44.0067 4152 swprv - ok
20:24:44.0129 4152 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:24:44.0207 4152 SysMain - ok
20:24:44.0238 4152 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:24:44.0285 4152 TabletInputService - ok
20:24:44.0301 4152 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:24:44.0347 4152 TapiSrv - ok
20:24:44.0379 4152 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:24:44.0441 4152 TBS - ok
20:24:44.0503 4152 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:24:44.0550 4152 Tcpip - ok
20:24:44.0581 4152 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:24:44.0613 4152 TCPIP6 - ok
20:24:44.0613 4152 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:24:44.0628 4152 tcpipreg - ok
20:24:44.0659 4152 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:24:44.0691 4152 TDPIPE - ok
20:24:44.0722 4152 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:24:44.0737 4152 TDTCP - ok
20:24:44.0753 4152 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:24:44.0800 4152 tdx - ok
20:24:44.0800 4152 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:24:44.0815 4152 TermDD - ok
20:24:44.0847 4152 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:24:44.0909 4152 TermService - ok
20:24:44.0909 4152 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:24:44.0940 4152 Themes - ok
20:24:44.0956 4152 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:24:44.0987 4152 THREADORDER - ok
20:24:45.0018 4152 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:24:45.0065 4152 TrkWks - ok
20:24:45.0096 4152 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:24:45.0127 4152 TrustedInstaller - ok
20:24:45.0159 4152 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:24:45.0205 4152 tssecsrv - ok
20:24:45.0237 4152 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:24:45.0268 4152 TsUsbFlt - ok
20:24:45.0299 4152 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:24:45.0330 4152 TsUsbGD - ok
20:24:45.0346 4152 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:24:45.0408 4152 tunnel - ok
20:24:45.0471 4152 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:24:45.0486 4152 TurboB - ok
20:24:45.0533 4152 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:24:45.0549 4152 TurboBoost - ok
20:24:45.0580 4152 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:24:45.0595 4152 uagp35 - ok
20:24:45.0611 4152 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
20:24:45.0611 4152 UBHelper - ok
20:24:45.0642 4152 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:24:45.0689 4152 udfs - ok
20:24:45.0736 4152 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:24:45.0751 4152 UI0Detect - ok
20:24:45.0767 4152 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:24:45.0783 4152 uliagpkx - ok
20:24:45.0814 4152 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:24:45.0845 4152 umbus - ok
20:24:45.0861 4152 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:24:45.0907 4152 UmPass - ok
20:24:46.0017 4152 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:24:46.0063 4152 UNS - ok
20:24:46.0095 4152 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:24:46.0157 4152 upnphost - ok
20:24:46.0204 4152 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:24:46.0235 4152 usbccgp - ok
20:24:46.0251 4152 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:24:46.0266 4152 usbcir - ok
20:24:46.0282 4152 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:24:46.0329 4152 usbehci - ok
20:24:46.0329 4152 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
20:24:46.0360 4152 usbhub - ok
20:24:46.0375 4152 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:24:46.0407 4152 usbohci - ok
20:24:46.0453 4152 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:24:46.0500 4152 usbprint - ok
20:24:46.0531 4152 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:24:46.0547 4152 usbscan - ok
20:24:46.0563 4152 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:24:46.0594 4152 USBSTOR - ok
20:24:46.0609 4152 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:24:46.0656 4152 usbuhci - ok
20:24:46.0703 4152 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:24:46.0719 4152 usbvideo - ok
20:24:46.0750 4152 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:24:46.0797 4152 UxSms - ok
20:24:46.0828 4152 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:24:46.0843 4152 VaultSvc - ok
20:24:46.0859 4152 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:24:46.0875 4152 vdrvroot - ok
20:24:46.0906 4152 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:24:46.0968 4152 vds - ok
20:24:46.0999 4152 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:24:47.0015 4152 vga - ok
20:24:47.0031 4152 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:24:47.0077 4152 VgaSave - ok
20:24:47.0077 4152 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:24:47.0093 4152 vhdmp - ok
20:24:47.0124 4152 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:24:47.0124 4152 viaide - ok
20:24:47.0155 4152 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:24:47.0155 4152 volmgr - ok
20:24:47.0171 4152 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:24:47.0187 4152 volmgrx - ok
20:24:47.0187 4152 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:24:47.0218 4152 volsnap - ok
20:24:47.0249 4152 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:24:47.0265 4152 vsmraid - ok
20:24:47.0327 4152 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:24:47.0421 4152 VSS - ok
20:24:47.0436 4152 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:24:47.0467 4152 vwifibus - ok
20:24:47.0499 4152 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:24:47.0530 4152 vwififlt - ok
20:24:47.0592 4152 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:24:47.0623 4152 W32Time - ok
20:24:47.0655 4152 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:24:47.0686 4152 WacomPen - ok
20:24:47.0733 4152 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:24:47.0779 4152 WANARP - ok
20:24:47.0795 4152 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:24:47.0826 4152 Wanarpv6 - ok
20:24:47.0889 4152 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:24:47.0951 4152 wbengine - ok
20:24:47.0982 4152 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:24:47.0998 4152 WbioSrvc - ok
20:24:48.0013 4152 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:24:48.0060 4152 wcncsvc - ok
20:24:48.0091 4152 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:24:48.0107 4152 WcsPlugInService - ok
20:24:48.0123 4152 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:24:48.0138 4152 Wd - ok
20:24:48.0169 4152 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:24:48.0201 4152 Wdf01000 - ok
20:24:48.0216 4152 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:24:48.0247 4152 WdiServiceHost - ok
20:24:48.0263 4152 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:24:48.0279 4152 WdiSystemHost - ok
20:24:48.0325 4152 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:24:48.0372 4152 WebClient - ok
20:24:48.0388 4152 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:24:48.0450 4152 Wecsvc - ok
20:24:48.0466 4152 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:24:48.0513 4152 wercplsupport - ok
20:24:48.0528 4152 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:24:48.0575 4152 WerSvc - ok
20:24:48.0591 4152 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:24:48.0622 4152 WfpLwf - ok
20:24:48.0637 4152 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:24:48.0653 4152 WIMMount - ok
20:24:48.0669 4152 WinDefend - ok
20:24:48.0684 4152 WinHttpAutoProxySvc - ok
20:24:48.0731 4152 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:24:48.0778 4152 Winmgmt - ok
20:24:48.0825 4152 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:24:48.0887 4152 WinRM - ok
20:24:48.0949 4152 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:24:48.0996 4152 Wlansvc - ok
20:24:49.0059 4152 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:24:49.0074 4152 wlcrasvc - ok
20:24:49.0183 4152 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:24:49.0230 4152 wlidsvc - ok
20:24:49.0261 4152 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:24:49.0293 4152 WmiAcpi - ok
20:24:49.0324 4152 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:24:49.0371 4152 wmiApSrv - ok
20:24:49.0402 4152 WMPNetworkSvc - ok
20:24:49.0433 4152 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:24:49.0449 4152 WPCSvc - ok
20:24:49.0464 4152 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:24:49.0480 4152 WPDBusEnum - ok
20:24:49.0511 4152 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:24:49.0542 4152 ws2ifsl - ok
20:24:49.0573 4152 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:24:49.0620 4152 wscsvc - ok
20:24:49.0620 4152 WSearch - ok
