Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   TR/ATRAPAS.GEN, GEN2 und TR/Small.F1 mit ständigen Meldungen (https://www.trojaner-board.de/117788-tr-atrapas-gen-gen2-tr-small-f1-staendigen-meldungen.html)

H4rdDiskDriv 22.06.2012 19:43
TR/ATRAPAS.GEN, GEN2 und TR/Small.F1 mit ständigen Meldungen
 
Kurz vorweg: Eure goldenen Regeln sind verwirrend. Bei den einen soll man gucken ob es soetwas nicht schon einmal gegeben hat und bei den anderen soll man das garnicht ausprobieren. *verwirrt*

Hey,
also seit heut Morgen hab ich das Problem das Avira in unregelmäßigen, kurzen Abständen Meldungen macht, das die besagten Programme gefunden wurden. Die Dateien werden unter
C:\Windows\Installer\{1a010c53-5aa6-5c59-2759-42e47dea94f8}\U\
gefunden.
Es kommen nur Meldungen bei bestehender Internetverbindung.

1. Ich hab defogger benutzt.
2. otl.txt
Code:
OTL logfile created on: 22.06.2012 19:49:46 - Run 1
OTL by OldTimer - Version 3.2.51.0    Folder = C:\Users\Benni\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 45,15% Memory free
7,73 Gb Paging File | 5,41 Gb Available in Paging File | 69,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,94 Gb Total Space | 329,60 Gb Free Space | 72,61% Space Free | Partition Type: NTFS
 
Computer Name: BENNI´S-PC | User Name: Benni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.22 19:45:29 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Downloads\OTL.exe
PRC - [2012.06.04 13:59:11 | 000,466,896 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
PRC - [2012.06.04 13:59:11 | 000,466,896 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\program files (x86)\avira\antivir desktop\avscan.exe
PRC - [2012.06.04 13:59:11 | 000,466,896 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
PRC - [2012.06.04 13:59:11 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.06.04 13:59:11 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.06.04 13:59:11 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.10.21 20:40:38 | 000,073,728 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
PRC - [2011.10.17 16:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.08.30 18:53:46 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.12.23 11:00:12 | 003,344,384 | ---- | M] () -- C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
PRC - [2009.12.28 05:37:10 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009.11.02 01:40:52 | 001,100,368 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009.10.01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.10.01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.09.25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009.07.10 03:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2010.12.23 11:00:12 | 003,344,384 | ---- | M] () -- C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
MOD - [2010.12.02 14:01:18 | 000,994,304 | ---- | M] () -- C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2010.12.02 11:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.11.24 03:11:21 | 002,535,936 | ---- | M] () -- C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll
MOD - [2010.11.01 14:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.10.11 04:13:52 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll
MOD - [2010.09.20 08:19:01 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll
MOD - [2010.09.20 08:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ZoomControl.dll
MOD - [2010.09.20 08:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ScrollbarControl.dll
MOD - [2010.09.20 08:18:50 | 000,117,760 | ---- | M] () -- C:\Program Files (x86)\MOUSE Editor\DLL\DLL_Wheel4D.dll
MOD - [2009.12.28 05:37:10 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.07.28 23:35:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\SysNative\svchost.exe -- (SharedAccess)
SRV:64bit: - [2009.07.14 03:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV - [2012.06.17 13:40:52 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.04 13:59:11 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.06.04 13:59:11 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.06.01 19:17:59 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.21 20:40:38 | 000,073,728 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2011.10.17 16:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011.08.30 18:53:46 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.10.01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.09.30 15:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.09.25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.07.10 03:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.30 18:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.03.28 04:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Programme\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2007.01.11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.06.04 13:59:11 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.06.04 13:59:11 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.12.02 19:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011.11.23 16:13:10 | 002,796,544 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.10.17 15:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.09.16 17:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.07.29 00:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.07.29 00:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.28 22:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.31 20:08:06 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.02.10 22:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.12.18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.09.18 06:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.08.13 21:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.08.09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009.07.23 00:06:26 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009.06.20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV - [2010.11.01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={FB1FD20E-1ECB-4FD8-A1AE-1A3F96887A29}&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&lang=de&ds=od011&pr=sa&d=2012-03-22 15:23:38&v=10.2.0.3&sap=hp
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE363
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={FB1FD20E-1ECB-4FD8-A1AE-1A3F96887A29}&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&lang=de&ds=od011&pr=sa&d=2012-03-22 15:23:38&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/|hxxp://ts6.travian.de/dorf1.php"
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.3.1
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B3789daa5-d450-42db-ab92-525375a232f9%7D&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&ds=od011&v=10.2.0.3&lang=de&pr=sa&d=2012-03-22%2015%3A23%3A38&sap=ku&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Benni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.24 23:55:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 13:40:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.21 16:24:39 | 000,000,000 | ---D | M]
 
[2011.10.18 14:26:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Extensions
[2010.09.30 16:36:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.10.18 14:26:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2012.06.02 23:32:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\e9koplpd.default\extensions
[2011.03.19 19:26:51 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\e9koplpd.default\extensions\personas@christopher.beard
[2012.03.17 22:29:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.24 23:55:07 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.06.17 13:40:52 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.01 20:28:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.22 16:23:27 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011.10.01 20:28:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.01 20:28:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.01 20:28:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.01 20:28:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.01 20:28:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ccleaner] C:\Program Files (x86)\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [OscarEditor] C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe ()
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\XviD\CheckUpdate.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.exe - Verknüpfung.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B568ABAA-7280-411C-B11F-85168FC4DE44}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C05802F8-E6BF-4286-B352-97A9C53E16F2}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{01ef7b56-43f0-11df-ab52-00262d7912b4}\Shell - "" = AutoRun
O33 - MountPoints2\{01ef7b56-43f0-11df-ab52-00262d7912b4}\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.22 17:17:00 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Malwarebytes
[2012.06.22 17:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.22 17:16:50 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.22 17:16:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.21 19:55:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Regnum Online
[2012.06.21 12:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.06.21 12:03:31 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\pdfforge
[2012.06.21 12:03:29 | 000,095,232 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.06.21 12:03:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012.06.12 00:17:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2012.06.11 13:46:43 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Local\Macromedia
[2012.06.06 17:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.06.02 19:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2012.06.02 19:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2012.05.27 14:47:29 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\LolClient2
[2009.11.05 05:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\Windows\SysNative\
[2012.06.22 19:44:25 | 000,000,000 | ---- | M] () -- C:\Users\Benni\defogger_reenable
[2012.06.22 19:44:09 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.22 17:44:04 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.22 17:16:51 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.22 10:42:17 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.22 10:42:17 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.22 10:34:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.22 10:33:56 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.21 12:03:32 | 000,001,204 | ---- | M] () -- C:\Users\Public\Desktop\PDFArchitect.lnk
[2012.06.21 12:03:32 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2012.06.19 02:35:18 | 000,007,604 | ---- | M] () -- C:\Users\Benni\AppData\Local\Resmon.ResmonCfg
[2012.06.17 19:53:09 | 000,249,275 | ---- | M] () -- C:\Users\Benni\Desktop\Skyrim add on.jpg
[2012.06.16 23:16:06 | 000,143,514 | ---- | M] () -- C:\Users\Benni\Desktop\181414_437905312910103_280672572_n.jpg
[2012.06.15 06:51:42 | 000,095,232 | ---- | M] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.06.05 17:09:56 | 001,527,614 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.05 17:09:56 | 000,664,868 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.05 17:09:56 | 000,625,010 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.05 17:09:56 | 000,135,004 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.05 17:09:56 | 000,110,648 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.04 13:59:11 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.06.04 13:59:11 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.06.02 19:37:53 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012.06.02 19:37:53 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012.05.29 17:15:45 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.25 07:46:53 | 000,031,915 | ---- | M] () -- C:\Users\Benni\Desktop\WismarAlterSchwede.jpg
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
File not found -- C:\Windows\SysNative\
[2012.06.22 19:44:25 | 000,000,000 | ---- | C] () -- C:\Users\Benni\defogger_reenable
[2012.06.22 18:21:36 | 000,022,016 | ---- | C] () -- C:\Windows\Installer\{1a010c53-5aa6-5c59-2759-42e47dea94f8}\U\800000cb.@
[2012.06.22 18:21:36 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{1a010c53-5aa6-5c59-2759-42e47dea94f8}\U\00000001.@
[2012.06.22 17:35:35 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{1a010c53-5aa6-5c59-2759-42e47dea94f8}\U\80000000.@
[2012.06.22 17:16:51 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.21 12:03:32 | 000,001,204 | ---- | C] () -- C:\Users\Public\Desktop\PDFArchitect.lnk
[2012.06.21 12:03:32 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2012.06.17 19:52:46 | 000,249,275 | ---- | C] () -- C:\Users\Benni\Desktop\Skyrim add on.jpg
[2012.06.16 23:15:46 | 000,143,514 | ---- | C] () -- C:\Users\Benni\Desktop\181414_437905312910103_280672572_n.jpg
[2012.06.12 00:17:32 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2012.06.12 00:17:32 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2012.06.12 00:17:32 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2012.06.12 00:17:31 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.06.12 00:17:31 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.06.12 00:17:31 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2012.06.02 19:37:53 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012.06.02 19:37:53 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012.06.02 19:37:49 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.05.25 07:46:52 | 000,031,915 | ---- | C] () -- C:\Users\Benni\Desktop\WismarAlterSchwede.jpg
[2011.12.20 23:36:50 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.10.02 13:00:09 | 000,004,614 | ---- | C] () -- C:\Users\Benni\.recently-used.xbel
[2011.09.28 06:58:31 | 000,000,000 | ---- | C] () -- C:\Users\Benni\AppData\Local\{2A266CAB-D9B5-41DD-BEED-6B492DC72B8A}
[2011.07.28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.06.18 17:22:28 | 000,000,705 | ---- | C] () -- C:\Windows\kaillera.ini
[2011.04.09 03:13:52 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{1a010c53-5aa6-5c59-2759-42e47dea94f8}\@
[2011.04.09 03:13:52 | 000,002,048 | -HS- | C] () -- C:\Users\Benni\AppData\Local\{1a010c53-5aa6-5c59-2759-42e47dea94f8}\@
[2011.03.27 01:33:27 | 000,041,974 | ---- | C] () -- C:\Users\Benni\AppData\Roaming\room.dat
[2011.03.25 19:50:32 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.03.08 16:31:39 | 000,000,093 | ---- | C] () -- C:\Users\Benni\AppData\Local\fusioncache.dat
[2011.03.08 16:29:57 | 001,554,122 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.09 16:06:48 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.10.07 19:30:16 | 000,121,052 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.04.10 21:55:34 | 000,000,000 | ---- | C] () -- C:\Users\Benni\__ng3d.lock
[2010.03.04 22:29:38 | 000,004,608 | ---- | C] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.18 22:49:40 | 000,007,604 | ---- | C] () -- C:\Users\Benni\AppData\Local\Resmon.ResmonCfg
 
