Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.07.2013, 16:19   #1
Patrick96
 
Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Ausrufezeichen

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Hallo Leute,

also so langsam platzt mir echt der Kragen...! Ich war ja letztens schon hier und hatte ein Viren Problem. Nun hab ich anscheinend wieder eins.

Und zwar meldet mein AV-Programm ständig, dass ich folgende Viren habe:
  • TR/ZAccess.H
  • TR/ATRAPS.Gen2
  • TR/Sirefef.abx
  • TR/Gendal.15360
  • TR/Sirefef.77312
  • W32/Patched.UC

Das sind diese Vieren, die alle erkannt worden sind. Sie liegen laut Avira alle im Verzeichnis "C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}". Also alle, bis auf die letzte... die liegt in "C:\Windows\System32 und heißt "services.exe".

Jetzt hab ich bisher nur die ganzen Trojaner gelöscht, die in dem Installer-Verzeichnis waren, weil ich mir bei der letzten nicht sicher war, ob das eine Falschmeldung oder keine war. Kann ich die "services.exe" löschen?

Ebenfalls fiel mir auf, als ich die Dateien gelöscht habe, hat es keine 5 Minuten gedauert, da waren die gleichen sofort wieder da. Löschen also unmöglich. Auch meine Firewall geht nicht mehr an.

Was kann ich jetzt tun? Hört der Spuk auf, wenn ich die "services.exe" lösche? Benötige schnelle Hilfe!! Danke!

Gruß

Alt 06.07.2013, 16:38   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 06.07.2013, 17:52   #3
Patrick96
 
Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Sorry, das es etwas länger gedauert hat, aber auf dem infizierten PC geht jetzt nicht einmal mehr das Internet.

Hier ist das Logfile:

Code:
ATTFilter
18:43:23.0357 5396  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:43:25.0369 5396  ============================================================
18:43:25.0369 5396  Current date / time: 2013/07/06 18:43:25.0369
18:43:25.0369 5396  SystemInfo:
18:43:25.0369 5396  
18:43:25.0369 5396  OS Version: 6.1.7601 ServicePack: 1.0
18:43:25.0369 5396  Product type: Workstation
18:43:25.0369 5396  ComputerName: PATRICK-PC
18:43:25.0369 5396  UserName: Patrick
18:43:25.0369 5396  Windows directory: C:\Windows
18:43:25.0369 5396  System windows directory: C:\Windows
18:43:25.0369 5396  Running under WOW64
18:43:25.0369 5396  Processor architecture: Intel x64
18:43:25.0369 5396  Number of processors: 4
18:43:25.0369 5396  Page size: 0x1000
18:43:25.0369 5396  Boot type: Normal boot
18:43:25.0369 5396  ============================================================
18:43:26.0165 5396  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:43:26.0165 5396  Drive \Device\Harddisk1\DR1 - Size: 0x1D9C00000 (7.40 Gb), SectorSize: 0x200, Cylinders: 0x3C6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:43:26.0181 5396  Drive \Device\Harddisk5\DR5 - Size: 0x1D1C1115000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0xE8E088A8, SectorsPerTrack: 0x1, TracksPerCylinder: 0x1, Type 'W'
18:43:26.0181 5396  Drive \Device\Harddisk6\DR6 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:43:26.0181 5396  Drive \Device\Harddisk7\DR7 - Size: 0x78800000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:43:26.0181 5396  ============================================================
18:43:26.0181 5396  \Device\Harddisk0\DR0:
18:43:26.0181 5396  MBR partitions:
18:43:26.0181 5396  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2200800, BlocksNum 0x32000
18:43:26.0181 5396  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2232800, BlocksNum 0x3CBDFDB0
18:43:26.0196 5396  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3EE13000, BlocksNum 0x358F2800
18:43:26.0196 5396  \Device\Harddisk1\DR1:
18:43:26.0212 5396  MBR partitions:
18:43:26.0212 5396  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xECC000
18:43:26.0212 5396  \Device\Harddisk5\DR5:
18:43:26.0212 5396  MBR partitions:
18:43:26.0212 5396  \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
18:43:26.0212 5396  \Device\Harddisk6\DR6:
18:43:26.0212 5396  MBR partitions:
18:43:26.0212 5396  \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xABD77482
18:43:26.0212 5396  \Device\Harddisk6\DR6\Partition2: MBR, Type 0x7, StartLBA 0xABD77800, BlocksNum 0x3D090000
18:43:26.0212 5396  \Device\Harddisk7\DR7:
18:43:26.0212 5396  MBR partitions:
18:43:26.0212 5396  \Device\Harddisk7\DR7\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3C3FC1
18:43:26.0212 5396  ============================================================
18:43:26.0555 5396  C: <-> \Device\Harddisk0\DR0\Partition2
18:43:26.0586 5396  J: <-> \Device\Harddisk6\DR6\Partition1
18:43:26.0617 5396  L: <-> \Device\Harddisk6\DR6\Partition2
18:43:26.0867 5396  D: <-> \Device\Harddisk0\DR0\Partition3
18:43:26.0883 5396  F: <-> \Device\Harddisk5\DR5\Partition1
18:43:26.0883 5396  ============================================================
18:43:26.0883 5396  Initialize success
18:43:26.0883 5396  ============================================================
18:43:54.0417 4080  ============================================================
18:43:54.0417 4080  Scan started
18:43:54.0417 4080  Mode: Manual; SigCheck; TDLFS; 
18:43:54.0417 4080  ============================================================
18:44:00.0204 4080  ================ Scan system memory ========================
18:44:00.0204 4080  System memory - ok
18:44:00.0204 4080  ================ Scan services =============================
18:44:00.0594 4080  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:44:01.0421 4080  1394ohci - ok
18:44:01.0452 4080  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:44:01.0468 4080  ACPI - ok
18:44:01.0530 4080  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:44:01.0608 4080  AcpiPmi - ok
18:44:02.0014 4080  AddonsHelper - ok
18:44:02.0326 4080  [ 01EF7FB1990732F84D8DB4EADFD68DFD ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
18:44:02.0373 4080  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
18:44:02.0373 4080  Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
18:44:02.0482 4080  [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
18:44:02.0498 4080  AdobeActiveFileMonitor8.0 - ok
18:44:02.0747 4080  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:44:02.0778 4080  AdobeFlashPlayerUpdateSvc - ok
18:44:03.0059 4080  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:44:03.0075 4080  adp94xx - ok
18:44:03.0122 4080  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:44:03.0137 4080  adpahci - ok
18:44:03.0153 4080  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:44:03.0168 4080  adpu320 - ok
18:44:03.0215 4080  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:44:03.0340 4080  AeLookupSvc - ok
18:44:03.0418 4080  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:44:03.0465 4080  AFD - ok
18:44:03.0512 4080  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:44:03.0527 4080  agp440 - ok
18:44:03.0558 4080  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:44:03.0621 4080  ALG - ok
18:44:03.0652 4080  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:44:03.0668 4080  aliide - ok
18:44:03.0761 4080  [ 8F6C0FF277DBFE5EBED24E3543DA7BFA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:44:03.0995 4080  AMD External Events Utility - ok
18:44:04.0073 4080  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:44:04.0136 4080  amdide - ok
18:44:04.0245 4080  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:44:04.0323 4080  AmdK8 - ok
18:44:04.0853 4080  [ 9673319070166E26660EBA4EDF316FA2 ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
18:44:05.0181 4080  amdkmdag - ok
18:44:05.0477 4080  [ 430D06D63952848E64CBBF23B5C1479E ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:44:05.0508 4080  amdkmdap - ok
18:44:05.0540 4080  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:44:05.0586 4080  AmdPPM - ok
18:44:05.0664 4080  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:44:05.0680 4080  amdsata - ok
18:44:05.0696 4080  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:44:05.0711 4080  amdsbs - ok
18:44:05.0727 4080  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:44:05.0742 4080  amdxata - ok
18:44:06.0132 4080  [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:44:06.0148 4080  AntiVirSchedulerService - ok
18:44:06.0398 4080  [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:44:06.0413 4080  AntiVirService - ok
18:44:06.0725 4080  [ 53DDEA96AA407C3E2BCEF68A44E31A59 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:44:06.0741 4080  AntiVirWebService - ok
18:44:06.0975 4080  [ F41E453A90EF19217CEE1675F5256EE7 ] Apache2.2       c:\xampp\apache\bin\httpd.exe
18:44:07.0022 4080  Apache2.2 ( UnsignedFile.Multi.Generic ) - warning
18:44:07.0022 4080  Apache2.2 - detected UnsignedFile.Multi.Generic (1)
18:44:07.0162 4080  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:44:08.0426 4080  AppID - ok
18:44:08.0472 4080  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:44:08.0769 4080  AppIDSvc - ok
18:44:08.0831 4080  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
18:44:08.0878 4080  Appinfo - ok
18:44:08.0956 4080  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:44:08.0972 4080  Apple Mobile Device - ok
18:44:09.0034 4080  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:44:09.0065 4080  arc - ok
18:44:09.0065 4080  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:44:09.0081 4080  arcsas - ok
18:44:09.0128 4080  Aspi32 - ok
18:44:09.0315 4080  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:44:09.0408 4080  aspnet_state - ok
18:44:09.0424 4080  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:44:09.0486 4080  AsyncMac - ok
18:44:09.0533 4080  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:44:09.0549 4080  atapi - ok
18:44:09.0611 4080  [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
18:44:09.0658 4080  AtiHdmiService - ok
18:44:09.0705 4080  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:44:09.0752 4080  AudioEndpointBuilder - ok
18:44:09.0752 4080  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:44:09.0798 4080  AudioSrv - ok
18:44:09.0908 4080  [ 95D7F9544B6C989D1AEBBBE4664BCD70 ] AVerRemote      C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
18:44:09.0986 4080  AVerRemote ( UnsignedFile.Multi.Generic ) - warning
18:44:09.0986 4080  AVerRemote - detected UnsignedFile.Multi.Generic (1)
18:44:10.0095 4080  [ 0DB0AB8415BFF81037981AF1D3BBBE97 ] AVerScheduleService C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
18:44:10.0251 4080  AVerScheduleService ( UnsignedFile.Multi.Generic ) - warning
18:44:10.0251 4080  AVerScheduleService - detected UnsignedFile.Multi.Generic (1)
18:44:10.0344 4080  [ 848C51485C9A11B0403A0F958FDDA2A0 ] AVerUpdateServer C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
18:44:10.0391 4080  AVerUpdateServer ( UnsignedFile.Multi.Generic ) - warning
18:44:10.0391 4080  AVerUpdateServer - detected UnsignedFile.Multi.Generic (1)
18:44:10.0469 4080  [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:44:10.0485 4080  avgntflt - ok
18:44:10.0610 4080  [ 34E9A86B0EF71BA72B58D72215EBFABC ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
18:44:10.0641 4080  avgtp - ok
18:44:10.0688 4080  [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:44:10.0703 4080  avipbb - ok
18:44:10.0734 4080  [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:44:10.0750 4080  avkmgr - ok
18:44:10.0797 4080  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:44:10.0844 4080  AxInstSV - ok
18:44:10.0890 4080  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:44:10.0937 4080  b06bdrv - ok
18:44:11.0000 4080  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:44:11.0031 4080  b57nd60a - ok
18:44:11.0140 4080  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
18:44:11.0156 4080  BBSvc - ok
18:44:11.0202 4080  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
18:44:11.0218 4080  BBUpdate - ok
18:44:11.0249 4080  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:44:11.0280 4080  BDESVC - ok
18:44:11.0296 4080  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:44:11.0343 4080  Beep - ok
18:44:11.0421 4080  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
18:44:11.0483 4080  BITS - ok
18:44:11.0530 4080  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:44:11.0546 4080  blbdrive - ok
18:44:11.0670 4080  [ 7091E0EA045A50952C57EB309B9CEA62 ] bmdrvr          C:\Windows\syswow64\drivers\bmdrvr.sys
18:44:11.0717 4080  bmdrvr - ok
18:44:11.0842 4080  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:44:11.0920 4080  Bonjour Service - ok
18:44:11.0967 4080  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:44:12.0014 4080  bowser - ok
18:44:12.0045 4080  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:44:12.0107 4080  BrFiltLo - ok
18:44:12.0107 4080  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:44:12.0154 4080  BrFiltUp - ok
18:44:12.0201 4080  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:44:12.0232 4080  BridgeMP - ok
18:44:13.0964 4080  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:44:14.0042 4080  Browser - ok
18:44:14.0073 4080  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:44:14.0151 4080  Brserid - ok
18:44:14.0166 4080  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:44:14.0229 4080  BrSerWdm - ok
18:44:14.0229 4080  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:44:14.0322 4080  BrUsbMdm - ok
18:44:14.0322 4080  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:44:14.0369 4080  BrUsbSer - ok
18:44:14.0369 4080  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:44:14.0416 4080  BTHMODEM - ok