20:24:49.0698 4152 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:24:49.0745 4152 wuauserv - ok
20:24:49.0761 4152 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:24:49.0807 4152 WudfPf - ok
20:24:49.0839 4152 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:24:49.0870 4152 WUDFRd - ok
20:24:49.0901 4152 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:24:49.0932 4152 wudfsvc - ok
20:24:49.0963 4152 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:24:50.0010 4152 WwanSvc - ok
20:24:50.0026 4152 ================ Scan global ===============================
20:24:50.0057 4152 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:24:50.0088 4152 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
20:24:50.0104 4152 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
20:24:50.0135 4152 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:24:50.0166 4152 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:24:50.0166 4152 [Global] - ok
20:24:50.0166 4152 ================ Scan MBR ==================================
20:24:50.0197 4152 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:24:51.0367 4152 \Device\Harddisk0\DR0 - ok
20:24:51.0367 4152 ================ Scan VBR ==================================
20:24:51.0399 4152 [ 88F9287A8D2A98DEE6009FB2082BAAC0 ] \Device\Harddisk0\DR0\Partition1
20:24:51.0399 4152 \Device\Harddisk0\DR0\Partition1 - ok
20:24:51.0414 4152 [ 8EF869EA8C42BFAF47E0C993D8CED675 ] \Device\Harddisk0\DR0\Partition2
20:24:51.0414 4152 \Device\Harddisk0\DR0\Partition2 - ok
20:24:51.0414 4152 ============================================================
20:24:51.0414 4152 Scan finished
20:24:51.0414 4152 ============================================================
20:24:51.0414 1780 Detected object count: 0
20:24:51.0414 1780 Actual detected object count: 0
Gruß Willi |
|
16.01.2013, 20:29
| #4 | |
| /// Malware-holic | Ihr Computer ist gesperrt GVU hi combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.01.2013, 20:40
| #5 |
| | Ihr Computer ist gesperrt GVU Hi Markus Danke auch für die Hilfe!!! Hier das Log Code:
ATTFilter
20:23:35.0304 1216 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:23:35.0397 1216 ============================================================
20:23:35.0397 1216 Current date / time: 2013/01/16 20:23:35.0397
20:23:35.0397 1216 SystemInfo:
20:23:35.0397 1216
20:23:35.0397 1216 OS Version: 6.1.7601 ServicePack: 1.0
20:23:35.0397 1216 Product type: Workstation
20:23:35.0397 1216 ComputerName: SCHWARZ-PC
20:23:35.0397 1216 UserName: Schwarz
20:23:35.0397 1216 Windows directory: C:\Windows
20:23:35.0397 1216 System windows directory: C:\Windows
20:23:35.0397 1216 Running under WOW64
20:23:35.0397 1216 Processor architecture: Intel x64
20:23:35.0397 1216 Number of processors: 4
20:23:35.0397 1216 Page size: 0x1000
20:23:35.0397 1216 Boot type: Normal boot
20:23:35.0397 1216 ============================================================
20:23:35.0897 1216 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:23:35.0912 1216 ============================================================
20:23:35.0912 1216 \Device\Harddisk0\DR0:
20:23:36.0037 1216 MBR partitions:
20:23:36.0037 1216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
20:23:36.0037 1216 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x22FFB800
20:23:36.0037 1216 ============================================================
20:23:36.0084 1216 C: <-> \Device\Harddisk0\DR0\Partition2
20:23:36.0084 1216 ============================================================
20:23:36.0084 1216 Initialize success
20:23:36.0084 1216 ============================================================
20:24:20.0686 4152 ============================================================
20:24:20.0686 4152 Scan started
20:24:20.0686 4152 Mode: Manual; SigCheck; TDLFS;
20:24:20.0686 4152 ============================================================
20:24:20.0998 4152 ================ Scan system memory ========================
20:24:20.0998 4152 System memory - ok
20:24:20.0998 4152 ================ Scan services =============================
20:24:21.0154 4152 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:24:21.0263 4152 1394ohci - ok
20:24:21.0294 4152 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:24:21.0310 4152 ACPI - ok
20:24:21.0341 4152 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:24:21.0388 4152 AcpiPmi - ok
20:24:21.0466 4152 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:24:21.0481 4152 AdobeARMservice - ok
20:24:21.0606 4152 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:24:21.0622 4152 AdobeFlashPlayerUpdateSvc - ok
20:24:21.0669 4152 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:24:21.0700 4152 adp94xx - ok
20:24:21.0731 4152 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:24:21.0747 4152 adpahci - ok
20:24:21.0747 4152 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:24:21.0762 4152 adpu320 - ok
20:24:21.0793 4152 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:24:21.0856 4152 AeLookupSvc - ok
20:24:21.0903 4152 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:24:21.0949 4152 AFD - ok
20:24:21.0981 4152 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:24:21.0996 4152 agp440 - ok
20:24:22.0027 4152 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:24:22.0074 4152 ALG - ok
20:24:22.0105 4152 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:24:22.0121 4152 aliide - ok
20:24:22.0137 4152 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:24:22.0152 4152 amdide - ok
20:24:22.0152 4152 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:24:22.0199 4152 AmdK8 - ok
20:24:22.0215 4152 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:24:22.0246 4152 AmdPPM - ok
20:24:22.0293 4152 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:24:22.0308 4152 amdsata - ok
20:24:22.0324 4152 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:24:22.0339 4152 amdsbs - ok
20:24:22.0371 4152 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:24:22.0386 4152 amdxata - ok
20:24:22.0433 4152 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:24:22.0449 4152 AntiVirSchedulerService - ok
20:24:22.0480 4152 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:24:22.0495 4152 AntiVirService - ok
20:24:22.0542 4152 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:24:22.0605 4152 AppID - ok
20:24:22.0636 4152 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:24:22.0683 4152 AppIDSvc - ok
20:24:22.0729 4152 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:24:22.0792 4152 Appinfo - ok
20:24:22.0807 4152 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:24:22.0823 4152 arc - ok
20:24:22.0839 4152 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:24:22.0854 4152 arcsas - ok
20:24:22.0885 4152 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:24:22.0948 4152 AsyncMac - ok
20:24:22.0979 4152 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:24:22.0995 4152 atapi - ok
20:24:23.0041 4152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:24:23.0104 4152 AudioEndpointBuilder - ok
20:24:23.0119 4152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:24:23.0151 4152 AudioSrv - ok
20:24:23.0182 4152 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:24:23.0213 4152 avgntflt - ok
20:24:23.0229 4152 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:24:23.0244 4152 avipbb - ok
20:24:23.0260 4152 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:24:23.0275 4152 avkmgr - ok
20:24:23.0307 4152 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:24:23.0369 4152 AxInstSV - ok
20:24:23.0400 4152 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:24:23.0431 4152 b06bdrv - ok
20:24:23.0478 4152 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:24:23.0525 4152 b57nd60a - ok
20:24:23.0572 4152 [ A424CB46A145E5AABF15621550976DF2 ] b57xdbd C:\Windows\system32\DRIVERS\b57xdbd.sys
20:24:23.0587 4152 b57xdbd - ok
20:24:23.0587 4152 [ BE4E6FD5A898812B85D5817AD9754A9F ] b57xdmp C:\Windows\system32\DRIVERS\b57xdmp.sys
20:24:23.0603 4152 b57xdmp - ok
20:24:23.0728 4152 [ 11F844B46B631337395651ABE9C4167B ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:24:23.0837 4152 BCM43XX - ok
20:24:23.0853 4152 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:24:23.0884 4152 BDESVC - ok
20:24:23.0931 4152 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:24:23.0993 4152 Beep - ok
20:24:24.0055 4152 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:24:24.0118 4152 BFE - ok
20:24:24.0165 4152 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:24:24.0243 4152 BITS - ok
20:24:24.0258 4152 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:24:24.0289 4152 blbdrive - ok
20:24:24.0321 4152 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:24:24.0352 4152 bowser - ok
20:24:24.0383 4152 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:24:24.0414 4152 BrFiltLo - ok
