Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   GVU Trojaner Windows7 32bit (https://www.trojaner-board.de/120946-gvu-trojaner-windows7-32bit.html)

Hompen 01.08.2012 09:13
GVU Trojaner Windows7 32bit
 
Hallo, der PC meiner Eltern hat sich eine GVU Trojaner eingefangen und nun versuche ich mit meinem - zugegebenermaßen - Halbwissen diesen zu flicken.

Habe versucht ihn mit Kaspersky Windows Unlocker zu entsperren um anschliessend die wichtigsten Daten zu sichern befor ich das System neu aufsetzen werde (müssen) - Dies leider ohne Erfolg.

Daher hier mein diversen txt files:
OTL:
Code:
OTL logfile created on: 31.07.2012 20:21:52 - Run 1
OTL by OldTimer - Version 3.2.55.0    Folder = C:\Users\****\Desktop
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 86,90% Memory free
6,00 Gb Paging File | 5,63 Gb Available in Paging File | 93,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 454,29 Gb Total Space | 349,05 Gb Free Space | 76,84% Space Free | Partition Type: NTFS
 
Computer Name: *****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.31 20:14:41 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.01.15 13:45:34 | 000,181,248 | ---- | M] () -- C:\Windows\System32\txmlutil.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.07.27 11:39:40 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.02 05:11:59 | 000,136,784 | ---- | M] (Samsung Electronics) [On_Demand | Stopped] -- C:\Windows\System32\SUPDSvc2.exe -- (Samsung UPD Service2)
SRV - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.02.09 15:15:41 | 002,480,048 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010.12.10 19:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010.12.10 19:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Programme\SQL2005EXP\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$DWINSTANCE01)
SRV - [2010.12.10 19:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2010.12.10 19:29:30 | 000,044,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2010.09.21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.07.29 18:57:34 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.02.01 02:01:02 | 000,661,176 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.01.20 15:27:24 | 001,622,320 | ---- | M] (Acronis Inc.) [Auto | Stopped] -- C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\vsserv.exe -- (VSSERV)
SRV - [2009.12.10 18:02:32 | 000,331,616 | ---- | M] (Acronis Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Update Service\livesrv.exe -- (LIVESRV)
SRV - [2009.12.10 18:01:56 | 000,181,600 | ---- | M] (Acronis Inc. hxxp://www.acronis.com/homecomputing/products/antivirus) [On_Demand | Stopped] -- C:\Programme\Common Files\Acronis Backup and Security\Acronis Backup and Security Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV - [2009.11.19 15:00:04 | 000,311,296 | ---- | M] (Acronis Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Acronis Backup and Security\Acronis Backup and Security Threat Scanner\scan.dll -- (scan)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Programme\Sony\Kamera\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ADMINI~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - [2011.05.21 06:01:00 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.02.09 15:15:42 | 000,160,288 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2011.02.09 15:15:39 | 000,911,680 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tdrpm258.sys -- (tdrpman258)
DRV - [2011.02.09 15:15:35 | 000,581,984 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2011.02.09 15:15:27 | 000,163,904 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2010.06.22 00:07:37 | 000,105,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010.01.04 19:41:24 | 000,079,368 | ---- | M] (BitDefender LLC) [Kernel | System | Stopped] -- C:\Programme\Common Files\Acronis Backup and Security\Acronis Backup and Security Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2009.12.31 11:22:09 | 000,295,936 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2009.11.10 18:04:14 | 000,152,456 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\bdfm.sys -- (BDFM)
DRV - [2009.11.10 17:14:22 | 000,054,912 | ---- | M] (BitDefender) [Kernel | On_Demand | Stopped] -- C:\Programme\Acronis Backup and Security\Acronis Backup and Security 2010\bdselfpr.sys -- (BDSelfPr)
DRV - [2009.10.19 17:04:00 | 000,072,200 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Windows\System32\drivers\BdfNdisf6.sys -- (bdfndisf)
DRV - [2009.09.23 03:19:31 | 000,055,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2009.09.23 03:18:08 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009.09.23 03:18:07 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2009.09.22 09:22:06 | 000,083,208 | ---- | M] (BitDefender) [Kernel | Auto | Stopped] -- C:\Programme\Acronis Backup and Security\Acronis Backup and Security 2010\bdvedisk.sys -- (BDVEDISK)
DRV - [2009.08.27 17:28:44 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Programme\Common Files\Acronis Backup and Security\Acronis Backup and Security Threat Scanner\profos.sys -- (Profos)
DRV - [2009.07.24 12:26:08 | 000,285,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Stopped] -- C:\Windows\System32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.10 06:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2009.05.07 04:22:06 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Programme\Common Files\Acronis Backup and Security\Acronis Backup and Security Threat Scanner\trufos.sys -- (Trufos)
DRV - [2006.09.18 14:05:30 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook: {03fee850-0101-4e9e-b6d4-6fc74d3db360} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{8355CFDD-F1A7-4CAC-B746-F868516AF8C6}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2412158
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {03fee850-0101-4e9e-b6d4-6fc74d3db360} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {349523AC-38F8-4042-A116-1E06A154CDDC}
IE - HKCU\..\SearchScopes\{349523AC-38F8-4042-A116-1E06A154CDDC}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADSA_de
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2412158
IE - HKCU\..\SearchScopes\{EFA598D4-61A9-484A-9747-AB70A41929A0}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=F63C4AE1-B6AE-434A-B16A-A508926D0372&apn_sauid=13F5BE0F-7566-434C-9BEB-DDE7BB6DDE37
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.14 21:40:17 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {03fee850-0101-4e9e-b6d4-6fc74d3db360} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acronis Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Programme\Acronis Backup and Security\Acronis Backup and Security 2010\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ACAgent] C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\bdagent.exe (Acronis Inc.)
O4 - HKLM..\Run: [Acronis Antiphishing Helper] C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\IEShow.exe (Acronis Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Programme\Sony\Kamera\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01654E26-BAD1-44BB-A12B-2EC86CB3D40C}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0EBE922-E952-45B2-B7F1-C74D50C638C9}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.31 20:14:22 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
[2012.07.31 17:13:27 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.07.27 09:20:32 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{2D517E97-0BAA-4E07-A5C8-CA68F107E8CD}
[2012.07.27 09:19:50 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{B94C5DD1-6937-4D24-8860-5AEE46887F47}
[2012.07.19 09:14:49 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2012.07.13 09:59:12 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\CrashDumps
[2012.07.12 19:37:30 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{959D19E7-9540-4074-A41D-7F59EDF7DEF0}
[2012.07.05 19:28:26 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{AA6D5B7B-315C-4148-AC86-F102BA8B9212}
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.31 20:17:42 | 000,000,000 | ---- | M] () -- C:\Users\****\defogger_reenable
[2012.07.31 20:15:31 | 000,302,592 | ---- | M] () -- C:\Users\****\Desktop\trjppjhq.exe
[2012.07.31 20:14:41 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
[2012.07.31 20:14:00 | 000,050,477 | ---- | M] () -- C:\Users\****\Desktop\Defogger.exe
[2012.07.31 20:08:26 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2012.07.31 20:08:24 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.07.31 20:08:18 | 2414,678,016 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.31 20:07:35 | 000,000,132 | ---- | M] () -- C:\windows\System32\rezumatenoi.dat
[2012.07.31 20:07:25 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.31 20:06:59 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.31 18:59:23 | 000,016,768 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.31 18:59:23 | 000,016,768 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.31 18:58:35 | 004,503,728 | ---- | M] () -- C:\ProgramData\ras_0oed.pad
[2012.07.31 13:37:10 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012.07.31 09:42:21 | 000,001,883 | ---- | M] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.07.13 16:02:52 | 008,958,710 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012.07.13 16:02:52 | 003,083,004 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012.07.13 16:02:52 | 002,749,610 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012.07.13 16:02:52 | 002,447,796 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012.07.13 08:39:22 | 000,289,008 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.07.31 20:17:42 | 000,000,000 | ---- | C] () -- C:\Users\****\defogger_reenable
[2012.07.31 20:15:31 | 000,302,592 | ---- | C] () -- C:\Users\****\Desktop\trjppjhq.exe
[2012.07.31 20:14:00 | 000,050,477 | ---- | C] () -- C:\Users\****\Desktop\Defogger.exe
[2012.07.31 09:42:20 | 004,503,728 | ---- | C] () -- C:\ProgramData\ras_0oed.pad
[2012.07.31 09:42:20 | 000,001,883 | ---- | C] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.04.20 11:33:02 | 000,349,264 | ---- | C] () -- C:\windows\System32\UPDIO2.dll
[2012.04.20 11:33:01 | 000,261,712 | ---- | C] () -- C:\windows\SUPDRun.exe
[2012.04.20 11:33:01 | 000,151,552 | ---- | C] () -- C:\windows\System32\spd__ci.exe
[2012.04.20 11:33:01 | 000,024,064 | ---- | C] () -- C:\windows\System32\spd__l.dll
[2011.07.18 08:57:39 | 000,000,400 | ---- | C] () -- C:\windows\ODBC.INI
[2011.05.08 08:59:18 | 000,000,000 | ---- | C] () -- C:\Users\****\AppData\Local\{A7C87768-1FE0-480F-A0BA-EEF75FE0E5B6}
[2011.02.17 16:02:48 | 000,462,848 | ---- | C] () -- C:\windows\ssndii.exe
[2011.02.16 14:51:37 | 000,000,000 | ---- | C] () -- C:\windows\System32\wsbl.dat
[2011.02.16 14:51:37 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_white.dat
[2011.02.16 14:51:37 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_summ.dat
[2011.02.16 14:51:37 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_black.dat
[2011.02.16 14:51:37 | 000,000,000 | ---- | C] () -- C:\windows\System32\pcwords2.dat
[2011.02.16 14:51:37 | 000,000,000 | ---- | C] () -- C:\windows\System32\pcwords.dat
[2011.02.16 14:15:23 | 000,000,132 | ---- | C] () -- C:\windows\System32\rezumatenoi.dat
[2011.02.09 15:25:45 | 000,000,016 | ---- | C] () -- C:\windows\System32\asdict.dat
[2011.02.09 15:25:45 | 000,000,004 | ---- | C] () -- C:\windows\System32\aspdict-en.dat
[2011.01.24 09:56:47 | 000,140,288 | ---- | C] () -- C:\windows\System32\igfxtvcx.dll
[2011.01.24 09:36:23 | 000,080,416 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
 
========== LOP Check ==========
 
[2011.02.09 15:45:33 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Acronis
[2011.02.09 15:13:50 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Acronis Backup and Security
[2012.02.14 21:59:26 | 000,000,000 | -H-D | M] -- C:\Users\****\AppData\Roaming\RPPrivate
[2011.07.18 08:50:26 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\SoftGrid Client
[2011.07.09 09:47:45 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TeamViewer
[2011.02.09 12:59:16 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TP
[2011.06.03 16:13:43 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Windows Live Writer
[2011.09.14 21:07:01 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\WordToPDF
[2012.07.27 08:59:03 | 000,032,632 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Extra.txt:
Code:
OTL Extras logfile created on: 31.07.2012 20:21:52 - Run 1
OTL by OldTimer - Version 3.2.55.0    Folder = C:\Users\****\Desktop
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 86,90% Memory free
6,00 Gb Paging File | 5,63 Gb Available in Paging File | 93,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 454,29 Gb Total Space | 349,05 Gb Free Space | 76,84% Space Free | Partition Type: NTFS
 
Computer Name: *****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0759201C-4BD0-4F9E-BE3D-B167D4F3EA67}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{10EA10E3-2A95-49B2-ABAE-B399E21AC849}" = rport=138 | protocol=17 | dir=out | app=system |
"{17661162-3CB2-4E66-83BC-45F52EEE99E7}" = rport=445 | protocol=6 | dir=out | app=system |
"{3B07B2BE-5859-4897-BC8F-6B1994FA663D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{42CE550B-1B42-4678-8CE4-5CCF0F0188B6}" = lport=137 | protocol=17 | dir=in | app=system |
"{4A0D575B-978F-487D-B6F0-818FC78F005B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4D3FC748-03DF-45A1-A141-195050354FB3}" = lport=445 | protocol=6 | dir=in | app=system |
"{686D484C-3DD2-41C9-8AAC-3568E97FF8AF}" = rport=137 | protocol=17 | dir=out | app=system |
"{75A26AB2-498D-4459-8C2E-E3D1E02C29B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8F80435B-3DA7-49FC-A282-7356FFC81049}" = lport=138 | protocol=17 | dir=in | app=system |
"{963C5484-0B25-480E-ADFB-BD7585982939}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A58F8B41-6387-43BB-A6C6-4107263D1179}" = rport=139 | protocol=6 | dir=out | app=system |
"{C6717BE3-E7EC-4A92-9612-0AD8A5F31E8C}" = lport=139 | protocol=6 | dir=in | app=system |
"{E201BCB3-289B-48E2-9706-90EAE0D61434}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BE82F52-B34E-4B67-AF04-B91F68B89113}" = protocol=6 | dir=in | app=c:\windows\system32\supdsvc2.exe |
"{1DD1C213-DDDE-4FE3-B277-D9616DBC3083}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{59B10ED6-255D-4B81-900E-BA1A98978647}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{78B6A2FD-803B-4904-BF16-8C9E1C8133DF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AEF73F75-0E1D-42B0-BB2E-18842A159AE6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CA2C6505-F81E-4BE6-9D78-85499190257A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E264D6A2-AF3C-419E-A2F5-E49A15DC9F1F}" = protocol=17 | dir=in | app=c:\windows\system32\supdsvc2.exe |
"TCP Query User{066185A9-0B0C-43A5-98C5-47D1582E470C}C:\program files\dtm2009\dwrun.exe" = protocol=6 | dir=in | app=c:\program files\dtm2009\dwrun.exe |
"TCP Query User{10DB78BB-8210-4FCE-9329-F1188768C343}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{3EC305AE-C231-4F8F-B8BC-BCA0D94C35B2}C:\program files\dtm2009\dw.exe" = protocol=6 | dir=in | app=c:\program files\dtm2009\dw.exe |
"UDP Query User{1546EAC9-4CE0-4CFA-82EE-1964B0AD7C69}C:\program files\dtm2009\dwrun.exe" = protocol=17 | dir=in | app=c:\program files\dtm2009\dwrun.exe |
"UDP Query User{25928F8F-4E66-475F-8DA8-E5EEBEC4D1D3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{29D3EDCF-1134-42B2-A23F-939079761C77}C:\program files\dtm2009\dw.exe" = protocol=17 | dir=in | app=c:\program files\dtm2009\dw.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (DWINSTANCE01)
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7ED39639-9464-43A6-94DA-535F4EF2A940}" = Acronis Backup and Security 2010
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.5.3
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C7FDDBC6-6BAA-4B9B-B560-A43BBC802411}_is1" = DTM2009 4.0.1252.2
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EF1F8765-BEBF-47A0-BA04-DE99E0E392F2}" = Acronis*True*Image*Home
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"2DC0AA065FA83047D7ECD51C7000C1620D79A4C5" = Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16)
"51A4D522DD31538335EF5736F0E7F588C70BCB12" = Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Google Chrome" = Google Chrome
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Profi cash" = Profi cash
"RealoreStudios Toolbar" = RealoreStudios Toolbar
"RealPlayer 15.0" = RealPlayer
"Roads of Rome 2_is1" = Roads of Rome 2
"Samsung SCX-4200 Series" = Samsung SCX-4200 Series
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"TVWiz" = Intel(R) TV Wizard
"WinLiveSuite" = Windows Live Essentials
"WordToPDF_is1" = WordToPDF 2.4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.07.2012 07:38:35 | Computer Name = ****-PC | Source = MSSQL$DWINSTANCE01 | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.
 
Error - 31.07.2012 07:38:35 | Computer Name = ****-PC | Source = MSSQL$DWINSTANCE01 | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
 sqlctr.ini for this instance, and ensure that the instance login account has correct
 registry permissions.
 
Error - 31.07.2012 12:56:59 | Computer Name = ****-PC | Source = MSSQL$DWINSTANCE01 | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.
 
Error - 31.07.2012 12:56:59 | Computer Name = ****-PC | Source = MSSQL$DWINSTANCE01 | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
 sqlctr.ini for this instance, and ensure that the instance login account has correct
 registry permissions.
 
Error - 31.07.2012 13:00:11 | Computer Name = ****-PC | Source = MSSQL$DWINSTANCE01 | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.
 
Error - 31.07.2012 13:00:11 | Computer Name = ****-PC | Source = MSSQL$DWINSTANCE01 | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
 sqlctr.ini for this instance, and ensure that the instance login account has correct
 registry permissions.
 
Error - 31.07.2012 13:02:47 | Computer Name = ****-PC | Source = MSSQL$DWINSTANCE01 | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.
 
Error - 31.07.2012 13:02:47 | Computer Name = ****-PC | Source = MSSQL$DWINSTANCE01 | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
 sqlctr.ini for this instance, and ensure that the instance login account has correct
 registry permissions.
 
Error - 31.07.2012 14:07:01 | Computer Name = ****-PC | Source = MSSQL$DWINSTANCE01 | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.
 
Error - 31.07.2012 14:07:01 | Computer Name = ****-PC | Source = MSSQL$DWINSTANCE01 | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
 sqlctr.ini for this instance, and ensure that the instance login account has correct
 registry permissions.
 