========== LOP Check ==========
 
[2010.10.13 22:55:09 | 000,000,000 | -HSD | M] -- C:\Users\Benni\AppData\Roaming\.#
[2010.01.18 13:46:25 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\GameConsole
[2011.09.29 19:36:57 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\gtk-2.0
[2010.03.26 23:15:00 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\HLSW
[2010.07.21 07:39:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\LolClient
[2012.05.27 14:47:29 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\LolClient2
[2012.01.23 07:46:01 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\OnLive App
[2010.10.16 21:03:55 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\OpenArena
[2012.03.22 16:13:08 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\OpenCandy
[2010.09.02 18:22:02 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\OpenOffice.org
[2012.06.21 12:11:51 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\pdfforge
[2011.10.18 14:26:16 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Prism
[2011.03.19 20:26:58 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\PunkBuster
[2012.04.06 23:21:03 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Rainmeter
[2012.03.04 15:44:55 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\RotMG.Production
[2010.04.01 05:16:13 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\SoftDMA
[2010.09.30 16:36:26 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\TomTom
[2012.06.22 18:57:16 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Ubisoft
[2012.01.07 01:56:39 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Unity
[2010.10.16 19:33:10 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Wormux
[2012.05.15 06:47:39 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0

< End of report >
Extras.txt
Code:
OTL Extras logfile created on: 22.06.2012 19:49:46 - Run 1
OTL by OldTimer - Version 3.2.51.0    Folder = C:\Users\Benni\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 45,15% Memory free
7,73 Gb Paging File | 5,41 Gb Available in Paging File | 69,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,94 Gb Total Space | 329,60 Gb Free Space | 72,61% Space Free | Partition Type: NTFS
 
Computer Name: BENNI´S-PC | User Name: Benni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{49033FF4-8C1C-0EB9-C0A6-4691CB18D0A4}" = ccc-utility64
"{499CBE65-4E07-B40A-624A-B5B7BD6F9A9C}" = AMD Media Foundation Decoders
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID-Anmelde-Assistent
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller
"{CE42CFF5-F477-D440-6CFB-6CBAE0008B91}" = AMD Catalyst Install Manager
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3932CA781A7894D20116FDF60F878301800EA8AB" = Windows Driver Package - Broadcom Bluetooth  (09/11/2009 6.2.0.9407)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00A53800-BA75-3E9E-BD52-10171E5640B6}" = CCC Help Greek
"{04098274-E98C-86E3-1B2C-50E32E561DF5}" = CCC Help Korean
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0502C9CA-D1A3-B741-2F0B-A4E6CDDFEF0E}" = CCC Help Norwegian
"{0CA2063D-D43F-41F2-A8AC-A3C4A4C722D2}" = Qualcomm Atheros Fast Reconnect
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D0FE9A-816F-4218-9F5E-67B4198052FF}" = MOUSE Editor
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28B14C2C-B62F-E50C-EECD-97FF3C1ED3CE}" = CCC Help French
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2D049D1D-CA58-9652-B7C6-19CB98649923}" = CCC Help Dutch
"{33DFAA69-9EF2-F12B-C6F5-4AF9FD445CF6}" = CCC Help Swedish
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{480DCAD1-8670-66EA-8EBA-178047059A13}" = CCC Help German
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA540A5-03BD-9B22-A3DD-E7BDCD879D70}" = CCC Help Finnish
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"{5E58CCDF-4A36-453F-A091-DA8F8D1643B5}" = CCC Help Danish
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60070423-DE0B-59FF-D4B7-16BDB8957864}" = CCC Help Portuguese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{74FBB537-8915-329D-393E-FDB7DC69A339}" = CCC Help Japanese
"{755F4903-030D-B017-30F2-4D5BE92C8D38}" = CCC Help Italian
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{896C4E12-4857-9715-9F9D-249561D2D7EE}" = CCC Help Thai
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{968298EC-86D4-8F84-5ABC-E976C5CDA417}" = CCC Help Spanish
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A79024ED-1969-334A-1ED6-16753F9DE377}" = CCC Help English
"{A9094B7E-7221-4FDD-8F22-340003F4BDC2}" = Overwolf
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{BA12FD6D-169A-11D7-A6A9-00C026281E5A}" = Twin USB Vibration Gamepad
"{BBDD3C95-E069-E346-6D1B-CC76AE448550}" = CCC Help Chinese Standard
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57C21C0-CE1B-26D5-1215-B26862051F6F}" = Catalyst Control Center
"{C86CB1B1-4BD0-7BFB-88CF-76762C8CE1D3}" = Catalyst Control Center Graphics Previews Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD05F1BC-FC63-1E93-4094-82BC33662E76}" = Catalyst Control Center Localization All
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.124.1120
"{D61F78AF-A111-9DAE-8368-E3230B168F03}" = CCC Help Polish
"{D629D8F0-CA96-11ED-FEAC-38C95F24F4E3}" = CCC Help Russian
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D8CABEA0-CAFB-9320-5F46-EAF31535203F}" = CCC Help Turkish
"{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6B7BF58-36D0-A76E-53E2-F65DBD4A6A52}" = Catalyst Control Center InstallProxy
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9941E63-AB58-1382-BC5D-545C4A2AA9B1}" = CCC Help Hungarian
"{FC3FEC23-8BBB-CA39-DD99-C981F25A5D39}" = CCC Help Chinese Traditional
"{FC8292ED-7E61-4370-15D1-60171263AA1D}" = CCC Help Czech
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter_is1" = AC3Filter 1.63b
"Acer Registration" = Acer Registration
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"DivX Setup" = DivX-Setup
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"Game Booster_is1" = Game Booster 3
"InstallShield_{20D0FE9A-816F-4218-9F5E-67B4198052FF}" = Mouse Editor
"InstallShield_{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}" = Alcor Micro USB Card Reader
"JDownloader" = JDownloader
"League of Legends_is1" = League of Legends
"LManager" = Launch Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PokerStars" = PokerStars
"Rainmeter" = Rainmeter
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"YTdetect" = Yahoo! Detect
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 21.06.2012 15:32:23 | Computer Name = Benni´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 21.06.2012 15:41:00 | Computer Name = Benni´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 21.06.2012 15:41:00 | Computer Name = Benni´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 21.06.2012 15:41:00 | Computer Name = Benni´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 21.06.2012 15:41:00 | Computer Name = Benni´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 21.06.2012 15:41:00 | Computer Name = Benni´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 21.06.2012 15:41:00 | Computer Name = Benni´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 21.06.2012 15:41:00 | Computer Name = Benni´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 21.06.2012 15:41:00 | Computer Name = Benni´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 21.06.2012 15:41:02 | Computer Name = Benni´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 21.06.2012 15:41:02 | Computer Name = Benni´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 22.06.2012 07:17:12 | Computer Name = Benni´s-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 22.06.2012 07:18:03 | Computer Name = Benni´s-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
[ Media Center Events ]
Error - 01.04.2012 16:38:53 | Computer Name = Benni´s-PC | Source = MCUpdate | ID = 0
Description = 22:38:53 - Fehler beim Herstellen der Internetverbindung.  22:38:53
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 01.04.2012 16:39:01 | Computer Name = Benni´s-PC | Source = MCUpdate | ID = 0
Description = 22:38:58 - Fehler beim Herstellen der Internetverbindung.  22:38:58
-    Serververbindung konnte nicht hergestellt werden.. 
 
[ System Events ]
Error - 17.06.2012 19:55:47 | Computer Name = Benni´s-PC | Source = DCOM | ID = 10010
Description =
 
Error - 18.06.2012 09:40:13 | Computer Name = Benni´s-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 18.06.2012 09:40:13 | Computer Name = Benni´s-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 18.06.2012 21:04:24 | Computer Name = Benni´s-PC | Source = DCOM | ID = 10010
Description =
 
Error - 19.06.2012 05:49:29 | Computer Name = Benni´s-PC | Source = DCOM | ID = 10010
Description =
 
Error - 19.06.2012 21:34:44 | Computer Name = Benni´s-PC | Source = DCOM | ID = 10010
Description =
 
Error - 20.06.2012 08:29:34 | Computer Name = Benni´s-PC | Source = DCOM | ID = 10010
Description =
 
Error - 21.06.2012 00:06:31 | Computer Name = Benni´s-PC | Source = DCOM | ID = 10010
Description =
 
Error - 21.06.2012 00:12:32 | Computer Name = Benni´s-PC | Source = DCOM | ID = 10010
Description =
 
Error - 21.06.2012 15:53:50 | Computer Name = Benni´s-PC | Source = DCOM | ID = 10010
Description =
 
 
< End of report >
Ich danke schonmal falls sich jemand meldet.
Kurz EM gucken ...

Chris4You 22.06.2012 20:19
Hi,

rootkit vom typ tdss...

Mal schauen, der Killer sollte einen infizierten Treiber finden (und nur der ist interessant) u. das tdss-filesystem
TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Stelle den Killer wir folgt ein:
http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg
Dann den Scan starten durch (Start Scan).
Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

chris

H4rdDiskDriv 22.06.2012 20:54
Hey,

erstmal danke für die schnelle Antwort ; )