20:24:24.0414 4152 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:24:24.0430 4152 BrFiltUp - ok
20:24:24.0477 4152 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:24:24.0492 4152 Browser - ok
20:24:24.0523 4152 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:24:24.0570 4152 Brserid - ok
20:24:24.0601 4152 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:24:24.0633 4152 BrSerWdm - ok
20:24:24.0633 4152 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:24:24.0664 4152 BrUsbMdm - ok
20:24:24.0679 4152 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:24:24.0726 4152 BrUsbSer - ok
20:24:24.0757 4152 [ 0970D8B7151E9113BF8D44CE2E954DF7 ] bScsiMSa C:\Windows\system32\DRIVERS\bScsiMSa.sys
20:24:24.0773 4152 bScsiMSa - ok
20:24:24.0789 4152 [ 0C1EEE5AF32402D306874B110DE237EC ] bScsiSDa C:\Windows\system32\DRIVERS\bScsiSDa.sys
20:24:24.0804 4152 bScsiSDa - ok
20:24:24.0804 4152 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:24:24.0835 4152 BTHMODEM - ok
20:24:24.0882 4152 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:24:24.0913 4152 bthserv - ok
20:24:24.0945 4152 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:24:25.0007 4152 cdfs - ok
20:24:25.0038 4152 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:24:25.0054 4152 cdrom - ok
20:24:25.0101 4152 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:24:25.0163 4152 CertPropSvc - ok
20:24:25.0210 4152 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:24:25.0241 4152 circlass - ok
20:24:25.0288 4152 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:24:25.0303 4152 CLFS - ok
20:24:25.0381 4152 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:24:25.0397 4152 clr_optimization_v2.0.50727_32 - ok
20:24:25.0413 4152 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:24:25.0428 4152 clr_optimization_v2.0.50727_64 - ok
20:24:25.0506 4152 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:24:25.0522 4152 clr_optimization_v4.0.30319_32 - ok
20:24:25.0553 4152 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:24:25.0569 4152 clr_optimization_v4.0.30319_64 - ok
20:24:25.0600 4152 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:24:25.0615 4152 CmBatt - ok
20:24:25.0647 4152 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:24:25.0662 4152 cmdide - ok
20:24:25.0693 4152 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:24:25.0725 4152 CNG - ok
20:24:25.0771 4152 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:24:25.0787 4152 Compbatt - ok
20:24:25.0803 4152 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:24:25.0849 4152 CompositeBus - ok
20:24:25.0881 4152 COMSysApp - ok
20:24:25.0896 4152 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:24:25.0896 4152 crcdisk - ok
20:24:25.0943 4152 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:24:25.0974 4152 CryptSvc - ok
20:24:26.0037 4152 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
20:24:26.0083 4152 dc3d - ok
20:24:26.0146 4152 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:24:26.0208 4152 DcomLaunch - ok
20:24:26.0239 4152 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:24:26.0317 4152 defragsvc - ok
20:24:26.0349 4152 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:24:26.0395 4152 DfsC - ok
20:24:26.0442 4152 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:24:26.0505 4152 Dhcp - ok
20:24:26.0536 4152 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:24:26.0598 4152 discache - ok
20:24:26.0629 4152 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:24:26.0645 4152 Disk - ok
20:24:26.0676 4152 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:24:26.0723 4152 Dnscache - ok
20:24:26.0739 4152 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:24:26.0801 4152 dot3svc - ok
20:24:26.0801 4152 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:24:26.0832 4152 DPS - ok
20:24:26.0895 4152 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:24:26.0926 4152 drmkaud - ok
20:24:26.0988 4152 [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
20:24:27.0019 4152 DsiWMIService - ok
20:24:27.0066 4152 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:24:27.0097 4152 DXGKrnl - ok
20:24:27.0129 4152 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:24:27.0191 4152 EapHost - ok
20:24:27.0285 4152 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:24:27.0363 4152 ebdrv - ok
20:24:27.0409 4152 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:24:27.0456 4152 EFS - ok
20:24:27.0534 4152 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:24:27.0581 4152 ehRecvr - ok
20:24:27.0612 4152 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:24:27.0643 4152 ehSched - ok
20:24:27.0706 4152 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:24:27.0721 4152 elxstor - ok
20:24:27.0815 4152 [ 48425C93B6F36529707206E4FA680CF3 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:24:27.0846 4152 ePowerSvc - ok
20:24:27.0862 4152 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:24:27.0893 4152 ErrDev - ok
20:24:27.0924 4152 [ DBAA0C650C9549DC5C599D1E81DEDAAD ] ETD C:\Windows\system32\DRIVERS\ETD.sys
20:24:27.0924 4152 ETD - ok
20:24:27.0971 4152 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:24:28.0033 4152 EventSystem - ok
20:24:28.0065 4152 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:24:28.0096 4152 exfat - ok
20:24:28.0111 4152 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:24:28.0174 4152 fastfat - ok
20:24:28.0221 4152 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:24:28.0267 4152 Fax - ok
20:24:28.0299 4152 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:24:28.0330 4152 fdc - ok
20:24:28.0361 4152 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:24:28.0408 4152 fdPHost - ok
20:24:28.0408 4152 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:24:28.0455 4152 FDResPub - ok
20:24:28.0470 4152 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:24:28.0486 4152 FileInfo - ok
20:24:28.0486 4152 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:24:28.0533 4152 Filetrace - ok
20:24:28.0595 4152 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:24:28.0626 4152 FLEXnet Licensing Service - ok
20:24:28.0642 4152 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:24:28.0657 4152 flpydisk - ok
20:24:28.0673 4152 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:24:28.0689 4152 FltMgr - ok
20:24:28.0751 4152 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:24:28.0798 4152 FontCache - ok
20:24:28.0845 4152 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:28.0860 4152 FontCache3.0.0.0 - ok
20:24:28.0891 4152 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:24:28.0891 4152 FsDepends - ok
20:24:28.0938 4152 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:24:28.0954 4152 Fs_Rec - ok
20:24:28.0969 4152 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:24:29.0001 4152 fvevol - ok
20:24:29.0032 4152 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:24:29.0047 4152 gagp30kx - ok
20:24:29.0110 4152 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:24:29.0125 4152 GamesAppService - ok
20:24:29.0172 4152 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:24:29.0219 4152 gpsvc - ok
20:24:29.0266 4152 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
20:24:29.0281 4152 GREGService - ok
20:24:29.0328 4152 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:24:29.0359 4152 hcw85cir - ok
20:24:29.0406 4152 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:24:29.0453 4152 HdAudAddService - ok
20:24:29.0469 4152 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:24:29.0500 4152 HDAudBus - ok
20:24:29.0531 4152 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:24:29.0562 4152 HidBatt - ok
20:24:29.0562 4152 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:24:29.0593 4152 HidBth - ok
20:24:29.0625 4152 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:24:29.0656 4152 HidIr - ok
20:24:29.0671 4152 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:24:29.0718 4152 hidserv - ok
20:24:29.0781 4152 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:24:29.0796 4152 HidUsb - ok
20:24:29.0827 4152 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:24:29.0890 4152 hkmsvc - ok
20:24:29.0921 4152 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:24:29.0952 4152 HomeGroupListener - ok
20:24:29.0983 4152 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:24:30.0015 4152 HomeGroupProvider - ok
20:24:30.0061 4152 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:24:30.0077 4152 HpSAMD - ok
20:24:30.0108 4152 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:24:30.0171 4152 HTTP - ok
20:24:30.0186 4152 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:24:30.0202 4152 hwpolicy - ok
20:24:30.0217 4152 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:24:30.0233 4152 i8042prt - ok