[ System Events ]
Error - 31.07.2012 14:13:52 | Computer Name = ****-PC | Source = DCOM | ID = 10005
Description =
 
Error - 31.07.2012 14:17:14 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 31.07.2012 14:17:14 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 31.07.2012 14:17:14 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 31.07.2012 14:19:20 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 31.07.2012 14:19:20 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 31.07.2012 14:19:20 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 31.07.2012 14:24:20 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 31.07.2012 14:24:20 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 31.07.2012 14:24:20 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
 
< End of report >
Gmer.txt: hier bin ich mir nicht ganz sicher ob ich richtig vorgegangen bin, als die Häckenchen zu entfernen waren. Habe sie bei IAT/EAT, Show all herausgenommen und bei der Systempartition (C:) gelassen. Da hat sich der Scan aufgehängt. Habe dann nochmals - ohne Häkchen bei der C: partition laufen lassen und hier das Ergebnis:
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-31 20:56:43
Windows 6.1.7600  Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AAKS-00UU3A0 rev.01.03B01
Running: trjppjhq.exe; Driver: C:\Users\****\AppData\Local\Temp\ufdiqpod.sys


---- Kernel code sections - GMER 1.0.15 ----

.text          ntkrnlpa.exe!ZwRollbackTransaction + 13E9  82895599 1 Byte  [06]
.text          ntkrnlpa.exe!KiDispatchInterrupt + 5A2    828BA092 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                    tdrpm258.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1    tdrpm258.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1    fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1    rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1    snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2    tdrpm258.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2    fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2    rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2    snapman.sys (Acronis Snapshot API/Acronis)

Device          \Driver\ACPI_HAL \Device\0000004a          halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
ich hoffe mir kann hier einer helfen und schon mal Danke für die Mühen.
Gruss Hompen.

markusg 01.08.2012 10:41
die infektion ist ja auch kein wunder, bei den fehlenen updates.
währe die software aktuell, wäre das nicht passiert, dass können wir uns aber am ende ansehen.

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
:OTL
[2012.07.31 09:42:20 | 000,001,883 | ---- | C] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
 :Files
:Commands
[Reboot]


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

für eine weitere analyse benötige ich mal folgendes.
c:\Users\name\AppData\LocalLow\Sun\Java\Deployment\cache
dort rechtsklick auf den ordner cache, diesen mit winrar oder einem anderen programm packen, und im upload channel hochladen bitte
Trojaner-Board Upload Channel
wenn dies erledigt ist, bittemelden.

Hompen 01.08.2012 13:29
Bin ein wenig irritiert, ob ich das jetzt richtig gemacht habe.
habe den code in OTL eingefügt und laufen lassen mit 'Fix'.
Anschließend wurde ein Neustart verlangt, dem ich mit OK zugestimmt habe und er ist im normale Modus hochgefahren.

Es ist allerdings keine TXT Dokument erzeugt worden (zumindest nicht auf dem Desktop) und nach einigen Augenblicken hat der GVU Trojaner wieder zugeschlagen und mein System gesperrt.

Kann daher leider kein TXT dokument posten, habe aber den Cache hochgeladen.

Update:

Anscheinend hat Malwarebytes AM etwas abgefangen und ich kann den PC jetzt normal starten. Habe allerdings immer noch keine .txt Datei erhalten.

Wie soll ich nun weiter vorgehen? Habe mal as MBAM logfile angehängt.
Code:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.01.03

Windows 7 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
**** :: *****-PC [Administrator]

Schutz: Deaktiviert

01.08.2012 12:31:12
mbam-log-2012-08-01 (12-31-12).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 597925
Laufzeit: 1 Stunde(n), 9 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\****\AppData\Local\Temp\deo0_sar.exe (Trojan.Cridex) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

markusg 02.08.2012 17:09
passt so.
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Hompen 02.08.2012 18:18
hier der logfile von Combofix:

[code]
Combofix Logfile:
Code:
ComboFix 12-07-31.03 - **** 02.08.2012  18:45:17.1.2 - x86
Microsoft Windows 7 Professional  6.1.7600.0.1252.49.1031.18.3070.2191 [GMT 2:00]
ausgeführt von:: c:\users\****\Desktop\ComboFix.exe
AV: Acronis Backup and Security Antivirus *Disabled/Outdated* {5988F8C3-A12C-B8DD-7291-D5248C8353F8}
FW: Acronis Backup and Security Firewall *Disabled* {61B379E6-EB43-B985-59CE-7C1172501483}
SP: Acronis Backup and Security AntiSpyware *Disabled/Outdated* {E2E91927-8716-B753-4821-EE56F7041945}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\****\4.0
c:\users\****\Documents\Readiris.DUS
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-07-02 bis 2012-08-02  ))))))))))))))))))))))))))))))
.
.
2012-08-02 16:52 . 2012-08-02 16:52        --------        d-----w-        c:\users\****\AppData\Local\temp
2012-08-02 16:52 . 2012-08-02 16:52        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2012-08-02 16:52 . 2012-08-02 16:52        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-08-02 06:44 . 2012-08-02 06:44        --------        d-----w-        c:\windows\system32\SPReview
2012-08-02 04:27 . 2012-08-02 04:27        56200        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{19932AF3-766A-4BD8-9C03-BEA8578F22F3}\offreg.dll
2012-08-01 17:33 . 2012-08-01 17:33        --------        d-----w-        c:\users\****\AppData\Local\WindowsUpdate
2012-08-01 09:53 . 2012-08-01 09:53        --------        d-----w-        C:\_OTL
2012-08-01 08:25 . 2012-08-01 08:25        --------        d-----w-        c:\users\****\AppData\Roaming\Malwarebytes
2012-08-01 08:24 . 2012-08-01 08:24        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2012-08-01 08:24 . 2012-08-01 08:24        --------        d-----w-        c:\programdata\Malwarebytes
2012-08-01 08:24 . 2012-07-03 11:46        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-07-31 15:13 . 2012-07-31 18:29        --------        d---a-w-        C:\Kaspersky Rescue Disk 10.0
2012-07-31 07:03 . 2012-06-29 08:44        6891424        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{19932AF3-766A-4BD8-9C03-BEA8578F22F3}\mpengine.dll
2012-07-13 07:59 . 2012-07-17 10:40        --------        d-----w-        c:\users\****\AppData\Local\CrashDumps
2012-07-12 18:38 . 2012-06-12 02:44        2344448        ----a-w-        c:\windows\system32\win32k.sys
2012-07-12 06:34 . 2012-06-02 04:51        67440        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2012-07-12 06:34 . 2012-06-02 04:51        134000        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2012-07-12 06:34 . 2012-06-02 04:50        369336        ----a-w-        c:\windows\system32\drivers\cng.sys
2012-07-12 06:34 . 2012-06-02 04:48        225280        ----a-w-        c:\windows\system32\schannel.dll
2012-07-12 06:34 . 2012-06-02 04:47        219136        ----a-w-        c:\windows\system32\ncrypt.dll
2012-07-12 06:34 . 2012-06-06 05:09        1389568        ----a-w-        c:\windows\system32\msxml6.dll
2012-07-12 06:34 . 2012-06-06 05:09        1236992        ----a-w-        c:\windows\system32\msxml3.dll
2012-07-12 06:34 . 2012-06-06 05:09        987136        ----a-w-        c:\program files\Common Files\System\ado\msado15.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 09:39 . 2012-04-12 06:52        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-07-27 09:39 . 2011-06-22 05:12        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-02 22:19 . 2012-06-23 16:27        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-23 16:27        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-23 16:26        35864        ----a-w-        c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-23 16:26        577048        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-23 16:27        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-23 16:27        2422272        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-23 16:26        88576        ----a-w-        c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-23 16:26        171904        ----a-w-        c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-23 16:26        33792        ----a-w-        c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2011-02-09 10:07        237072        ------w-        c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 15:31        1514152        ----a-w-        c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-06-23 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-12-23 9972328]
"ACAgent"="c:\program files\Acronis Backup and Security\Acronis Backup and Security 2010\bdagent.exe" [2009-12-10 1110368]
"Acronis Antiphishing Helper"="c:\program files\Acronis Backup and Security\Acronis Backup and Security 2010\IEShow.exe" [2009-12-10 82272]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-01-31 5141144]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-02-01 362136]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"PMBVolumeWatcher"="c:\program files\Sony\Kamera\PMBVolumeWatcher.exe" [2010-03-24 599328]
"PDFPrint"="c:\program files\PDF24\pdf24.exe" [2011-09-07 221256]
"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2012-02-14 296056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-01-03 1391272]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2006-09-18 503808]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 Arrakis3;Acronis Arrakis Server;c:\program files\Common Files\Acronis Backup and Security\Acronis Backup and Security Arrakis Server\bin\arrakis3.exe [x]
R3 cpuz134;cpuz134;c:\users\ADMINI~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
R3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\System32\SUPDSvc2.exe [x]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys [x]
S1 bdfndisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Acronis Backup and Security\Acronis Backup and Security Firewall\bdfwfpf.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 BDVEDISK;BDVEDISK;c:\program files\Acronis Backup and Security\Acronis Backup and Security 2010\bdvedisk.sys [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 MSSQL$DWINSTANCE01;SQL Server (DWINSTANCE01);c:\program files\SQL2005EXP\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\Kamera\PMBDeviceInfoProvider.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx        REG_MULTI_SZ          scan
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 09:39]
.
2012-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-01 19:07]
.
2012-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-01 19:07]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{03fee850-0101-4e9e-b6d4-6fc74d3db360} - (no file)
Toolbar-Locked - (no file)
Toolbar-{03fee850-0101-4e9e-b6d4-6fc74d3db360} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-08-02  18:53:57
ComboFix-quarantined-files.txt  2012-08-02 16:53
.
Vor Suchlauf: 15 Verzeichnis(se), 376.803.618.816 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 398.215.905.280 Bytes frei
.
- - End Of File - - 9043C099A4F1EA7829617AA286963D4A
--- --- ---


hat soweit ohne Probleme funktioniert.

markusg 02.08.2012 18:53
lade den CCleaner standard:
CCleaner Download - CCleaner 3.21.1767
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Hompen 02.08.2012 19:43
hier die Liste aus ccleaner:

Code:
7-Zip 9.20                09.02.2011                nötig
Acronis Backup and Security 2010        Acronis Inc.        09.02.2011        117MB        13.0.18    nötig
Acronis*True*Image*Home        Acronis        09.02.2011        152MB        13.0.4019                                nötig
Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        27.07.2012        6,00MB        11.3.300.268  nötig
Adobe Reader X (10.1.3) - Deutsch        Adobe Systems Incorporated        12.04.2012        167MB        10.1.3  unbekannt
Adobe Shockwave Player 11.6        Adobe Systems, Inc.        14.06.2012                11.6.5.635    nötig
Ask Toolbar        Ask.com        04.03.2012        3,77MB        1.14.1.0    unnötig
Ask Toolbar Updater        Ask.com        04.03.2012                1.2.0.20007  unnötig
CCleaner        Piriform        24.07.2012                3.21      nötig
DTM2009 4.0.1252.2        DTM2009        10.06.2011                            nötig
Google Chrome        Google Inc.        27.04.2011                21.0.1180.60  unnötig
Google Toolbar for Internet Explorer        Google Inc.        23.06.2012                7.3.2710.138  unnötig
Intel(R) TV Wizard        Intel Corporation        09.02.2011                unbekannt
Java(TM) 6 Update 31        Oracle        04.03.2012        95,1MB        6.0.310        nötig
Malwarebytes Anti-Malware Version 1.62.0.1300        Malwarebytes Corporation        01.08.2012        18,7MB        1.62.0.1300  ?unnötig
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        09.02.2011        38,8MB        4.0.30319      unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        09.02.2011        2,93MB        4.0.30319  unbekannt
Microsoft Office Professional Edition 2003        Microsoft Corporation        01.08.2012        227MB        11.0.8173.0  nötig
Microsoft Silverlight        Microsoft Corporation        01.08.2012        140MB        4.1.10329.0                          unbekannt
Microsoft SQL Server 2005        Microsoft Corporation        18.02.2011                                    unbekannt
Microsoft SQL Server Native Client        Microsoft Corporation        17.03.2011        2,60MB        9.00.5000.00          unbekannt
Microsoft SQL Server Setup Support Files (English)        Microsoft Corporation        17.03.2011        28,9MB        9.00.5000.00  unbekannt
Microsoft SQL Server VSS Writer        Microsoft Corporation        17.03.2011        679KB        9.00.5000.00 unbekannt
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        09.02.2011        252KB        8.0.50727.4053  unbekannt
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        15.06.2011        300KB        8.0.61001 unbekannt
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        09.02.2011        200KB        9.0.30729.4148  unbekannt
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        03.06.2011        598KB        9.0.30729.5570 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        09.02.2011        596KB        9.0.30729 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        20.06.2012        224KB        9.0.30729.4148 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        15.06.2011        600KB        9.0.30729.6161 unbekannt
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        04.09.2011        35,0KB        4.20.9870.0 unbekannt
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        04.09.2011        1,33MB        4.20.9876.0 unbekannt
NVIDIA Display Control Panel        NVIDIA Corporation        09.02.2011                6.14.12.5919 unbekannt
NVIDIA Drivers        NVIDIA Corporation        09.02.2011        65,1MB        1.10.62.40 unbekannt
NVIDIA Grafiktreiber 275.33        NVIDIA Corporation        13.07.2011                275.33 unbekannt
NVIDIA Stereoscopic 3D Driver        NVIDIA Corporation        09.02.2011                7.17.12.5919 unbekannt
NVIDIA Update 1.3.5        NVIDIA Corporation        13.07.2011                1.3.5 unbekannt
PDF24 Creator 3.5.3        PDF24.org        14.09.2011        33,3MB        nötig
PMB        Sony Corporation        03.09.2011        260MB        5.2.00.03250  unbekannt
Profi cash                16.02.2011                nötig
RealoreStudios Toolbar                28.09.2011                unnötig/unbekannt
RealPlayer        RealNetworks        14.02.2012                nötig
Realtek Ethernet Controller Driver        Realtek        24.01.2011                7.34.1130.2010 unbekannt
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        09.02.2011                6.0.1.6278  unbekannt
Roads of Rome 2        Realore Studios        28.09.2011                unnötig/unbekannt
Samsung SCX-4200 Series                17.02.2011                nötig
Samsung Universal Print Driver        Samsung Electronics Co., Ltd.        20.04.2012                2.03.01.00:36 nötig
Windows Live Essentials        Microsoft Corporation        24.01.2011                15.4.3508.1109 unbekannt
Windows Live Mesh ActiveX control for remote connections        Microsoft Corporation        24.01.2011        5,57MB        15.4.5722.2  unbekannt
Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16)        FTDI        17.02.2011                02/17/2009 2.04.16 unbekannt
Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16)        FTDI        17.02.2011                02/17/2009 2.04.16 unbekannt
WordToPDF 2.4        Mario Noack        14.09.2011                2.4  unnötig

markusg 02.08.2012 19:46
deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok



deinstaliere:
Ask : alle
Google : beide
Java
Download der kostenlosen Java-Software
downloade java jre instalieren
deinstaliere:
RealoreStudios
Roads of
Windows Live : alle die, die du nicht nutzt
WordToPDF
öffne ccleaner, analysieren starten
öffne otl, cleanup, pc startet neu testen wie er läuft

Hompen 02.08.2012 21:26
Der Computer läuft jetzt wieder (denk ich mal)
Hatte nur ein kleiner Problem mit dem Acrobat Reader, der hat sich immer wieder aufgehängt, hab ihn jetzt erstmal deinstalliert.

Muss ich jetzt noch was anderes beachten?

update:
Es sind mir noch zwei sachen aufgefallen:
zum einen ist der Rechner jetzt deutlich langsamer (werd ich mit leben können, so es unbedenklich ist)
zum anderen hat Windows7 Probleme den SP1 zu installieren.

markusg 08.08.2012 18:30
hi
sorry für die wartezeit
öffne mal ccleaner, extras autostart liste, poste sie
welches problem gibts mit sp1?
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

Hompen 08.08.2012 20:41
keine Sache mit der Wartezeit.