18:44:14.0478 4080  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:44:14.0572 4080  bthserv - ok
18:44:14.0712 4080  catchme - ok
18:44:14.0744 4080  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:44:14.0806 4080  cdfs - ok
18:44:14.0915 4080  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:44:14.0978 4080  cdrom - ok
18:44:15.0056 4080  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:44:15.0134 4080  CertPropSvc - ok
18:44:15.0726 4080  [ F5B87B2B18D04BDF4EEE621464969D6A ] CGVPNCliSrvc    C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
18:44:15.0898 4080  CGVPNCliSrvc - ok
18:44:16.0070 4080  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:44:16.0116 4080  circlass - ok
18:44:16.0179 4080  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:44:16.0194 4080  CLFS - ok
18:44:16.0382 4080  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:44:16.0460 4080  clr_optimization_v2.0.50727_32 - ok
18:44:16.0569 4080  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:44:16.0616 4080  clr_optimization_v2.0.50727_64 - ok
18:44:16.0818 4080  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:44:16.0928 4080  clr_optimization_v4.0.30319_32 - ok
18:44:16.0943 4080  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:44:16.0990 4080  clr_optimization_v4.0.30319_64 - ok
18:44:17.0021 4080  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:44:17.0052 4080  CmBatt - ok
18:44:17.0068 4080  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:44:17.0115 4080  cmdide - ok
18:44:17.0193 4080  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
18:44:17.0224 4080  CNG - ok
18:44:17.0255 4080  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:44:17.0271 4080  Compbatt - ok
18:44:17.0302 4080  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:44:17.0318 4080  CompositeBus - ok
18:44:17.0333 4080  COMSysApp - ok
18:44:17.0364 4080  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:44:17.0380 4080  crcdisk - ok
18:44:17.0474 4080  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:44:17.0552 4080  CryptSvc - ok
18:44:17.0942 4080  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:44:17.0973 4080  cvhsvc - ok
18:44:18.0129 4080  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:44:18.0222 4080  DcomLaunch - ok
18:44:18.0269 4080  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:44:18.0347 4080  defragsvc - ok
18:44:18.0378 4080  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:44:18.0472 4080  DfsC - ok
18:44:18.0597 4080  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:44:18.0690 4080  Dhcp - ok
18:44:18.0784 4080  [ FDD7ABCC822D0CC4E59D0B75B0239A36 ] DigiNet         C:\Windows\system32\DRIVERS\diginet.sys
18:44:18.0815 4080  DigiNet - ok
18:44:18.0862 4080  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:44:18.0940 4080  discache - ok
18:44:19.0034 4080  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:44:19.0127 4080  Disk - ok
18:44:19.0174 4080  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:44:19.0205 4080  Dnscache - ok
18:44:19.0221 4080  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:44:19.0283 4080  dot3svc - ok
18:44:19.0346 4080  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:44:19.0439 4080  DPS - ok
18:44:19.0439 4080  DRHARD - ok
18:44:19.0517 4080  [ 2A53AA388EB00FB6C57D43DBFE89C972 ] DRHARD64        C:\Windows\system32\drivers\DRHARD64.sys
18:44:19.0533 4080  DRHARD64 - ok
18:44:19.0580 4080  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:44:19.0611 4080  drmkaud - ok
18:44:19.0767 4080  [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64      C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
18:44:19.0782 4080  DrvAgent64 - ok
18:44:19.0860 4080  [ D52EEB224DF107AAD9059597F0EB95CC ] DslMNLwf        C:\Windows\system32\DRIVERS\dslmnlwf.sys
18:44:19.0860 4080  DslMNLwf - ok
18:44:19.0923 4080  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:44:19.0954 4080  DXGKrnl - ok
18:44:20.0032 4080  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:44:20.0079 4080  EapHost - ok
18:44:20.0172 4080  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:44:20.0406 4080  ebdrv - ok
18:44:20.0453 4080  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:44:20.0516 4080  EFS - ok
18:44:20.0718 4080  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:44:20.0796 4080  ehRecvr - ok
18:44:20.0812 4080  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:44:20.0890 4080  ehSched - ok
18:44:20.0952 4080  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
18:44:20.0984 4080  ElbyCDIO - ok
18:44:21.0108 4080  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:44:21.0140 4080  elxstor - ok
18:44:21.0171 4080  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:44:21.0202 4080  ErrDev - ok
18:44:21.0264 4080  esgiguard - ok
18:44:21.0311 4080  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:44:21.0358 4080  EventSystem - ok
18:44:21.0374 4080  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:44:21.0436 4080  exfat - ok
18:44:21.0561 4080  Fabs - ok
18:44:21.0592 4080  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:44:21.0670 4080  fastfat - ok
18:44:21.0732 4080  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:44:21.0795 4080  Fax - ok
18:44:21.0810 4080  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:44:21.0826 4080  fdc - ok
18:44:21.0857 4080  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:44:21.0920 4080  fdPHost - ok
18:44:21.0951 4080  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:44:21.0982 4080  FDResPub - ok
18:44:22.0013 4080  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:44:22.0029 4080  FileInfo - ok
18:44:22.0044 4080  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:44:22.0091 4080  Filetrace - ok
18:44:22.0263 4080  [ BF72C20B44B85FD030AEAA721E35D512 ] FileZilla Server c:\xampp\FileZillaFTP\FileZillaServer.exe
18:44:22.0356 4080  FileZilla Server ( UnsignedFile.Multi.Generic ) - warning
18:44:22.0356 4080  FileZilla Server - detected UnsignedFile.Multi.Generic (1)
18:44:22.0419 4080  [ 1A18EBD87AA9FBF6EFE8CFADA08D0275 ] FirebirdGuardianDefaultInstance C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
18:44:22.0419 4080  FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - warning
18:44:22.0419 4080  FirebirdGuardianDefaultInstance - detected UnsignedFile.Multi.Generic (1)
18:44:22.0606 4080  [ 53C740150C082AAF3C7D21C1D6A9FF98 ] FirebirdServerDefaultInstance C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
18:44:22.0700 4080  FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - warning
18:44:22.0700 4080  FirebirdServerDefaultInstance - detected UnsignedFile.Multi.Generic (1)
18:44:23.0074 4080  [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
18:44:23.0152 4080  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
18:44:23.0152 4080  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
18:44:23.0355 4080  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:44:23.0526 4080  FLEXnet Licensing Service - ok
18:44:23.0573 4080  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:44:23.0620 4080  flpydisk - ok
18:44:23.0714 4080  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:44:23.0760 4080  FltMgr - ok
18:44:23.0963 4080  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
18:44:24.0072 4080  FontCache - ok
18:44:24.0244 4080  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:44:24.0306 4080  FontCache3.0.0.0 - ok
18:44:24.0353 4080  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:44:24.0384 4080  FsDepends - ok
18:44:24.0462 4080  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:44:24.0478 4080  Fs_Rec - ok
18:44:24.0587 4080  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:44:24.0650 4080  fvevol - ok
18:44:24.0728 4080  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:44:24.0774 4080  gagp30kx - ok
18:44:24.0930 4080  [ 6858C318E8DAA40E747E6FB9B214E104 ] GameConsoleService C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
18:44:25.0024 4080  GameConsoleService - ok
18:44:25.0149 4080  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:44:25.0227 4080  GEARAspiWDM - ok
18:44:25.0492 4080  Giraffic - ok
18:44:25.0710 4080  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:44:25.0773 4080  gpsvc - ok
18:44:26.0054 4080  [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service    C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
18:44:26.0147 4080  Greg_Service - ok
18:44:26.0303 4080  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:44:26.0319 4080  gupdate - ok
18:44:26.0319 4080  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:44:26.0334 4080  gupdatem - ok
18:44:26.0475 4080  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:44:26.0568 4080  gusvc - ok
18:44:26.0724 4080  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
18:44:26.0756 4080  hamachi - ok
18:44:27.0239 4080  [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:44:27.0442 4080  Hamachi2Svc - ok
18:44:27.0504 4080  hasplms - ok
18:44:27.0738 4080  [ ADB4348DA1345877B04E22203AFC8993 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
18:44:27.0785 4080  hcmon - ok
18:44:27.0816 4080  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:44:27.0926 4080  hcw85cir - ok
18:44:28.0066 4080  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:44:28.0144 4080  HdAudAddService - ok
18:44:28.0222 4080  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:44:28.0284 4080  HDAudBus - ok
18:44:28.0347 4080  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:44:28.0394 4080  HidBatt - ok
18:44:28.0409 4080  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:44:28.0440 4080  HidBth - ok
18:44:28.0456 4080  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:44:28.0472 4080  HidIr - ok
18:44:28.0503 4080  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
18:44:28.0534 4080  hidserv - ok
18:44:28.0674 4080  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:44:28.0737 4080  HidUsb - ok
18:44:28.0784 4080  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:44:28.0862 4080  hkmsvc - ok
18:44:28.0924 4080  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:44:29.0002 4080  HomeGroupListener - ok
18:44:29.0033 4080  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:44:29.0080 4080  HomeGroupProvider - ok
18:44:29.0127 4080  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:44:29.0158 4080  HpSAMD - ok
18:44:29.0236 4080  [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
18:44:29.0314 4080  HTCAND64 - ok
18:44:29.0439 4080  [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
18:44:29.0470 4080  htcnprot - ok
18:44:29.0564 4080  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:44:29.0673 4080  HTTP - ok
18:44:29.0704 4080  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:44:29.0735 4080  hwpolicy - ok
18:44:29.0860 4080  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:44:29.0891 4080  i8042prt - ok
18:44:30.0047 4080  [ 660BF3255A1EB18ED803FD2FBA6AE400 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:44:30.0078 4080  IAANTMON - ok
18:44:30.0156 4080  [ BF5442DC14608D18949DC83DE37E667A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:44:30.0172 4080  iaStor - ok
18:44:30.0312 4080  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:44:30.0375 4080  iaStorV - ok
18:44:30.0484 4080  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:44:30.0546 4080  IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:44:30.0546 4080  IDriverT - detected UnsignedFile.Multi.Generic (1)
18:44:30.0749 4080  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:44:30.0796 4080  idsvc - ok
18:44:30.0858 4080  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:44:30.0890 4080  iirsp - ok
18:44:30.0999 4080  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:44:31.0077 4080  IKEEXT - ok