Also TDSSKiller hat 2 Funde gehabt und hier is der Report:
Code:
21:49:14.0208 5700        TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
21:49:14.0461 5700        ============================================================
21:49:14.0461 5700        Current date / time: 2012/06/22 21:49:14.0461
21:49:14.0461 5700        SystemInfo:
21:49:14.0461 5700       
21:49:14.0461 5700        OS Version: 6.1.7601 ServicePack: 1.0
21:49:14.0461 5700        Product type: Workstation
21:49:14.0461 5700        ComputerName: BENNI´S-PC
21:49:14.0461 5700        UserName: Benni
21:49:14.0461 5700        Windows directory: C:\Windows
21:49:14.0461 5700        System windows directory: C:\Windows
21:49:14.0462 5700        Running under WOW64
21:49:14.0462 5700        Processor architecture: Intel x64
21:49:14.0462 5700        Number of processors: 4
21:49:14.0462 5700        Page size: 0x1000
21:49:14.0462 5700        Boot type: Normal boot
21:49:14.0462 5700        ============================================================
21:49:15.0460 5700        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:49:15.0476 5700        ============================================================
21:49:15.0476 5700        \Device\Harddisk0\DR0:
21:49:15.0476 5700        MBR partitions:
21:49:15.0476 5700        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
21:49:15.0476 5700        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x38BE3030
21:49:15.0476 5700        ============================================================
21:49:15.0600 5700        C: <-> \Device\Harddisk0\DR0\Partition1
21:49:15.0600 5700        ============================================================
21:49:15.0600 5700        Initialize success
21:49:15.0600 5700        ============================================================
21:49:44.0342 5852        ============================================================
21:49:44.0343 5852        Scan started
21:49:44.0343 5852        Mode: Manual; SigCheck; TDLFS;
21:49:44.0343 5852        ============================================================
21:49:45.0256 5852        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:49:46.0024 5852        1394ohci - ok
21:49:46.0098 5852        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:49:46.0115 5852        ACPI - ok
21:49:46.0228 5852        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:49:46.0367 5852        AcpiPmi - ok
21:49:46.0640 5852        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:49:46.0683 5852        AdobeARMservice - ok
21:49:46.0790 5852        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:49:46.0809 5852        adp94xx - ok
21:49:46.0882 5852        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:49:46.0899 5852        adpahci - ok
21:49:46.0946 5852        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:49:46.0960 5852        adpu320 - ok
21:49:47.0048 5852        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:49:47.0191 5852        AeLookupSvc - ok
21:49:47.0374 5852        AFD            (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:49:47.0441 5852        AFD - ok
21:49:47.0544 5852        AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
21:49:47.0589 5852        AgereModemAudio - ok
21:49:47.0761 5852        AgereSoftModem  (a6ab6f0ace87da76b4c401813d18be95) C:\Windows\system32\DRIVERS\agrsm64.sys
21:49:47.0908 5852        AgereSoftModem - ok
21:49:47.0981 5852        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:49:47.0992 5852        agp440 - ok
21:49:48.0084 5852        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:49:48.0164 5852        ALG - ok
21:49:48.0289 5852        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:49:48.0299 5852        aliide - ok
21:49:48.0412 5852        AMD External Events Utility (a2f5bea5b45a8e7c4776f39c25e8699d) C:\Windows\system32\atiesrxx.exe
21:49:48.0531 5852        AMD External Events Utility - ok
21:49:48.0591 5852        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:49:48.0601 5852        amdide - ok
21:49:48.0741 5852        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:49:48.0808 5852        AmdK8 - ok
21:49:51.0109 5852        amdkmdag        (5b03217859b014b090cb5060c1d96875) C:\Windows\system32\DRIVERS\atikmdag.sys
21:49:51.0467 5852        amdkmdag - ok
21:49:51.0805 5852        amdkmdap        (35d2184a99ad4cd5d17284d6c9f382c9) C:\Windows\system32\DRIVERS\atikmpag.sys
21:49:51.0872 5852        amdkmdap - ok
21:49:51.0946 5852        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:49:52.0008 5852        AmdPPM - ok
21:49:52.0094 5852        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:49:52.0108 5852        amdsata - ok
21:49:52.0144 5852        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:49:52.0159 5852        amdsbs - ok
21:49:52.0180 5852        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:49:52.0189 5852        amdxata - ok
21:49:52.0282 5852        AmUStor        (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
21:49:52.0379 5852        AmUStor - ok
21:49:52.0530 5852        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:49:52.0572 5852        AntiVirSchedulerService - ok
21:49:52.0679 5852        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:49:52.0687 5852        AntiVirService - ok
21:49:52.0790 5852        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:49:53.0026 5852        AppID - ok
21:49:53.0073 5852        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:49:53.0140 5852        AppIDSvc - ok
21:49:53.0196 5852        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:49:53.0259 5852        Appinfo - ok
21:49:53.0345 5852        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:49:53.0361 5852        arc - ok
21:49:53.0393 5852        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:49:53.0410 5852        arcsas - ok
21:49:53.0445 5852        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:49:53.0526 5852        AsyncMac - ok
21:49:53.0581 5852        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:49:53.0592 5852        atapi - ok
21:49:54.0465 5852        athr            (7d0398396727195cc73d703001d3cff4) C:\Windows\system32\DRIVERS\athrx.sys
21:49:54.0633 5852        athr - ok
21:49:57.0716 5852        atikmdag        (5b03217859b014b090cb5060c1d96875) C:\Windows\system32\DRIVERS\atikmdag.sys
21:49:57.0852 5852        atikmdag - ok
21:49:58.0175 5852        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:49:58.0269 5852        AudioEndpointBuilder - ok
21:49:58.0281 5852        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:49:58.0347 5852        AudioSrv - ok
21:49:58.0614 5852        avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
21:49:58.0919 5852        avgntflt - ok
21:49:59.0042 5852        avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
21:49:59.0052 5852        avipbb - ok
21:49:59.0116 5852        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:49:59.0135 5852        avkmgr - ok
21:49:59.0241 5852        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:49:59.0302 5852        AxInstSV - ok
21:49:59.0427 5852        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:49:59.0487 5852        b06bdrv - ok
21:49:59.0555 5852        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:49:59.0592 5852        b57nd60a - ok
21:49:59.0892 5852        BCM43XX        (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
21:49:59.0978 5852        BCM43XX - ok
21:50:00.0073 5852        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:50:00.0179 5852        BDESVC - ok
21:50:00.0271 5852        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:50:00.0340 5852        Beep - ok
21:50:00.0500 5852        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:50:00.0563 5852        BFE - ok
21:50:00.0684 5852        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:50:00.0790 5852        BITS - ok
21:50:00.0869 5852        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:50:00.0929 5852        blbdrive - ok
21:50:00.0987 5852        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:50:01.0096 5852        bowser - ok
21:50:01.0147 5852        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:50:01.0184 5852        BrFiltLo - ok
21:50:01.0225 5852        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:50:01.0293 5852        BrFiltUp - ok
21:50:01.0337 5852        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:50:01.0427 5852        Browser - ok
21:50:01.0495 5852        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:50:01.0566 5852        Brserid - ok
21:50:01.0588 5852        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:50:01.0612 5852        BrSerWdm - ok
21:50:01.0635 5852        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:50:01.0660 5852        BrUsbMdm - ok
21:50:01.0673 5852        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:50:01.0698 5852        BrUsbSer - ok
21:50:01.0773 5852        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:50:01.0818 5852        BTHMODEM - ok
21:50:01.0876 5852        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:50:01.0950 5852        bthserv - ok
21:50:02.0014 5852        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:50:02.0066 5852        cdfs - ok
21:50:02.0211 5852        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:50:02.0252 5852        cdrom - ok
21:50:02.0296 5852        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:50:02.0383 5852        CertPropSvc - ok
21:50:02.0410 5852        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:50:02.0448 5852        circlass - ok
21:50:02.0580 5852        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:50:02.0608 5852        CLFS - ok
21:50:02.0780 5852        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:50:02.0794 5852        clr_optimization_v2.0.50727_32 - ok
21:50:02.0987 5852        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:50:03.0005 5852        clr_optimization_v2.0.50727_64 - ok
21:50:03.0125 5852        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:50:03.0139 5852        clr_optimization_v4.0.30319_32 - ok
21:50:03.0192 5852        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:50:03.0206 5852        clr_optimization_v4.0.30319_64 - ok
21:50:03.0261 5852        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:50:03.0298 5852        CmBatt - ok
21:50:03.0362 5852        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:50:03.0385 5852        cmdide - ok
21:50:03.0613 5852        CNG            (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:50:03.0659 5852        CNG - ok
21:50:03.0752 5852        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:50:03.0763 5852        Compbatt - ok
21:50:03.0838 5852        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:50:03.0935 5852        CompositeBus - ok
21:50:03.0964 5852        COMSysApp - ok
21:50:04.0268 5852        cpuz130 - ok
21:50:04.0309 5852        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:50:04.0319 5852        crcdisk - ok
21:50:04.0533 5852        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
21:50:04.0632 5852        CryptSvc - ok
21:50:04.0896 5852        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:50:05.0003 5852        DcomLaunch - ok
21:50:05.0145 5852        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:50:05.0230 5852        defragsvc - ok
21:50:05.0388 5852        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:50:05.0458 5852        DfsC - ok
21:50:05.0600 5852        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:50:05.0684 5852        Dhcp - ok
21:50:05.0750 5852        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:50:05.0850 5852        discache - ok
21:50:06.0003 5852        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:50:06.0015 5852        Disk - ok
21:50:06.0288 5852        DKbFltr        (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys
21:50:06.0295 5852        DKbFltr - ok
21:50:06.0401 5852        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:50:06.0520 5852        Dnscache - ok
21:50:06.0666 5852        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:50:06.0745 5852        dot3svc - ok
21:50:06.0830 5852        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:50:06.0929 5852        DPS - ok
21:50:07.0052 5852        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:50:07.0123 5852        drmkaud - ok
21:50:07.0380 5852        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:50:07.0423 5852        DXGKrnl - ok
21:50:07.0515 5852        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:50:07.0600 5852        EapHost - ok
21:50:08.0106 5852        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:50:08.0236 5852        ebdrv - ok
21:50:08.0487 5852        EFS            (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
21:50:08.0520 5852        EFS - ok
21:50:08.0802 5852        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:50:08.0898 5852        ehRecvr - ok
21:50:09.0010 5852        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:50:09.0071 5852        ehSched - ok
21:50:09.0348 5852        ElbyCDIO        (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
21:50:09.0357 5852        ElbyCDIO - ok
21:50:09.0489 5852        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:50:09.0509 5852        elxstor - ok
21:50:09.0755 5852        ePowerSvc      (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
21:50:09.0797 5852        ePowerSvc - ok
21:50:09.0968 5852        EPSON_PM_RPCV4_01 (1e345f2a2d95da3190596e691cde9342) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
21:50:11.0300 5852        EPSON_PM_RPCV4_01 - ok
21:50:11.0597 5852        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:50:11.0644 5852        ErrDev - ok
21:50:11.0731 5852        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:50:11.0809 5852        EventSystem - ok
21:50:11.0916 5852        EverestDriver - ok
21:50:11.0955 5852        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:50:12.0025 5852        exfat - ok
21:50:12.0131 5852        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:50:12.0215 5852        fastfat - ok
21:50:12.0296 5852        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:50:12.0394 5852        Fax - ok
21:50:12.0428 5852        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:50:12.0468 5852        fdc - ok
21:50:12.0508 5852        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:50:12.0564 5852        fdPHost - ok
21:50:12.0576 5852        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:50:12.0632 5852        FDResPub - ok