So dann mal hier der autostart txt.
Code:
Ja        HKLM:Run        ACAgent        Acronis Inc.        "C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\bdagent.exe"
Ja        HKLM:Run        Acronis Antiphishing Helper        Acronis Inc.        "C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\IEShow.exe"
Ja        HKLM:Run        Adobe ARM        Adobe Systems Incorporated        "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Ja        HKLM:Run        Malwarebytes' Anti-Malware        Malwarebytes Corporation        "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
Ja        HKLM:Run        PDFPrint        Geek Software GmbH        C:\Program Files\PDF24\pdf24.exe
Ja        HKLM:Run        PMBVolumeWatcher        Sony Corporation        C:\Program Files\Sony\Kamera\PMBVolumeWatcher.exe
Ja        HKLM:Run        RtHDVCpl        Realtek Semiconductor        C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
Ja        HKLM:Run        Samsung PanelMgr                C:\windows\Samsung\PanelMgr\ssmmgr.exe /autorun
Ja        HKLM:Run        SunJavaUpdateSched        Sun Microsystems, Inc.        "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Ja        HKLM:Run        TkBellExe        RealNetworks, Inc.        "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
Ja        HKLM:Run        TrueImageMonitor.exe        Acronis        C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
Bei dem Versuch den SP1 zu installieren erhalte ich den Fehler (in etwa, sorry habs nich vollständig behalten) 800706BC oder BD.

hab ebenfalls den tdsskiller laufen lassen, hier der Report, da ich keine Log datei gefunden habe:

Code:
21:29:31.0048 5200        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
21:29:31.0859 5200        ============================================================
21:29:31.0859 5200        Current date / time: 2012/08/08 21:29:31.0859
21:29:31.0859 5200        SystemInfo:
21:29:31.0859 5200       
21:29:31.0859 5200        OS Version: 6.1.7600 ServicePack: 0.0
21:29:31.0859 5200        Product type: Workstation
21:29:31.0859 5200        ComputerName: ****-PC
21:29:31.0859 5200        UserName: ****
21:29:31.0859 5200        Windows directory: C:\windows
21:29:31.0859 5200        System windows directory: C:\windows
21:29:31.0859 5200        Processor architecture: Intel x86
21:29:31.0859 5200        Number of processors: 2
21:29:31.0859 5200        Page size: 0x1000
21:29:31.0859 5200        Boot type: Normal boot
21:29:31.0859 5200        ============================================================
21:29:33.0076 5200        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:29:33.0076 5200        ============================================================
21:29:33.0076 5200        \Device\Harddisk0\DR0:
21:29:33.0076 5200        MBR partitions:
21:29:33.0076 5200        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38C93800
21:29:33.0076 5200        ============================================================
21:29:33.0107 5200        C: <-> \Device\Harddisk0\DR0\Partition0
21:29:33.0107 5200        ============================================================
21:29:33.0107 5200        Initialize success
21:29:33.0107 5200        ============================================================
21:30:01.0394 1304        ============================================================
21:30:01.0394 1304        Scan started
21:30:01.0394 1304        Mode: Manual; SigCheck; TDLFS;
21:30:01.0394 1304        ============================================================
21:30:02.0705 1304        1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
21:30:02.0830 1304        1394ohci - ok
21:30:02.0845 1304        ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
21:30:02.0876 1304        ACPI - ok
21:30:02.0892 1304        AcpiPmi        (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
21:30:02.0923 1304        AcpiPmi - ok
21:30:03.0032 1304        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:30:03.0048 1304        AdobeARMservice - ok
21:30:03.0126 1304        AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:30:03.0188 1304        AdobeFlashPlayerUpdateSvc - ok
21:30:03.0235 1304        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
21:30:03.0266 1304        adp94xx - ok
21:30:03.0298 1304        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
21:30:03.0329 1304        adpahci - ok
21:30:03.0344 1304        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
21:30:03.0360 1304        adpu320 - ok
21:30:03.0391 1304        AeLookupSvc    (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
21:30:03.0438 1304        AeLookupSvc - ok
21:30:03.0485 1304        AFD            (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
21:30:03.0610 1304        AFD - ok
21:30:03.0625 1304        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
21:30:03.0641 1304        agp440 - ok
21:30:03.0656 1304        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
21:30:03.0672 1304        aic78xx - ok
21:30:03.0703 1304        ALG            (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
21:30:03.0828 1304        ALG - ok
21:30:03.0844 1304        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
21:30:03.0859 1304        aliide - ok
21:30:03.0875 1304        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
21:30:03.0890 1304        amdagp - ok
21:30:03.0890 1304        amdide          (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
21:30:03.0906 1304        amdide - ok
21:30:03.0922 1304        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
21:30:03.0953 1304        AmdK8 - ok
21:30:03.0968 1304        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
21:30:04.0000 1304        AmdPPM - ok
21:30:04.0031 1304        amdsata        (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
21:30:04.0046 1304        amdsata - ok
21:30:04.0078 1304        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
21:30:04.0093 1304        amdsbs - ok
21:30:04.0109 1304        amdxata        (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
21:30:04.0109 1304        amdxata - ok
21:30:04.0156 1304        AppID          (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
21:30:04.0218 1304        AppID - ok
21:30:04.0249 1304        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
21:30:04.0296 1304        AppIDSvc - ok
21:30:04.0312 1304        Appinfo        (7dead9e3f65dcb2794f2711003bbf650) C:\windows\System32\appinfo.dll
21:30:04.0343 1304        Appinfo - ok
21:30:04.0374 1304        AppMgmt        (a45d184df6a8803da13a0b329517a64a) C:\windows\System32\appmgmts.dll
21:30:04.0421 1304        AppMgmt - ok
21:30:04.0468 1304        arc            (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
21:30:04.0483 1304        arc - ok
21:30:04.0499 1304        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
21:30:04.0514 1304        arcsas - ok
21:30:04.0639 1304        Arrakis3        (d101ca5b2cabbeb27c2a4c21e142ec09) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Arrakis Server\bin\arrakis3.exe
21:30:04.0702 1304        Arrakis3 - ok
21:30:04.0748 1304        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
21:30:04.0811 1304        AsyncMac - ok
21:30:04.0826 1304        atapi          (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
21:30:04.0889 1304        atapi - ok
21:30:04.0951 1304        AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll
21:30:05.0014 1304        AudioEndpointBuilder - ok
21:30:05.0029 1304        Audiosrv        (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll
21:30:05.0045 1304        Audiosrv - ok
21:30:05.0076 1304        AxInstSV        (dd6a431b43e34b91a767d1ce33728175) C:\windows\System32\AxInstSV.dll
21:30:05.0107 1304        AxInstSV - ok
21:30:05.0154 1304        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
21:30:05.0185 1304        b06bdrv - ok
21:30:05.0232 1304        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
21:30:05.0294 1304        b57nd60x - ok
21:30:05.0326 1304        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
21:30:05.0357 1304        BDESVC - ok
21:30:05.0435 1304        BDFM            (d1c3c6584df5dcd010915a4336294007) C:\windows\system32\DRIVERS\bdfm.sys
21:30:05.0466 1304        BDFM - ok
21:30:05.0528 1304        bdfsfltr        (9b281f5f673cbc5b9ec886d59e0b4f26) C:\windows\system32\DRIVERS\bdfsfltr.sys
21:30:05.0544 1304        bdfsfltr - ok
21:30:05.0638 1304        bdfwfpf        (3c1083ae136fc08cf5f62cf3cfce70a5) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Firewall\bdfwfpf.sys
21:30:05.0669 1304        bdfwfpf - ok
21:30:05.0747 1304        BDSelfPr        (258afc867f3f4eaaf442c7f0f0060fc4) C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\bdselfpr.sys
21:30:05.0794 1304        BDSelfPr ( UnsignedFile.Multi.Generic ) - warning
21:30:05.0794 1304        BDSelfPr - detected UnsignedFile.Multi.Generic (1)
21:30:05.0809 1304        BDVEDISK        (33392317fe8ab70b46c013d8af8fe119) C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\bdvedisk.sys
21:30:05.0825 1304        BDVEDISK - ok
21:30:05.0856 1304        Beep            (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
21:30:05.0903 1304        Beep - ok
21:30:05.0950 1304        BFE            (85ac71c045ceb054ed48a7841aae0c11) C:\windows\System32\bfe.dll
21:30:06.0012 1304        BFE - ok
21:30:06.0059 1304        BITS            (53f476476f55a27f580661bde09c4ec4) C:\windows\system32\qmgr.dll
21:30:06.0106 1304        BITS - ok
21:30:06.0137 1304        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
21:30:06.0215 1304        blbdrive - ok
21:30:06.0230 1304        bowser          (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
21:30:06.0262 1304        bowser - ok
21:30:06.0277 1304        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
21:30:06.0308 1304        BrFiltLo - ok
21:30:06.0324 1304        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
21:30:06.0340 1304        BrFiltUp - ok
21:30:06.0402 1304        BridgeMP        (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
21:30:06.0464 1304        BridgeMP - ok
21:30:06.0496 1304        Browser        (598e1280e7ff3744f4b8329366cc5635) C:\windows\System32\browser.dll
21:30:06.0527 1304        Browser - ok
21:30:06.0558 1304        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
21:30:06.0589 1304        Brserid - ok
21:30:06.0605 1304        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
21:30:06.0620 1304        BrSerWdm - ok
21:30:06.0636 1304        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
21:30:06.0652 1304        BrUsbMdm - ok
21:30:06.0652 1304        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
21:30:06.0667 1304        BrUsbSer - ok
21:30:06.0667 1304        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
21:30:06.0698 1304        BTHMODEM - ok
21:30:06.0730 1304        bthserv        (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
21:30:06.0761 1304        bthserv - ok
21:30:06.0792 1304        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
21:30:06.0854 1304        cdfs - ok
21:30:06.0886 1304        cdrom          (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
21:30:06.0995 1304        cdrom - ok
21:30:07.0042 1304        CertPropSvc    (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll
21:30:07.0088 1304        CertPropSvc - ok
21:30:07.0120 1304        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
21:30:07.0151 1304        circlass - ok
21:30:07.0166 1304        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
21:30:07.0198 1304        CLFS - ok
21:30:07.0260 1304        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:30:07.0338 1304        clr_optimization_v2.0.50727_32 - ok
21:30:07.0400 1304        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:30:07.0432 1304        clr_optimization_v4.0.30319_32 - ok
21:30:07.0463 1304        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
21:30:07.0494 1304        CmBatt - ok
21:30:07.0510 1304        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
21:30:07.0525 1304        cmdide - ok
21:30:07.0572 1304        CNG            (db5e008b3744dd60c8498cbbf2a1cfa6) C:\windows\system32\Drivers\cng.sys
21:30:07.0650 1304        CNG - ok
21:30:07.0666 1304        Compbatt        (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
21:30:07.0681 1304        Compbatt - ok
21:30:07.0712 1304        CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
21:30:07.0728 1304        CompositeBus - ok
21:30:07.0744 1304        COMSysApp - ok
21:30:07.0775 1304        cpuz134 - ok
21:30:07.0806 1304        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
21:30:07.0822 1304        crcdisk - ok
21:30:07.0853 1304        CryptSvc        (520a108a2657f4bca7fced9ca7d885de) C:\windows\system32\cryptsvc.dll
21:30:07.0868 1304        CryptSvc - ok
21:30:07.0915 1304        CSC            (27c9490bdd0ae48911ab8cf1932591ed) C:\windows\system32\drivers\csc.sys
21:30:08.0056 1304        CSC - ok
21:30:08.0087 1304        CscService      (56fb5f222ea30d3d3fc459879772cb73) C:\windows\System32\cscsvc.dll
21:30:08.0134 1304        CscService - ok
21:30:08.0165 1304        DcomLaunch      (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll
21:30:08.0212 1304        DcomLaunch - ok
21:30:08.0243 1304        defragsvc      (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
21:30:08.0305 1304        defragsvc - ok
21:30:08.0368 1304        DfsC            (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
21:30:08.0461 1304        DfsC - ok
21:30:08.0524 1304        DgiVecp        (770471de2550820feeb7e5d24bf2e273) C:\windows\system32\Drivers\DgiVecp.sys
21:30:08.0555 1304        DgiVecp ( UnsignedFile.Multi.Generic ) - warning
21:30:08.0555 1304        DgiVecp - detected UnsignedFile.Multi.Generic (1)
21:30:08.0602 1304        Dhcp            (c56495fbd770712367cad35e5de72da6) C:\windows\system32\dhcpcore.dll
21:30:08.0649 1304        Dhcp - ok
21:30:08.0664 1304        discache        (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
21:30:08.0711 1304        discache - ok
21:30:08.0742 1304        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
21:30:08.0758 1304        Disk - ok
21:30:08.0789 1304        Dnscache        (b15be77a2bacf9c3177d27518afe26a9) C:\windows\System32\dnsrslvr.dll
21:30:08.0805 1304        Dnscache - ok
21:30:08.0820 1304        dot3svc        (4408c85c21eea48eb0ce486baeef0502) C:\windows\System32\dot3svc.dll
21:30:08.0867 1304        dot3svc - ok
21:30:08.0898 1304        DPS            (7fa81c6e11caa594adb52084da73a1e5) C:\windows\system32\dps.dll
21:30:08.0945 1304        DPS - ok
21:30:08.0976 1304        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
21:30:09.0007 1304        drmkaud - ok
21:30:09.0054 1304        DXGKrnl        (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
21:30:09.0101 1304        DXGKrnl - ok
21:30:09.0117 1304        EapHost        (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
21:30:09.0163 1304        EapHost - ok
21:30:09.0304 1304        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
21:30:09.0413 1304        ebdrv - ok
21:30:09.0491 1304        EFS            (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\System32\lsass.exe
21:30:09.0522 1304        EFS - ok
21:30:09.0585 1304        ehRecvr        (1697c39978cd69f6fbc15302edcece1f) C:\windows\ehome\ehRecvr.exe
21:30:09.0647 1304        ehRecvr - ok
21:30:09.0678 1304        ehSched        (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
21:30:09.0772 1304        ehSched - ok
21:30:09.0834 1304        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
21:30:09.0881 1304        elxstor - ok
21:30:09.0897 1304        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
21:30:09.0928 1304        ErrDev - ok
21:30:09.0959 1304        EventSystem    (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
21:30:09.0990 1304        EventSystem - ok
21:30:10.0021 1304        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
21:30:10.0053 1304        exfat - ok
21:30:10.0084 1304        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
21:30:10.0146 1304        fastfat - ok
21:30:10.0193 1304        Fax            (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\windows\system32\fxssvc.exe
21:30:10.0240 1304        Fax - ok
21:30:10.0271 1304        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
21:30:10.0302 1304        fdc - ok
21:30:10.0333 1304        fdPHost        (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
21:30:10.0380 1304        fdPHost - ok
21:30:10.0396 1304        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
21:30:10.0505 1304        FDResPub - ok
21:30:10.0536 1304        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
21:30:10.0552 1304        FileInfo - ok
21:30:10.0567 1304        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
21:30:10.0583 1304        Filetrace - ok
21:30:10.0614 1304        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
21:30:10.0677 1304        flpydisk - ok
21:30:10.0723 1304        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
21:30:10.0739 1304        FltMgr - ok
21:30:10.0801 1304        FontCache      (7fe4995528a7529a761875151ee3d512) C:\windows\system32\FntCache.dll
21:30:10.0864 1304        FontCache - ok
21:30:10.0926 1304        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:30:10.0957 1304        FontCache3.0.0.0 - ok
21:30:10.0973 1304        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
21:30:11.0004 1304        FsDepends - ok
21:30:11.0020 1304        Fs_Rec          (500a9814fd9446a8126858a5a7f7d273) C:\windows\system32\drivers\Fs_Rec.sys
21:30:11.0035 1304        Fs_Rec - ok
21:30:11.0082 1304        fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
21:30:11.0129 1304        fvevol - ok
21:30:11.0160 1304        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
21:30:11.0176 1304        gagp30kx - ok
21:30:11.0207 1304        gpsvc          (8ba3c04702bf8f927ab36ae8313ca4ee) C:\windows\System32\gpsvc.dll
21:30:11.0269 1304        gpsvc - ok
21:30:11.0316 1304        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
21:30:11.0363 1304        hcw85cir - ok
21:30:11.0394 1304        HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
21:30:11.0457 1304        HdAudAddService - ok
21:30:11.0488 1304        HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
21:30:11.0503 1304        HDAudBus - ok
21:30:11.0519 1304        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
21:30:11.0550 1304        HidBatt - ok
21:30:11.0581 1304        HidBth          (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
21:30:11.0613 1304        HidBth - ok
21:30:11.0644 1304        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
21:30:11.0691 1304        HidIr - ok
21:30:11.0722 1304        hidserv        (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\System32\hidserv.dll
21:30:11.0784 1304        hidserv - ok
21:30:11.0800 1304        HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
21:30:11.0862 1304        HidUsb - ok
21:30:11.0878 1304        hkmsvc          (741c2a45ca8407e374aaba3e330b7872) C:\windows\system32\kmsvc.dll
21:30:11.0925 1304        hkmsvc - ok
21:30:11.0940 1304        HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\windows\system32\ListSvc.dll
21:30:11.0971 1304        HomeGroupListener - ok
21:30:12.0003 1304        HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\windows\system32\provsvc.dll
21:30:12.0049 1304        HomeGroupProvider - ok
21:30:12.0081 1304        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
21:30:12.0127 1304        HpSAMD - ok
21:30:12.0174 1304        HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
21:30:12.0252 1304        HTTP - ok
21:30:12.0268 1304        hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
21:30:12.0283 1304        hwpolicy - ok
21:30:12.0361 1304        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
21:30:12.0408 1304        i8042prt - ok
21:30:12.0455 1304        iaStorV        (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
21:30:12.0486 1304        iaStorV - ok
21:30:12.0580 1304        idsvc          (5af815eb5bc9802e5a064e2ba62bfc0c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:30:12.0736 1304        idsvc - ok
21:30:12.0970 1304        igfx            (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
21:30:13.0095 1304        igfx - ok
21:30:13.0219 1304        iirsp          (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
21:30:13.0251 1304        iirsp - ok
21:30:13.0313 1304        IKEEXT          (fac0ee6562b121b1399d6e855583f7a5) C:\windows\System32\ikeext.dll
21:30:13.0391 1304        IKEEXT - ok
21:30:13.0547 1304        IntcAzAudAddService (b44c0357d1fc7c9e4c0b0983a9e96ff9) C:\windows\system32\drivers\RTKVHDA.sys
21:30:13.0672 1304        IntcAzAudAddService - ok
21:30:13.0765 1304        IntcHdmiAddService (264632ade8127b7baa2190cf6fad435b) C:\windows\system32\drivers\IntcHdmi.sys
21:30:13.0812 1304        IntcHdmiAddService - ok
21:30:13.0843 1304        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
21:30:13.0875 1304        intelide - ok
21:30:13.0906 1304        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
21:30:13.0937 1304        intelppm - ok
21:30:13.0968 1304        IPBusEnum      (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
21:30:13.0999 1304        IPBusEnum - ok
21:30:14.0015 1304        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
21:30:14.0062 1304        IpFilterDriver - ok
21:30:14.0093 1304        iphlpsvc        (477397b432a256a50ee7e4339eb9ea14) C:\windows\System32\iphlpsvc.dll
21:30:14.0140 1304        iphlpsvc - ok
21:30:14.0155 1304        IPMIDRV        (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
21:30:14.0171 1304        IPMIDRV - ok
21:30:14.0187 1304        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
21:30:14.0202 1304        IPNAT - ok
21:30:14.0233 1304        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
21:30:14.0265 1304        IRENUM - ok
21:30:14.0280 1304        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
21:30:14.0296 1304        isapnp - ok
21:30:14.0327 1304        iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
21:30:14.0358 1304        iScsiPrt - ok
21:30:14.0389 1304        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
21:30:14.0421 1304        kbdclass - ok
21:30:14.0436 1304        kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
21:30:14.0467 1304        kbdhid - ok
21:30:14.0499 1304        KeyIso          (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe
21:30:14.0499 1304        KeyIso - ok
21:30:14.0530 1304        KSecDD          (52fc17c8589f11747d01d3cf592673d0) C:\windows\system32\Drivers\ksecdd.sys
21:30:14.0545 1304        KSecDD - ok
21:30:14.0577 1304        KSecPkg        (3e5474b03568cfab834da3c38e8c9efa) C:\windows\system32\Drivers\ksecpkg.sys
21:30:14.0592 1304        KSecPkg - ok
21:30:14.0639 1304        KtmRm          (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
21:30:14.0686 1304        KtmRm - ok
21:30:14.0733 1304        LanmanServer    (8f6bf790d3168224c16f2af68a84438c) C:\windows\System32\srvsvc.dll
21:30:14.0764 1304        LanmanServer - ok
21:30:14.0795 1304        LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\windows\System32\wkssvc.dll
21:30:14.0826 1304        LanmanWorkstation - ok
21:30:14.0982 1304        LIVESRV        (84b4faaff83cc69954c4ef2959b35b18) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Update Service\livesrv.exe
21:30:15.0029 1304        LIVESRV - ok
21:30:15.0060 1304        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
21:30:15.0091 1304        lltdio - ok
21:30:15.0123 1304        lltdsvc        (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
21:30:15.0216 1304        lltdsvc - ok
21:30:15.0232 1304        lmhosts        (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
21:30:15.0279 1304        lmhosts - ok
21:30:15.0310 1304        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
21:30:15.0325 1304        LSI_FC - ok
21:30:15.0357 1304        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
21:30:15.0372 1304        LSI_SAS - ok
21:30:15.0372 1304        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
21:30:15.0388 1304        LSI_SAS2 - ok
21:30:15.0403 1304        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
21:30:15.0419 1304        LSI_SCSI - ok
21:30:15.0466 1304        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
21:30:15.0513 1304        luafv - ok
21:30:15.0559 1304        MBAMProtector  (6dfe7f2e8e8a337263aa5c92a215f161) C:\windows\system32\drivers\mbam.sys
21:30:15.0606 1304        MBAMProtector - ok
21:30:15.0684 1304        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:30:15.0731 1304        MBAMService - ok
21:30:15.0762 1304        Mcx2Svc        (e2b0887816ed336685954e3d8fdaa51d) C:\windows\system32\Mcx2Svc.dll
21:30:15.0793 1304        Mcx2Svc - ok