20:24:30.0264 4152 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:24:30.0280 4152 iaStor - ok
20:24:30.0358 4152 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:24:30.0373 4152 IAStorDataMgrSvc - ok
20:24:30.0405 4152 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:24:30.0420 4152 iaStorV - ok
20:24:30.0483 4152 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:24:30.0514 4152 idsvc - ok
20:24:30.0795 4152 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:24:31.0122 4152 igfx - ok
20:24:31.0169 4152 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:24:31.0169 4152 iirsp - ok
20:24:31.0216 4152 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:24:31.0294 4152 IKEEXT - ok
20:24:31.0387 4152 [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:24:31.0450 4152 IntcAzAudAddService - ok
20:24:31.0497 4152 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:24:31.0512 4152 IntcDAud - ok
20:24:31.0543 4152 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:24:31.0543 4152 intelide - ok
20:24:31.0575 4152 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:24:31.0606 4152 intelppm - ok
20:24:31.0653 4152 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:24:31.0715 4152 IPBusEnum - ok
20:24:31.0746 4152 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:24:31.0777 4152 IpFilterDriver - ok
20:24:31.0840 4152 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:24:31.0871 4152 iphlpsvc - ok
20:24:31.0871 4152 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:24:31.0902 4152 IPMIDRV - ok
20:24:31.0933 4152 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:24:31.0980 4152 IPNAT - ok
20:24:32.0027 4152 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:24:32.0043 4152 IRENUM - ok
20:24:32.0043 4152 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:24:32.0058 4152 isapnp - ok
20:24:32.0074 4152 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:24:32.0105 4152 iScsiPrt - ok
20:24:32.0152 4152 [ 455B75C19BF3F1F2EE3AC10E1169826C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
20:24:32.0167 4152 k57nd60a - ok
20:24:32.0193 4152 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:24:32.0203 4152 kbdclass - ok
20:24:32.0233 4152 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:24:32.0273 4152 kbdhid - ok
20:24:32.0303 4152 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:24:32.0333 4152 KeyIso - ok
20:24:32.0353 4152 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:24:32.0373 4152 KSecDD - ok
20:24:32.0383 4152 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:24:32.0403 4152 KSecPkg - ok
20:24:32.0423 4152 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:24:32.0473 4152 ksthunk - ok
20:24:32.0523 4152 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:24:32.0583 4152 KtmRm - ok
20:24:32.0623 4152 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:24:32.0683 4152 LanmanServer - ok
20:24:32.0713 4152 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:24:32.0773 4152 LanmanWorkstation - ok
20:24:32.0833 4152 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:24:32.0853 4152 Live Updater Service - ok
20:24:32.0893 4152 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:24:32.0923 4152 lltdio - ok
20:24:32.0963 4152 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:24:33.0033 4152 lltdsvc - ok
20:24:33.0053 4152 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:24:33.0103 4152 lmhosts - ok
20:24:33.0153 4152 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:24:33.0173 4152 LMS - ok
20:24:33.0203 4152 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:24:33.0223 4152 LSI_FC - ok
20:24:33.0233 4152 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:24:33.0253 4152 LSI_SAS - ok
20:24:33.0253 4152 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:24:33.0263 4152 LSI_SAS2 - ok
20:24:33.0283 4152 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:24:33.0293 4152 LSI_SCSI - ok
20:24:33.0313 4152 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:24:33.0373 4152 luafv - ok
20:24:33.0433 4152 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:24:33.0453 4152 MBAMProtector - ok
20:24:33.0523 4152 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:24:33.0543 4152 MBAMScheduler - ok
20:24:33.0593 4152 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:24:33.0613 4152 MBAMService - ok
20:24:33.0643 4152 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:24:33.0683 4152 Mcx2Svc - ok
20:24:33.0733 4152 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:24:33.0743 4152 megasas - ok
20:24:33.0763 4152 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:24:33.0773 4152 MegaSR - ok
20:24:33.0833 4152 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:24:33.0843 4152 MEIx64 - ok
20:24:33.0873 4152 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:24:33.0923 4152 MMCSS - ok
20:24:33.0963 4152 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:24:34.0013 4152 Modem - ok
20:24:34.0043 4152 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:24:34.0073 4152 monitor - ok
20:24:34.0103 4152 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:24:34.0123 4152 mouclass - ok
20:24:34.0143 4152 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:24:34.0173 4152 mouhid - ok
20:24:34.0203 4152 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:24:34.0213 4152 mountmgr - ok
20:24:34.0270 4152 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:24:34.0301 4152 MozillaMaintenance - ok
20:24:34.0317 4152 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:24:34.0332 4152 mpio - ok
20:24:34.0363 4152 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:24:34.0395 4152 mpsdrv - ok
20:24:34.0426 4152 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:24:34.0488 4152 MpsSvc - ok
20:24:34.0488 4152 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:24:34.0519 4152 MRxDAV - ok
20:24:34.0566 4152 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:24:34.0597 4152 mrxsmb - ok
20:24:34.0644 4152 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:24:34.0660 4152 mrxsmb10 - ok
20:24:34.0660 4152 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:24:34.0675 4152 mrxsmb20 - ok
20:24:34.0691 4152 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:24:34.0707 4152 msahci - ok
20:24:34.0707 4152 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:24:34.0722 4152 msdsm - ok
20:24:34.0738 4152 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:24:34.0753 4152 MSDTC - ok
20:24:34.0785 4152 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:24:34.0816 4152 Msfs - ok
20:24:34.0847 4152 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:24:34.0894 4152 mshidkmdf - ok
20:24:34.0909 4152 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:24:34.0925 4152 msisadrv - ok
20:24:34.0941 4152 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:24:35.0003 4152 MSiSCSI - ok
20:24:35.0003 4152 msiserver - ok
20:24:35.0050 4152 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:24:35.0112 4152 MSKSSRV - ok
20:24:35.0128 4152 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:24:35.0190 4152 MSPCLOCK - ok
20:24:35.0206 4152 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:24:35.0268 4152 MSPQM - ok
20:24:35.0299 4152 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:24:35.0315 4152 MsRPC - ok
20:24:35.0346 4152 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:24:35.0346 4152 mssmbios - ok
20:24:35.0362 4152 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:24:35.0424 4152 MSTEE - ok
20:24:35.0424 4152 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:24:35.0440 4152 MTConfig - ok
20:24:35.0440 4152 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:24:35.0455 4152 Mup - ok
20:24:35.0487 4152 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:24:35.0565 4152 napagent - ok
20:24:35.0611 4152 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:24:35.0643 4152 NativeWifiP - ok
20:24:35.0705 4152 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:24:35.0752 4152 NDIS - ok
20:24:35.0767 4152 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:24:35.0814 4152 NdisCap - ok
20:24:35.0830 4152 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:24:35.0861 4152 NdisTapi - ok
20:24:35.0892 4152 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:24:35.0939 4152 Ndisuio - ok
20:24:35.0939 4152 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:24:35.0986 4152 NdisWan - ok
20:24:35.0986 4152 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:24:36.0017 4152 NDProxy - ok
20:24:36.0064 4152 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:24:36.0126 4152 NetBIOS - ok
20:24:36.0126 4152 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:24:36.0157 4152 NetBT - ok
20:24:36.0189 4152 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:24:36.0204 4152 Netlogon - ok