21:50:12.0735 5852        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:50:12.0745 5852        FileInfo - ok
21:50:12.0773 5852        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:50:12.0880 5852        Filetrace - ok
21:50:12.0912 5852        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:50:12.0941 5852        flpydisk - ok
21:50:13.0095 5852        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:50:13.0117 5852        FltMgr - ok
21:50:13.0352 5852        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:50:13.0452 5852        FontCache - ok
21:50:13.0607 5852        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:50:13.0625 5852        FontCache3.0.0.0 - ok
21:50:13.0695 5852        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:50:13.0705 5852        FsDepends - ok
21:50:13.0817 5852        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:50:13.0827 5852        Fs_Rec - ok
21:50:13.0951 5852        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:50:13.0966 5852        fvevol - ok
21:50:14.0044 5852        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:50:14.0055 5852        gagp30kx - ok
21:50:14.0130 5852        GGSAFERDriver - ok
21:50:14.0224 5852        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:50:14.0275 5852        gpsvc - ok
21:50:14.0675 5852        Greg_Service    (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
21:50:14.0773 5852        Greg_Service - ok
21:50:14.0951 5852        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:50:14.0962 5852        gupdate - ok
21:50:14.0999 5852        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:50:15.0007 5852        gupdatem - ok
21:50:15.0372 5852        hamachi        (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
21:50:15.0380 5852        hamachi - ok
21:50:15.0981 5852        Hamachi2Svc    (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
21:50:16.0091 5852        Hamachi2Svc - ok
21:50:16.0296 5852        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:50:16.0337 5852        hcw85cir - ok
21:50:16.0508 5852        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:50:16.0593 5852        HdAudAddService - ok
21:50:16.0652 5852        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:50:16.0685 5852        HDAudBus - ok
21:50:16.0742 5852        HECIx64        (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
21:50:16.0752 5852        HECIx64 - ok
21:50:16.0782 5852        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:50:16.0803 5852        HidBatt - ok
21:50:16.0826 5852        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:50:16.0859 5852        HidBth - ok
21:50:16.0875 5852        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:50:16.0906 5852        HidIr - ok
21:50:16.0981 5852        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:50:17.0067 5852        hidserv - ok
21:50:17.0181 5852        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:50:17.0199 5852        HidUsb - ok
21:50:17.0273 5852        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:50:17.0326 5852        hkmsvc - ok
21:50:17.0524 5852        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:50:17.0592 5852        HomeGroupListener - ok
21:50:17.0685 5852        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:50:17.0751 5852        HomeGroupProvider - ok
21:50:17.0806 5852        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:50:17.0823 5852        HpSAMD - ok
21:50:17.0915 5852        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:50:17.0990 5852        HTTP - ok
21:50:18.0027 5852        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:50:18.0040 5852        hwpolicy - ok
21:50:18.0174 5852        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:50:18.0190 5852        i8042prt - ok
21:50:18.0332 5852        iaStor          (8180a2392e732e8871589b54fab6991f) C:\Windows\system32\DRIVERS\iaStor.sys
21:50:18.0349 5852        iaStor - ok
21:50:18.0482 5852        IAStorDataMgrSvc (17125b7d2f56b4b35441561c780c2ccb) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:50:18.0490 5852        IAStorDataMgrSvc - ok
21:50:18.0557 5852        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:50:18.0583 5852        iaStorV - ok
21:50:18.0926 5852        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:50:18.0969 5852        idsvc - ok
21:50:20.0304 5852        igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:50:20.0600 5852        igfx - ok
21:50:20.0932 5852        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:50:20.0943 5852        iirsp - ok
21:50:21.0175 5852        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:50:21.0272 5852        IKEEXT - ok
21:50:21.0358 5852        Impcd          (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
21:50:21.0419 5852        Impcd - ok
21:50:22.0211 5852        IntcAzAudAddService (150ac23f21dbdbf8488408ba944b0d65) C:\Windows\system32\drivers\RTKVHD64.sys
21:50:22.0504 5852        IntcAzAudAddService - ok
21:50:22.0835 5852        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:50:22.0845 5852        intelide - ok
21:50:22.0901 5852        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:50:22.0965 5852        intelppm - ok
21:50:23.0038 5852        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:50:23.0098 5852        IPBusEnum - ok
21:50:23.0240 5852        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:50:23.0301 5852        IpFilterDriver - ok
21:50:23.0338 5852        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:50:23.0390 5852        IPMIDRV - ok
21:50:23.0468 5852        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:50:23.0521 5852        IPNAT - ok
21:50:23.0550 5852        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:50:23.0600 5852        IRENUM - ok
21:50:23.0624 5852        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:50:23.0634 5852        isapnp - ok
21:50:23.0711 5852        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:50:23.0729 5852        iScsiPrt - ok
21:50:24.0032 5852        k57nd60a        (376bc8e5f4a0ea0f0f16818bb1a95d4b) C:\Windows\system32\DRIVERS\k57nd60a.sys
21:50:24.0048 5852        k57nd60a - ok
21:50:24.0161 5852        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:50:24.0177 5852        kbdclass - ok
21:50:24.0226 5852        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:50:24.0262 5852        kbdhid - ok
21:50:24.0317 5852        KeyIso          (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
21:50:24.0353 5852        KeyIso - ok
21:50:24.0458 5852        KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:50:24.0469 5852        KSecDD - ok
21:50:24.0539 5852        KSecPkg        (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:50:24.0554 5852        KSecPkg - ok
21:50:24.0587 5852        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:50:24.0659 5852        ksthunk - ok
21:50:24.0727 5852        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:50:24.0808 5852        KtmRm - ok
21:50:24.0835 5852        L1E            (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
21:50:24.0859 5852        L1E - ok
21:50:24.0913 5852        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:50:24.0992 5852        LanmanServer - ok
21:50:25.0114 5852        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:50:25.0188 5852        LanmanWorkstation - ok
21:50:25.0230 5852        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:50:25.0289 5852        lltdio - ok
21:50:25.0353 5852        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:50:25.0408 5852        lltdsvc - ok
21:50:25.0422 5852        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:50:25.0471 5852        lmhosts - ok
21:50:25.0744 5852        LMS            (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:50:25.0756 5852        LMS - ok
21:50:25.0862 5852        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:50:25.0874 5852        LSI_FC - ok
21:50:25.0905 5852        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:50:25.0918 5852        LSI_SAS - ok
21:50:25.0967 5852        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:50:25.0979 5852        LSI_SAS2 - ok
21:50:26.0051 5852        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:50:26.0065 5852        LSI_SCSI - ok
21:50:26.0098 5852        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:50:26.0165 5852        luafv - ok
21:50:26.0244 5852        MBAMProtector  (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
21:50:26.0253 5852        MBAMProtector - ok
21:50:26.0344 5852        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:50:26.0365 5852        MBAMService - ok
21:50:26.0486 5852        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:50:26.0517 5852        Mcx2Svc - ok
21:50:26.0557 5852        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:50:26.0571 5852        megasas - ok
21:50:26.0599 5852        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:50:26.0614 5852        MegaSR - ok
21:50:26.0668 5852        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:50:26.0790 5852        MMCSS - ok
21:50:26.0872 5852        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:50:26.0944 5852        Modem - ok
21:50:26.0980 5852        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:50:27.0008 5852        monitor - ok
21:50:27.0064 5852        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:50:27.0078 5852        mouclass - ok
21:50:27.0112 5852        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:50:27.0150 5852        mouhid - ok
21:50:27.0214 5852        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:50:27.0225 5852        mountmgr - ok
21:50:27.0361 5852        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:50:27.0373 5852        MozillaMaintenance - ok
21:50:27.0439 5852        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:50:27.0455 5852        mpio - ok
21:50:27.0510 5852        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:50:27.0557 5852        mpsdrv - ok
21:50:27.0630 5852        MQAC            (cd22d2563039dda6793f7624719363a7) C:\Windows\system32\drivers\mqac.sys
21:50:27.0722 5852        MQAC - ok
21:50:27.0825 5852        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:50:27.0851 5852        MRxDAV - ok
21:50:27.0928 5852        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:50:27.0993 5852        mrxsmb - ok
21:50:28.0109 5852        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:50:28.0137 5852        mrxsmb10 - ok
21:50:28.0237 5852        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:50:28.0249 5852        mrxsmb20 - ok
21:50:28.0312 5852        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:50:28.0324 5852        msahci - ok
21:50:28.0437 5852        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:50:28.0455 5852        msdsm - ok
21:50:28.0536 5852        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:50:28.0588 5852        MSDTC - ok
21:50:28.0659 5852        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:50:28.0701 5852        Msfs - ok
21:50:28.0723 5852        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:50:28.0798 5852        mshidkmdf - ok
21:50:28.0892 5852        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:50:28.0907 5852        msisadrv - ok
21:50:29.0003 5852        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:50:29.0097 5852        MSiSCSI - ok
21:50:29.0100 5852        msiserver - ok
21:50:29.0163 5852        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:50:29.0207 5852        MSKSSRV - ok
21:50:29.0275 5852        MSMQ            (faaeaef99e53561beee58f946ca56f0d) C:\Windows\system32\mqsvc.exe
21:50:29.0332 5852        MSMQ - ok
21:50:29.0404 5852        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:50:29.0477 5852        MSPCLOCK - ok
21:50:29.0514 5852        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:50:29.0577 5852        MSPQM - ok
21:50:29.0641 5852        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:50:29.0664 5852        MsRPC - ok
21:50:29.0749 5852        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:50:29.0778 5852        mssmbios - ok
21:50:29.0843 5852        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:50:29.0897 5852        MSTEE - ok
21:50:29.0918 5852        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:50:29.0941 5852        MTConfig - ok
21:50:29.0989 5852        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:50:30.0000 5852        Mup - ok
21:50:30.0046 5852        mwlPSDFilter    (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:50:30.0056 5852        mwlPSDFilter - ok
21:50:30.0218 5852        mwlPSDNServ    (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:50:30.0226 5852        mwlPSDNServ - ok
21:50:30.0309 5852        mwlPSDVDisk    (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:50:30.0326 5852        mwlPSDVDisk - ok
21:50:30.0475 5852        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:50:30.0550 5852        napagent - ok
21:50:30.0608 5852        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:50:30.0663 5852        NativeWifiP - ok
21:50:30.0923 5852        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:50:30.0956 5852        NDIS - ok
21:50:31.0034 5852        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:50:31.0097 5852        NdisCap - ok
21:50:31.0120 5852        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:50:31.0184 5852        NdisTapi - ok
21:50:31.0331 5852        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:50:31.0393 5852        Ndisuio - ok
21:50:31.0446 5852        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:50:31.0507 5852        NdisWan - ok
21:50:31.0602 5852        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:50:31.0692 5852        NDProxy - ok
21:50:31.0763 5852        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:50:31.0805 5852        NetBIOS - ok
21:50:31.0896 5852        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:50:31.0955 5852        NetBT - ok
21:50:32.0031 5852        Netlogon        (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
21:50:32.0052 5852        Netlogon - ok
21:50:32.0164 5852        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:50:32.0259 5852        Netman - ok
21:50:32.0361 5852        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:50:32.0453 5852        netprofm - ok
21:50:32.0578 5852        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:50:32.0591 5852        NetTcpPortSharing - ok