21:30:15.0825 1304        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
21:30:15.0840 1304        megasas - ok
21:30:15.0903 1304        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
21:30:15.0934 1304        MegaSR - ok
21:30:15.0949 1304        MMCSS          (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
21:30:15.0996 1304        MMCSS - ok
21:30:16.0012 1304        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
21:30:16.0043 1304        Modem - ok
21:30:16.0074 1304        monitor        (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
21:30:16.0121 1304        monitor - ok
21:30:16.0152 1304        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
21:30:16.0215 1304        mouclass - ok
21:30:16.0215 1304        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
21:30:16.0261 1304        mouhid - ok
21:30:16.0277 1304        mountmgr        (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
21:30:16.0293 1304        mountmgr - ok
21:30:16.0324 1304        mpio            (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
21:30:16.0355 1304        mpio - ok
21:30:16.0371 1304        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
21:30:16.0417 1304        mpsdrv - ok
21:30:16.0464 1304        MpsSvc          (5cd996cecf45cbc3e8d109c86b82d69e) C:\windows\system32\mpssvc.dll
21:30:16.0527 1304        MpsSvc - ok
21:30:16.0542 1304        MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
21:30:16.0605 1304        MRxDAV - ok
21:30:16.0636 1304        mrxsmb          (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
21:30:16.0667 1304        mrxsmb - ok
21:30:16.0698 1304        mrxsmb10        (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
21:30:16.0729 1304        mrxsmb10 - ok
21:30:16.0745 1304        mrxsmb20        (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
21:30:16.0761 1304        mrxsmb20 - ok
21:30:16.0776 1304        msahci          (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
21:30:16.0792 1304        msahci - ok
21:30:16.0807 1304        msdsm          (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
21:30:16.0823 1304        msdsm - ok
21:30:16.0854 1304        MSDTC          (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
21:30:16.0932 1304        MSDTC - ok
21:30:16.0979 1304        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
21:30:17.0026 1304        Msfs - ok
21:30:17.0041 1304        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
21:30:17.0088 1304        mshidkmdf - ok
21:30:17.0104 1304        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
21:30:17.0119 1304        msisadrv - ok
21:30:17.0166 1304        MSiSCSI        (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
21:30:17.0229 1304        MSiSCSI - ok
21:30:17.0229 1304        msiserver - ok
21:30:17.0260 1304        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
21:30:17.0322 1304        MSKSSRV - ok
21:30:17.0353 1304        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
21:30:17.0400 1304        MSPCLOCK - ok
21:30:17.0400 1304        MSPQM          (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
21:30:17.0431 1304        MSPQM - ok
21:30:17.0447 1304        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
21:30:17.0478 1304        MsRPC - ok
21:30:17.0478 1304        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
21:30:17.0494 1304        mssmbios - ok
21:30:17.0572 1304        MSSQL$DWINSTANCE01 - ok
21:30:17.0619 1304        MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:30:17.0665 1304        MSSQLServerADHelper - ok
21:30:17.0712 1304        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
21:30:17.0743 1304        MSTEE - ok
21:30:17.0759 1304        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
21:30:17.0790 1304        MTConfig - ok
21:30:17.0806 1304        Mup            (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
21:30:17.0821 1304        Mup - ok
21:30:17.0853 1304        napagent        (80284f1985c70c86f0b5f86da2dfe1df) C:\windows\system32\qagentRT.dll
21:30:17.0884 1304        napagent - ok
21:30:17.0915 1304        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
21:30:17.0962 1304        NativeWifiP - ok
21:30:18.0009 1304        NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
21:30:18.0055 1304        NDIS - ok
21:30:18.0071 1304        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
21:30:18.0118 1304        NdisCap - ok
21:30:18.0133 1304        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
21:30:18.0180 1304        NdisTapi - ok
21:30:18.0211 1304        Ndisuio        (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
21:30:18.0243 1304        Ndisuio - ok
21:30:18.0258 1304        NdisWan        (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
21:30:18.0289 1304        NdisWan - ok
21:30:18.0289 1304        NDProxy        (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
21:30:18.0321 1304        NDProxy - ok
21:30:18.0336 1304        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
21:30:18.0367 1304        NetBIOS - ok
21:30:18.0399 1304        NetBT          (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
21:30:18.0555 1304        NetBT - ok
21:30:18.0570 1304        Netlogon        (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe
21:30:18.0586 1304        Netlogon - ok
21:30:18.0664 1304        Netman          (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
21:30:18.0757 1304        Netman - ok
21:30:18.0773 1304        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
21:30:18.0820 1304        netprofm - ok
21:30:18.0882 1304        NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:30:18.0913 1304        NetTcpPortSharing - ok
21:30:18.0960 1304        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
21:30:18.0991 1304        nfrd960 - ok
21:30:19.0023 1304        NlaSvc          (2226496e34bd40734946a054b1cd657f) C:\windows\System32\nlasvc.dll
21:30:19.0038 1304        NlaSvc - ok
21:30:19.0054 1304        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
21:30:19.0085 1304        Npfs - ok
21:30:19.0101 1304        nsi            (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
21:30:19.0132 1304        nsi - ok
21:30:19.0132 1304        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
21:30:19.0179 1304        nsiproxy - ok
21:30:19.0257 1304        Ntfs            (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
21:30:19.0335 1304        Ntfs - ok
21:30:19.0428 1304        Null            (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
21:30:19.0475 1304        Null - ok
21:30:19.0522 1304        NVHDA          (b4f70fac4ea61cf150823aa063a39ff9) C:\windows\system32\drivers\nvhda32v.sys
21:30:19.0537 1304        NVHDA - ok
21:30:19.0881 1304        nvlddmkm        (847b1755f7757f825305a1ffe6dac3e9) C:\windows\system32\DRIVERS\nvlddmkm.sys
21:30:20.0177 1304        nvlddmkm - ok
21:30:20.0302 1304        nvraid          (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
21:30:20.0333 1304        nvraid - ok
21:30:20.0364 1304        nvstor          (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
21:30:20.0380 1304        nvstor - ok
21:30:20.0458 1304        nvsvc          (7c732aff202dcd06c3d262966d71604c) C:\windows\system32\nvvsvc.exe
21:30:20.0567 1304        nvsvc - ok
21:30:20.0739 1304        nvUpdatusService (262d2fbf211a88dcb84249df0f6ef6e7) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:30:20.0832 1304        nvUpdatusService - ok
21:30:20.0941 1304        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
21:30:20.0988 1304        nv_agp - ok
21:30:21.0004 1304        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
21:30:21.0019 1304        ohci1394 - ok
21:30:21.0113 1304        ose            (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:30:21.0191 1304        ose - ok
21:30:21.0238 1304        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
21:30:21.0269 1304        p2pimsvc - ok
21:30:21.0316 1304        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
21:30:21.0331 1304        p2psvc - ok
21:30:21.0363 1304        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
21:30:21.0394 1304        Parport - ok
21:30:21.0409 1304        partmgr        (66d3415c159741ade7038a277efff99f) C:\windows\system32\drivers\partmgr.sys
21:30:21.0425 1304        partmgr - ok
21:30:21.0441 1304        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
21:30:21.0456 1304        Parvdm - ok
21:30:21.0472 1304        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
21:30:21.0503 1304        PcaSvc - ok
21:30:21.0519 1304        pci            (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
21:30:21.0550 1304        pci - ok
21:30:21.0581 1304        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
21:30:21.0597 1304        pciide - ok
21:30:21.0612 1304        pcmcia          (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
21:30:21.0628 1304        pcmcia - ok
21:30:21.0643 1304        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
21:30:21.0659 1304        pcw - ok
21:30:21.0706 1304        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
21:30:21.0784 1304        PEAUTH - ok
21:30:21.0846 1304        PeerDistSvc    (af4d64d2a57b9772cf3801950b8058a6) C:\windows\system32\peerdistsvc.dll
21:30:21.0909 1304        PeerDistSvc - ok
21:30:21.0987 1304        pla            (9c1bff7910c89a1d12e57343475840cb) C:\windows\system32\pla.dll
21:30:22.0080 1304        pla - ok
21:30:22.0189 1304        PlugPlay        (71def5ec79774c798342d0ea16e41780) C:\windows\system32\umpnpmgr.dll
21:30:22.0252 1304        PlugPlay - ok
21:30:22.0377 1304        PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files\Sony\Kamera\PMBDeviceInfoProvider.exe
21:30:22.0423 1304        PMBDeviceInfoProvider - ok
21:30:22.0455 1304        PNRPAutoReg    (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
21:30:22.0486 1304        PNRPAutoReg - ok
21:30:22.0501 1304        PNRPsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
21:30:22.0517 1304        PNRPsvc - ok
21:30:22.0548 1304        PolicyAgent    (48e1b75c6dc0232fd92baae4bd344721) C:\windows\System32\ipsecsvc.dll
21:30:22.0611 1304        PolicyAgent - ok
21:30:22.0626 1304        Power          (dbff83f709a91049621c1d35dd45c92c) C:\windows\system32\umpo.dll
21:30:22.0657 1304        Power - ok
21:30:22.0704 1304        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
21:30:22.0751 1304        PptpMiniport - ok
21:30:22.0782 1304        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
21:30:22.0813 1304        Processor - ok
21:30:22.0907 1304        Profos          (d90a33660d328a9f587580f0b38c85de) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Threat Scanner\profos.sys
21:30:22.0954 1304        Profos ( UnsignedFile.Multi.Generic ) - warning
21:30:22.0954 1304        Profos - detected UnsignedFile.Multi.Generic (1)
21:30:22.0985 1304        ProfSvc        (aea3bdbdba667aa6f678cb38907e4f5e) C:\windows\system32\profsvc.dll
21:30:23.0032 1304        ProfSvc - ok
21:30:23.0047 1304        ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe
21:30:23.0063 1304        ProtectedStorage - ok
21:30:23.0094 1304        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
21:30:23.0141 1304        Psched - ok
21:30:23.0219 1304        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
21:30:23.0266 1304        ql2300 - ok
21:30:23.0375 1304        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
21:30:23.0406 1304        ql40xx - ok
21:30:23.0437 1304        QWAVE          (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
21:30:23.0484 1304        QWAVE - ok
21:30:23.0515 1304        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
21:30:23.0547 1304        QWAVEdrv - ok
21:30:23.0547 1304        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
21:30:23.0578 1304        RasAcd - ok
21:30:23.0609 1304        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
21:30:23.0687 1304        RasAgileVpn - ok
21:30:23.0718 1304        RasAuto        (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
21:30:23.0749 1304        RasAuto - ok
21:30:23.0749 1304        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
21:30:23.0796 1304        Rasl2tp - ok
21:30:23.0843 1304        RasMan          (0ce66ec736b7fc526d78f7624c7d2a94) C:\windows\System32\rasmans.dll
21:30:23.0905 1304        RasMan - ok
21:30:23.0937 1304        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
21:30:23.0983 1304        RasPppoe - ok
21:30:23.0999 1304        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
21:30:24.0030 1304        RasSstp - ok
21:30:24.0061 1304        rdbss          (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
21:30:24.0108 1304        rdbss - ok
21:30:24.0139 1304        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
21:30:24.0155 1304        rdpbus - ok
21:30:24.0171 1304        RDPCDD          (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
21:30:24.0186 1304        RDPCDD - ok
21:30:24.0233 1304        RDPDR          (c5ff95883ffef704d50c40d21cfb3ab5) C:\windows\system32\drivers\rdpdr.sys
21:30:24.0264 1304        RDPDR - ok
21:30:24.0280 1304        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
21:30:24.0311 1304        RDPENCDD - ok
21:30:24.0327 1304        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
21:30:24.0358 1304        RDPREFMP - ok
21:30:24.0389 1304        RDPWD          (c5b8d47a4688de9d335204ea757c2240) C:\windows\system32\drivers\RDPWD.sys
21:30:24.0420 1304        RDPWD - ok
21:30:24.0451 1304        rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
21:30:24.0467 1304        rdyboost - ok
21:30:24.0498 1304        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
21:30:24.0529 1304        RemoteAccess - ok
21:30:24.0561 1304        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
21:30:24.0592 1304        RemoteRegistry - ok
21:30:24.0607 1304        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
21:30:24.0670 1304        RpcEptMapper - ok
21:30:24.0701 1304        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
21:30:24.0717 1304        RpcLocator - ok
21:30:24.0732 1304        RpcSs          (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll
21:30:24.0763 1304        RpcSs - ok
21:30:24.0795 1304        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
21:30:24.0873 1304        rspndr - ok
21:30:24.0919 1304        RTL8167        (60647bfa2fef7f6d6fbbaf661312f2ce) C:\windows\system32\DRIVERS\Rt86win7.sys
21:30:24.0951 1304        RTL8167 - ok
21:30:24.0966 1304        s3cap          (5423d8437051e89dd34749f242c98648) C:\windows\system32\DRIVERS\vms3cap.sys
21:30:24.0997 1304        s3cap - ok
21:30:25.0013 1304        SamSs          (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe
21:30:25.0029 1304        SamSs - ok
21:30:25.0075 1304        Samsung UPD Service2 (2a54eff79b03a8c2389f2bb0f2264f1e) C:\windows\System32\SUPDSvc2.exe
21:30:25.0107 1304        Samsung UPD Service2 - ok
21:30:25.0138 1304        sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
21:30:25.0153 1304        sbp2port - ok
21:30:25.0278 1304        scan            (a2c93f04bef9bdd44353aa1a945696ac) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Threat Scanner\scan.dll
21:30:25.0341 1304        scan ( UnsignedFile.Multi.Generic ) - warning
21:30:25.0341 1304        scan - detected UnsignedFile.Multi.Generic (1)
21:30:25.0372 1304        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
21:30:25.0403 1304        SCardSvr - ok
21:30:25.0419 1304        scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
21:30:25.0450 1304        scfilter - ok
21:30:25.0497 1304        Schedule        (df1e5c82e4d09cf8105cc644980c4803) C:\windows\system32\schedsvc.dll
21:30:25.0543 1304        Schedule - ok
21:30:25.0575 1304        SCPolicySvc    (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll
21:30:25.0590 1304        SCPolicySvc - ok
21:30:25.0590 1304        SDRSVC          (5fd90abdbfaee85986802622cbb03446) C:\windows\System32\SDRSVC.dll
21:30:25.0621 1304        SDRSVC - ok
21:30:25.0653 1304        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
21:30:25.0715 1304        secdrv - ok
21:30:25.0715 1304        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
21:30:25.0762 1304        seclogon - ok
21:30:25.0777 1304        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\windows\system32\sens.dll
21:30:25.0824 1304        SENS - ok
21:30:25.0855 1304        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
21:30:25.0871 1304        SensrSvc - ok
21:30:25.0902 1304        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
21:30:25.0933 1304        Serenum - ok
21:30:25.0965 1304        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
21:30:26.0027 1304        Serial - ok
21:30:26.0074 1304        sermouse        (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
21:30:26.0105 1304        sermouse - ok
21:30:26.0136 1304        SessionEnv      (8f55ce568c543d5adf45c409d16718fc) C:\windows\system32\sessenv.dll
21:30:26.0167 1304        SessionEnv - ok
21:30:26.0199 1304        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
21:30:26.0214 1304        sffdisk - ok
21:30:26.0214 1304        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
21:30:26.0245 1304        sffp_mmc - ok
21:30:26.0245 1304        sffp_sd        (a0708bbd07d245c06ff9de549ca47185) C:\windows\system32\DRIVERS\sffp_sd.sys
21:30:26.0261 1304        sffp_sd - ok
21:30:26.0261 1304        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
21:30:26.0277 1304        sfloppy - ok
21:30:26.0323 1304        SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
21:30:26.0370 1304        SharedAccess - ok
21:30:26.0401 1304        ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\windows\System32\shsvcs.dll
21:30:26.0448 1304        ShellHWDetection - ok
21:30:26.0479 1304        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
21:30:26.0495 1304        sisagp - ok
21:30:26.0526 1304        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
21:30:26.0542 1304        SiSRaid2 - ok
21:30:26.0557 1304        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
21:30:26.0573 1304        SiSRaid4 - ok
21:30:26.0604 1304        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
21:30:26.0651 1304        Smb - ok
21:30:26.0698 1304        snapman        (8d16aa2fb47821365606677baae5238e) C:\windows\system32\DRIVERS\snapman.sys
21:30:26.0729 1304        snapman - ok
21:30:26.0760 1304        SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
21:30:26.0776 1304        SNMPTRAP - ok
21:30:26.0776 1304        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
21:30:26.0791 1304        spldr - ok
21:30:26.0838 1304        Spooler        (d1bb750eb51694de183e08b9c33be5b2) C:\windows\System32\spoolsv.exe
21:30:26.0947 1304        Spooler - ok
21:30:27.0088 1304        sppsvc          (4c287f9069fedbd791178876ee9de536) C:\windows\system32\sppsvc.exe
21:30:27.0181 1304        sppsvc - ok
21:30:27.0259 1304        sppuinotify    (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\windows\system32\sppuinotify.dll
21:30:27.0337 1304        sppuinotify - ok
21:30:27.0415 1304        SQLBrowser      (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:30:27.0462 1304        SQLBrowser - ok
21:30:27.0493 1304        SQLWriter      (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:30:27.0525 1304        SQLWriter - ok
21:30:27.0571 1304        srv            (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
21:30:27.0634 1304        srv - ok
21:30:27.0665 1304        srv2            (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
21:30:27.0696 1304        srv2 - ok
21:30:27.0712 1304        srvnet          (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
21:30:27.0759 1304        srvnet - ok
21:30:27.0790 1304        SSDPSRV        (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
21:30:27.0821 1304        SSDPSRV - ok
21:30:27.0852 1304        SstpSvc        (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
21:30:27.0883 1304        SstpSvc - ok
21:30:27.0961 1304        Stereo Service  (fb8fcf538184a28f674fea9521d7a6bb) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:30:28.0102 1304        Stereo Service - ok
21:30:28.0117 1304        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
21:30:28.0133 1304        stexstor - ok
21:30:28.0164 1304        StiSvc          (a22825e7bb7018e8af3e229a5af17221) C:\windows\System32\wiaservc.dll
21:30:28.0273 1304        StiSvc - ok
21:30:28.0305 1304        storflt        (957e346ca948668f2496a6ccf6ff82cc) C:\windows\system32\DRIVERS\vmstorfl.sys
21:30:28.0320 1304        storflt - ok
21:30:28.0336 1304        StorSvc        (0bf669f0a910beda4a32258d363af2a5) C:\windows\system32\storsvc.dll
21:30:28.0367 1304        StorSvc - ok
21:30:28.0398 1304        storvsc        (d5751969dc3e4b88bf482ac8ec9fe019) C:\windows\system32\DRIVERS\storvsc.sys
21:30:28.0414 1304        storvsc - ok
21:30:28.0429 1304        swenum          (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
21:30:28.0445 1304        swenum - ok
21:30:28.0461 1304        swprv          (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
21:30:28.0585 1304        swprv - ok
21:30:28.0648 1304        SysMain        (04105c8da62353589c29bdaeb8d88bd8) C:\windows\system32\sysmain.dll
21:30:28.0679 1304        SysMain - ok
21:30:28.0695 1304        TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\windows\System32\TabSvc.dll
21:30:28.0726 1304        TabletInputService - ok
21:30:28.0741 1304        TapiSrv        (2f46b0c70a4adc8c90cf825da3b4feaf) C:\windows\System32\tapisrv.dll
21:30:28.0866 1304        TapiSrv - ok
21:30:28.0897 1304        TBS            (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
21:30:28.0944 1304        TBS - ok
21:30:29.0053 1304        Tcpip          (55e9965552741f3850cb22cbba9671ed) C:\windows\system32\drivers\tcpip.sys
21:30:29.0116 1304        Tcpip - ok
21:30:29.0256 1304        TCPIP6          (55e9965552741f3850cb22cbba9671ed) C:\windows\system32\DRIVERS\tcpip.sys
21:30:29.0287 1304        TCPIP6 - ok
21:30:29.0365 1304        tcpipreg        (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
21:30:29.0428 1304        tcpipreg - ok
21:30:29.0443 1304        TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
21:30:29.0459 1304        TDPIPE - ok
21:30:29.0490 1304        TDTCP          (7156308896d34ea75a582f9a09e50c17) C:\windows\system32\drivers\tdtcp.sys
21:30:29.0506 1304        TDTCP - ok
21:30:29.0521 1304        tdx            (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
21:30:29.0631 1304        tdx - ok
21:30:29.0646 1304        TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
21:30:29.0740 1304        TermDD - ok
21:30:29.0787 1304        TermService    (a01e50a04d7b1960b33e92b9080e6a94) C:\windows\System32\termsrv.dll
21:30:29.0818 1304        TermService - ok
21:30:29.0833 1304        Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
21:30:29.0849 1304        Themes - ok
21:30:29.0865 1304        THREADORDER    (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
21:30:29.0896 1304        THREADORDER - ok
21:30:29.0943 1304        timounter      (3e06987fedbcdfbff8e85ef8108565f9) C:\windows\system32\DRIVERS\timntr.sys
21:30:29.0974 1304        timounter - ok