18:44:31.0389 4080  [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:44:31.0451 4080  IntcAzAudAddService - ok
18:44:31.0482 4080  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:44:31.0514 4080  intelide - ok
18:44:31.0576 4080  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:44:31.0623 4080  intelppm - ok
18:44:31.0670 4080  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:44:31.0810 4080  IPBusEnum - ok
18:44:31.0857 4080  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:44:31.0935 4080  IpFilterDriver - ok
18:44:31.0966 4080  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:44:32.0044 4080  IPMIDRV - ok
18:44:32.0138 4080  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:44:32.0216 4080  IPNAT - ok
18:44:32.0621 4080  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:44:32.0637 4080  iPod Service - ok
18:44:32.0699 4080  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:44:32.0996 4080  IRENUM - ok
18:44:33.0074 4080  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:44:33.0105 4080  isapnp - ok
18:44:33.0167 4080  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:44:33.0214 4080  iScsiPrt - ok
18:44:33.0308 4080  [ BE72D2B3A99615F84E270C80F0A18448 ] ISWKL           C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
18:44:33.0354 4080  ISWKL - ok
18:44:33.0510 4080  [ D9A4C1353CC653F8E2FE4D2C6A490E96 ] IswSvc          C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
18:44:33.0588 4080  IswSvc - ok
18:44:33.0744 4080  [ 1DFE5C5FC9E0ED4EBF5C5F4E539EC340 ] JawsServerAE64  C:\Program Files (x86)\GenArts\Monsters-AE64\bin\JawsServerAE64.exe
18:44:33.0807 4080  JawsServerAE64 ( UnsignedFile.Multi.Generic ) - warning
18:44:33.0807 4080  JawsServerAE64 - detected UnsignedFile.Multi.Generic (1)
18:44:33.0854 4080  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:44:33.0885 4080  kbdclass - ok
18:44:33.0932 4080  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:44:33.0978 4080  kbdhid - ok
18:44:34.0010 4080  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:44:34.0025 4080  KeyIso - ok
18:44:34.0056 4080  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:44:34.0134 4080  KSecDD - ok
18:44:34.0197 4080  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:44:34.0228 4080  KSecPkg - ok
18:44:34.0275 4080  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:44:34.0322 4080  ksthunk - ok
18:44:34.0384 4080  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:44:34.0478 4080  KtmRm - ok
18:44:34.0540 4080  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:44:34.0618 4080  LanmanServer - ok
18:44:34.0696 4080  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:44:34.0743 4080  LanmanWorkstation - ok
18:44:34.0946 4080  [ 93B73DED2BC688F140C6AE2FBAD45789 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
18:44:34.0977 4080  Live Updater Service - ok
18:44:35.0086 4080  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:44:35.0133 4080  lltdio - ok
18:44:35.0242 4080  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:44:35.0320 4080  lltdsvc - ok
18:44:35.0336 4080  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:44:35.0414 4080  lmhosts - ok
18:44:35.0570 4080  [ 37EFB026E1A8A79FBE7044A241281B3E ] LoopBeMidi1     C:\Windows\system32\drivers\loopbe1.sys
18:44:35.0648 4080  LoopBeMidi1 - ok
18:44:35.0710 4080  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:44:35.0757 4080  LSI_FC - ok
18:44:35.0772 4080  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:44:35.0804 4080  LSI_SAS - ok
18:44:35.0850 4080  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:44:35.0882 4080  LSI_SAS2 - ok
18:44:35.0928 4080  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:44:35.0960 4080  LSI_SCSI - ok
18:44:36.0038 4080  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:44:36.0147 4080  luafv - ok
18:44:36.0256 4080  [ A014E25D95F7091000B60FF8A1C2E988 ] lvpopf64        C:\Windows\system32\DRIVERS\lvpopf64.sys
18:44:36.0287 4080  lvpopf64 - ok
18:44:36.0381 4080  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:44:36.0412 4080  LVPr2M64 - ok
18:44:36.0521 4080  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:44:36.0537 4080  LVPr2Mon - ok
18:44:36.0693 4080  [ 9CD0DC863BE5D40A762F7D84F11A8471 ] LVPrcS64        C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
18:44:36.0708 4080  LVPrcS64 - ok
18:44:36.0849 4080  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
18:44:37.0332 4080  LVRS64 - ok
18:44:38.0284 4080  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
18:44:38.0424 4080  LVUVC64 - ok
18:44:38.0518 4080  [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus       C:\Windows\system32\DRIVERS\MarvinBus64.sys
18:44:38.0534 4080  MarvinBus - ok
18:44:38.0612 4080  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:44:38.0658 4080  Mcx2Svc - ok
18:44:38.0955 4080  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
18:44:39.0033 4080  MDM - ok
18:44:39.0048 4080  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:44:39.0111 4080  megasas - ok
18:44:39.0173 4080  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:44:39.0189 4080  MegaSR - ok
18:44:39.0282 4080  [ 1C12E44F3C1EB5CDA1477088B0CA3D30 ] mlkumidi        C:\Windows\system32\drivers\mlkumidi.sys
18:44:39.0314 4080  mlkumidi - ok
18:44:39.0376 4080  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:44:39.0470 4080  MMCSS - ok
18:44:39.0485 4080  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:44:39.0579 4080  Modem - ok
18:44:39.0626 4080  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:44:39.0641 4080  monitor - ok
18:44:39.0719 4080  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:44:39.0735 4080  mouclass - ok
18:44:39.0797 4080  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:44:39.0844 4080  mouhid - ok
18:44:39.0891 4080  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:44:39.0906 4080  mountmgr - ok
18:44:40.0062 4080  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:44:40.0109 4080  MozillaMaintenance - ok
18:44:40.0203 4080  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:44:40.0250 4080  mpio - ok
18:44:40.0296 4080  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:44:40.0374 4080  mpsdrv - ok
18:44:40.0406 4080  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:44:40.0562 4080  MRxDAV - ok
18:44:40.0608 4080  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:44:40.0671 4080  mrxsmb - ok
18:44:40.0686 4080  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:44:40.0718 4080  mrxsmb10 - ok
18:44:40.0733 4080  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:44:40.0764 4080  mrxsmb20 - ok
18:44:40.0858 4080  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:44:40.0889 4080  msahci - ok
18:44:41.0092 4080  [ B7A248E6BCAE3B17791A51A836DAE264 ] MsDepSvc        C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
18:44:41.0123 4080  MsDepSvc - ok
18:44:41.0154 4080  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:44:41.0201 4080  msdsm - ok
18:44:41.0232 4080  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:44:41.0295 4080  MSDTC - ok
18:44:41.0342 4080  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:44:41.0404 4080  Msfs - ok
18:44:41.0420 4080  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:44:41.0482 4080  mshidkmdf - ok
18:44:41.0513 4080  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:44:41.0529 4080  msisadrv - ok
18:44:41.0654 4080  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:44:41.0747 4080  MSiSCSI - ok
18:44:41.0763 4080  msiserver - ok
18:44:41.0810 4080  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:44:41.0856 4080  MSKSSRV - ok
18:44:41.0903 4080  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:44:41.0950 4080  MSPCLOCK - ok
18:44:42.0012 4080  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:44:42.0075 4080  MSPQM - ok
18:44:42.0122 4080  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:44:42.0153 4080  MsRPC - ok
18:44:42.0200 4080  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:44:42.0200 4080  mssmbios - ok
18:44:42.0371 4080  MSSQL$SQLEXPRESS - ok
18:44:42.0512 4080  [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:44:42.0558 4080  MSSQLServerADHelper100 - ok
18:44:42.0605 4080  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:44:42.0652 4080  MSTEE - ok
18:44:43.0448 4080  [ 0F4DD44765A7D23E0CD9965EE900558F ] msvsmon90       C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
18:44:43.0744 4080  msvsmon90 - ok
18:44:43.0760 4080  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:44:43.0775 4080  MTConfig - ok
18:44:43.0853 4080  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:44:43.0900 4080  Mup - ok
18:44:43.0994 4080  mysql - ok
18:44:44.0025 4080  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:44:44.0087 4080  napagent - ok
18:44:44.0228 4080  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:44:44.0321 4080  NativeWifiP - ok
18:44:44.0477 4080  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:44:44.0508 4080  NDIS - ok
18:44:44.0540 4080  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:44:44.0618 4080  NdisCap - ok
18:44:44.0664 4080  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:44:44.0742 4080  NdisTapi - ok
18:44:44.0789 4080  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:44:44.0867 4080  Ndisuio - ok
18:44:44.0914 4080  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:44:44.0992 4080  NdisWan - ok
18:44:45.0039 4080  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:44:45.0101 4080  NDProxy - ok
18:44:45.0382 4080  [ 0FF3C6AA3E0FE0EB316DF5449B569463 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
18:44:45.0413 4080  Nero BackItUp Scheduler 4.0 - ok
18:44:45.0476 4080  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:44:45.0554 4080  NetBIOS - ok
18:44:45.0569 4080  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:44:45.0647 4080  NetBT - ok
18:44:45.0678 4080  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:44:45.0678 4080  Netlogon - ok
18:44:45.0803 4080  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:44:45.0850 4080  Netman - ok
18:44:45.0959 4080  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:46.0271 4080  NetMsmqActivator - ok
18:44:46.0287 4080  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:46.0287 4080  NetPipeActivator - ok
18:44:46.0412 4080  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:44:46.0474 4080  netprofm - ok
18:44:46.0474 4080  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:46.0490 4080  NetTcpActivator - ok
18:44:46.0490 4080  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:46.0505 4080  NetTcpPortSharing - ok
18:44:46.0583 4080  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:44:46.0614 4080  nfrd960 - ok
18:44:46.0724 4080  [ 0ECAAFE210CD89D14992A53300FEBF45 ] NIWinCDEmu      C:\Windows\system32\DRIVERS\NIWinCDEmu.sys
18:44:46.0755 4080  NIWinCDEmu - ok
18:44:46.0895 4080  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:44:46.0989 4080  NlaSvc - ok
18:44:47.0145 4080  nocashio - ok
18:44:47.0192 4080  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:44:47.0285 4080  Npfs - ok
18:44:47.0332 4080  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:44:47.0394 4080  nsi - ok
18:44:47.0426 4080  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:44:47.0488 4080  nsiproxy - ok
18:44:47.0800 4080  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:44:48.0065 4080  Ntfs - ok
18:44:48.0346 4080  [ F6F0C3C031BF8260EB687DADA0D487DD ] NTI BackupNowEZSvr C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
18:44:48.0362 4080  NTI BackupNowEZSvr - ok
18:44:48.0440 4080  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
18:44:48.0471 4080  NTIDrvr - ok
18:44:48.0518 4080  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:44:48.0596 4080  Null - ok
18:44:48.0658 4080  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:44:48.0689 4080  nvraid - ok