20:24:36.0235 4152 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:24:36.0298 4152 Netman - ok
20:24:36.0298 4152 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:24:36.0345 4152 netprofm - ok
20:24:36.0376 4152 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:24:36.0423 4152 NetTcpPortSharing - ok
20:24:36.0454 4152 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:24:36.0469 4152 nfrd960 - ok
20:24:36.0501 4152 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:24:36.0547 4152 NlaSvc - ok
20:24:36.0563 4152 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:24:36.0594 4152 Npfs - ok
20:24:36.0625 4152 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:24:36.0657 4152 nsi - ok
20:24:36.0672 4152 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:24:36.0719 4152 nsiproxy - ok
20:24:36.0781 4152 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:24:36.0828 4152 Ntfs - ok
20:24:36.0891 4152 [ 1873214666F6F0A883742DF91FBC48C9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
20:24:36.0906 4152 NTI IScheduleSvc - ok
20:24:36.0937 4152 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
20:24:36.0953 4152 NTIDrvr - ok
20:24:37.0000 4152 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
20:24:37.0000 4152 NuidFltr - ok
20:24:37.0015 4152 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:24:37.0047 4152 Null - ok
20:24:37.0327 4152 [ 73DC184AF4D2ADDC41B37344636D2CC7 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:24:37.0717 4152 nvlddmkm - ok
20:24:37.0749 4152 [ 477A3CF725C4040F77EB9E2C17B922A0 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
20:24:37.0764 4152 nvpciflt - ok
20:24:37.0780 4152 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:24:37.0795 4152 nvraid - ok
20:24:37.0827 4152 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:24:37.0842 4152 nvstor - ok
20:24:37.0889 4152 [ 6D1056430AFC72A6097409A70A716C15 ] NVSvc C:\Windows\system32\nvvsvc.exe
20:24:37.0920 4152 NVSvc - ok
20:24:38.0014 4152 [ A072423C3812472D326BC774610055CF ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:24:38.0061 4152 nvUpdatusService - ok
20:24:38.0092 4152 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:24:38.0107 4152 nv_agp - ok
20:24:38.0107 4152 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:24:38.0139 4152 ohci1394 - ok
20:24:38.0170 4152 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:24:38.0201 4152 p2pimsvc - ok
20:24:38.0248 4152 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:24:38.0263 4152 p2psvc - ok
20:24:38.0295 4152 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:24:38.0310 4152 Parport - ok
20:24:38.0326 4152 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:24:38.0341 4152 partmgr - ok
20:24:38.0373 4152 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:24:38.0419 4152 PcaSvc - ok
20:24:38.0451 4152 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:24:38.0466 4152 pci - ok
20:24:38.0497 4152 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:24:38.0513 4152 pciide - ok
20:24:38.0513 4152 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:24:38.0529 4152 pcmcia - ok
20:24:38.0544 4152 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:24:38.0560 4152 pcw - ok
20:24:38.0575 4152 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:24:38.0638 4152 PEAUTH - ok
20:24:38.0700 4152 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:24:38.0731 4152 PerfHost - ok
20:24:38.0809 4152 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:24:38.0872 4152 pla - ok
20:24:38.0950 4152 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:24:38.0997 4152 PlugPlay - ok
20:24:39.0028 4152 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:24:39.0059 4152 PNRPAutoReg - ok
20:24:39.0090 4152 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:24:39.0106 4152 PNRPsvc - ok
20:24:39.0137 4152 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
20:24:39.0153 4152 Point64 - ok
20:24:39.0184 4152 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:24:39.0246 4152 PolicyAgent - ok
20:24:39.0262 4152 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:24:39.0324 4152 Power - ok
20:24:39.0371 4152 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:24:39.0433 4152 PptpMiniport - ok
20:24:39.0449 4152 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:24:39.0480 4152 Processor - ok
20:24:39.0527 4152 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:24:39.0543 4152 ProfSvc - ok
20:24:39.0558 4152 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:24:39.0589 4152 ProtectedStorage - ok
20:24:39.0621 4152 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:24:39.0667 4152 Psched - ok
20:24:39.0745 4152 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:24:39.0777 4152 ql2300 - ok
20:24:39.0777 4152 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:24:39.0792 4152 ql40xx - ok
20:24:39.0823 4152 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:24:39.0855 4152 QWAVE - ok
20:24:39.0870 4152 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:24:39.0917 4152 QWAVEdrv - ok
20:24:39.0917 4152 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:24:39.0964 4152 RasAcd - ok
20:24:40.0011 4152 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:24:40.0042 4152 RasAgileVpn - ok
20:24:40.0073 4152 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:24:40.0135 4152 RasAuto - ok
20:24:40.0167 4152 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:24:40.0229 4152 Rasl2tp - ok
20:24:40.0276 4152 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:24:40.0307 4152 RasMan - ok
20:24:40.0323 4152 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:24:40.0385 4152 RasPppoe - ok
20:24:40.0416 4152 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:24:40.0479 4152 RasSstp - ok
20:24:40.0479 4152 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:24:40.0525 4152 rdbss - ok
20:24:40.0557 4152 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:24:40.0588 4152 rdpbus - ok
20:24:40.0635 4152 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:24:40.0666 4152 RDPCDD - ok
20:24:40.0681 4152 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:24:40.0728 4152 RDPENCDD - ok
20:24:40.0759 4152 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:24:40.0791 4152 RDPREFMP - ok
20:24:40.0806 4152 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:24:40.0822 4152 RDPWD - ok
20:24:40.0853 4152 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:24:40.0869 4152 rdyboost - ok
20:24:40.0915 4152 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:24:40.0978 4152 RemoteAccess - ok
20:24:41.0025 4152 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:24:41.0087 4152 RemoteRegistry - ok
20:24:41.0118 4152 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:24:41.0165 4152 RpcEptMapper - ok
20:24:41.0196 4152 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:24:41.0227 4152 RpcLocator - ok
20:24:41.0274 4152 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:24:41.0321 4152 RpcSs - ok
20:24:41.0337 4152 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:24:41.0368 4152 rspndr - ok
20:24:41.0383 4152 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:24:41.0399 4152 SamSs - ok
20:24:41.0399 4152 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:24:41.0415 4152 sbp2port - ok
20:24:41.0461 4152 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:24:41.0493 4152 SCardSvr - ok
20:24:41.0524 4152 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:24:41.0586 4152 scfilter - ok
20:24:41.0617 4152 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:24:41.0695 4152 Schedule - ok
20:24:41.0727 4152 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:24:41.0758 4152 SCPolicySvc - ok
20:24:41.0773 4152 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:24:41.0820 4152 sdbus - ok
20:24:41.0851 4152 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:24:41.0883 4152 SDRSVC - ok
20:24:41.0914 4152 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:24:41.0976 4152 secdrv - ok
20:24:41.0992 4152 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:24:42.0054 4152 seclogon - ok
20:24:42.0101 4152 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:24:42.0148 4152 SENS - ok
20:24:42.0179 4152 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:24:42.0210 4152 SensrSvc - ok
20:24:42.0241 4152 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:24:42.0273 4152 Serenum - ok
20:24:42.0304 4152 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:24:42.0335 4152 Serial - ok
20:24:42.0351 4152 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:24:42.0366 4152 sermouse - ok
20:24:42.0397 4152 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:24:42.0444 4152 SessionEnv - ok
20:24:42.0475 4152 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:24:42.0507 4152 sffdisk - ok