21:30:29.0989 1304        TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
21:30:30.0036 1304        TrkWks - ok
21:30:30.0130 1304        Trufos          (b16d66a71de03285e14e9f165b59eda4) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Threat Scanner\trufos.sys
21:30:30.0177 1304        Trufos ( UnsignedFile.Multi.Generic ) - warning
21:30:30.0177 1304        Trufos - detected UnsignedFile.Multi.Generic (1)
21:30:30.0223 1304        TrustedInstaller (41a4c781d2286208d397d72099304133) C:\windows\servicing\TrustedInstaller.exe
21:30:30.0255 1304        TrustedInstaller - ok
21:30:30.0286 1304        tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
21:30:30.0317 1304        tssecsrv - ok
21:30:30.0348 1304        tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
21:30:30.0395 1304        tunnel - ok
21:30:30.0411 1304        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
21:30:30.0426 1304        uagp35 - ok
21:30:30.0442 1304        udfs            (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
21:30:30.0489 1304        udfs - ok
21:30:30.0520 1304        UI0Detect      (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
21:30:30.0645 1304        UI0Detect - ok
21:30:30.0707 1304        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
21:30:30.0738 1304        uliagpkx - ok
21:30:30.0785 1304        umbus          (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
21:30:30.0847 1304        umbus - ok
21:30:30.0879 1304        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
21:30:30.0910 1304        UmPass - ok
21:30:30.0941 1304        UmRdpService    (8ecaca5454844f66386f7be4ae0d7cd1) C:\windows\System32\umrdp.dll
21:30:30.0957 1304        UmRdpService - ok
21:30:31.0003 1304        upnphost        (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
21:30:31.0050 1304        upnphost - ok
21:30:31.0081 1304        usbccgp        (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys
21:30:31.0097 1304        usbccgp - ok
21:30:31.0113 1304        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
21:30:31.0128 1304        usbcir - ok
21:30:31.0144 1304        usbehci        (1c333bfd60f2fed2c7ad5daf533cb742) C:\windows\system32\drivers\usbehci.sys
21:30:31.0175 1304        usbehci - ok
21:30:31.0222 1304        usbhub          (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys
21:30:31.0300 1304        usbhub - ok
21:30:31.0315 1304        usbohci        (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys
21:30:31.0347 1304        usbohci - ok
21:30:31.0378 1304        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
21:30:31.0393 1304        usbprint - ok
21:30:31.0425 1304        usbscan        (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
21:30:31.0456 1304        usbscan - ok
21:30:31.0487 1304        USBSTOR        (d8889d56e0d27e57ed4591837fe71d27) C:\windows\system32\DRIVERS\USBSTOR.SYS
21:30:31.0534 1304        USBSTOR - ok
21:30:31.0549 1304        usbuhci        (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys
21:30:31.0565 1304        usbuhci - ok
21:30:31.0596 1304        UxSms          (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
21:30:31.0627 1304        UxSms - ok
21:30:31.0659 1304        VaultSvc        (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe
21:30:31.0659 1304        VaultSvc - ok
21:30:31.0705 1304        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
21:30:31.0721 1304        vdrvroot - ok
21:30:31.0768 1304        vds            (8c4e7c49d3641bc9e299e466a7f8867d) C:\windows\System32\vds.exe
21:30:31.0799 1304        vds - ok
21:30:31.0830 1304        vga            (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
21:30:31.0861 1304        vga - ok
21:30:31.0877 1304        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
21:30:31.0908 1304        VgaSave - ok
21:30:31.0924 1304        vhdmp          (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
21:30:31.0955 1304        vhdmp - ok
21:30:31.0986 1304        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
21:30:32.0017 1304        viaagp - ok
21:30:32.0017 1304        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
21:30:32.0049 1304        ViaC7 - ok
21:30:32.0080 1304        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
21:30:32.0095 1304        viaide - ok
21:30:32.0111 1304        vmbus          (379b349f65f453d2a6e75ea6b7448e49) C:\windows\system32\DRIVERS\vmbus.sys
21:30:32.0127 1304        vmbus - ok
21:30:32.0127 1304        VMBusHID        (ec2bbab4b84d0738c6c83d2234dc36fe) C:\windows\system32\DRIVERS\VMBusHID.sys
21:30:32.0142 1304        VMBusHID - ok
21:30:32.0158 1304        volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
21:30:32.0173 1304        volmgr - ok
21:30:32.0205 1304        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
21:30:32.0220 1304        volmgrx - ok
21:30:32.0236 1304        volsnap        (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
21:30:32.0251 1304        volsnap - ok
21:30:32.0267 1304        vpcbus          (33e74df34753fcaab06f6f2bdc8cabf5) C:\windows\system32\DRIVERS\vpchbus.sys
21:30:32.0314 1304        vpcbus - ok
21:30:32.0361 1304        vpcnfltr        (5f04362ceb5fb5901037e9d9eadd3760) C:\windows\system32\DRIVERS\vpcnfltr.sys
21:30:32.0407 1304        vpcnfltr - ok
21:30:32.0454 1304        vpcusb          (625088d6ee9ede977fd03cf18d1cd5c5) C:\windows\system32\DRIVERS\vpcusb.sys
21:30:32.0485 1304        vpcusb - ok
21:30:32.0517 1304        vpcvmm          (1023c696d42268e9071bb376dbec8396) C:\windows\system32\drivers\vpcvmm.sys
21:30:32.0532 1304        vpcvmm - ok
21:30:32.0563 1304        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
21:30:32.0595 1304        vsmraid - ok
21:30:32.0657 1304        VSS            (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\windows\system32\vssvc.exe
21:30:32.0751 1304        VSS - ok
21:30:32.0922 1304        VSSERV          (49b1e718b6c05407a1e465a75a979a3a) C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\vsserv.exe
21:30:33.0000 1304        VSSERV - ok
21:30:33.0094 1304        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\System32\drivers\vwifibus.sys
21:30:33.0156 1304        vwifibus - ok
21:30:33.0187 1304        W32Time        (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
21:30:33.0234 1304        W32Time - ok
21:30:33.0265 1304        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
21:30:33.0281 1304        WacomPen - ok
21:30:33.0297 1304        WANARP          (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
21:30:33.0343 1304        WANARP - ok
21:30:33.0343 1304        Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
21:30:33.0375 1304        Wanarpv6 - ok
21:30:33.0421 1304        wbengine        (7790b77fe1e5ee47dcc66247095bb4c9) C:\windows\system32\wbengine.exe
21:30:33.0484 1304        wbengine - ok
21:30:33.0531 1304        WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
21:30:33.0546 1304        WbioSrvc - ok
21:30:33.0577 1304        wcncsvc        (6d9b75275c3e3a5f51aef81affadb2b6) C:\windows\System32\wcncsvc.dll
21:30:33.0609 1304        wcncsvc - ok
21:30:33.0624 1304        WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
21:30:33.0655 1304        WcsPlugInService - ok
21:30:33.0702 1304        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
21:30:33.0733 1304        Wd - ok
21:30:33.0780 1304        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
21:30:33.0811 1304        Wdf01000 - ok
21:30:33.0811 1304        WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
21:30:33.0858 1304        WdiServiceHost - ok
21:30:33.0858 1304        WdiSystemHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
21:30:33.0874 1304        WdiSystemHost - ok
21:30:33.0921 1304        WebClient      (bb5ec38f8d4600119b4720bc5d4211f1) C:\windows\System32\webclnt.dll
21:30:33.0967 1304        WebClient - ok
21:30:33.0999 1304        Wecsvc          (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
21:30:34.0061 1304        Wecsvc - ok
21:30:34.0077 1304        wercplsupport  (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
21:30:34.0092 1304        wercplsupport - ok
21:30:34.0108 1304        WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
21:30:34.0139 1304        WerSvc - ok
21:30:34.0155 1304        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
21:30:34.0186 1304        WfpLwf - ok
21:30:34.0233 1304        WimFltr        (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\windows\system32\DRIVERS\wimfltr.sys
21:30:34.0248 1304        WimFltr - ok
21:30:34.0279 1304        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
21:30:34.0295 1304        WIMMount - ok
21:30:34.0357 1304        WinDefend      (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
21:30:34.0389 1304        WinDefend - ok
21:30:34.0389 1304        WinHttpAutoProxySvc - ok
21:30:34.0451 1304        Winmgmt        (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
21:30:34.0498 1304        Winmgmt - ok
21:30:34.0576 1304        WinRM          (c4f5d3901d1b41d602ddc196e0b95b51) C:\windows\system32\WsmSvc.dll
21:30:34.0623 1304        WinRM - ok
21:30:34.0669 1304        Wlansvc        (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
21:30:34.0763 1304        Wlansvc - ok
21:30:34.0810 1304        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
21:30:34.0872 1304        WmiAcpi - ok
21:30:34.0888 1304        wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
21:30:34.0950 1304        wmiApSrv - ok
21:30:35.0044 1304        WMPNetworkSvc  (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:30:35.0106 1304        WMPNetworkSvc - ok
21:30:35.0184 1304        WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
21:30:35.0215 1304        WPCSvc - ok
21:30:35.0247 1304        WPDBusEnum      (b7f658a2ebc07129538ad9ab35212637) C:\windows\system32\wpdbusenum.dll
21:30:35.0278 1304        WPDBusEnum - ok
21:30:35.0309 1304        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
21:30:35.0356 1304        ws2ifsl - ok
21:30:35.0387 1304        wscsvc          (a661a76333057b383a06e65f0073222f) C:\windows\system32\wscsvc.dll
21:30:35.0418 1304        wscsvc - ok
21:30:35.0434 1304        WSearch - ok
21:30:35.0527 1304        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\windows\system32\wuaueng.dll
21:30:35.0621 1304        wuauserv - ok
21:30:35.0746 1304        WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
21:30:35.0808 1304        WudfPf - ok
21:30:35.0839 1304        WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
21:30:35.0886 1304        WUDFRd - ok
21:30:35.0933 1304        wudfsvc        (ddee3682fe97037c45f4d7ab467cb8b6) C:\windows\System32\WUDFSvc.dll
21:30:35.0980 1304        wudfsvc - ok
21:30:35.0995 1304        WwanSvc        (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
21:30:36.0042 1304        WwanSvc - ok
21:30:36.0073 1304        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:30:36.0276 1304        \Device\Harddisk0\DR0 - ok
21:30:36.0307 1304        Boot (0x1200)  (951deba248bbb9a7fe509f16fef3433f) \Device\Harddisk0\DR0\Partition0
21:30:36.0307 1304        \Device\Harddisk0\DR0\Partition0 - ok
21:30:36.0307 1304        ============================================================
21:30:36.0307 1304        Scan finished
21:30:36.0307 1304        ============================================================
21:30:36.0323 5636        Detected object count: 5
21:30:36.0323 5636        Actual detected object count: 5
21:30:51.0767 5636        BDSelfPr ( UnsignedFile.Multi.Generic ) - skipped by user
21:30:51.0767 5636        BDSelfPr ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:30:51.0767 5636        DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
21:30:51.0767 5636        DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:30:51.0767 5636        Profos ( UnsignedFile.Multi.Generic ) - skipped by user
21:30:51.0767 5636        Profos ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:30:51.0767 5636        scan ( UnsignedFile.Multi.Generic ) - skipped by user
21:30:51.0767 5636        scan ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:30:51.0767 5636        Trufos ( UnsignedFile.Multi.Generic ) - skipped by user
21:30:51.0767 5636        Trufos ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:34.0090 5968        ============================================================
21:31:34.0090 5968        Scan started
21:31:34.0090 5968        Mode: Manual; SigCheck; TDLFS;
21:31:34.0090 5968        ============================================================
21:31:34.0854 5968        1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
21:31:34.0885 5968        1394ohci - ok
21:31:34.0901 5968        ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
21:31:34.0917 5968        ACPI - ok
21:31:34.0932 5968        AcpiPmi        (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
21:31:34.0948 5968        AcpiPmi - ok
21:31:35.0041 5968        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:31:35.0057 5968        AdobeARMservice - ok
21:31:35.0104 5968        AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:31:35.0135 5968        AdobeFlashPlayerUpdateSvc - ok
21:31:35.0151 5968        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
21:31:35.0166 5968        adp94xx - ok
21:31:35.0197 5968        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
21:31:35.0213 5968        adpahci - ok
21:31:35.0244 5968        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
21:31:35.0244 5968        adpu320 - ok
21:31:35.0275 5968        AeLookupSvc    (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
21:31:35.0291 5968        AeLookupSvc - ok
21:31:35.0322 5968        AFD            (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
21:31:35.0322 5968        AFD - ok
21:31:35.0338 5968        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
21:31:35.0353 5968        agp440 - ok
21:31:35.0369 5968        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
21:31:35.0369 5968        aic78xx - ok
21:31:35.0385 5968        ALG            (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
21:31:35.0400 5968        ALG - ok
21:31:35.0416 5968        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
21:31:35.0416 5968        aliide - ok
21:31:35.0431 5968        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
21:31:35.0447 5968        amdagp - ok
21:31:35.0447 5968        amdide          (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
21:31:35.0463 5968        amdide - ok
21:31:35.0478 5968        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
21:31:35.0478 5968        AmdK8 - ok
21:31:35.0494 5968        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
21:31:35.0509 5968        AmdPPM - ok
21:31:35.0525 5968        amdsata        (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
21:31:35.0525 5968        amdsata - ok
21:31:35.0541 5968        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
21:31:35.0556 5968        amdsbs - ok
21:31:35.0556 5968        amdxata        (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
21:31:35.0572 5968        amdxata - ok
21:31:35.0587 5968        AppID          (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
21:31:35.0603 5968        AppID - ok
21:31:35.0619 5968        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
21:31:35.0634 5968        AppIDSvc - ok
21:31:35.0650 5968        Appinfo        (7dead9e3f65dcb2794f2711003bbf650) C:\windows\System32\appinfo.dll
21:31:35.0650 5968        Appinfo - ok
21:31:35.0681 5968        AppMgmt        (a45d184df6a8803da13a0b329517a64a) C:\windows\System32\appmgmts.dll
21:31:35.0697 5968        AppMgmt - ok
21:31:35.0712 5968        arc            (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
21:31:35.0712 5968        arc - ok
21:31:35.0728 5968        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
21:31:35.0728 5968        arcsas - ok
21:31:35.0821 5968        Arrakis3        (d101ca5b2cabbeb27c2a4c21e142ec09) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Arrakis Server\bin\arrakis3.exe
21:31:35.0853 5968        Arrakis3 - ok
21:31:35.0868 5968        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
21:31:35.0899 5968        AsyncMac - ok
21:31:35.0899 5968        atapi          (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
21:31:35.0915 5968        atapi - ok
21:31:35.0946 5968        AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll
21:31:35.0977 5968        AudioEndpointBuilder - ok
21:31:35.0977 5968        Audiosrv        (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll
21:31:35.0993 5968        Audiosrv - ok
21:31:36.0009 5968        AxInstSV        (dd6a431b43e34b91a767d1ce33728175) C:\windows\System32\AxInstSV.dll
21:31:36.0024 5968        AxInstSV - ok
21:31:36.0055 5968        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
21:31:36.0055 5968        b06bdrv - ok
21:31:36.0087 5968        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
21:31:36.0087 5968        b57nd60x - ok
21:31:36.0102 5968        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
21:31:36.0118 5968        BDESVC - ok
21:31:36.0149 5968        BDFM            (d1c3c6584df5dcd010915a4336294007) C:\windows\system32\DRIVERS\bdfm.sys
21:31:36.0165 5968        BDFM - ok
21:31:36.0196 5968        bdfsfltr        (9b281f5f673cbc5b9ec886d59e0b4f26) C:\windows\system32\DRIVERS\bdfsfltr.sys
21:31:36.0196 5968        bdfsfltr - ok
21:31:36.0289 5968        bdfwfpf        (3c1083ae136fc08cf5f62cf3cfce70a5) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Firewall\bdfwfpf.sys
21:31:36.0305 5968        bdfwfpf - ok
21:31:36.0367 5968        BDSelfPr        (258afc867f3f4eaaf442c7f0f0060fc4) C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\bdselfpr.sys
21:31:36.0383 5968        BDSelfPr ( UnsignedFile.Multi.Generic ) - warning
21:31:36.0383 5968        BDSelfPr - detected UnsignedFile.Multi.Generic (1)
21:31:36.0399 5968        BDVEDISK        (33392317fe8ab70b46c013d8af8fe119) C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\bdvedisk.sys
21:31:36.0414 5968        BDVEDISK - ok
21:31:36.0430 5968        Beep            (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
21:31:36.0461 5968        Beep - ok
21:31:36.0508 5968        BFE            (85ac71c045ceb054ed48a7841aae0c11) C:\windows\System32\bfe.dll
21:31:36.0539 5968        BFE - ok
21:31:36.0586 5968        BITS            (53f476476f55a27f580661bde09c4ec4) C:\windows\system32\qmgr.dll
21:31:36.0617 5968        BITS - ok
21:31:36.0648 5968        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
21:31:36.0648 5968        blbdrive - ok
21:31:36.0679 5968        bowser          (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
21:31:36.0679 5968        bowser - ok
21:31:36.0695 5968        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
21:31:36.0695 5968        BrFiltLo - ok
21:31:36.0711 5968        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
21:31:36.0726 5968        BrFiltUp - ok
21:31:36.0742 5968        BridgeMP        (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
21:31:36.0757 5968        BridgeMP - ok
21:31:36.0773 5968        Browser        (598e1280e7ff3744f4b8329366cc5635) C:\windows\System32\browser.dll
21:31:36.0804 5968        Browser - ok
21:31:36.0820 5968        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
21:31:36.0835 5968        Brserid - ok
21:31:36.0835 5968        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
21:31:36.0851 5968        BrSerWdm - ok
21:31:36.0867 5968        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
21:31:36.0867 5968        BrUsbMdm - ok
21:31:36.0882 5968        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
21:31:36.0882 5968        BrUsbSer - ok
21:31:36.0898 5968        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
21:31:36.0913 5968        BTHMODEM - ok
21:31:36.0929 5968        bthserv        (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
21:31:36.0945 5968        bthserv - ok
21:31:36.0960 5968        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
21:31:36.0976 5968        cdfs - ok
21:31:36.0976 5968        cdrom          (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
21:31:36.0991 5968        cdrom - ok
21:31:37.0007 5968        CertPropSvc    (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll
21:31:37.0023 5968        CertPropSvc - ok
21:31:37.0038 5968        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
21:31:37.0038 5968        circlass - ok
21:31:37.0069 5968        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
21:31:37.0069 5968        CLFS - ok
21:31:37.0132 5968        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:31:37.0163 5968        clr_optimization_v2.0.50727_32 - ok
21:31:37.0210 5968        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:31:37.0225 5968        clr_optimization_v4.0.30319_32 - ok
21:31:37.0241 5968        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
21:31:37.0241 5968        CmBatt - ok
21:31:37.0257 5968        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
21:31:37.0272 5968        cmdide - ok
21:31:37.0303 5968        CNG            (db5e008b3744dd60c8498cbbf2a1cfa6) C:\windows\system32\Drivers\cng.sys
21:31:37.0319 5968        CNG - ok
21:31:37.0335 5968        Compbatt        (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
21:31:37.0350 5968        Compbatt - ok
21:31:37.0366 5968        CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
21:31:37.0381 5968        CompositeBus - ok
21:31:37.0381 5968        COMSysApp - ok
21:31:37.0397 5968        cpuz134 - ok
21:31:37.0428 5968        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
21:31:37.0444 5968        crcdisk - ok
21:31:37.0491 5968        CryptSvc        (520a108a2657f4bca7fced9ca7d885de) C:\windows\system32\cryptsvc.dll
21:31:37.0506 5968        CryptSvc - ok
21:31:37.0537 5968        CSC            (27c9490bdd0ae48911ab8cf1932591ed) C:\windows\system32\drivers\csc.sys
21:31:37.0569 5968        CSC - ok
21:31:37.0600 5968        CscService      (56fb5f222ea30d3d3fc459879772cb73) C:\windows\System32\cscsvc.dll
21:31:37.0615 5968        CscService - ok
21:31:37.0647 5968        DcomLaunch      (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll
21:31:37.0678 5968        DcomLaunch - ok
21:31:37.0709 5968        defragsvc      (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
21:31:37.0740 5968        defragsvc - ok
21:31:37.0787 5968        DfsC            (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
21:31:37.0818 5968        DfsC - ok
21:31:37.0849 5968        DgiVecp        (770471de2550820feeb7e5d24bf2e273) C:\windows\system32\Drivers\DgiVecp.sys
21:31:37.0849 5968        DgiVecp ( UnsignedFile.Multi.Generic ) - warning
21:31:37.0849 5968        DgiVecp - detected UnsignedFile.Multi.Generic (1)
21:31:37.0865 5968        Dhcp            (c56495fbd770712367cad35e5de72da6) C:\windows\system32\dhcpcore.dll
21:31:37.0896 5968        Dhcp - ok
21:31:37.0912 5968        discache        (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
21:31:37.0927 5968        discache - ok
21:31:37.0959 5968        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
21:31:37.0959 5968        Disk - ok
21:31:37.0974 5968        Dnscache        (b15be77a2bacf9c3177d27518afe26a9) C:\windows\System32\dnsrslvr.dll
21:31:37.0990 5968        Dnscache - ok