18:44:48.0720 4080  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:44:48.0767 4080  nvstor - ok
18:44:48.0814 4080  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:44:48.0845 4080  nv_agp - ok
18:44:48.0876 4080  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:44:48.0970 4080  ohci1394 - ok
18:44:49.0110 4080  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:44:49.0235 4080  ose - ok
18:44:50.0421 4080  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:44:50.0748 4080  osppsvc - ok
18:44:50.0842 4080  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:44:50.0920 4080  p2pimsvc - ok
18:44:50.0936 4080  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:44:50.0967 4080  p2psvc - ok
18:44:51.0216 4080  [ 673E36852E2F9FA778D5D3DDCEFA591B ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
18:44:51.0326 4080  PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - warning
18:44:51.0326 4080  PaceLicenseDServices - detected UnsignedFile.Multi.Generic (1)
18:44:51.0372 4080  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:44:51.0388 4080  Parport - ok
18:44:51.0419 4080  Partizan - ok
18:44:51.0450 4080  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:44:51.0466 4080  partmgr - ok
18:44:51.0560 4080  [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
18:44:51.0606 4080  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
18:44:51.0606 4080  PassThru Service - detected UnsignedFile.Multi.Generic (1)
18:44:51.0700 4080  [ 7C0582921913D00180EC2B8518BA135C ] pbfilter        C:\Program Files\PeerBlock\pbfilter.sys
18:44:51.0716 4080  pbfilter - ok
18:44:51.0778 4080  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:44:51.0825 4080  PcaSvc - ok
18:44:51.0934 4080  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:44:51.0950 4080  pci - ok
18:44:51.0981 4080  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:44:51.0996 4080  pciide - ok
18:44:52.0074 4080  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:44:52.0184 4080  pcmcia - ok
18:44:52.0293 4080  [ A2AC545AB59AB2A564058B9A60F6456F ] PCPitstop Scheduling C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
18:44:52.0340 4080  PCPitstop Scheduling - ok
18:44:52.0355 4080  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:44:52.0386 4080  pcw - ok
18:44:52.0605 4080  [ A1688A4FB2EC49D040C027EF6DC7A87B ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
18:44:52.0652 4080  PDF Architect Helper Service - ok
18:44:52.0714 4080  [ E23FF9B2F8EEAB2BDDA681C21C48E843 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
18:44:52.0745 4080  PDF Architect Service - ok
18:44:52.0776 4080  PDIDRV - ok
18:44:52.0839 4080  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:44:52.0886 4080  PEAUTH - ok
18:44:53.0322 4080  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:44:53.0369 4080  PerfHost - ok
18:44:53.0744 4080  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:44:53.0806 4080  pla - ok
18:44:54.0102 4080  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:44:54.0602 4080  PlugPlay - ok
18:44:54.0633 4080  PnkBstrA - ok
18:44:54.0648 4080  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:44:54.0680 4080  PNRPAutoReg - ok
18:44:54.0711 4080  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:44:54.0726 4080  PNRPsvc - ok
18:44:54.0882 4080  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:44:54.0976 4080  PolicyAgent - ok
18:44:55.0023 4080  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:44:55.0070 4080  Power - ok
18:44:55.0101 4080  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:44:55.0132 4080  PptpMiniport - ok
18:44:55.0194 4080  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:44:55.0226 4080  Processor - ok
18:44:55.0257 4080  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:44:55.0272 4080  ProfSvc - ok
18:44:55.0288 4080  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:44:55.0304 4080  ProtectedStorage - ok
18:44:55.0335 4080  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:44:55.0397 4080  Psched - ok
18:44:55.0506 4080  [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
18:44:55.0522 4080  PSI - ok
18:44:55.0569 4080  [ BC08F7F3C53CBEE68670ED1314E290FD ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
18:44:55.0584 4080  PxHlpa64 - ok
18:44:55.0616 4080  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:44:55.0647 4080  ql2300 - ok
18:44:55.0709 4080  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:44:55.0725 4080  ql40xx - ok
18:44:55.0772 4080  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:44:55.0803 4080  QWAVE - ok
18:44:55.0803 4080  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:44:55.0850 4080  QWAVEdrv - ok
18:44:55.0865 4080  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:44:55.0912 4080  RasAcd - ok
18:44:55.0990 4080  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:44:56.0052 4080  RasAgileVpn - ok
18:44:56.0084 4080  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:44:56.0162 4080  RasAuto - ok
18:44:56.0224 4080  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:44:56.0349 4080  Rasl2tp - ok
18:44:56.0458 4080  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:44:56.0614 4080  RasMan - ok
18:44:56.0692 4080  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:44:56.0739 4080  RasPppoe - ok
18:44:56.0770 4080  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:44:56.0817 4080  RasSstp - ok
18:44:56.0910 4080  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:44:56.0973 4080  rdbss - ok
18:44:57.0020 4080  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:44:57.0051 4080  rdpbus - ok
18:44:57.0066 4080  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:44:57.0129 4080  RDPCDD - ok
18:44:57.0191 4080  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:44:57.0269 4080  RDPENCDD - ok
18:44:57.0285 4080  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:44:57.0332 4080  RDPREFMP - ok
18:44:57.0410 4080  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:44:57.0441 4080  RdpVideoMiniport - ok
18:44:57.0472 4080  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:44:57.0503 4080  RDPWD - ok
18:44:57.0534 4080  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:44:57.0566 4080  rdyboost - ok
18:44:57.0628 4080  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
18:44:57.0644 4080  RealNetworks Downloader Resolver Service - ok
18:44:57.0706 4080  [ EA569D48B2E755AF6D96F03F3335D98A ] Realtek11nSU    C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe
18:44:57.0722 4080  Realtek11nSU ( UnsignedFile.Multi.Generic ) - warning
18:44:57.0722 4080  Realtek11nSU - detected UnsignedFile.Multi.Generic (1)
18:44:57.0784 4080  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:44:57.0831 4080  RemoteAccess - ok
18:44:57.0893 4080  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:44:57.0940 4080  RemoteRegistry - ok
18:44:58.0065 4080  [ 0B169FE016039571ECC6DB70073F8979 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
18:44:58.0080 4080  RichVideo64 - ok
18:44:58.0112 4080  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:44:58.0174 4080  RpcEptMapper - ok
18:44:58.0221 4080  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:44:58.0252 4080  RpcLocator - ok
18:44:58.0283 4080  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:44:58.0314 4080  RpcSs - ok
18:44:58.0377 4080  [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105        C:\Windows\system32\DRIVERS\RsFx0105.sys
18:44:58.0424 4080  RsFx0105 - ok
18:44:58.0486 4080  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:44:58.0533 4080  rspndr - ok
18:44:58.0595 4080  [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:44:58.0611 4080  RTL8167 - ok
18:44:58.0642 4080  [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
18:44:58.0673 4080  RTL8192su - ok
18:44:58.0704 4080  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:44:58.0720 4080  SamSs - ok
18:44:58.0767 4080  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:44:58.0782 4080  sbp2port - ok
18:44:58.0954 4080  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
18:44:59.0032 4080  SBSDWSCService - ok
18:44:59.0110 4080  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:44:59.0157 4080  SCardSvr - ok
18:44:59.0235 4080  [ C81EB41E9FFC35560E5025891DC01A6E ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
18:44:59.0250 4080  SCDEmu - ok
18:44:59.0344 4080  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:44:59.0406 4080  scfilter - ok
18:44:59.0484 4080  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:44:59.0531 4080  Schedule - ok
18:44:59.0640 4080  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:44:59.0672 4080  SCPolicySvc - ok
18:44:59.0765 4080  [ 490B0B68BB938D5C628EC4A67277BE75 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
18:44:59.0781 4080  ScreamBAudioSvc - ok
18:44:59.0796 4080  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:44:59.0812 4080  SDRSVC - ok
18:44:59.0968 4080  [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\Patrick\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
18:45:00.0093 4080  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
18:45:00.0093 4080  SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
18:45:00.0124 4080  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:45:00.0186 4080  secdrv - ok
18:45:00.0233 4080  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:45:00.0280 4080  seclogon - ok
18:45:00.0452 4080  [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:45:00.0483 4080  Secunia PSI Agent - ok
18:45:00.0514 4080  [ CB2D183E27D1443F7D4CF10665B2BDED ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
18:45:00.0545 4080  Secunia Update Agent - ok
18:45:00.0576 4080  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
18:45:00.0639 4080  SENS - ok
18:45:00.0654 4080  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:45:00.0686 4080  SensrSvc - ok
18:45:00.0732 4080  [ 84AC127242DD3CCDE02F9A4673214B1F ] Sentinel64      C:\Windows\System32\Drivers\Sentinel64.sys
18:45:00.0748 4080  Sentinel64 - ok
18:45:00.0779 4080  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:45:00.0795 4080  Serenum - ok
18:45:00.0810 4080  Serial - ok
18:45:00.0842 4080  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:45:00.0873 4080  sermouse - ok
18:45:00.0904 4080  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:45:00.0951 4080  SessionEnv - ok
18:45:00.0982 4080  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:45:01.0044 4080  sffdisk - ok
18:45:01.0107 4080  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:45:01.0138 4080  sffp_mmc - ok
18:45:01.0185 4080  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:45:01.0216 4080  sffp_sd - ok
18:45:01.0232 4080  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:45:01.0247 4080  sfloppy - ok
18:45:01.0310 4080  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
18:45:01.0325 4080  Sftfs - ok
18:45:01.0528 4080  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:45:01.0575 4080  sftlist - ok
18:45:01.0606 4080  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:45:01.0622 4080  Sftplay - ok
18:45:01.0653 4080  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:45:01.0653 4080  Sftredir - ok
18:45:01.0668 4080  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
18:45:01.0684 4080  Sftvol - ok
18:45:01.0746 4080  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:45:01.0746 4080  sftvsa - ok
18:45:01.0840 4080  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:45:01.0902 4080  ShellHWDetection - ok
18:45:01.0949 4080  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:45:01.0965 4080  SiSRaid2 - ok
18:45:01.0965 4080  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:45:01.0980 4080  SiSRaid4 - ok
18:45:02.0136 4080  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:45:02.0199 4080  Skype C2C Service - ok