20:24:42.0522 4152 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:24:42.0569 4152 sffp_mmc - ok
20:24:42.0569 4152 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:24:42.0585 4152 sffp_sd - ok
20:24:42.0600 4152 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:24:42.0647 4152 sfloppy - ok
20:24:42.0694 4152 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:24:42.0741 4152 SharedAccess - ok
20:24:42.0787 4152 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:24:42.0850 4152 ShellHWDetection - ok
20:24:42.0881 4152 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:24:42.0897 4152 SiSRaid2 - ok
20:24:42.0912 4152 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:24:42.0928 4152 SiSRaid4 - ok
20:24:43.0006 4152 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:24:43.0053 4152 SkypeUpdate - ok
20:24:43.0084 4152 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:24:43.0131 4152 Smb - ok
20:24:43.0162 4152 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:24:43.0209 4152 SNMPTRAP - ok
20:24:43.0240 4152 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:24:43.0255 4152 spldr - ok
20:24:43.0287 4152 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:24:43.0318 4152 Spooler - ok
20:24:43.0411 4152 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:24:43.0505 4152 sppsvc - ok
20:24:43.0536 4152 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:24:43.0567 4152 sppuinotify - ok
20:24:43.0599 4152 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:24:43.0645 4152 srv - ok
20:24:43.0645 4152 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:24:43.0677 4152 srv2 - ok
20:24:43.0692 4152 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:24:43.0708 4152 srvnet - ok
20:24:43.0739 4152 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:24:43.0786 4152 SSDPSRV - ok
20:24:43.0786 4152 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:24:43.0817 4152 SstpSvc - ok
20:24:43.0848 4152 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:24:43.0864 4152 stexstor - ok
20:24:43.0895 4152 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:24:43.0942 4152 stisvc - ok
20:24:43.0957 4152 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:24:43.0973 4152 swenum - ok
20:24:44.0004 4152 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:24:44.0067 4152 swprv - ok
20:24:44.0129 4152 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:24:44.0207 4152 SysMain - ok
20:24:44.0238 4152 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:24:44.0285 4152 TabletInputService - ok
20:24:44.0301 4152 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:24:44.0347 4152 TapiSrv - ok
20:24:44.0379 4152 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:24:44.0441 4152 TBS - ok
20:24:44.0503 4152 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:24:44.0550 4152 Tcpip - ok
20:24:44.0581 4152 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:24:44.0613 4152 TCPIP6 - ok
20:24:44.0613 4152 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:24:44.0628 4152 tcpipreg - ok
20:24:44.0659 4152 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:24:44.0691 4152 TDPIPE - ok
20:24:44.0722 4152 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:24:44.0737 4152 TDTCP - ok
20:24:44.0753 4152 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:24:44.0800 4152 tdx - ok
20:24:44.0800 4152 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:24:44.0815 4152 TermDD - ok
20:24:44.0847 4152 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:24:44.0909 4152 TermService - ok
20:24:44.0909 4152 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:24:44.0940 4152 Themes - ok
20:24:44.0956 4152 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:24:44.0987 4152 THREADORDER - ok
20:24:45.0018 4152 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:24:45.0065 4152 TrkWks - ok
20:24:45.0096 4152 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:24:45.0127 4152 TrustedInstaller - ok
20:24:45.0159 4152 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:24:45.0205 4152 tssecsrv - ok
20:24:45.0237 4152 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:24:45.0268 4152 TsUsbFlt - ok
20:24:45.0299 4152 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:24:45.0330 4152 TsUsbGD - ok
20:24:45.0346 4152 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:24:45.0408 4152 tunnel - ok
20:24:45.0471 4152 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:24:45.0486 4152 TurboB - ok
20:24:45.0533 4152 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:24:45.0549 4152 TurboBoost - ok
20:24:45.0580 4152 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:24:45.0595 4152 uagp35 - ok
20:24:45.0611 4152 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
20:24:45.0611 4152 UBHelper - ok
20:24:45.0642 4152 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:24:45.0689 4152 udfs - ok
20:24:45.0736 4152 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:24:45.0751 4152 UI0Detect - ok
20:24:45.0767 4152 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:24:45.0783 4152 uliagpkx - ok
20:24:45.0814 4152 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:24:45.0845 4152 umbus - ok
20:24:45.0861 4152 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:24:45.0907 4152 UmPass - ok
20:24:46.0017 4152 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:24:46.0063 4152 UNS - ok
20:24:46.0095 4152 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:24:46.0157 4152 upnphost - ok
20:24:46.0204 4152 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:24:46.0235 4152 usbccgp - ok
20:24:46.0251 4152 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:24:46.0266 4152 usbcir - ok
20:24:46.0282 4152 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:24:46.0329 4152 usbehci - ok
20:24:46.0329 4152 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
20:24:46.0360 4152 usbhub - ok
20:24:46.0375 4152 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:24:46.0407 4152 usbohci - ok
20:24:46.0453 4152 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:24:46.0500 4152 usbprint - ok
20:24:46.0531 4152 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:24:46.0547 4152 usbscan - ok
20:24:46.0563 4152 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:24:46.0594 4152 USBSTOR - ok
20:24:46.0609 4152 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:24:46.0656 4152 usbuhci - ok
20:24:46.0703 4152 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:24:46.0719 4152 usbvideo - ok
20:24:46.0750 4152 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:24:46.0797 4152 UxSms - ok
20:24:46.0828 4152 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:24:46.0843 4152 VaultSvc - ok
20:24:46.0859 4152 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:24:46.0875 4152 vdrvroot - ok
20:24:46.0906 4152 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:24:46.0968 4152 vds - ok
20:24:46.0999 4152 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:24:47.0015 4152 vga - ok
20:24:47.0031 4152 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:24:47.0077 4152 VgaSave - ok
20:24:47.0077 4152 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:24:47.0093 4152 vhdmp - ok
20:24:47.0124 4152 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:24:47.0124 4152 viaide - ok
20:24:47.0155 4152 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:24:47.0155 4152 volmgr - ok
20:24:47.0171 4152 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:24:47.0187 4152 volmgrx - ok
20:24:47.0187 4152 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:24:47.0218 4152 volsnap - ok
20:24:47.0249 4152 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:24:47.0265 4152 vsmraid - ok
20:24:47.0327 4152 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:24:47.0421 4152 VSS - ok
20:24:47.0436 4152 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:24:47.0467 4152 vwifibus - ok
20:24:47.0499 4152 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:24:47.0530 4152 vwififlt - ok
20:24:47.0592 4152 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:24:47.0623 4152 W32Time - ok
20:24:47.0655 4152 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:24:47.0686 4152 WacomPen - ok
20:24:47.0733 4152 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:24:47.0779 4152 WANARP - ok
20:24:47.0795 4152 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:24:47.0826 4152 Wanarpv6 - ok
20:24:47.0889 4152 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:24:47.0951 4152 wbengine - ok
20:24:47.0982 4152 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:24:47.0998 4152 WbioSrvc - ok
20:24:48.0013 4152 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:24:48.0060 4152 wcncsvc - ok
20:24:48.0091 4152 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:24:48.0107 4152 WcsPlugInService - ok