21:31:38.0005 5968        dot3svc        (4408c85c21eea48eb0ce486baeef0502) C:\windows\System32\dot3svc.dll
21:31:38.0021 5968        dot3svc - ok
21:31:38.0037 5968        DPS            (7fa81c6e11caa594adb52084da73a1e5) C:\windows\system32\dps.dll
21:31:38.0068 5968        DPS - ok
21:31:38.0083 5968        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
21:31:38.0099 5968        drmkaud - ok
21:31:38.0130 5968        DXGKrnl        (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
21:31:38.0146 5968        DXGKrnl - ok
21:31:38.0161 5968        EapHost        (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
21:31:38.0193 5968        EapHost - ok
21:31:38.0317 5968        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
21:31:38.0364 5968        ebdrv - ok
21:31:38.0458 5968        EFS            (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\System32\lsass.exe
21:31:38.0489 5968        EFS - ok
21:31:38.0551 5968        ehRecvr        (1697c39978cd69f6fbc15302edcece1f) C:\windows\ehome\ehRecvr.exe
21:31:38.0567 5968        ehRecvr - ok
21:31:38.0598 5968        ehSched        (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
21:31:38.0598 5968        ehSched - ok
21:31:38.0645 5968        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
21:31:38.0661 5968        elxstor - ok
21:31:38.0676 5968        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
21:31:38.0676 5968        ErrDev - ok
21:31:38.0723 5968        EventSystem    (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
21:31:38.0739 5968        EventSystem - ok
21:31:38.0770 5968        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
21:31:38.0785 5968        exfat - ok
21:31:38.0801 5968        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
21:31:38.0832 5968        fastfat - ok
21:31:38.0863 5968        Fax            (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\windows\system32\fxssvc.exe
21:31:38.0879 5968        Fax - ok
21:31:38.0879 5968        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
21:31:38.0895 5968        fdc - ok
21:31:38.0895 5968        fdPHost        (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
21:31:38.0910 5968        fdPHost - ok
21:31:38.0926 5968        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
21:31:38.0941 5968        FDResPub - ok
21:31:38.0957 5968        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
21:31:38.0957 5968        FileInfo - ok
21:31:38.0973 5968        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
21:31:38.0988 5968        Filetrace - ok
21:31:39.0004 5968        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
21:31:39.0019 5968        flpydisk - ok
21:31:39.0035 5968        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
21:31:39.0051 5968        FltMgr - ok
21:31:39.0097 5968        FontCache      (7fe4995528a7529a761875151ee3d512) C:\windows\system32\FntCache.dll
21:31:39.0129 5968        FontCache - ok
21:31:39.0191 5968        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:31:39.0207 5968        FontCache3.0.0.0 - ok
21:31:39.0222 5968        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
21:31:39.0238 5968        FsDepends - ok
21:31:39.0253 5968        Fs_Rec          (500a9814fd9446a8126858a5a7f7d273) C:\windows\system32\drivers\Fs_Rec.sys
21:31:39.0269 5968        Fs_Rec - ok
21:31:39.0300 5968        fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
21:31:39.0316 5968        fvevol - ok
21:31:39.0331 5968        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
21:31:39.0347 5968        gagp30kx - ok
21:31:39.0378 5968        gpsvc          (8ba3c04702bf8f927ab36ae8313ca4ee) C:\windows\System32\gpsvc.dll
21:31:39.0409 5968        gpsvc - ok
21:31:39.0441 5968        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
21:31:39.0441 5968        hcw85cir - ok
21:31:39.0472 5968        HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
21:31:39.0487 5968        HdAudAddService - ok
21:31:39.0503 5968        HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
21:31:39.0519 5968        HDAudBus - ok
21:31:39.0519 5968        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
21:31:39.0534 5968        HidBatt - ok
21:31:39.0550 5968        HidBth          (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
21:31:39.0565 5968        HidBth - ok
21:31:39.0565 5968        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
21:31:39.0581 5968        HidIr - ok
21:31:39.0597 5968        hidserv        (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\System32\hidserv.dll
21:31:39.0612 5968        hidserv - ok
21:31:39.0612 5968        HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
21:31:39.0628 5968        HidUsb - ok
21:31:39.0643 5968        hkmsvc          (741c2a45ca8407e374aaba3e330b7872) C:\windows\system32\kmsvc.dll
21:31:39.0675 5968        hkmsvc - ok
21:31:39.0690 5968        HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\windows\system32\ListSvc.dll
21:31:39.0706 5968        HomeGroupListener - ok
21:31:39.0737 5968        HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\windows\system32\provsvc.dll
21:31:39.0753 5968        HomeGroupProvider - ok
21:31:39.0768 5968        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
21:31:39.0768 5968        HpSAMD - ok
21:31:39.0815 5968        HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
21:31:39.0846 5968        HTTP - ok
21:31:39.0846 5968        hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
21:31:39.0862 5968        hwpolicy - ok
21:31:39.0893 5968        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
21:31:39.0893 5968        i8042prt - ok
21:31:39.0924 5968        iaStorV        (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
21:31:39.0940 5968        iaStorV - ok
21:31:40.0033 5968        idsvc          (5af815eb5bc9802e5a064e2ba62bfc0c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:31:40.0065 5968        idsvc - ok
21:31:40.0283 5968        igfx            (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
21:31:40.0345 5968        igfx - ok
21:31:40.0439 5968        iirsp          (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
21:31:40.0455 5968        iirsp - ok
21:31:40.0501 5968        IKEEXT          (fac0ee6562b121b1399d6e855583f7a5) C:\windows\System32\ikeext.dll
21:31:40.0533 5968        IKEEXT - ok
21:31:40.0657 5968        IntcAzAudAddService (b44c0357d1fc7c9e4c0b0983a9e96ff9) C:\windows\system32\drivers\RTKVHDA.sys
21:31:40.0720 5968        IntcAzAudAddService - ok
21:31:40.0751 5968        IntcHdmiAddService (264632ade8127b7baa2190cf6fad435b) C:\windows\system32\drivers\IntcHdmi.sys
21:31:40.0767 5968        IntcHdmiAddService - ok
21:31:40.0782 5968        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
21:31:40.0782 5968        intelide - ok
21:31:40.0798 5968        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
21:31:40.0798 5968        intelppm - ok
21:31:40.0829 5968        IPBusEnum      (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
21:31:40.0860 5968        IPBusEnum - ok
21:31:40.0876 5968        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
21:31:40.0907 5968        IpFilterDriver - ok
21:31:40.0923 5968        iphlpsvc        (477397b432a256a50ee7e4339eb9ea14) C:\windows\System32\iphlpsvc.dll
21:31:40.0954 5968        iphlpsvc - ok
21:31:40.0969 5968        IPMIDRV        (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
21:31:40.0985 5968        IPMIDRV - ok
21:31:41.0001 5968        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
21:31:41.0016 5968        IPNAT - ok
21:31:41.0032 5968        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
21:31:41.0047 5968        IRENUM - ok
21:31:41.0047 5968        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
21:31:41.0063 5968        isapnp - ok
21:31:41.0079 5968        iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
21:31:41.0094 5968        iScsiPrt - ok
21:31:41.0110 5968        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
21:31:41.0125 5968        kbdclass - ok
21:31:41.0125 5968        kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
21:31:41.0141 5968        kbdhid - ok
21:31:41.0172 5968        KeyIso          (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe
21:31:41.0172 5968        KeyIso - ok
21:31:41.0203 5968        KSecDD          (52fc17c8589f11747d01d3cf592673d0) C:\windows\system32\Drivers\ksecdd.sys
21:31:41.0203 5968        KSecDD - ok
21:31:41.0235 5968        KSecPkg        (3e5474b03568cfab834da3c38e8c9efa) C:\windows\system32\Drivers\ksecpkg.sys
21:31:41.0250 5968        KSecPkg - ok
21:31:41.0281 5968        KtmRm          (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
21:31:41.0297 5968        KtmRm - ok
21:31:41.0328 5968        LanmanServer    (8f6bf790d3168224c16f2af68a84438c) C:\windows\System32\srvsvc.dll
21:31:41.0344 5968        LanmanServer - ok
21:31:41.0375 5968        LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\windows\System32\wkssvc.dll
21:31:41.0391 5968        LanmanWorkstation - ok
21:31:41.0500 5968        LIVESRV        (84b4faaff83cc69954c4ef2959b35b18) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Update Service\livesrv.exe
21:31:41.0531 5968        LIVESRV - ok
21:31:41.0547 5968        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
21:31:41.0578 5968        lltdio - ok
21:31:41.0609 5968        lltdsvc        (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
21:31:41.0625 5968        lltdsvc - ok
21:31:41.0640 5968        lmhosts        (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
21:31:41.0656 5968        lmhosts - ok
21:31:41.0687 5968        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
21:31:41.0703 5968        LSI_FC - ok
21:31:41.0718 5968        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
21:31:41.0734 5968        LSI_SAS - ok
21:31:41.0734 5968        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
21:31:41.0749 5968        LSI_SAS2 - ok
21:31:41.0765 5968        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
21:31:41.0765 5968        LSI_SCSI - ok
21:31:41.0796 5968        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
21:31:41.0812 5968        luafv - ok
21:31:41.0843 5968        MBAMProtector  (6dfe7f2e8e8a337263aa5c92a215f161) C:\windows\system32\drivers\mbam.sys
21:31:41.0843 5968        MBAMProtector - ok
21:31:41.0905 5968        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:31:41.0921 5968        MBAMService - ok
21:31:41.0952 5968        Mcx2Svc        (e2b0887816ed336685954e3d8fdaa51d) C:\windows\system32\Mcx2Svc.dll
21:31:41.0968 5968        Mcx2Svc - ok
21:31:41.0983 5968        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
21:31:41.0983 5968        megasas - ok
21:31:41.0999 5968        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
21:31:42.0015 5968        MegaSR - ok
21:31:42.0046 5968        MMCSS          (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
21:31:42.0061 5968        MMCSS - ok
21:31:42.0077 5968        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
21:31:42.0093 5968        Modem - ok
21:31:42.0108 5968        monitor        (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
21:31:42.0108 5968        monitor - ok
21:31:42.0139 5968        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
21:31:42.0139 5968        mouclass - ok
21:31:42.0155 5968        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
21:31:42.0171 5968        mouhid - ok
21:31:42.0186 5968        mountmgr        (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
21:31:42.0186 5968        mountmgr - ok
21:31:42.0202 5968        mpio            (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
21:31:42.0202 5968        mpio - ok
21:31:42.0217 5968        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
21:31:42.0233 5968        mpsdrv - ok
21:31:42.0280 5968        MpsSvc          (5cd996cecf45cbc3e8d109c86b82d69e) C:\windows\system32\mpssvc.dll
21:31:42.0311 5968        MpsSvc - ok
21:31:42.0327 5968        MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
21:31:42.0342 5968        MRxDAV - ok
21:31:42.0405 5968        mrxsmb          (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
21:31:42.0420 5968        mrxsmb - ok
21:31:42.0451 5968        mrxsmb10        (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
21:31:42.0467 5968        mrxsmb10 - ok
21:31:42.0498 5968        mrxsmb20        (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
21:31:42.0514 5968        mrxsmb20 - ok
21:31:42.0514 5968        msahci          (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
21:31:42.0529 5968        msahci - ok
21:31:42.0545 5968        msdsm          (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
21:31:42.0545 5968        msdsm - ok
21:31:42.0561 5968        MSDTC          (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
21:31:42.0576 5968        MSDTC - ok
21:31:42.0607 5968        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
21:31:42.0623 5968        Msfs - ok
21:31:42.0639 5968        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
21:31:42.0654 5968        mshidkmdf - ok
21:31:42.0654 5968        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
21:31:42.0670 5968        msisadrv - ok
21:31:42.0701 5968        MSiSCSI        (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
21:31:42.0717 5968        MSiSCSI - ok
21:31:42.0717 5968        msiserver - ok
21:31:42.0732 5968        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
21:31:42.0748 5968        MSKSSRV - ok
21:31:42.0763 5968        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
21:31:42.0779 5968        MSPCLOCK - ok
21:31:42.0795 5968        MSPQM          (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
21:31:42.0810 5968        MSPQM - ok
21:31:42.0826 5968        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
21:31:42.0841 5968        MsRPC - ok
21:31:42.0857 5968        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
21:31:42.0873 5968        mssmbios - ok
21:31:42.0919 5968        MSSQL$DWINSTANCE01 - ok
21:31:42.0966 5968        MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:31:42.0997 5968        MSSQLServerADHelper - ok
21:31:43.0029 5968        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
21:31:43.0075 5968        MSTEE - ok
21:31:43.0107 5968        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
21:31:43.0122 5968        MTConfig - ok
21:31:43.0138 5968        Mup            (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
21:31:43.0153 5968        Mup - ok
21:31:43.0185 5968        napagent        (80284f1985c70c86f0b5f86da2dfe1df) C:\windows\system32\qagentRT.dll
21:31:43.0231 5968        napagent - ok
21:31:43.0247 5968        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
21:31:43.0263 5968        NativeWifiP - ok
21:31:43.0309 5968        NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
21:31:43.0325 5968        NDIS - ok
21:31:43.0341 5968        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
21:31:43.0356 5968        NdisCap - ok
21:31:43.0372 5968        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
21:31:43.0387 5968        NdisTapi - ok
21:31:43.0403 5968        Ndisuio        (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
21:31:43.0419 5968        Ndisuio - ok
21:31:43.0434 5968        NdisWan        (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
21:31:43.0450 5968        NdisWan - ok
21:31:43.0450 5968        NDProxy        (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
21:31:43.0481 5968        NDProxy - ok
21:31:43.0481 5968        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
21:31:43.0512 5968        NetBIOS - ok
21:31:43.0528 5968        NetBT          (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
21:31:43.0543 5968        NetBT - ok
21:31:43.0575 5968        Netlogon        (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe
21:31:43.0590 5968        Netlogon - ok
21:31:43.0606 5968        Netman          (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
21:31:43.0637 5968        Netman - ok
21:31:43.0653 5968        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
21:31:43.0684 5968        netprofm - ok
21:31:43.0746 5968        NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:31:43.0762 5968        NetTcpPortSharing - ok
21:31:43.0793 5968        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
21:31:43.0809 5968        nfrd960 - ok
21:31:43.0824 5968        NlaSvc          (2226496e34bd40734946a054b1cd657f) C:\windows\System32\nlasvc.dll
21:31:43.0855 5968        NlaSvc - ok
21:31:43.0887 5968        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
21:31:43.0902 5968        Npfs - ok
21:31:43.0918 5968        nsi            (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
21:31:43.0933 5968        nsi - ok
21:31:43.0933 5968        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
21:31:43.0965 5968        nsiproxy - ok
21:31:44.0027 5968        Ntfs            (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
21:31:44.0058 5968        Ntfs - ok
21:31:44.0152 5968        Null            (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
21:31:44.0199 5968        Null - ok
21:31:44.0214 5968        NVHDA          (b4f70fac4ea61cf150823aa063a39ff9) C:\windows\system32\drivers\nvhda32v.sys
21:31:44.0214 5968        NVHDA - ok
21:31:44.0557 5968        nvlddmkm        (847b1755f7757f825305a1ffe6dac3e9) C:\windows\system32\DRIVERS\nvlddmkm.sys
21:31:44.0698 5968        nvlddmkm - ok
21:31:44.0776 5968        nvraid          (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
21:31:44.0791 5968        nvraid - ok
21:31:44.0823 5968        nvstor          (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
21:31:44.0854 5968        nvstor - ok
21:31:44.0885 5968        nvsvc          (7c732aff202dcd06c3d262966d71604c) C:\windows\system32\nvvsvc.exe
21:31:44.0901 5968        nvsvc - ok
21:31:45.0072 5968        nvUpdatusService (262d2fbf211a88dcb84249df0f6ef6e7) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:31:45.0103 5968        nvUpdatusService - ok
21:31:45.0181 5968        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
21:31:45.0197 5968        nv_agp - ok
21:31:45.0213 5968        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
21:31:45.0228 5968        ohci1394 - ok
21:31:45.0291 5968        ose            (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:31:45.0306 5968        ose - ok
21:31:45.0337 5968        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
21:31:45.0369 5968        p2pimsvc - ok
21:31:45.0400 5968        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
21:31:45.0415 5968        p2psvc - ok
21:31:45.0431 5968        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
21:31:45.0431 5968        Parport - ok
21:31:45.0462 5968        partmgr        (66d3415c159741ade7038a277efff99f) C:\windows\system32\drivers\partmgr.sys
21:31:45.0462 5968        partmgr - ok
21:31:45.0478 5968        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
21:31:45.0493 5968        Parvdm - ok
21:31:45.0509 5968        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
21:31:45.0525 5968        PcaSvc - ok
21:31:45.0525 5968        pci            (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
21:31:45.0540 5968        pci - ok
21:31:45.0540 5968        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
21:31:45.0556 5968        pciide - ok
21:31:45.0571 5968        pcmcia          (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
21:31:45.0587 5968        pcmcia - ok
21:31:45.0603 5968        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
21:31:45.0603 5968        pcw - ok
21:31:45.0634 5968        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
21:31:45.0665 5968        PEAUTH - ok
21:31:45.0727 5968        PeerDistSvc    (af4d64d2a57b9772cf3801950b8058a6) C:\windows\system32\peerdistsvc.dll
21:31:45.0774 5968        PeerDistSvc - ok
21:31:45.0868 5968        pla            (9c1bff7910c89a1d12e57343475840cb) C:\windows\system32\pla.dll
21:31:45.0899 5968        pla - ok
21:31:46.0008 5968        PlugPlay        (71def5ec79774c798342d0ea16e41780) C:\windows\system32\umpnpmgr.dll
21:31:46.0039 5968        PlugPlay - ok
21:31:46.0133 5968        PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files\Sony\Kamera\PMBDeviceInfoProvider.exe
21:31:46.0164 5968        PMBDeviceInfoProvider - ok
21:31:46.0180 5968        PNRPAutoReg    (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
21:31:46.0180 5968        PNRPAutoReg - ok
21:31:46.0211 5968        PNRPsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
21:31:46.0227 5968        PNRPsvc - ok
21:31:46.0258 5968        PolicyAgent    (48e1b75c6dc0232fd92baae4bd344721) C:\windows\System32\ipsecsvc.dll
21:31:46.0289 5968        PolicyAgent - ok
21:31:46.0305 5968        Power          (dbff83f709a91049621c1d35dd45c92c) C:\windows\system32\umpo.dll
21:31:46.0320 5968        Power - ok
21:31:46.0351 5968        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
21:31:46.0367 5968        PptpMiniport - ok
21:31:46.0398 5968        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
21:31:46.0398 5968        Processor - ok
21:31:46.0476 5968        Profos          (d90a33660d328a9f587580f0b38c85de) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Threat Scanner\profos.sys
21:31:46.0492 5968        Profos ( UnsignedFile.Multi.Generic ) - warning
21:31:46.0492 5968        Profos - detected UnsignedFile.Multi.Generic (1)
21:31:46.0523 5968        ProfSvc        (aea3bdbdba667aa6f678cb38907e4f5e) C:\windows\system32\profsvc.dll
21:31:46.0539 5968        ProfSvc - ok
21:31:46.0570 5968        ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe
21:31:46.0585 5968        ProtectedStorage - ok
21:31:46.0617 5968        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
21:31:46.0632 5968        Psched - ok
21:31:46.0710 5968        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
21:31:46.0741 5968        ql2300 - ok
21:31:46.0835 5968        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
21:31:46.0851 5968        ql40xx - ok
21:31:46.0882 5968        QWAVE          (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
21:31:46.0913 5968        QWAVE - ok
21:31:46.0913 5968        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
21:31:46.0929 5968        QWAVEdrv - ok
21:31:46.0944 5968        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
21:31:46.0960 5968        RasAcd - ok
21:31:46.0991 5968        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
21:31:47.0007 5968        RasAgileVpn - ok
21:31:47.0022 5968        RasAuto        (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
21:31:47.0038 5968        RasAuto - ok
21:31:47.0038 5968        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
21:31:47.0069 5968        Rasl2tp - ok
21:31:47.0085 5968        RasMan          (0ce66ec736b7fc526d78f7624c7d2a94) C:\windows\System32\rasmans.dll
21:31:47.0116 5968        RasMan - ok
21:31:47.0116 5968        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
21:31:47.0147 5968        RasPppoe - ok
21:31:47.0147 5968        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
21:31:47.0163 5968        RasSstp - ok
21:31:47.0194 5968        rdbss          (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