18:45:02.0277 4080  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:45:02.0308 4080  SkypeUpdate - ok
18:45:02.0339 4080  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:45:02.0433 4080  Smb - ok
18:45:02.0511 4080  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:45:02.0542 4080  SNMPTRAP - ok
18:45:02.0636 4080  [ 3610DA8868163D53A288636B1EAD77B8 ] SnugTV Service  C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
18:45:02.0667 4080  SnugTV Service ( UnsignedFile.Multi.Generic ) - warning
18:45:02.0667 4080  SnugTV Service - detected UnsignedFile.Multi.Generic (1)
18:45:02.0776 4080  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
18:45:02.0792 4080  speedfan - ok
18:45:02.0823 4080  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:45:02.0885 4080  spldr - ok
18:45:02.0916 4080  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:45:02.0948 4080  Spooler - ok
18:45:03.0088 4080  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:45:03.0213 4080  sppsvc - ok
18:45:03.0228 4080  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:45:03.0275 4080  sppuinotify - ok
18:45:03.0384 4080  [ 602884696850C86434530790B110E8EB ] sptd            C:\Windows\system32\Drivers\sptd.sys
18:45:03.0384 4080  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
18:45:03.0400 4080  sptd ( LockedFile.Multi.Generic ) - warning
18:45:03.0400 4080  sptd - detected LockedFile.Multi.Generic (1)
18:45:03.0478 4080  [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
18:45:03.0509 4080  SQLAgent$SQLEXPRESS - ok
18:45:03.0556 4080  [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:45:03.0587 4080  SQLBrowser - ok
18:45:03.0650 4080  [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:45:03.0665 4080  SQLWriter - ok
18:45:03.0696 4080  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:45:03.0712 4080  srv - ok
18:45:03.0743 4080  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:45:03.0790 4080  srv2 - ok
18:45:03.0790 4080  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:45:03.0821 4080  srvnet - ok
18:45:03.0852 4080  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:45:03.0899 4080  SSDPSRV - ok
18:45:03.0930 4080  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:45:03.0962 4080  SstpSvc - ok
18:45:04.0024 4080  [ EF806D212D34B0E173BAEB3564D53E37 ] ss_bbus         C:\Windows\system32\DRIVERS\ss_bbus.sys
18:45:04.0071 4080  ss_bbus - ok
18:45:04.0102 4080  [ 08B1B34ABEBEB6AC2DEA06900C56411E ] ss_bmdfl        C:\Windows\system32\DRIVERS\ss_bmdfl.sys
18:45:04.0102 4080  ss_bmdfl - ok
18:45:04.0118 4080  [ 71A9DA6BEAA4CB54DFB827FB78600A5D ] ss_bmdm         C:\Windows\system32\DRIVERS\ss_bmdm.sys
18:45:04.0133 4080  ss_bmdm - ok
18:45:04.0196 4080  Steam Client Service - ok
18:45:04.0196 4080  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:45:04.0211 4080  stexstor - ok
18:45:04.0274 4080  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:45:04.0336 4080  stisvc - ok
18:45:04.0352 4080  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:45:04.0367 4080  swenum - ok
18:45:04.0539 4080  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:45:04.0570 4080  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
18:45:04.0570 4080  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
18:45:04.0586 4080  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:45:04.0632 4080  swprv - ok
18:45:04.0835 4080  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:45:04.0913 4080  SysMain - ok
18:45:04.0944 4080  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:45:04.0960 4080  TabletInputService - ok
18:45:04.0991 4080  [ 4EF44915E522F3ECD1A3FF540AA64126 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
18:45:05.0054 4080  tap0901 - ok
18:45:05.0069 4080  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:45:05.0132 4080  TapiSrv - ok
18:45:05.0178 4080  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:45:05.0225 4080  TBS - ok
18:45:05.0288 4080  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:45:05.0381 4080  Tcpip - ok
18:45:05.0412 4080  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:45:05.0444 4080  TCPIP6 - ok
18:45:05.0522 4080  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:45:05.0537 4080  tcpipreg - ok
18:45:05.0584 4080  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:45:05.0615 4080  TDPIPE - ok
18:45:05.0693 4080  [ 1226A953D4FDBDFD570DA5CEE66EAA55 ] TDslMgrService  C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe
18:45:05.0709 4080  TDslMgrService ( UnsignedFile.Multi.Generic ) - warning
18:45:05.0709 4080  TDslMgrService - detected UnsignedFile.Multi.Generic (1)
18:45:05.0724 4080  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:45:05.0756 4080  TDTCP - ok
18:45:05.0787 4080  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:45:05.0818 4080  tdx - ok
18:45:05.0849 4080  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:45:05.0865 4080  TermDD - ok
18:45:05.0896 4080  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:45:05.0943 4080  TermService - ok
18:45:05.0974 4080  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:45:05.0990 4080  Themes - ok
18:45:06.0005 4080  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:45:06.0052 4080  THREADORDER - ok
18:45:06.0099 4080  [ BA73D503348F3323BD8E995860323442 ] Tpkd            C:\Windows\system32\drivers\Tpkd.sys
18:45:06.0114 4080  Tpkd - ok
18:45:06.0146 4080  [ 46DD8D38A8787A49DA80AF1E6D46B665 ] TRIDCap         C:\Windows\system32\DRIVERS\AVerTM62_x64.sys
18:45:06.0239 4080  TRIDCap - ok
18:45:06.0255 4080  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:45:06.0302 4080  TrkWks - ok
18:45:06.0348 4080  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:45:06.0395 4080  TrustedInstaller - ok
18:45:06.0458 4080  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:45:06.0504 4080  tssecsrv - ok
18:45:06.0598 4080  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:45:06.0645 4080  TsUsbFlt - ok
18:45:06.0692 4080  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:45:06.0754 4080  tunnel - ok
18:45:06.0785 4080  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:45:06.0801 4080  uagp35 - ok
18:45:06.0832 4080  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
18:45:06.0832 4080  UBHelper - ok
18:45:06.0848 4080  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:45:06.0894 4080  udfs - ok
18:45:06.0926 4080  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:45:06.0941 4080  UI0Detect - ok
18:45:06.0957 4080  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:45:06.0972 4080  uliagpkx - ok
18:45:07.0004 4080  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:45:07.0019 4080  umbus - ok
18:45:07.0050 4080  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:45:07.0113 4080  UmPass - ok
18:45:07.0206 4080  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
18:45:07.0238 4080  UMVPFSrv - ok
18:45:07.0394 4080  [ 93B73DED2BC688F140C6AE2FBAD45789 ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
18:45:07.0394 4080  Updater Service - ok
18:45:07.0472 4080  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:45:07.0534 4080  upnphost - ok
18:45:07.0581 4080  [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:45:07.0581 4080  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
18:45:07.0581 4080  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
18:45:07.0612 4080  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:45:07.0643 4080  usbaudio - ok
18:45:07.0659 4080  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:45:07.0690 4080  usbccgp - ok
18:45:07.0721 4080  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:45:07.0752 4080  usbcir - ok
18:45:07.0784 4080  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:45:07.0784 4080  usbehci - ok
18:45:07.0799 4080  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:45:07.0846 4080  usbhub - ok
18:45:07.0862 4080  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:45:07.0893 4080  usbohci - ok
18:45:07.0924 4080  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:45:07.0940 4080  usbprint - ok
18:45:08.0064 4080  [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
18:45:08.0064 4080  USBS3S4Detection - ok
18:45:08.0142 4080  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:45:08.0174 4080  usbscan - ok
18:45:08.0220 4080  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:45:08.0252 4080  USBSTOR - ok
18:45:08.0283 4080  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:45:08.0330 4080  usbuhci - ok
18:45:08.0361 4080  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:45:08.0376 4080  usbvideo - ok
18:45:08.0408 4080  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
18:45:08.0423 4080  usb_rndisx - ok
18:45:08.0439 4080  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:45:08.0470 4080  UxSms - ok
18:45:08.0501 4080  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:45:08.0517 4080  VaultSvc - ok
18:45:08.0579 4080  [ 780B472A8392771EF31031BA6238BF9E ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
18:45:08.0595 4080  VBoxDrv - ok
18:45:08.0657 4080  [ E705A3A384E7569FA2F1A3A29BDC5240 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
18:45:08.0657 4080  VBoxNetAdp - ok
18:45:08.0704 4080  [ D00756D69EFCFBF90F759D338E4B16EB ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
18:45:08.0720 4080  VBoxNetFlt - ok
18:45:08.0766 4080  [ 815E54E21908488BC545659A76D57D2F ] VBoxUSB         C:\Windows\system32\Drivers\VBoxUSB.sys
18:45:08.0782 4080  VBoxUSB - ok
18:45:08.0813 4080  [ 508CFD271CFDD2B686A0FC5D370070E6 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
18:45:08.0829 4080  VBoxUSBMon - ok
18:45:08.0891 4080  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
18:45:08.0922 4080  VClone - ok
18:45:08.0969 4080  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:45:08.0985 4080  vdrvroot - ok
18:45:09.0016 4080  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:45:09.0047 4080  vds - ok
18:45:09.0094 4080  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:45:09.0141 4080  vga - ok
18:45:09.0141 4080  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:45:09.0172 4080  VgaSave - ok
18:45:09.0219 4080  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:45:09.0234 4080  vhdmp - ok
18:45:09.0250 4080  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:45:09.0266 4080  viaide - ok
18:45:09.0328 4080  [ 94CF2D157C8FD9089AFA5DA78AA64C65 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
18:45:09.0375 4080  VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
18:45:09.0375 4080  VMAuthdService - detected UnsignedFile.Multi.Generic (1)
18:45:09.0422 4080  [ 87FC1DD880E8CAC4FAEBB84AF61A87C4 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
18:45:09.0437 4080  vmci - ok
18:45:09.0484 4080  [ 0B13268268B3D2C99BA5021593D0F767 ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
18:45:09.0578 4080  vmkbd - ok
18:45:09.0671 4080  [ 091E009EF749C9D65CF9ADFAD316D251 ] vmm             C:\Windows\system32\Treiber\vmm.sys
18:45:09.0671 4080  vmm - ok
18:45:09.0765 4080  [ B259C31378BC855AFD1B53F59311C251 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
18:45:09.0874 4080  VMnetAdapter - ok
18:45:10.0061 4080  [ DEC4CE720FFEDA939CF1BA315CFBD993 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
18:45:10.0077 4080  VMnetBridge - ok
18:45:10.0139 4080  VMnetDHCP - ok
18:45:10.0155 4080  [ EC9456D3E0E194D67D7430C7AB4EAB2C ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
18:45:10.0170 4080  VMnetuserif - ok
18:45:10.0217 4080  [ 415B167695C4B5960A13098622EF3D80 ] vmusb           C:\Windows\system32\Drivers\vmusb.sys
18:45:10.0233 4080  vmusb - ok
18:45:10.0326 4080  [ 18903CA7936912C337C9D28858880CF2 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
18:45:10.0358 4080  VMUSBArbService - ok
18:45:10.0404 4080  VMware NAT Service - ok