21:50:32.0628 5852        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:50:32.0639 5852        nfrd960 - ok
21:50:32.0726 5852        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:50:32.0803 5852        NlaSvc - ok
21:50:32.0829 5852        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:50:32.0884 5852        Npfs - ok
21:50:32.0995 5852        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:50:33.0038 5852        nsi - ok
21:50:33.0095 5852        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:50:33.0153 5852        nsiproxy - ok
21:50:33.0614 5852        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:50:33.0716 5852        Ntfs - ok
21:50:33.0953 5852        NTI IScheduleSvc (14e66f603fb187713aeb02ad3b0390cf) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
21:50:33.0962 5852        NTI IScheduleSvc - ok
21:50:34.0245 5852        NTIDrvr        (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
21:50:34.0268 5852        NTIDrvr - ok
21:50:34.0316 5852        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:50:34.0367 5852        Null - ok
21:50:34.0432 5852        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:50:34.0445 5852        nvraid - ok
21:50:34.0798 5852        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:50:34.0835 5852        nvstor - ok
21:50:35.0003 5852        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:50:35.0015 5852        nv_agp - ok
21:50:35.0057 5852        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:50:35.0113 5852        ohci1394 - ok
21:50:35.0178 5852        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:50:35.0263 5852        p2pimsvc - ok
21:50:35.0345 5852        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:50:35.0363 5852        p2psvc - ok
21:50:35.0456 5852        PAC207          (3a6dceb1848470320e4a3c12d7a35b1c) C:\Windows\system32\DRIVERS\PFC027.SYS
21:50:35.0546 5852        PAC207 - ok
21:50:35.0578 5852        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:50:35.0600 5852        Parport - ok
21:50:35.0650 5852        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:50:35.0663 5852        partmgr - ok
21:50:35.0720 5852        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:50:35.0769 5852        PcaSvc - ok
21:50:35.0834 5852        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:50:35.0850 5852        pci - ok
21:50:35.0865 5852        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:50:35.0876 5852        pciide - ok
21:50:36.0018 5852        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:50:36.0031 5852        pcmcia - ok
21:50:36.0082 5852        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:50:36.0092 5852        pcw - ok
21:50:36.0172 5852        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:50:36.0243 5852        PEAUTH - ok
21:50:36.0396 5852        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:50:36.0421 5852        PerfHost - ok
21:50:37.0042 5852        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:50:37.0177 5852        pla - ok
21:50:37.0341 5852        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:50:37.0461 5852        PlugPlay - ok
21:50:37.0550 5852        PnkBstrA - ok
21:50:37.0603 5852        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:50:37.0632 5852        PNRPAutoReg - ok
21:50:37.0688 5852        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:50:37.0706 5852        PNRPsvc - ok
21:50:37.0935 5852        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:50:38.0032 5852        PolicyAgent - ok
21:50:38.0071 5852        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:50:38.0155 5852        Power - ok
21:50:38.0279 5852        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:50:38.0333 5852        PptpMiniport - ok
21:50:38.0380 5852        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:50:38.0395 5852        Processor - ok
21:50:38.0468 5852        ProfSvc        (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
21:50:38.0545 5852        ProfSvc - ok
21:50:38.0632 5852        ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
21:50:38.0649 5852        ProtectedStorage - ok
21:50:38.0760 5852        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:50:38.0841 5852        Psched - ok
21:50:39.0035 5852        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:50:39.0119 5852        ql2300 - ok
21:50:39.0461 5852        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:50:39.0478 5852        ql40xx - ok
21:50:39.0584 5852        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:50:39.0606 5852        QWAVE - ok
21:50:39.0645 5852        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:50:39.0715 5852        QWAVEdrv - ok
21:50:39.0778 5852        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:50:39.0868 5852        RasAcd - ok
21:50:39.0930 5852        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:50:40.0029 5852        RasAgileVpn - ok
21:50:40.0121 5852        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:50:40.0188 5852        RasAuto - ok
21:50:40.0253 5852        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:50:40.0352 5852        Rasl2tp - ok
21:50:40.0614 5852        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:50:40.0716 5852        RasMan - ok
21:50:40.0803 5852        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:50:40.0862 5852        RasPppoe - ok
21:50:40.0899 5852        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:50:40.0958 5852        RasSstp - ok
21:50:41.0096 5852        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:50:41.0175 5852        rdbss - ok
21:50:41.0243 5852        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:50:41.0287 5852        rdpbus - ok
21:50:41.0311 5852        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:50:41.0404 5852        RDPCDD - ok
21:50:41.0443 5852        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:50:41.0487 5852        RDPENCDD - ok
21:50:41.0522 5852        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:50:41.0579 5852        RDPREFMP - ok
21:50:41.0710 5852        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:50:41.0754 5852        RDPWD - ok
21:50:41.0831 5852        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:50:41.0844 5852        rdyboost - ok
21:50:41.0903 5852        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:50:41.0997 5852        RemoteAccess - ok
21:50:42.0053 5852        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:50:42.0105 5852        RemoteRegistry - ok
21:50:42.0178 5852        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:50:42.0243 5852        RpcEptMapper - ok
21:50:42.0284 5852        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:50:42.0298 5852        RpcLocator - ok
21:50:42.0470 5852        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:50:42.0525 5852        RpcSs - ok
21:50:42.0598 5852        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:50:42.0669 5852        rspndr - ok
21:50:42.0811 5852        RS_Service      (b5a4b7d779cf4070df408de18bd33b02) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
21:50:42.0851 5852        RS_Service ( UnsignedFile.Multi.Generic ) - warning
21:50:42.0851 5852        RS_Service - detected UnsignedFile.Multi.Generic (1)
21:50:42.0976 5852        RTHDMIAzAudService (c20f64fcd5e2b40310a1774495877acd) C:\Windows\system32\drivers\RtHDMIVX.sys
21:50:42.0987 5852        RTHDMIAzAudService - ok
21:50:43.0132 5852        SamSs          (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
21:50:43.0160 5852        SamSs - ok
21:50:43.0231 5852        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:50:43.0248 5852        sbp2port - ok
21:50:43.0409 5852        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:50:43.0462 5852        SCardSvr - ok
21:50:43.0559 5852        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:50:43.0631 5852        scfilter - ok
21:50:43.0913 5852        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:50:44.0007 5852        Schedule - ok
21:50:44.0331 5852        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:50:44.0372 5852        SCPolicySvc - ok
21:50:45.0062 5852        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:50:45.0138 5852        SDRSVC - ok
21:50:45.0212 5852        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:50:45.0267 5852        secdrv - ok
21:50:45.0484 5852        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:50:45.0572 5852        seclogon - ok
21:50:45.0730 5852        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:50:45.0830 5852        SENS - ok
21:50:45.0920 5852        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:50:45.0998 5852        SensrSvc - ok
21:50:46.0114 5852        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:50:46.0127 5852        Serenum - ok
21:50:46.0168 5852        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:50:46.0182 5852        Serial - ok
21:50:46.0257 5852        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:50:46.0292 5852        sermouse - ok
21:50:46.0354 5852        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:50:46.0396 5852        SessionEnv - ok
21:50:46.0467 5852        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:50:46.0491 5852        sffdisk - ok
21:50:46.0518 5852        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:50:46.0582 5852        sffp_mmc - ok
21:50:46.0637 5852        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:50:46.0670 5852        sffp_sd - ok
21:50:46.0711 5852        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:50:46.0765 5852        sfloppy - ok
21:50:47.0358 5852        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:50:47.0441 5852        ShellHWDetection - ok
21:50:47.0478 5852        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:50:47.0492 5852        SiSRaid2 - ok
21:50:47.0765 5852        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:50:47.0795 5852        SiSRaid4 - ok
21:50:47.0906 5852        SkypeUpdate    (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
21:50:47.0946 5852        SkypeUpdate - ok
21:50:47.0997 5852        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:50:48.0100 5852        Smb - ok
21:50:48.0141 5852        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:50:48.0171 5852        SNMPTRAP - ok
21:50:48.0197 5852        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:50:48.0210 5852        spldr - ok
21:50:48.0653 5852        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:50:48.0753 5852        Spooler - ok
21:50:50.0115 5852        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:50:50.0323 5852        sppsvc - ok
21:50:50.0533 5852        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:50:50.0618 5852        sppuinotify - ok
21:50:50.0740 5852        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:50:50.0811 5852        srv - ok
21:50:50.0855 5852        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:50:50.0896 5852        srv2 - ok
21:50:50.0914 5852        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:50:50.0950 5852        srvnet - ok
21:50:50.0996 5852        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:50:51.0072 5852        SSDPSRV - ok
21:50:51.0089 5852        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:50:51.0155 5852        SstpSvc - ok
21:50:51.0261 5852        Steam Client Service - ok
21:50:51.0317 5852        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:50:51.0346 5852        stexstor - ok
21:50:51.0478 5852        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:50:51.0567 5852        stisvc - ok
21:50:51.0612 5852        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:50:51.0626 5852        swenum - ok
21:50:51.0691 5852        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:50:51.0786 5852        swprv - ok
21:50:51.0832 5852        SynTP          (ed6d1424e5b0c21a57b28dd8508d6843) C:\Windows\system32\DRIVERS\SynTP.sys
21:50:51.0850 5852        SynTP - ok
21:50:52.0223 5852        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:50:52.0357 5852        SysMain - ok
21:50:52.0843 5852        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:50:52.0912 5852        TabletInputService - ok
21:50:52.0951 5852        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:50:53.0026 5852        TapiSrv - ok
21:50:53.0074 5852        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:50:53.0137 5852        TBS - ok
21:50:54.0207 5852        Tcpip          (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
21:50:54.0309 5852        Tcpip - ok
21:50:55.0419 5852        TCPIP6          (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
21:50:55.0463 5852        TCPIP6 - ok
21:50:56.0215 5852        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:50:56.0279 5852        tcpipreg - ok
21:50:56.0331 5852        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:50:56.0409 5852        TDPIPE - ok
21:50:56.0434 5852        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:50:56.0499 5852        TDTCP - ok
21:50:56.0654 5852        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:50:56.0706 5852        tdx - ok
21:50:56.0812 5852        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:50:56.0823 5852        TermDD - ok
21:50:57.0261 5852        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:50:57.0384 5852        TermService - ok
21:50:57.0454 5852        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:50:57.0491 5852        Themes - ok
21:50:57.0541 5852        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:50:57.0595 5852        THREADORDER - ok
21:50:57.0687 5852        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:50:57.0773 5852        TrkWks - ok
21:50:57.0843 5852        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:50:57.0942 5852        TrustedInstaller - ok
21:50:57.0991 5852        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:50:58.0038 5852        tssecsrv - ok
21:50:58.0075 5852        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:50:58.0139 5852        TsUsbFlt - ok
21:50:58.0736 5852        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:50:58.0809 5852        tunnel - ok
21:50:59.0106 5852        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:50:59.0129 5852        uagp35 - ok
21:50:59.0184 5852        UBHelper        (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
21:50:59.0191 5852        UBHelper - ok
21:50:59.0255 5852        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:50:59.0353 5852        udfs - ok