21:31:47.0209 5968        rdbss - ok
21:31:47.0225 5968        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
21:31:47.0241 5968        rdpbus - ok
21:31:47.0256 5968        RDPCDD          (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
21:31:47.0272 5968        RDPCDD - ok
21:31:47.0303 5968        RDPDR          (c5ff95883ffef704d50c40d21cfb3ab5) C:\windows\system32\drivers\rdpdr.sys
21:31:47.0319 5968        RDPDR - ok
21:31:47.0319 5968        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
21:31:47.0334 5968        RDPENCDD - ok
21:31:47.0350 5968        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
21:31:47.0365 5968        RDPREFMP - ok
21:31:47.0397 5968        RDPWD          (c5b8d47a4688de9d335204ea757c2240) C:\windows\system32\drivers\RDPWD.sys
21:31:47.0412 5968        RDPWD - ok
21:31:47.0428 5968        rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
21:31:47.0443 5968        rdyboost - ok
21:31:47.0459 5968        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
21:31:47.0490 5968        RemoteAccess - ok
21:31:47.0506 5968        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
21:31:47.0521 5968        RemoteRegistry - ok
21:31:47.0537 5968        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
21:31:47.0553 5968        RpcEptMapper - ok
21:31:47.0568 5968        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
21:31:47.0584 5968        RpcLocator - ok
21:31:47.0615 5968        RpcSs          (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll
21:31:47.0631 5968        RpcSs - ok
21:31:47.0646 5968        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
21:31:47.0662 5968        rspndr - ok
21:31:47.0709 5968        RTL8167        (60647bfa2fef7f6d6fbbaf661312f2ce) C:\windows\system32\DRIVERS\Rt86win7.sys
21:31:47.0724 5968        RTL8167 - ok
21:31:47.0724 5968        s3cap          (5423d8437051e89dd34749f242c98648) C:\windows\system32\DRIVERS\vms3cap.sys
21:31:47.0740 5968        s3cap - ok
21:31:47.0771 5968        SamSs          (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe
21:31:47.0771 5968        SamSs - ok
21:31:47.0802 5968        Samsung UPD Service2 (2a54eff79b03a8c2389f2bb0f2264f1e) C:\windows\System32\SUPDSvc2.exe
21:31:47.0818 5968        Samsung UPD Service2 - ok
21:31:47.0833 5968        sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
21:31:47.0849 5968        sbp2port - ok
21:31:47.0943 5968        scan            (a2c93f04bef9bdd44353aa1a945696ac) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Threat Scanner\scan.dll
21:31:47.0974 5968        scan ( UnsignedFile.Multi.Generic ) - warning
21:31:47.0974 5968        scan - detected UnsignedFile.Multi.Generic (1)
21:31:48.0005 5968        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
21:31:48.0021 5968        SCardSvr - ok
21:31:48.0021 5968        scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
21:31:48.0052 5968        scfilter - ok
21:31:48.0099 5968        Schedule        (df1e5c82e4d09cf8105cc644980c4803) C:\windows\system32\schedsvc.dll
21:31:48.0130 5968        Schedule - ok
21:31:48.0130 5968        SCPolicySvc    (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll
21:31:48.0161 5968        SCPolicySvc - ok
21:31:48.0161 5968        SDRSVC          (5fd90abdbfaee85986802622cbb03446) C:\windows\System32\SDRSVC.dll
21:31:48.0177 5968        SDRSVC - ok
21:31:48.0208 5968        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
21:31:48.0223 5968        secdrv - ok
21:31:48.0239 5968        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
21:31:48.0255 5968        seclogon - ok
21:31:48.0270 5968        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\windows\system32\sens.dll
21:31:48.0286 5968        SENS - ok
21:31:48.0317 5968        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
21:31:48.0317 5968        SensrSvc - ok
21:31:48.0348 5968        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
21:31:48.0364 5968        Serenum - ok
21:31:48.0364 5968        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
21:31:48.0379 5968        Serial - ok
21:31:48.0379 5968        sermouse        (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
21:31:48.0379 5968        sermouse - ok
21:31:48.0395 5968        SessionEnv      (8f55ce568c543d5adf45c409d16718fc) C:\windows\system32\sessenv.dll
21:31:48.0426 5968        SessionEnv - ok
21:31:48.0442 5968        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
21:31:48.0457 5968        sffdisk - ok
21:31:48.0457 5968        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
21:31:48.0473 5968        sffp_mmc - ok
21:31:48.0473 5968        sffp_sd        (a0708bbd07d245c06ff9de549ca47185) C:\windows\system32\DRIVERS\sffp_sd.sys
21:31:48.0489 5968        sffp_sd - ok
21:31:48.0489 5968        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
21:31:48.0504 5968        sfloppy - ok
21:31:48.0535 5968        SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
21:31:48.0551 5968        SharedAccess - ok
21:31:48.0567 5968        ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\windows\System32\shsvcs.dll
21:31:48.0582 5968        ShellHWDetection - ok
21:31:48.0598 5968        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
21:31:48.0613 5968        sisagp - ok
21:31:48.0613 5968        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
21:31:48.0629 5968        SiSRaid2 - ok
21:31:48.0629 5968        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
21:31:48.0645 5968        SiSRaid4 - ok
21:31:48.0676 5968        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
21:31:48.0691 5968        Smb - ok
21:31:48.0723 5968        snapman        (8d16aa2fb47821365606677baae5238e) C:\windows\system32\DRIVERS\snapman.sys
21:31:48.0723 5968        snapman - ok
21:31:48.0738 5968        SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
21:31:48.0754 5968        SNMPTRAP - ok
21:31:48.0754 5968        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
21:31:48.0754 5968        spldr - ok
21:31:48.0801 5968        Spooler        (d1bb750eb51694de183e08b9c33be5b2) C:\windows\System32\spoolsv.exe
21:31:48.0801 5968        Spooler - ok
21:31:48.0941 5968        sppsvc          (4c287f9069fedbd791178876ee9de536) C:\windows\system32\sppsvc.exe
21:31:48.0988 5968        sppsvc - ok
21:31:49.0066 5968        sppuinotify    (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\windows\system32\sppuinotify.dll
21:31:49.0113 5968        sppuinotify - ok
21:31:49.0191 5968        SQLBrowser      (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:31:49.0206 5968        SQLBrowser - ok
21:31:49.0237 5968        SQLWriter      (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:31:49.0253 5968        SQLWriter - ok
21:31:49.0284 5968        srv            (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
21:31:49.0315 5968        srv - ok
21:31:49.0331 5968        srv2            (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
21:31:49.0347 5968        srv2 - ok
21:31:49.0362 5968        srvnet          (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
21:31:49.0362 5968        srvnet - ok
21:31:49.0409 5968        SSDPSRV        (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
21:31:49.0425 5968        SSDPSRV - ok
21:31:49.0440 5968        SstpSvc        (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
21:31:49.0456 5968        SstpSvc - ok
21:31:49.0518 5968        Stereo Service  (fb8fcf538184a28f674fea9521d7a6bb) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:31:49.0534 5968        Stereo Service - ok
21:31:49.0565 5968        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
21:31:49.0565 5968        stexstor - ok
21:31:49.0596 5968        StiSvc          (a22825e7bb7018e8af3e229a5af17221) C:\windows\System32\wiaservc.dll
21:31:49.0612 5968        StiSvc - ok
21:31:49.0627 5968        storflt        (957e346ca948668f2496a6ccf6ff82cc) C:\windows\system32\DRIVERS\vmstorfl.sys
21:31:49.0627 5968        storflt - ok
21:31:49.0659 5968        StorSvc        (0bf669f0a910beda4a32258d363af2a5) C:\windows\system32\storsvc.dll
21:31:49.0659 5968        StorSvc - ok
21:31:49.0659 5968        storvsc        (d5751969dc3e4b88bf482ac8ec9fe019) C:\windows\system32\DRIVERS\storvsc.sys
21:31:49.0674 5968        storvsc - ok
21:31:49.0690 5968        swenum          (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
21:31:49.0690 5968        swenum - ok
21:31:49.0721 5968        swprv          (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
21:31:49.0737 5968        swprv - ok
21:31:49.0799 5968        SysMain        (04105c8da62353589c29bdaeb8d88bd8) C:\windows\system32\sysmain.dll
21:31:49.0815 5968        SysMain - ok
21:31:49.0830 5968        TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\windows\System32\TabSvc.dll
21:31:49.0846 5968        TabletInputService - ok
21:31:49.0861 5968        TapiSrv        (2f46b0c70a4adc8c90cf825da3b4feaf) C:\windows\System32\tapisrv.dll
21:31:49.0893 5968        TapiSrv - ok
21:31:49.0893 5968        TBS            (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
21:31:49.0924 5968        TBS - ok
21:31:50.0033 5968        Tcpip          (55e9965552741f3850cb22cbba9671ed) C:\windows\system32\drivers\tcpip.sys
21:31:50.0080 5968        Tcpip - ok
21:31:50.0220 5968        TCPIP6          (55e9965552741f3850cb22cbba9671ed) C:\windows\system32\DRIVERS\tcpip.sys
21:31:50.0251 5968        TCPIP6 - ok
21:31:50.0314 5968        tcpipreg        (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
21:31:50.0345 5968        tcpipreg - ok
21:31:50.0361 5968        TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
21:31:50.0361 5968        TDPIPE - ok
21:31:50.0392 5968        TDTCP          (7156308896d34ea75a582f9a09e50c17) C:\windows\system32\drivers\tdtcp.sys
21:31:50.0392 5968        TDTCP - ok
21:31:50.0407 5968        tdx            (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
21:31:50.0423 5968        tdx - ok
21:31:50.0439 5968        TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
21:31:50.0454 5968        TermDD - ok
21:31:50.0501 5968        TermService    (a01e50a04d7b1960b33e92b9080e6a94) C:\windows\System32\termsrv.dll
21:31:50.0532 5968        TermService - ok
21:31:50.0548 5968        Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
21:31:50.0548 5968        Themes - ok
21:31:50.0579 5968        THREADORDER    (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
21:31:50.0595 5968        THREADORDER - ok
21:31:50.0641 5968        timounter      (3e06987fedbcdfbff8e85ef8108565f9) C:\windows\system32\DRIVERS\timntr.sys
21:31:50.0657 5968        timounter - ok
21:31:50.0673 5968        TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
21:31:50.0688 5968        TrkWks - ok
21:31:50.0766 5968        Trufos          (b16d66a71de03285e14e9f165b59eda4) C:\Program Files\Common Files\Acronis Backup and Security\Acronis Backup and Security Threat Scanner\trufos.sys
21:31:50.0782 5968        Trufos ( UnsignedFile.Multi.Generic ) - warning
21:31:50.0782 5968        Trufos - detected UnsignedFile.Multi.Generic (1)
21:31:50.0829 5968        TrustedInstaller (41a4c781d2286208d397d72099304133) C:\windows\servicing\TrustedInstaller.exe
21:31:50.0860 5968        TrustedInstaller - ok
21:31:50.0891 5968        tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
21:31:50.0922 5968        tssecsrv - ok
21:31:50.0938 5968        tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
21:31:50.0969 5968        tunnel - ok
21:31:51.0000 5968        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
21:31:51.0000 5968        uagp35 - ok
21:31:51.0016 5968        udfs            (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
21:31:51.0047 5968        udfs - ok
21:31:51.0063 5968        UI0Detect      (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
21:31:51.0078 5968        UI0Detect - ok
21:31:51.0109 5968        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
21:31:51.0109 5968        uliagpkx - ok
21:31:51.0141 5968        umbus          (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
21:31:51.0141 5968        umbus - ok
21:31:51.0156 5968        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
21:31:51.0172 5968        UmPass - ok
21:31:51.0187 5968        UmRdpService    (8ecaca5454844f66386f7be4ae0d7cd1) C:\windows\System32\umrdp.dll
21:31:51.0203 5968        UmRdpService - ok
21:31:51.0219 5968        upnphost        (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
21:31:51.0250 5968        upnphost - ok
21:31:51.0265 5968        usbccgp        (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys
21:31:51.0281 5968        usbccgp - ok
21:31:51.0297 5968        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
21:31:51.0297 5968        usbcir - ok
21:31:51.0312 5968        usbehci        (1c333bfd60f2fed2c7ad5daf533cb742) C:\windows\system32\drivers\usbehci.sys
21:31:51.0312 5968        usbehci - ok
21:31:51.0343 5968        usbhub          (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys
21:31:51.0359 5968        usbhub - ok
21:31:51.0375 5968        usbohci        (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys
21:31:51.0375 5968        usbohci - ok
21:31:51.0390 5968        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
21:31:51.0390 5968        usbprint - ok
21:31:51.0421 5968        usbscan        (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
21:31:51.0421 5968        usbscan - ok
21:31:51.0453 5968        USBSTOR        (d8889d56e0d27e57ed4591837fe71d27) C:\windows\system32\DRIVERS\USBSTOR.SYS
21:31:51.0468 5968        USBSTOR - ok
21:31:51.0468 5968        usbuhci        (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys
21:31:51.0484 5968        usbuhci - ok
21:31:51.0499 5968        UxSms          (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
21:31:51.0515 5968        UxSms - ok
21:31:51.0546 5968        VaultSvc        (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe
21:31:51.0562 5968        VaultSvc - ok
21:31:51.0577 5968        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
21:31:51.0593 5968        vdrvroot - ok
21:31:51.0609 5968        vds            (8c4e7c49d3641bc9e299e466a7f8867d) C:\windows\System32\vds.exe
21:31:51.0624 5968        vds - ok
21:31:51.0655 5968        vga            (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
21:31:51.0655 5968        vga - ok
21:31:51.0687 5968        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
21:31:51.0702 5968        VgaSave - ok
21:31:51.0718 5968        vhdmp          (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
21:31:51.0733 5968        vhdmp - ok
21:31:51.0749 5968        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
21:31:51.0765 5968        viaagp - ok
21:31:51.0765 5968        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
21:31:51.0780 5968        ViaC7 - ok
21:31:51.0780 5968        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
21:31:51.0796 5968        viaide - ok
21:31:51.0811 5968        vmbus          (379b349f65f453d2a6e75ea6b7448e49) C:\windows\system32\DRIVERS\vmbus.sys
21:31:51.0827 5968        vmbus - ok
21:31:51.0827 5968        VMBusHID        (ec2bbab4b84d0738c6c83d2234dc36fe) C:\windows\system32\DRIVERS\VMBusHID.sys
21:31:51.0843 5968        VMBusHID - ok
21:31:51.0843 5968        volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
21:31:51.0858 5968        volmgr - ok
21:31:51.0874 5968        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
21:31:51.0889 5968        volmgrx - ok
21:31:51.0905 5968        volsnap        (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
21:31:51.0921 5968        volsnap - ok
21:31:51.0921 5968        vpcbus          (33e74df34753fcaab06f6f2bdc8cabf5) C:\windows\system32\DRIVERS\vpchbus.sys
21:31:51.0936 5968        vpcbus - ok
21:31:51.0952 5968        vpcnfltr        (5f04362ceb5fb5901037e9d9eadd3760) C:\windows\system32\DRIVERS\vpcnfltr.sys
21:31:51.0967 5968        vpcnfltr - ok
21:31:51.0983 5968        vpcusb          (625088d6ee9ede977fd03cf18d1cd5c5) C:\windows\system32\DRIVERS\vpcusb.sys
21:31:51.0999 5968        vpcusb - ok
21:31:52.0030 5968        vpcvmm          (1023c696d42268e9071bb376dbec8396) C:\windows\system32\drivers\vpcvmm.sys
21:31:52.0045 5968        vpcvmm - ok
21:31:52.0061 5968        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
21:31:52.0077 5968        vsmraid - ok
21:31:52.0139 5968        VSS            (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\windows\system32\vssvc.exe
21:31:52.0170 5968        VSS - ok
21:31:52.0295 5968        VSSERV          (49b1e718b6c05407a1e465a75a979a3a) C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\vsserv.exe
21:31:52.0326 5968        VSSERV - ok
21:31:52.0435 5968        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\System32\drivers\vwifibus.sys
21:31:52.0451 5968        vwifibus - ok
21:31:52.0467 5968        W32Time        (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
21:31:52.0498 5968        W32Time - ok
21:31:52.0529 5968        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
21:31:52.0529 5968        WacomPen - ok
21:31:52.0545 5968        WANARP          (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
21:31:52.0560 5968        WANARP - ok
21:31:52.0560 5968        Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
21:31:52.0591 5968        Wanarpv6 - ok
21:31:52.0638 5968        wbengine        (7790b77fe1e5ee47dcc66247095bb4c9) C:\windows\system32\wbengine.exe
21:31:52.0669 5968        wbengine - ok
21:31:52.0685 5968        WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
21:31:52.0701 5968        WbioSrvc - ok
21:31:52.0732 5968        wcncsvc        (6d9b75275c3e3a5f51aef81affadb2b6) C:\windows\System32\wcncsvc.dll
21:31:52.0747 5968        wcncsvc - ok
21:31:52.0747 5968        WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
21:31:52.0763 5968        WcsPlugInService - ok
21:31:52.0779 5968        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
21:31:52.0794 5968        Wd - ok
21:31:52.0825 5968        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
21:31:52.0825 5968        Wdf01000 - ok
21:31:52.0841 5968        WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
21:31:52.0857 5968        WdiServiceHost - ok
21:31:52.0857 5968        WdiSystemHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
21:31:52.0872 5968        WdiSystemHost - ok
21:31:52.0903 5968        WebClient      (bb5ec38f8d4600119b4720bc5d4211f1) C:\windows\System32\webclnt.dll
21:31:52.0919 5968        WebClient - ok
21:31:52.0935 5968        Wecsvc          (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
21:31:52.0966 5968        Wecsvc - ok
21:31:52.0966 5968        wercplsupport  (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
21:31:52.0997 5968        wercplsupport - ok
21:31:53.0013 5968        WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
21:31:53.0028 5968        WerSvc - ok
21:31:53.0044 5968        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
21:31:53.0059 5968        WfpLwf - ok
21:31:53.0091 5968        WimFltr        (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\windows\system32\DRIVERS\wimfltr.sys
21:31:53.0106 5968        WimFltr - ok
21:31:53.0137 5968        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
21:31:53.0153 5968        WIMMount - ok
21:31:53.0200 5968        WinDefend      (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
21:31:53.0231 5968        WinDefend - ok
21:31:53.0231 5968        WinHttpAutoProxySvc - ok
21:31:53.0278 5968        Winmgmt        (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
21:31:53.0309 5968        Winmgmt - ok
21:31:53.0371 5968        WinRM          (c4f5d3901d1b41d602ddc196e0b95b51) C:\windows\system32\WsmSvc.dll
21:31:53.0418 5968        WinRM - ok
21:31:53.0481 5968        Wlansvc        (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
21:31:53.0512 5968        Wlansvc - ok
21:31:53.0559 5968        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
21:31:53.0590 5968        WmiAcpi - ok
21:31:53.0605 5968        wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
21:31:53.0621 5968        wmiApSrv - ok
21:31:53.0715 5968        WMPNetworkSvc  (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:31:53.0761 5968        WMPNetworkSvc - ok
21:31:53.0808 5968        WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
21:31:53.0839 5968        WPCSvc - ok
21:31:53.0855 5968        WPDBusEnum      (b7f658a2ebc07129538ad9ab35212637) C:\windows\system32\wpdbusenum.dll
21:31:53.0871 5968        WPDBusEnum - ok
21:31:53.0933 5968        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
21:31:53.0964 5968        ws2ifsl - ok
21:31:53.0980 5968        wscsvc          (a661a76333057b383a06e65f0073222f) C:\windows\system32\wscsvc.dll
21:31:53.0995 5968        wscsvc - ok
21:31:53.0995 5968        WSearch - ok
21:31:54.0105 5968        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\windows\system32\wuaueng.dll
21:31:54.0151 5968        wuauserv - ok
21:31:54.0229 5968        WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
21:31:54.0261 5968        WudfPf - ok
21:31:54.0276 5968        WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
21:31:54.0292 5968        WUDFRd - ok
21:31:54.0339 5968        wudfsvc        (ddee3682fe97037c45f4d7ab467cb8b6) C:\windows\System32\WUDFSvc.dll
21:31:54.0370 5968        wudfsvc - ok
21:31:54.0401 5968        WwanSvc        (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
21:31:54.0417 5968        WwanSvc - ok
21:31:54.0417 5968        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:31:54.0619 5968        \Device\Harddisk0\DR0 - ok
21:31:54.0651 5968        Boot (0x1200)  (951deba248bbb9a7fe509f16fef3433f) \Device\Harddisk0\DR0\Partition0
21:31:54.0651 5968        \Device\Harddisk0\DR0\Partition0 - ok
21:31:54.0651 5968        ============================================================
21:31:54.0651 5968        Scan finished
21:31:54.0651 5968        ============================================================
21:31:54.0666 0976        Detected object count: 5
21:31:54.0666 0976        Actual detected object count: 5
21:32:07.0692 0976        BDSelfPr ( UnsignedFile.Multi.Generic ) - skipped by user
21:32:07.0692 0976        BDSelfPr ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:32:07.0692 0976        DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
21:32:07.0692 0976        DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:32:07.0692 0976        Profos ( UnsignedFile.Multi.Generic ) - skipped by user
21:32:07.0692 0976        Profos ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:32:07.0692 0976        scan ( UnsignedFile.Multi.Generic ) - skipped by user
21:32:07.0692 0976        scan ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:32:07.0708 0976        Trufos ( UnsignedFile.Multi.Generic ) - skipped by user
21:32:07.0708 0976        Trufos ( UnsignedFile.Multi.Generic ) - User select action: Skip
hoffe das ist noch zu beheben. Danke mal wieder im vorraus.

markusg 14.08.2012 18:48
start ausführen, tippe:
msconfig
systemstart
alle haken raus außer bei
Acronis
dann ok klicken, neustart.
bitte mal alle aktuellen driver instalieren und windows update erneut ausführen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:01 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131