18:45:10.0467 4080  [ 75BC28F58C95B90DFFA5367310BC82EB ] vmware-converter-agent C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
18:45:10.0482 4080  vmware-converter-agent - ok
18:45:10.0560 4080  [ 3B7FF15F4F50D3AA3983A3D41FBE2835 ] vmware-converter-server C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
18:45:10.0576 4080  vmware-converter-server - ok
18:45:10.0592 4080  [ 3B7FF15F4F50D3AA3983A3D41FBE2835 ] vmware-converter-worker C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
18:45:10.0607 4080  vmware-converter-worker - ok
18:45:11.0871 4080  [ 8C01AE115E9E6806A25A9B5136FD6FC0 ] VMwareHostd     C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
18:45:12.0230 4080  VMwareHostd ( UnsignedFile.Multi.Generic ) - warning
18:45:12.0230 4080  VMwareHostd - detected UnsignedFile.Multi.Generic (1)
18:45:12.0276 4080  [ 940933DEF15495D50DC1232E28C70B48 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
18:45:12.0323 4080  vmx86 - ok
18:45:12.0354 4080  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:45:12.0370 4080  volmgr - ok
18:45:12.0401 4080  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:45:12.0464 4080  volmgrx - ok
18:45:12.0495 4080  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:45:12.0510 4080  volsnap - ok
18:45:12.0542 4080  [ 1065A957523ED51AAFFF737CC63010A6 ] Vsdatant        C:\Windows\system32\DRIVERS\vsdatant.sys
18:45:12.0557 4080  Vsdatant - ok
18:45:12.0682 4080  vsmon - ok
18:45:12.0713 4080  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:45:12.0729 4080  vsmraid - ok
18:45:12.0900 4080  [ F972436B5ED08069A1E7D623B77C226A ] VSPerfDrv110    C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
18:45:12.0916 4080  VSPerfDrv110 - ok
18:45:13.0010 4080  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:45:13.0119 4080  VSS - ok
18:45:13.0290 4080  [ 65EFAEC68FA234F36880533A79D7B1C1 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
18:45:13.0306 4080  vstor2-mntapi10-shared - ok
18:45:13.0509 4080  [ 254E8F9BA44E9F55416B0E51DBFF3C5F ] vToolbarUpdater15.3.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
18:45:13.0540 4080  vToolbarUpdater15.3.0 - ok
18:45:13.0556 4080  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:45:13.0587 4080  vwifibus - ok
18:45:13.0618 4080  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:45:13.0649 4080  vwififlt - ok
18:45:13.0680 4080  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:45:13.0727 4080  W32Time - ok
18:45:13.0790 4080  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:45:13.0836 4080  WacomPen - ok
18:45:13.0899 4080  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:45:13.0977 4080  WANARP - ok
18:45:13.0992 4080  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:45:14.0024 4080  Wanarpv6 - ok
18:45:14.0195 4080  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:45:14.0242 4080  WatAdminSvc - ok
18:45:14.0351 4080  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:45:14.0445 4080  wbengine - ok
18:45:14.0445 4080  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:45:14.0460 4080  WbioSrvc - ok
18:45:14.0523 4080  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:45:14.0601 4080  wcncsvc - ok
18:45:14.0616 4080  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:45:14.0632 4080  WcsPlugInService - ok
18:45:14.0663 4080  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:45:14.0679 4080  Wd - ok
18:45:14.0726 4080  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:45:14.0788 4080  Wdf01000 - ok
18:45:14.0804 4080  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:45:14.0850 4080  WdiServiceHost - ok
18:45:14.0850 4080  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:45:14.0866 4080  WdiSystemHost - ok
18:45:14.0928 4080  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:45:14.0960 4080  WebClient - ok
18:45:14.0975 4080  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:45:15.0022 4080  Wecsvc - ok
18:45:15.0038 4080  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:45:15.0084 4080  wercplsupport - ok
18:45:15.0131 4080  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:45:15.0194 4080  WerSvc - ok
18:45:15.0240 4080  [ C48CA80FDC6926A9FC2F520379BDB635 ] WFMC_VAD        C:\Windows\system32\DRIVERS\wfmcvad.sys
18:45:15.0256 4080  WFMC_VAD - ok
18:45:15.0287 4080  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:45:15.0318 4080  WfpLwf - ok
18:45:15.0412 4080  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
18:45:15.0443 4080  WimFltr - ok
18:45:15.0459 4080  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:45:15.0490 4080  WIMMount - ok
18:45:15.0506 4080  WinHttpAutoProxySvc - ok
18:45:15.0615 4080  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:45:15.0724 4080  Winmgmt - ok
18:45:15.0786 4080  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:45:15.0927 4080  WinRM - ok
18:45:15.0974 4080  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:45:16.0005 4080  WinUsb - ok
18:45:16.0020 4080  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:45:16.0052 4080  Wlansvc - ok
18:45:16.0145 4080  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:45:16.0208 4080  wlidsvc - ok
18:45:16.0239 4080  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:45:16.0254 4080  WmiAcpi - ok
18:45:16.0270 4080  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:45:16.0332 4080  wmiApSrv - ok
18:45:16.0410 4080  WMPNetworkSvc - ok
18:45:16.0426 4080  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:45:16.0426 4080  WPCSvc - ok
18:45:16.0442 4080  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:45:16.0473 4080  WPDBusEnum - ok
18:45:16.0488 4080  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:45:16.0520 4080  ws2ifsl - ok
18:45:16.0613 4080  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
18:45:16.0644 4080  WSDPrintDevice - ok
18:45:16.0644 4080  WSearch - ok
18:45:16.0847 4080  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:45:16.0894 4080  wuauserv - ok
18:45:16.0956 4080  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:45:16.0988 4080  WudfPf - ok
18:45:17.0019 4080  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:45:17.0034 4080  WUDFRd - ok
18:45:17.0066 4080  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:45:17.0097 4080  wudfsvc - ok
18:45:17.0128 4080  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:45:17.0159 4080  WwanSvc - ok
18:45:17.0222 4080  [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
18:45:17.0284 4080  xnacc - ok
18:45:17.0346 4080  [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
18:45:17.0362 4080  xusb21 - ok
18:45:17.0456 4080  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:45:17.0487 4080  YahooAUService - ok
18:45:17.0534 4080  [ 01BB59BED139965DF5964E021512942B ] YMIDUSBW        C:\Windows\system32\drivers\ymidusbx64.sys
18:45:17.0549 4080  YMIDUSBW - ok
18:45:17.0612 4080  ================ Scan global ===============================
18:45:17.0643 4080  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:45:17.0674 4080  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:45:17.0690 4080  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:45:17.0721 4080  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:45:17.0846 4080  [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
18:45:17.0846 4080  Suspicious file (NoAccess): C:\Windows\system32\services.exe. md5: 50BEA589F7D7958BDD2528A8F69D05CC
18:45:17.0846 4080  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
18:45:17.0846 4080  C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
18:45:17.0846 4080  ================ Scan MBR ==================================
18:45:17.0861 4080  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:45:18.0236 4080  \Device\Harddisk0\DR0 - ok
18:45:18.0251 4080  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
18:45:18.0454 4080  \Device\Harddisk1\DR1 - ok
18:45:18.0454 4080  [ 08B26729634452D0C2889C002B1BB97C ] \Device\Harddisk5\DR5
18:45:19.0047 4080  \Device\Harddisk5\DR5 - ok
18:45:19.0062 4080  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
18:45:19.0140 4080  \Device\Harddisk6\DR6 - ok
18:45:19.0156 4080  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk7\DR7
18:45:19.0640 4080  \Device\Harddisk7\DR7 - ok
18:45:19.0640 4080  ================ Scan VBR ==================================
18:45:19.0655 4080  [ C8A982E1C406822FB989FB83DD6DED53 ] \Device\Harddisk0\DR0\Partition1
18:45:19.0655 4080  \Device\Harddisk0\DR0\Partition1 - ok
18:45:19.0655 4080  [ 37C4825C1AB5B7E4FA384F6659B74700 ] \Device\Harddisk0\DR0\Partition2
18:45:19.0655 4080  \Device\Harddisk0\DR0\Partition2 - ok
18:45:19.0671 4080  [ 9C5E3917D4657DD4AA6ABD74432E956F ] \Device\Harddisk0\DR0\Partition3
18:45:19.0671 4080  \Device\Harddisk0\DR0\Partition3 - ok
18:45:19.0686 4080  [ 4B48B5157AE3D769BFD1E4A34CADD8D3 ] \Device\Harddisk1\DR1\Partition1
18:45:19.0686 4080  \Device\Harddisk1\DR1\Partition1 - ok
18:45:19.0686 4080  [ 378082F227E6B4E6A40CF06DDABC690F ] \Device\Harddisk5\DR5\Partition1
18:45:19.0686 4080  \Device\Harddisk5\DR5\Partition1 - ok
18:45:19.0702 4080  [ 8EEBB8E3486767CDBADABA7A235E2A56 ] \Device\Harddisk6\DR6\Partition1
18:45:19.0702 4080  \Device\Harddisk6\DR6\Partition1 - ok
18:45:19.0702 4080  [ 1A7FA95D122677089CF1D2B1F8E673C1 ] \Device\Harddisk6\DR6\Partition2
18:45:19.0702 4080  \Device\Harddisk6\DR6\Partition2 - ok
18:45:19.0702 4080  [ 6CB053519DA4E42915301A05273D5C29 ] \Device\Harddisk7\DR7\Partition1
18:45:19.0702 4080  \Device\Harddisk7\DR7\Partition1 - ok
18:45:19.0702 4080  ============================================================
18:45:19.0702 4080  Scan finished
18:45:19.0702 4080  ============================================================
18:45:19.0718 5664  Detected object count: 23
18:45:19.0718 5664  Actual detected object count: 23
18:45:59.0810 5664  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0810 5664  Apache2.2 ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664  Apache2.2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0810 5664  AVerRemote ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664  AVerRemote ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0810 5664  AVerScheduleService ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664  AVerScheduleService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0810 5664  AVerUpdateServer ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664  AVerUpdateServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0810 5664  FileZilla Server ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664  FileZilla Server ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0810 5664  FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664  FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0810 5664  FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664  FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0810 5664  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0810 5664  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  JawsServerAE64 ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  JawsServerAE64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  Realtek11nSU ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  Realtek11nSU ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  SnugTV Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  SnugTV Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  sptd ( LockedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  TDslMgrService ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  TDslMgrService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  VMwareHostd ( UnsignedFile.Multi.Generic ) - skipped by user
18:45:59.0825 5664  VMwareHostd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:45:59.0825 5664  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - skipped by user
18:45:59.0825 5664  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Skip
         