21:50:59.0430 5852        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:50:59.0444 5852        UI0Detect - ok
21:50:59.0516 5852        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:50:59.0540 5852        uliagpkx - ok
21:50:59.0588 5852        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:50:59.0616 5852        umbus - ok
21:50:59.0679 5852        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:50:59.0706 5852        UmPass - ok
21:51:00.0878 5852        UNS            (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:51:01.0007 5852        UNS - ok
21:51:01.0121 5852        Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
21:51:01.0132 5852        Updater Service - ok
21:51:01.0262 5852        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:51:01.0363 5852        upnphost - ok
21:51:01.0455 5852        usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
21:51:01.0472 5852        usbaudio - ok
21:51:01.0605 5852        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:51:01.0686 5852        usbccgp - ok
21:51:01.0748 5852        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:51:01.0775 5852        usbcir - ok
21:51:01.0802 5852        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:51:01.0826 5852        usbehci - ok
21:51:01.0858 5852        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:51:01.0889 5852        usbhub - ok
21:51:01.0909 5852        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:51:01.0936 5852        usbohci - ok
21:51:01.0979 5852        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:51:02.0003 5852        usbprint - ok
21:51:02.0077 5852        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
21:51:02.0106 5852        usbscan - ok
21:51:02.0213 5852        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:51:02.0283 5852        USBSTOR - ok
21:51:02.0366 5852        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:51:02.0385 5852        usbuhci - ok
21:51:02.0541 5852        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
21:51:02.0559 5852        usbvideo - ok
21:51:02.0624 5852        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:51:02.0701 5852        UxSms - ok
21:51:02.0781 5852        VaultSvc        (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
21:51:02.0798 5852        VaultSvc - ok
21:51:02.0843 5852        VClone          (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
21:51:02.0884 5852        VClone - ok
21:51:02.0953 5852        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:51:02.0963 5852        vdrvroot - ok
21:51:03.0051 5852        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:51:03.0104 5852        vds - ok
21:51:03.0143 5852        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:51:03.0159 5852        vga - ok
21:51:03.0164 5852        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:51:03.0230 5852        VgaSave - ok
21:51:03.0329 5852        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:51:03.0342 5852        vhdmp - ok
21:51:03.0398 5852        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:51:03.0408 5852        viaide - ok
21:51:03.0442 5852        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:51:03.0453 5852        volmgr - ok
21:51:03.0664 5852        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:51:03.0688 5852        volmgrx - ok
21:51:03.0879 5852        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:51:03.0906 5852        volsnap - ok
21:51:03.0985 5852        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:51:04.0004 5852        vsmraid - ok
21:51:04.0748 5852        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:51:04.0907 5852        VSS - ok
21:51:05.0503 5852        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:51:05.0568 5852        vwifibus - ok
21:51:05.0604 5852        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:51:05.0623 5852        vwififlt - ok
21:51:05.0686 5852        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:51:05.0733 5852        W32Time - ok
21:51:05.0776 5852        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:51:05.0805 5852        WacomPen - ok
21:51:05.0895 5852        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:51:05.0977 5852        WANARP - ok
21:51:05.0998 5852        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:51:06.0047 5852        Wanarpv6 - ok
21:51:06.0453 5852        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:51:06.0598 5852        wbengine - ok
21:51:06.0931 5852        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:51:06.0953 5852        WbioSrvc - ok
21:51:06.0995 5852        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:51:07.0050 5852        wcncsvc - ok
21:51:07.0065 5852        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:51:07.0111 5852        WcsPlugInService - ok
21:51:07.0169 5852        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:51:07.0179 5852        Wd - ok
21:51:07.0553 5852        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:51:07.0592 5852        Wdf01000 - ok
21:51:07.0693 5852        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:51:07.0814 5852        WdiServiceHost - ok
21:51:07.0818 5852        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:51:07.0839 5852        WdiSystemHost - ok
21:51:07.0903 5852        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:51:07.0977 5852        WebClient - ok
21:51:08.0011 5852        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:51:08.0118 5852        Wecsvc - ok
21:51:08.0141 5852        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:51:08.0186 5852        wercplsupport - ok
21:51:08.0228 5852        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:51:08.0321 5852        WerSvc - ok
21:51:08.0373 5852        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:51:08.0421 5852        WfpLwf - ok
21:51:08.0484 5852        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:51:08.0497 5852        WIMMount - ok
21:51:08.0502 5852        WinHttpAutoProxySvc - ok
21:51:08.0562 5852        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:51:08.0643 5852        Winmgmt - ok
21:51:08.0798 5852        WinRing0_1_2_0  (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
21:51:08.0809 5852        WinRing0_1_2_0 - ok
21:51:09.0262 5852        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:51:09.0386 5852        WinRM - ok
21:51:09.0726 5852        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:51:09.0801 5852        Wlansvc - ok
21:51:10.0128 5852        wlidsvc        (e23a257a54fa12c2aef8ad51e6556357) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:51:10.0241 5852        wlidsvc - ok
21:51:10.0487 5852        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:51:10.0517 5852        WmiAcpi - ok
21:51:10.0653 5852        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:51:10.0684 5852        wmiApSrv - ok
21:51:10.0753 5852        WMPNetworkSvc - ok
21:51:10.0788 5852        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:51:10.0837 5852        WPCSvc - ok
21:51:10.0878 5852        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:51:10.0977 5852        WPDBusEnum - ok
21:51:11.0005 5852        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:51:11.0051 5852        ws2ifsl - ok
21:51:11.0055 5852        WSearch - ok
21:51:11.0358 5852        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
21:51:11.0483 5852        wuauserv - ok
21:51:11.0738 5852        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:51:11.0794 5852        WudfPf - ok
21:51:11.0882 5852        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:51:11.0978 5852        WUDFRd - ok
21:51:12.0027 5852        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:51:12.0078 5852        wudfsvc - ok
21:51:12.0126 5852        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:51:12.0158 5852        WwanSvc - ok
21:51:12.0320 5852        X6va002 - ok
21:51:12.0392 5852        X6va003 - ok
21:51:12.0592 5852        ZAtheros Wlan Agent (1ca8ac00abde45a4fe360aea515f844b) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
21:51:12.0597 5852        ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - warning
21:51:12.0597 5852        ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic (1)
21:51:12.0626 5852        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:51:13.0110 5852        \Device\Harddisk0\DR0 - ok
21:51:13.0144 5852        Boot (0x1200)  (851861819a0282d2d600ac8029e9b3e7) \Device\Harddisk0\DR0\Partition0
21:51:13.0145 5852        \Device\Harddisk0\DR0\Partition0 - ok
21:51:13.0161 5852        Boot (0x1200)  (f21262666ef44e626d25f4df17c0488a) \Device\Harddisk0\DR0\Partition1
21:51:13.0162 5852        \Device\Harddisk0\DR0\Partition1 - ok
21:51:13.0162 5852        ============================================================
21:51:13.0162 5852        Scan finished
21:51:13.0162 5852        ============================================================
21:51:13.0172 2596        Detected object count: 2
21:51:13.0172 2596        Actual detected object count: 2
21:51:23.0175 2596        RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:51:23.0176 2596        RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:51:23.0176 2596        ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - skipped by user
21:51:23.0176 2596        ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:51:45.0532 3928        ============================================================
21:51:45.0532 3928        Scan started
21:51:45.0532 3928        Mode: Manual; SigCheck; TDLFS;
21:51:45.0532 3928        ============================================================
21:51:46.0602 3928        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:51:46.0624 3928        1394ohci - ok
21:51:46.0668 3928        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:51:46.0683 3928        ACPI - ok
21:51:46.0696 3928        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:51:46.0711 3928        AcpiPmi - ok
21:51:46.0843 3928        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:51:46.0851 3928        AdobeARMservice - ok
21:51:46.0992 3928        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:51:47.0010 3928        adp94xx - ok
21:51:47.0048 3928        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:51:47.0062 3928        adpahci - ok
21:51:47.0115 3928        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:51:47.0128 3928        adpu320 - ok
21:51:47.0167 3928        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:51:47.0209 3928        AeLookupSvc - ok
21:51:47.0316 3928        AFD            (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:51:47.0333 3928        AFD - ok
21:51:47.0388 3928        AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
21:51:47.0399 3928        AgereModemAudio - ok
21:51:47.0473 3928        AgereSoftModem  (a6ab6f0ace87da76b4c401813d18be95) C:\Windows\system32\DRIVERS\agrsm64.sys
21:51:47.0505 3928        AgereSoftModem - ok
21:51:47.0544 3928        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:51:47.0554 3928        agp440 - ok
21:51:47.0608 3928        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:51:47.0621 3928        ALG - ok
21:51:47.0674 3928        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:51:47.0683 3928        aliide - ok
21:51:47.0710 3928        AMD External Events Utility (a2f5bea5b45a8e7c4776f39c25e8699d) C:\Windows\system32\atiesrxx.exe
21:51:47.0727 3928        AMD External Events Utility - ok
21:51:47.0746 3928        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:51:47.0760 3928        amdide - ok
21:51:47.0805 3928        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:51:47.0818 3928        AmdK8 - ok
21:51:48.0501 3928        amdkmdag        (5b03217859b014b090cb5060c1d96875) C:\Windows\system32\DRIVERS\atikmdag.sys
21:51:48.0792 3928        amdkmdag - ok
21:51:49.0060 3928        amdkmdap        (35d2184a99ad4cd5d17284d6c9f382c9) C:\Windows\system32\DRIVERS\atikmpag.sys
21:51:49.0087 3928        amdkmdap - ok
21:51:49.0110 3928        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:51:49.0126 3928        AmdPPM - ok
21:51:49.0157 3928        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:51:49.0173 3928        amdsata - ok
21:51:49.0228 3928        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:51:49.0254 3928        amdsbs - ok
21:51:49.0267 3928        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:51:49.0277 3928        amdxata - ok
21:51:49.0306 3928        AmUStor        (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
21:51:49.0320 3928        AmUStor - ok
21:51:49.0402 3928        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:51:49.0411 3928        AntiVirSchedulerService - ok
21:51:49.0492 3928        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:51:49.0500 3928        AntiVirService - ok
21:51:49.0533 3928        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:51:49.0575 3928        AppID - ok
21:51:49.0603 3928        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:51:49.0646 3928        AppIDSvc - ok
21:51:49.0735 3928        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:51:49.0787 3928        Appinfo - ok
21:51:49.0835 3928        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:51:49.0846 3928        arc - ok
21:51:49.0858 3928        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:51:49.0871 3928        arcsas - ok
21:51:49.0888 3928        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:51:49.0930 3928        AsyncMac - ok
21:51:49.0979 3928        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:51:49.0989 3928        atapi - ok
21:51:50.0202 3928        athr            (7d0398396727195cc73d703001d3cff4) C:\Windows\system32\DRIVERS\athrx.sys
21:51:50.0287 3928        athr - ok
21:51:51.0264 3928        atikmdag        (5b03217859b014b090cb5060c1d96875) C:\Windows\system32\DRIVERS\atikmdag.sys
21:51:51.0538 3928        atikmdag - ok
21:51:51.0673 3928        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:51:51.0723 3928        AudioEndpointBuilder - ok
21:51:51.0730 3928        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:51:51.0780 3928        AudioSrv - ok
21:51:51.0857 3928        avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
21:51:51.0866 3928        avgntflt - ok
21:51:51.0883 3928        avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
21:51:51.0894 3928        avipbb - ok
21:51:51.0914 3928        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:51:51.0922 3928        avkmgr - ok