20:24:48.0123 4152 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:24:48.0138 4152 Wd - ok
20:24:48.0169 4152 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:24:48.0201 4152 Wdf01000 - ok
20:24:48.0216 4152 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:24:48.0247 4152 WdiServiceHost - ok
20:24:48.0263 4152 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:24:48.0279 4152 WdiSystemHost - ok
20:24:48.0325 4152 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:24:48.0372 4152 WebClient - ok
20:24:48.0388 4152 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:24:48.0450 4152 Wecsvc - ok
20:24:48.0466 4152 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:24:48.0513 4152 wercplsupport - ok
20:24:48.0528 4152 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:24:48.0575 4152 WerSvc - ok
20:24:48.0591 4152 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:24:48.0622 4152 WfpLwf - ok
20:24:48.0637 4152 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:24:48.0653 4152 WIMMount - ok
20:24:48.0669 4152 WinDefend - ok
20:24:48.0684 4152 WinHttpAutoProxySvc - ok
20:24:48.0731 4152 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:24:48.0778 4152 Winmgmt - ok
20:24:48.0825 4152 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:24:48.0887 4152 WinRM - ok
20:24:48.0949 4152 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:24:48.0996 4152 Wlansvc - ok
20:24:49.0059 4152 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:24:49.0074 4152 wlcrasvc - ok
20:24:49.0183 4152 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:24:49.0230 4152 wlidsvc - ok
20:24:49.0261 4152 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:24:49.0293 4152 WmiAcpi - ok
20:24:49.0324 4152 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:24:49.0371 4152 wmiApSrv - ok
20:24:49.0402 4152 WMPNetworkSvc - ok
20:24:49.0433 4152 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:24:49.0449 4152 WPCSvc - ok
20:24:49.0464 4152 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:24:49.0480 4152 WPDBusEnum - ok
20:24:49.0511 4152 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:24:49.0542 4152 ws2ifsl - ok
20:24:49.0573 4152 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:24:49.0620 4152 wscsvc - ok
20:24:49.0620 4152 WSearch - ok
20:24:49.0698 4152 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:24:49.0745 4152 wuauserv - ok
20:24:49.0761 4152 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:24:49.0807 4152 WudfPf - ok
20:24:49.0839 4152 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:24:49.0870 4152 WUDFRd - ok
20:24:49.0901 4152 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:24:49.0932 4152 wudfsvc - ok
20:24:49.0963 4152 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:24:50.0010 4152 WwanSvc - ok
20:24:50.0026 4152 ================ Scan global ===============================
20:24:50.0057 4152 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:24:50.0088 4152 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
20:24:50.0104 4152 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
20:24:50.0135 4152 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:24:50.0166 4152 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:24:50.0166 4152 [Global] - ok
20:24:50.0166 4152 ================ Scan MBR ==================================
20:24:50.0197 4152 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:24:51.0367 4152 \Device\Harddisk0\DR0 - ok
20:24:51.0367 4152 ================ Scan VBR ==================================
20:24:51.0399 4152 [ 88F9287A8D2A98DEE6009FB2082BAAC0 ] \Device\Harddisk0\DR0\Partition1
20:24:51.0399 4152 \Device\Harddisk0\DR0\Partition1 - ok
20:24:51.0414 4152 [ 8EF869EA8C42BFAF47E0C993D8CED675 ] \Device\Harddisk0\DR0\Partition2
20:24:51.0414 4152 \Device\Harddisk0\DR0\Partition2 - ok
20:24:51.0414 4152 ============================================================
20:24:51.0414 4152 Scan finished
20:24:51.0414 4152 ============================================================
20:24:51.0414 1780 Detected object count: 0
20:24:51.0414 1780 Actual detected object count: 0
|
|
16.01.2013, 22:40
| #6 | |
| /// Malware-holic | Ihr Computer ist gesperrt GVU hi combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> Ihr Computer ist gesperrt GVU |
|
17.01.2013, 17:25
| #7 |
| | Ihr Computer ist gesperrt GVU Hi Markus Hab Combofix ausgeführt, hier das log. War das schon richtig, dass ich es 2 mal machen sollte? Deine Ansage davor war auch schon combofix laufen zu lassen ?!? [Code] Combofix Logfile: Code:
ATTFilter ComboFix 13-01-17.03 - xxx 17.01.2013 17:12:55.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3948.2446 [GMT 1:00]
ausgeführt von:: c:\users\xxx\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-17 bis 2013-01-17 ))))))))))))))))))))))))))))))
.
.
2013-01-17 16:16 . 2013-01-17 16:16 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-17 16:16 . 2013-01-17 16:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-17 16:08 . 2013-01-17 16:08 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FA8EC81A-3A4C-46E8-8C5E-E1975EACFA69}\offreg.dll
2013-01-16 16:40 . 2013-01-12 02:30 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-15 17:47 . 2013-01-15 17:47 -------- d-----w- c:\users\xxx\AppData\Local\Programs
2013-01-15 17:45 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FA8EC81A-3A4C-46E8-8C5E-E1975EACFA69}\mpengine.dll
2013-01-10 06:48 . 2013-01-10 06:48 2938 ----a-w- c:\programdata\dsgsdgdsgdsgw.js
2013-01-10 06:32 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-12-23 06:35 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-23 06:35 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-23 06:35 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-23 06:35 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-15 17:53 . 2012-12-16 19:30 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-15 17:53 . 2011-08-12 07:32 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-15 17:30 . 2012-02-03 19:45 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-14 15:49 . 2012-09-06 15:32 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-30 04:45 . 2013-01-10 06:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-14 06:42 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-14 06:42 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-14 06:42 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-14 06:42 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-14 06:42 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-14 06:42 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-14 06:42 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-14 06:42 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-14 06:42 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-14 06:42 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-14 06:42 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-14 06:42 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-14 06:42 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-14 06:42 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-14 06:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-14 06:42 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-14 06:42 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-14 06:42 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-14 06:42 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-14 06:42 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-14 06:42 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-14 06:42 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-13 06:11 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 06:11 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-13 06:10 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 06:10 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-26 177448]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-09 348664]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-15 27760]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2011-01-20 67624]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2011-01-20 19496]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [2011-05-16 51240]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2011-05-06 86056]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2011-04-05 142632]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2011-05-10 425000]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-16 17:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-21 416024]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-16 12673128]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.t-online.de/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\cvj4crib.default\
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-01-17 17:17:50
ComboFix-quarantined-files.txt 2013-01-17 16:17
ComboFix2.txt 2013-01-16 19:38
.