__________________

Alt 06.07.2013, 17:56   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Bei dem Fund mit Services.exe Cure wählen und laufen lassen. Reboot.
Log posten, frischen Scan mit TDSSKiller machen und das Log posten.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.07.2013, 18:45   #5
Patrick96
 
Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



So... ich habe hier nun mal alle Logs von tdsskiller und frst als .zip-Datei zusammengebunden.

Jetzt scheinen die Viren zwar verschwunden zu sein, aber ich komme immer noch nicht ins Internet, obwohl er verbunden ist.

Die Logfile vom tdsskiller ist einmal die mit dem ausgeführten Cure-Befehl und ...(2) und einmal die nach dem Reboot.

Achja... ich habe die Logs deswegen gepackt, weil sie zu groß für das Forum waren.


Alt 07.07.2013, 06:29   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Wir sind ja auch noch lange nicht fertig

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
ZeroAccess:
C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}
C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}\L
C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}\U

C:\Windows\SysWOW64\WinMonitor.exe
C:\Windows\SysWOW64\libs.exe
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



und ein frisches FRST Scanlog bitte. Logs bitte in Codetags posten.
__________________
--> Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)

Alt 07.07.2013, 10:26   #7
Patrick96
 
Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Also guten Morgen erstmal und sorry für die etwas verspätete Antwort

Hier nun der Fixlog:

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-07-2013
Ran by Patrick at 2013-07-07 11:14:30 Run:1
Running from C:\Users\Patrick\Desktop
Boot Mode: Normal
==============================================

C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102} => Moved successfully.
"C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}\L" => File/Directory not found.
"C:\Windows\Installer\{381af116-1e5c-99d2-68eb-302a87340102}\U" => File/Directory not found.
C:\Windows\SysWOW64\WinMonitor.exe => Moved successfully.
C:\Windows\SysWOW64\libs.exe => Moved successfully.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender\de-DE" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCommu.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpRTP.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.

==== End of Fixlog ====
         

Alt 07.07.2013, 10:31   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Dann ein frisches Scanlog mit FRST bitte
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2013, 10:48   #9
Patrick96
 
Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



So... da der Log anscheinend wieder nicht direkt in den Beitrag passt, habe ich ihn als Anhang beigelegt.

Alt 07.07.2013, 11:19   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2013, 11:42   #11
Patrick96
 
Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Ich habe ein Problem... die Virensoftware sei angeblich noch aktiv, obwohl ich sie eigentlich beendet habe. Wenn ich im Taskmanager schaue, ist diese auch aktiv, aber ich kann sie nicht beenden.

Was soll ich jetzt machen? ComboFix mit laufendem Virenscanner starten?

Alt 07.07.2013, 12:43   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Welcher Virenscanner? Wenn du ihn unten in der Taskleiste deaktiviert hast passt das, einfach OK klicken.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2013, 12:46   #13
Patrick96
 
Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Das ist der von Avira (Free-Edition)

P.S.: Mein Internet geht nun wieder... und das, obwohl ich ComboFix jetzt gar nicht benutzt habe! Jedoch verstehe ich immer noch nicht, warum bei meinem AV-Programm der Browserschutz noch nicht wieder funktioniert...

Alt 07.07.2013, 12:57   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Standard

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Lesestoff:
Warum wir Avira nicht mehr empfehlen
Avira liefert seit einiger Zeit mit der Standardinstallation die Ask Toolbar mit aus. Diese Toolbar ist Voraussetzung dafür, dass der Webguard zuverlässig funktioniert. Die Ask Toolbar ist dafür bekannt, dass sie das Surfverhalten des Benutzers ausspioniert, um damit in letzter Konsequenz Geld zu verdienen. Daher wird von uns auf diesem Board als "schädlich" eingestuft. Mehr Informationen.

Eine Sicherheitsfirma, die dem Benutzer praktisch ungefragt schädliche Software "unterjubelt", scheidet für uns daher aus. Wir empfehlen daher allen Nutzern von Avira aufgrund dieser Geschäftspraktik, der teilweise äußerst schlechten Erkennungsrate und der überaus nervtötenden Werbung Avira zu deinstallieren und auf ein alternatives Produkt auszuweichen.

Solltest du dich zu einem Wechsel entscheiden, empfehlen wir dir nach der Deinstallation mit dem Avira-Cleaner alle Reste zu entfernen.


Und weil wir adware und malware entfernen geht der Browserschutz nicht mehr.

Bitte combofix laufen lassen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.07.2013, 12:35   #15
Patrick96
 
Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Idee

Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)



Hallo und sorry erstmal, dass ich mich etwas zu spät melde.

Also das mit Avira hab ich mittlerweile gecheckt und hab ihn einfach nochmal neu installiert. Nun funktioniert auch der WebGuard-Dienst wieder so, wie er soll!

ComboFix hab ich bis jetzt noch nicht laufen lassen, da im Moment alles i.O. scheint und er auch nichts neues findet oder nach Viren meckert. Ich werde das aber nachholen, wenn es hier unbedingt empfohlen wird.

Aber für's erste bedanke ich mich hier für die echt super Tipps und die Hilfe... das Forum ist echt super, werde es bei jedem weiterempfehlen, denn dank euch habe ich gelernt, dass man nicht immer gleich sein System neu aufsetzen muss, wenn es ein Virenproblem gibt.

Gruß

Antwort

Themen zu Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)
avira, c:\windows, dateien, dateien gelöscht, erkannt, firewall, folge, folgende, geht nicht mehr, gelöscht, hilfe!, langsam, leute, löschen, melde, meldet, nicht mehr, platzt, services.exe, system, system32, tr/atraps.gen, trojaner, vieren, viren, windows



Ähnliche Themen: Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)


  1. Windwos 7: Norton meldet sich ca. jede Minute mit "system infected: trojan.ransomlock.g"
    Plagegeister aller Art und deren Bekämpfung - 30.01.2015 (15)
  2. Avira meldet TR/Jorik.Totem.vz, TR/ATRAPS.Gen2, T/ATRAPS.Gen
    Plagegeister aller Art und deren Bekämpfung - 27.10.2013 (50)
  3. Avira meldet Trojaner "TR/Sirefef.AG.9" und "TR/ATRAPS.Gen2"
    Plagegeister aller Art und deren Bekämpfung - 26.04.2013 (9)
  4. Avira findet TR/Sirefef.16896 und TR/ATRAPS.Gen und TR/ATRAPS.Gen2 in Windows\Installer und W32/Patched.UA in Windows\System32\service.exe
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (23)
  5. Avira meldet TR/ZAccess.H , TR/Sirefef.A.37 , TR/ATRAPS.Gen und TR/ATRAPS.Gen2
    Plagegeister aller Art und deren Bekämpfung - 17.10.2012 (2)
  6. Avira meldet(e) regelmäßig TR/ATRAPS.Gen2 Virus/Trojaner
    Log-Analyse und Auswertung - 07.09.2012 (38)
  7. TR/ATRAPS.Gen TR/ZAcces.H und TR/Cutwail.jhg
    Plagegeister aller Art und deren Bekämpfung - 18.08.2012 (27)
  8. Virus/Trojaner: Win64/sirefef.A ; Win64/sirefef.AB ; Win64/sirefef.W ; Auto-Neustart nach 1 Minute
    Plagegeister aller Art und deren Bekämpfung - 13.08.2012 (18)
  9. Avira meldet TR/ATRAPS.Gen, TR/ATRAPS.Gen2 und BDS/ZAccess.wjr
    Log-Analyse und Auswertung - 01.08.2012 (1)
  10. Avira Antivirus Premium 2012: Funde von TR/ATRAPS.GEN TR/ATRAPS.GEN2 TR/Sirefef.P.666 BDS/ZAccess.T
    Log-Analyse und Auswertung - 25.07.2012 (3)
  11. Avira ANtivir meldet Befall durch: tr/atraps.gen & tr atraps.gen2
    Plagegeister aller Art und deren Bekämpfung - 03.07.2012 (3)
  12. Antivir meldet ständig Probleme mit TR/ATRAPS.Gen2 und TR/Sirefef.AG.35
    Plagegeister aller Art und deren Bekämpfung - 02.07.2012 (23)
  13. Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden
    Plagegeister aller Art und deren Bekämpfung - 21.06.2012 (31)
  14. TR/Matsnu.CRZY, TR/Small.Fi,TR/Crypt.Gypikon.B, TR/Atraps.Gen2 - Virenmeldung jede 2. Minute
    Plagegeister aller Art und deren Bekämpfung - 16.06.2012 (30)
  15. Avira meldet Trojaner: TR/Sirefef.GC.1; TR/Small.FI und TR/ATRAPS.Gen2
    Plagegeister aller Art und deren Bekämpfung - 15.06.2012 (3)
  16. Avira meldet Trojaner ATRAPS.GEN2 und Sirefef.AG.35
    Plagegeister aller Art und deren Bekämpfung - 12.06.2012 (27)
  17. AVIRA meldet TR/sirefef.J.615 , TR/ATRAPS.Gen2 und TR/Offend.kdv.488489
    Plagegeister aller Art und deren Bekämpfung - 03.03.2012 (3)

Zum Thema Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) - Hallo Leute, also so langsam platzt mir echt der Kragen...! Ich war ja letztens schon hier und hatte ein Viren Problem. Nun hab ich anscheinend wieder eins. Und zwar meldet - Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces)...
Archiv
Du betrachtest: Avira meldet jede Minute die gleichen Trojaner (Sirefef, ATRAPS und ZAcces) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.