21:51:51.0993 3928        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:51:52.0011 3928        AxInstSV - ok
21:51:52.0093 3928        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:51:52.0124 3928        b06bdrv - ok
21:51:52.0150 3928        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:51:52.0167 3928        b57nd60a - ok
21:51:52.0360 3928        BCM43XX        (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
21:51:52.0414 3928        BCM43XX - ok
21:51:52.0450 3928        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:51:52.0464 3928        BDESVC - ok
21:51:52.0524 3928        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:51:52.0578 3928        Beep - ok
21:51:52.0643 3928        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:51:52.0726 3928        BFE - ok
21:51:52.0866 3928        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:51:52.0929 3928        BITS - ok
21:51:52.0978 3928        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:51:52.0992 3928        blbdrive - ok
21:51:53.0054 3928        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:51:53.0067 3928        bowser - ok
21:51:53.0098 3928        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:51:53.0117 3928        BrFiltLo - ok
21:51:53.0171 3928        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:51:53.0187 3928        BrFiltUp - ok
21:51:53.0225 3928        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:51:53.0269 3928        Browser - ok
21:51:53.0295 3928        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:51:53.0312 3928        Brserid - ok
21:51:53.0330 3928        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:51:53.0346 3928        BrSerWdm - ok
21:51:53.0355 3928        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:51:53.0370 3928        BrUsbMdm - ok
21:51:53.0392 3928        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:51:53.0405 3928        BrUsbSer - ok
21:51:53.0439 3928        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:51:53.0456 3928        BTHMODEM - ok
21:51:53.0484 3928        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:51:53.0536 3928        bthserv - ok
21:51:53.0556 3928        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:51:53.0623 3928        cdfs - ok
21:51:53.0694 3928        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:51:53.0711 3928        cdrom - ok
21:51:53.0737 3928        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:51:53.0783 3928        CertPropSvc - ok
21:51:53.0831 3928        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:51:53.0861 3928        circlass - ok
21:51:53.0937 3928        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:51:53.0953 3928        CLFS - ok
21:51:54.0019 3928        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:51:54.0028 3928        clr_optimization_v2.0.50727_32 - ok
21:51:54.0091 3928        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:51:54.0103 3928        clr_optimization_v2.0.50727_64 - ok
21:51:54.0202 3928        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:51:54.0213 3928        clr_optimization_v4.0.30319_32 - ok
21:51:54.0246 3928        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:51:54.0259 3928        clr_optimization_v4.0.30319_64 - ok
21:51:54.0277 3928        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:51:54.0292 3928        CmBatt - ok
21:51:54.0346 3928        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:51:54.0357 3928        cmdide - ok
21:51:54.0438 3928        CNG            (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:51:54.0462 3928        CNG - ok
21:51:54.0494 3928        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:51:54.0505 3928        Compbatt - ok
21:51:54.0535 3928        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:51:54.0552 3928        CompositeBus - ok
21:51:54.0555 3928        COMSysApp - ok
21:51:54.0773 3928        cpuz130 - ok
21:51:54.0807 3928        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:51:54.0817 3928        crcdisk - ok
21:51:54.0865 3928        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
21:51:54.0908 3928        CryptSvc - ok
21:51:54.0981 3928        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:51:55.0028 3928        DcomLaunch - ok
21:51:55.0060 3928        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:51:55.0111 3928        defragsvc - ok
21:51:55.0170 3928        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:51:55.0210 3928        DfsC - ok
21:51:55.0253 3928        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:51:55.0301 3928        Dhcp - ok
21:51:55.0353 3928        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:51:55.0411 3928        discache - ok
21:51:55.0437 3928        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:51:55.0448 3928        Disk - ok
21:51:55.0528 3928        DKbFltr        (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys
21:51:55.0537 3928        DKbFltr - ok
21:51:55.0581 3928        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:51:55.0597 3928        Dnscache - ok
21:51:55.0628 3928        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:51:55.0671 3928        dot3svc - ok
21:51:55.0734 3928        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:51:55.0780 3928        DPS - ok
21:51:55.0875 3928        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:51:55.0891 3928        drmkaud - ok
21:51:55.0946 3928        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:51:55.0978 3928        DXGKrnl - ok
21:51:56.0030 3928        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:51:56.0074 3928        EapHost - ok
21:51:56.0255 3928        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:51:56.0321 3928        ebdrv - ok
21:51:56.0446 3928        EFS            (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
21:51:56.0463 3928        EFS - ok
21:51:56.0637 3928        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:51:56.0659 3928        ehRecvr - ok
21:51:56.0696 3928        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:51:56.0711 3928        ehSched - ok
21:51:56.0825 3928        ElbyCDIO        (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
21:51:56.0834 3928        ElbyCDIO - ok
21:51:56.0904 3928        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:51:56.0925 3928        elxstor - ok
21:51:57.0114 3928        ePowerSvc      (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
21:51:57.0139 3928        ePowerSvc - ok
21:51:57.0196 3928        EPSON_PM_RPCV4_01 (1e345f2a2d95da3190596e691cde9342) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
21:51:57.0206 3928        EPSON_PM_RPCV4_01 - ok
21:51:57.0405 3928        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:51:57.0417 3928        ErrDev - ok
21:51:57.0503 3928        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:51:57.0574 3928        EventSystem - ok
21:51:57.0591 3928        EverestDriver - ok
21:51:57.0618 3928        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:51:57.0661 3928        exfat - ok
21:51:57.0729 3928        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:51:57.0787 3928        fastfat - ok
21:51:57.0844 3928        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:51:57.0868 3928        Fax - ok
21:51:57.0902 3928        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:51:57.0915 3928        fdc - ok
21:51:57.0963 3928        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:51:58.0007 3928        fdPHost - ok
21:51:58.0018 3928        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:51:58.0061 3928        FDResPub - ok
21:51:58.0074 3928        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:51:58.0084 3928        FileInfo - ok
21:51:58.0134 3928        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:51:58.0178 3928        Filetrace - ok
21:51:58.0194 3928        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:51:58.0208 3928        flpydisk - ok
21:51:58.0249 3928        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:51:58.0264 3928        FltMgr - ok
21:51:58.0412 3928        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:51:58.0451 3928        FontCache - ok
21:51:58.0527 3928        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:51:58.0535 3928        FontCache3.0.0.0 - ok
21:51:58.0593 3928        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:51:58.0603 3928        FsDepends - ok
21:51:58.0626 3928        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:51:58.0636 3928        Fs_Rec - ok
21:51:58.0727 3928        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:51:58.0743 3928        fvevol - ok
21:51:58.0786 3928        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:51:58.0797 3928        gagp30kx - ok
21:51:58.0814 3928        GGSAFERDriver - ok
21:51:58.0879 3928        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:51:58.0939 3928        gpsvc - ok
21:51:59.0070 3928        Greg_Service    (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
21:51:59.0097 3928        Greg_Service - ok
21:51:59.0205 3928        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:51:59.0215 3928        gupdate - ok
21:51:59.0221 3928        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:51:59.0230 3928        gupdatem - ok
21:51:59.0341 3928        hamachi        (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
21:51:59.0349 3928        hamachi - ok
21:51:59.0614 3928        Hamachi2Svc    (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
21:51:59.0698 3928        Hamachi2Svc - ok
21:51:59.0872 3928        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:51:59.0884 3928        hcw85cir - ok
21:51:59.0922 3928        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:51:59.0943 3928        HdAudAddService - ok
21:51:59.0984 3928        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:52:00.0001 3928        HDAudBus - ok
21:52:00.0039 3928        HECIx64        (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
21:52:00.0051 3928        HECIx64 - ok
21:52:00.0082 3928        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:52:00.0095 3928        HidBatt - ok
21:52:00.0112 3928        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:52:00.0128 3928        HidBth - ok
21:52:00.0139 3928        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:52:00.0159 3928        HidIr - ok
21:52:00.0188 3928        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:52:00.0240 3928        hidserv - ok
21:52:00.0285 3928        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:52:00.0303 3928        HidUsb - ok
21:52:00.0371 3928        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:52:00.0428 3928        hkmsvc - ok
21:52:00.0471 3928        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:52:00.0487 3928        HomeGroupListener - ok
21:52:00.0545 3928        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:52:00.0563 3928        HomeGroupProvider - ok
21:52:00.0603 3928        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:52:00.0618 3928        HpSAMD - ok
21:52:00.0713 3928        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:52:00.0763 3928        HTTP - ok
21:52:00.0814 3928        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:52:00.0824 3928        hwpolicy - ok
21:52:00.0861 3928        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:52:00.0877 3928        i8042prt - ok
21:52:00.0954 3928        iaStor          (8180a2392e732e8871589b54fab6991f) C:\Windows\system32\DRIVERS\iaStor.sys
21:52:00.0973 3928        iaStor - ok
21:52:01.0050 3928        IAStorDataMgrSvc (17125b7d2f56b4b35441561c780c2ccb) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:52:01.0058 3928        IAStorDataMgrSvc - ok
21:52:01.0099 3928        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:52:01.0118 3928        iaStorV - ok
21:52:01.0272 3928        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:52:01.0301 3928        idsvc - ok
21:52:02.0194 3928        igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:52:02.0400 3928        igfx - ok
21:52:02.0539 3928        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:52:02.0551 3928        iirsp - ok
21:52:02.0735 3928        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:52:02.0819 3928        IKEEXT - ok
21:52:02.0856 3928        Impcd          (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
21:52:02.0871 3928        Impcd - ok
21:52:03.0278 3928        IntcAzAudAddService (150ac23f21dbdbf8488408ba944b0d65) C:\Windows\system32\drivers\RTKVHD64.sys
21:52:03.0449 3928        IntcAzAudAddService - ok
21:52:03.0632 3928        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:52:03.0642 3928        intelide - ok
21:52:03.0677 3928        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:52:03.0695 3928        intelppm - ok
21:52:03.0837 3928        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:52:03.0891 3928        IPBusEnum - ok
21:52:03.0950 3928        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:52:03.0991 3928        IpFilterDriver - ok
21:52:04.0047 3928        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:52:04.0063 3928        IPMIDRV - ok
21:52:04.0121 3928        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:52:04.0167 3928        IPNAT - ok
21:52:04.0180 3928        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:52:04.0199 3928        IRENUM - ok
21:52:04.0231 3928        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:52:04.0242 3928        isapnp - ok
21:52:04.0264 3928        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:52:04.0296 3928        iScsiPrt - ok
21:52:04.0402 3928        k57nd60a        (376bc8e5f4a0ea0f0f16818bb1a95d4b) C:\Windows\system32\DRIVERS\k57nd60a.sys
21:52:04.0419 3928        k57nd60a - ok
21:52:04.0470 3928        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:52:04.0483 3928        kbdclass - ok
21:52:04.0523 3928        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:52:04.0536 3928        kbdhid - ok
21:52:04.0569 3928        KeyIso          (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
21:52:04.0587 3928        KeyIso - ok
21:52:04.0615 3928        KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:52:04.0640 3928        KSecDD - ok
21:52:04.0693 3928        KSecPkg        (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:52:04.0705 3928        KSecPkg - ok
21:52:04.0750 3928        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:52:04.0793 3928        ksthunk - ok
21:52:04.0874 3928        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:52:04.0920 3928        KtmRm - ok