Vor Suchlauf: 13 Verzeichnis(se), 234.579.595.264 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 234.516.529.152 Bytes frei
.
- - End Of File - - 51CBFE659BF5954C65FBFC88D3DF9635
Gruss Markus |
|
17.01.2013, 17:28
| #8 |
| /// Malware-holic | Ihr Computer ist gesperrt GVU Wollte nur mal was prüfen lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.01.2013, 18:10
| #9 |
| | Ihr Computer ist gesperrt GVU Hi Hier die Liste Code:
ATTFilter Acer Backup Manager NTI Corporation 12.08.2011 336MB 3.0.0.99 unbekannt Acer Crystal Eye Webcam CyberLink Corp. 02.11.2011 33,7MB 1.0.1904 notwendig Acer ePower Management Acer Incorporated 02.11.2011 6.00.3008 unbekannt Acer eRecovery Management Acer Incorporated 12.08.2011 5.00.3502 unbekannt Acer Games WildTangent 12.08.2011 1.0.2.5 unbekannt Acer Registration Acer Incorporated 02.11.2011 1.04.3503 unbekannt Acer ScreenSaver Acer Incorporated 02.11.2011 1.1.0913.2011 unbekannt Acer Updater Acer Incorporated 12.08.2011 1.02.3500 unbekannt Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 09.01.2013 6,00MB 11.5.502.146 notwendig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 15.01.2013 6,00MB 11.5.502.146 notwendig Adobe Reader X (10.1.5) MUI Adobe Systems Incorporated 15.01.2013 480MB 10.1.5 notwendig Avira Free Antivirus Avira 14.11.2012 108MB 12.1.9.1236 notwendig??????? Broadcom Card Reader Driver Installer Broadcom Corporation 02.11.2011 2,76MB 14.8.2.2 unbekannt Broadcom NetLink Controller Broadcom Corporation 12.08.2011 508KB 14.8.4.1 unbekannt CCleaner Piriform 19.12.2012 3.26 notwendig clear.fi CyberLink Corp. 02.11.2011 167MB 1.0.2024.00 unbekannt clear.fi Client Acer Incorporated 02.11.2011 1.00.3500 unbekannt Dolby Advanced Audio v2 Dolby Laboratories Inc 02.11.2011 12,9MB 7.2.7000.7 unbekannt ETDWare PS/2-X64 8.0.6.3_WHQL ELAN Microelectronic Corp. 02.11.2011 8.0.6.3 unbekannt Identity Card Acer Incorporated 02.11.2011 1.00.3501 unbekannt Intel(R) Control Center Intel Corporation 02.11.2011 1.2.1.1007 unbekannt Intel(R) Management Engine Components Intel Corporation 02.11.2011 7.0.0.1144 unbekannt Intel(R) Processor Graphics Intel Corporation 02.11.2011 8.15.10.2418 unbekannt Intel(R) Rapid Storage Technology Intel Corporation 02.11.2011 10.5.0.1026 unbekannt Java 7 Update 11 Oracle 07.10.2012 128MB 7.0.110 notwendig Launch Manager Acer Inc. 02.11.2011 5.1.7 unbekannt Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 15.01.2013 18,4MB 1.70.0.1100 notwendig????? Microsoft .NET Framework 4 Client Profile Microsoft Corporation 25.01.2012 38,8MB 4.0.30319 unbekannt Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 25.01.2012 2,93MB 4.0.30319 unbekannt Microsoft IntelliPoint 8.2 Microsoft Corporation 22.01.2012 8.20.468.0 unbekannt Microsoft Silverlight Microsoft Corporation 07.06.2012 40,3MB 4.1.10329.0 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 12.08.2011 1,69MB 3.1.0000 unbekannt Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 07.06.2012 300KB 8.0.61001 unbekannt Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 19.03.2012 784KB 9.0.30729.4148 unbekannt Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 07.06.2012 788KB 9.0.30729.6161 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 12.08.2011 240KB 9.0.30729 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 12.08.2011 596KB 9.0.30729.4148 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 08.06.2012 600KB 9.0.30729.6161 unbekannt Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 07.06.2012 12,2MB 10.0.40219 unbekannt Mozilla Firefox 17.0.1 (x86 de) Mozilla 10.12.2012 41,0MB 17.0.1 notwendig Mozilla Maintenance Service Mozilla 10.12.2012 329KB 17.0.1 unbekannt NTI Media Maker 9 NTI Corporation 02.11.2011 1,60GB 9.0.2.8942 unbekannt NVIDIA Grafiktreiber 268.00 NVIDIA Corporation 02.11.2011 268.00 unbekannt NVIDIA PhysX NVIDIA Corporation 02.11.2011 78,9MB 9.10.0514 unbekannt OpenOffice.org 3.3 OpenOffice.org 19.03.2012 414MB 3.3.9567 notwendig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 02.11.2011 6.0.1.6438 unbekannt Skype™ 5.10 Skype Technologies S.A. 14.09.2012 19,3MB 5.10.116 notwendig Spybot - Search & Destroy Safer Networking Limited 03.02.2012 1.6.2 notwendig???? Windows Live Essentials Microsoft Corporation 12.08.2011 15.4.3538.0513 unbekannt Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 Intel 02.11.2011 13,2MB 2.1.23.0 unbekannt Gruß MaRKUS |
|
17.01.2013, 18:22
| #10 |
| /// Malware-holic | Ihr Computer ist gesperrt GVU deinstaliere: Acer Games Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden, instalieren. adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Spybot Windows Live Öffne bitte CCleaner, analysieren, starten, PC neustarten. Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.01.2013, 19:25
| #11 |
| | Ihr Computer ist gesperrt GVU So, alles erledigt... Code:
ATTFilter # AdwCleaner v2.106 - Datei am 17/01/2013 um 19:24:35 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : xxx - xxx-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\xxx\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v17.0.1 (de)
Datei : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\cvj4crib.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R2].txt - [731 octets] - [17/01/2013 19:24:35]
########## EOF - C:\AdwCleaner[R2].txt - [790 octets] ##########
|
|
17.01.2013, 20:35
| #12 |
| /// Malware-holic | Ihr Computer ist gesperrt GVU Hi, teste bitte, wie der PC, + Programme wie Browser laufen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.01.2013, 20:37
| #13 |
| | Ihr Computer ist gesperrt GVU Alles gut soweit |
|
17.01.2013, 21:57
| #14 |
| /// Malware-holic | Ihr Computer ist gesperrt GVU was heißt soweit, is alles ok, oder gibts noch Probleme :-)
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
18.01.2013, 15:02
| #15 |
| | Ihr Computer ist gesperrt GVU Hi Ist alles ok, läuft alles stabil. Bin ich das Zeug los? |
|
| Themen zu Ihr Computer ist gesperrt GVU |
| administrator, adobe, adobe flash player, antivir, autorun, avira, bho, computer, desktop, error, explorer, firefox, flash player, gesperrt, gvu-trojaner, home, launch, logfile, nvidia, nvpciflt.sys, opera, plug-in, programme, realtek, registry, safer networking, software, svchost.exe, temp, wildtangent games, wscript.exe, öffnet |
Linear-Darstellung