21:52:04.0933 3928        L1E            (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
21:52:04.0946 3928        L1E - ok
21:52:05.0037 3928        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:52:05.0085 3928        LanmanServer - ok
21:52:05.0128 3928        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:52:05.0171 3928        LanmanWorkstation - ok
21:52:05.0183 3928        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:52:05.0231 3928        lltdio - ok
21:52:05.0262 3928        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:52:05.0308 3928        lltdsvc - ok
21:52:05.0341 3928        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:52:05.0399 3928        lmhosts - ok
21:52:05.0522 3928        LMS            (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:52:05.0535 3928        LMS - ok
21:52:05.0576 3928        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:52:05.0588 3928        LSI_FC - ok
21:52:05.0608 3928        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:52:05.0620 3928        LSI_SAS - ok
21:52:05.0638 3928        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:52:05.0651 3928        LSI_SAS2 - ok
21:52:05.0689 3928        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:52:05.0701 3928        LSI_SCSI - ok
21:52:05.0732 3928        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:52:05.0776 3928        luafv - ok
21:52:05.0806 3928        MBAMProtector  (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
21:52:05.0816 3928        MBAMProtector - ok
21:52:05.0860 3928        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:52:05.0882 3928        MBAMService - ok
21:52:05.0946 3928        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:52:05.0962 3928        Mcx2Svc - ok
21:52:05.0999 3928        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:52:06.0014 3928        megasas - ok
21:52:06.0072 3928        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:52:06.0089 3928        MegaSR - ok
21:52:06.0134 3928        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:52:06.0178 3928        MMCSS - ok
21:52:06.0204 3928        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:52:06.0250 3928        Modem - ok
21:52:06.0280 3928        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:52:06.0296 3928        monitor - ok
21:52:06.0374 3928        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:52:06.0385 3928        mouclass - ok
21:52:06.0411 3928        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:52:06.0423 3928        mouhid - ok
21:52:06.0499 3928        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:52:06.0510 3928        mountmgr - ok
21:52:06.0647 3928        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:52:06.0659 3928        MozillaMaintenance - ok
21:52:06.0702 3928        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:52:06.0721 3928        mpio - ok
21:52:06.0775 3928        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:52:06.0839 3928        mpsdrv - ok
21:52:06.0925 3928        MQAC            (cd22d2563039dda6793f7624719363a7) C:\Windows\system32\drivers\mqac.sys
21:52:06.0939 3928        MQAC - ok
21:52:06.0971 3928        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:52:06.0996 3928        MRxDAV - ok
21:52:07.0064 3928        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:52:07.0080 3928        mrxsmb - ok
21:52:07.0140 3928        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:52:07.0160 3928        mrxsmb10 - ok
21:52:07.0244 3928        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:52:07.0275 3928        mrxsmb20 - ok
21:52:07.0354 3928        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:52:07.0364 3928        msahci - ok
21:52:07.0402 3928        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:52:07.0415 3928        msdsm - ok
21:52:07.0473 3928        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:52:07.0489 3928        MSDTC - ok
21:52:07.0542 3928        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:52:07.0590 3928        Msfs - ok
21:52:07.0604 3928        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:52:07.0656 3928        mshidkmdf - ok
21:52:07.0778 3928        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:52:07.0788 3928        msisadrv - ok
21:52:07.0835 3928        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:52:07.0890 3928        MSiSCSI - ok
21:52:07.0894 3928        msiserver - ok
21:52:07.0927 3928        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:52:07.0970 3928        MSKSSRV - ok
21:52:08.0024 3928        MSMQ            (faaeaef99e53561beee58f946ca56f0d) C:\Windows\system32\mqsvc.exe
21:52:08.0046 3928        MSMQ - ok
21:52:08.0101 3928        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:52:08.0145 3928        MSPCLOCK - ok
21:52:08.0156 3928        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:52:08.0213 3928        MSPQM - ok
21:52:08.0296 3928        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:52:08.0318 3928        MsRPC - ok
21:52:08.0381 3928        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:52:08.0391 3928        mssmbios - ok
21:52:08.0434 3928        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:52:08.0480 3928        MSTEE - ok
21:52:08.0505 3928        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:52:08.0519 3928        MTConfig - ok
21:52:08.0552 3928        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:52:08.0563 3928        Mup - ok
21:52:08.0588 3928        mwlPSDFilter    (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:52:08.0597 3928        mwlPSDFilter - ok
21:52:08.0606 3928        mwlPSDNServ    (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:52:08.0613 3928        mwlPSDNServ - ok
21:52:08.0647 3928        mwlPSDVDisk    (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:52:08.0656 3928        mwlPSDVDisk - ok
21:52:08.0766 3928        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:52:08.0814 3928        napagent - ok
21:52:08.0871 3928        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:52:08.0906 3928        NativeWifiP - ok
21:52:08.0964 3928        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:52:08.0995 3928        NDIS - ok
21:52:09.0014 3928        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:52:09.0063 3928        NdisCap - ok
21:52:09.0097 3928        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:52:09.0143 3928        NdisTapi - ok
21:52:09.0200 3928        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:52:09.0247 3928        Ndisuio - ok
21:52:09.0288 3928        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:52:09.0361 3928        NdisWan - ok
21:52:09.0399 3928        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:52:09.0451 3928        NDProxy - ok
21:52:09.0596 3928        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:52:09.0642 3928        NetBIOS - ok
21:52:09.0745 3928        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:52:09.0805 3928        NetBT - ok
21:52:09.0870 3928        Netlogon        (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
21:52:09.0884 3928        Netlogon - ok
21:52:09.0906 3928        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:52:09.0963 3928        Netman - ok
21:52:10.0021 3928        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:52:10.0102 3928        netprofm - ok
21:52:10.0241 3928        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:52:10.0251 3928        NetTcpPortSharing - ok
21:52:10.0280 3928        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:52:10.0292 3928        nfrd960 - ok
21:52:10.0334 3928        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:52:10.0389 3928        NlaSvc - ok
21:52:10.0411 3928        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:52:10.0462 3928        Npfs - ok
21:52:10.0515 3928        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:52:10.0558 3928        nsi - ok
21:52:10.0625 3928        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:52:10.0670 3928        nsiproxy - ok
21:52:10.0899 3928        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:52:10.0976 3928        Ntfs - ok
21:52:11.0149 3928        NTI IScheduleSvc (14e66f603fb187713aeb02ad3b0390cf) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
21:52:11.0156 3928        NTI IScheduleSvc - ok
21:52:11.0238 3928        NTIDrvr        (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
21:52:11.0245 3928        NTIDrvr - ok
21:52:11.0285 3928        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:52:11.0331 3928        Null - ok
21:52:11.0388 3928        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:52:11.0401 3928        nvraid - ok
21:52:11.0441 3928        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:52:11.0454 3928        nvstor - ok
21:52:11.0510 3928        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:52:11.0530 3928        nv_agp - ok
21:52:11.0562 3928        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:52:11.0575 3928        ohci1394 - ok
21:52:11.0607 3928        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:52:11.0632 3928        p2pimsvc - ok
21:52:11.0654 3928        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:52:11.0673 3928        p2psvc - ok
21:52:11.0781 3928        PAC207          (3a6dceb1848470320e4a3c12d7a35b1c) C:\Windows\system32\DRIVERS\PFC027.SYS
21:52:11.0801 3928        PAC207 - ok
21:52:11.0840 3928        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:52:11.0855 3928        Parport - ok
21:52:11.0910 3928        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:52:11.0933 3928        partmgr - ok
21:52:11.0984 3928        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:52:12.0008 3928        PcaSvc - ok
21:52:12.0045 3928        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:52:12.0060 3928        pci - ok
21:52:12.0073 3928        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:52:12.0083 3928        pciide - ok
21:52:12.0187 3928        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:52:12.0201 3928        pcmcia - ok
21:52:12.0230 3928        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:52:12.0241 3928        pcw - ok
21:52:12.0309 3928        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:52:12.0381 3928        PEAUTH - ok
21:52:12.0553 3928        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:52:12.0571 3928        PerfHost - ok
21:52:12.0746 3928        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:52:12.0813 3928        pla - ok
21:52:12.0871 3928        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:52:12.0889 3928        PlugPlay - ok
21:52:12.0893 3928        PnkBstrA - ok
21:52:12.0921 3928        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:52:12.0945 3928        PNRPAutoReg - ok
21:52:12.0963 3928        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:52:12.0978 3928        PNRPsvc - ok
21:52:13.0109 3928        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:52:13.0157 3928        PolicyAgent - ok
21:52:13.0181 3928        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:52:13.0242 3928        Power - ok
21:52:13.0308 3928        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:52:13.0350 3928        PptpMiniport - ok
21:52:13.0370 3928        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:52:13.0384 3928        Processor - ok
21:52:13.0451 3928        ProfSvc        (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
21:52:13.0498 3928        ProfSvc - ok
21:52:13.0575 3928        ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
21:52:13.0588 3928        ProtectedStorage - ok
21:52:13.0629 3928        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:52:13.0673 3928        Psched - ok
21:52:13.0850 3928        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:52:13.0915 3928        ql2300 - ok
21:52:14.0169 3928        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:52:14.0182 3928        ql40xx - ok
21:52:14.0216 3928        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:52:14.0240 3928        QWAVE - ok
21:52:14.0258 3928        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:52:14.0277 3928        QWAVEdrv - ok
21:52:14.0289 3928        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:52:14.0333 3928        RasAcd - ok
21:52:14.0359 3928        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:52:14.0400 3928        RasAgileVpn - ok
21:52:14.0418 3928        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:52:14.0478 3928        RasAuto - ok
21:52:14.0541 3928        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:52:14.0592 3928        Rasl2tp - ok
21:52:14.0660 3928        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:52:14.0706 3928        RasMan - ok
21:52:14.0747 3928        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:52:14.0792 3928        RasPppoe - ok
21:52:14.0833 3928        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:52:14.0894 3928        RasSstp - ok
21:52:14.0958 3928        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:52:15.0004 3928        rdbss - ok
21:52:15.0028 3928        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:52:15.0044 3928        rdpbus - ok
21:52:15.0063 3928        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:52:15.0110 3928        RDPCDD - ok
21:52:15.0115 3928        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:52:15.0172 3928        RDPENCDD - ok
21:52:15.0180 3928        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:52:15.0236 3928        RDPREFMP - ok
21:52:15.0269 3928        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:52:15.0315 3928        RDPWD - ok
21:52:15.0353 3928        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:52:15.0368 3928        rdyboost - ok
21:52:15.0388 3928        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:52:15.0439 3928        RemoteAccess - ok
21:52:15.0471 3928        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:52:15.0517 3928        RemoteRegistry - ok
21:52:15.0530 3928        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:52:15.0575 3928        RpcEptMapper - ok
21:52:15.0591 3928        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:52:15.0607 3928        RpcLocator - ok
21:52:15.0671 3928        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:52:15.0718 3928        RpcSs - ok
21:52:15.0738 3928        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:52:15.0788 3928        rspndr - ok
21:52:15.0861 3928        RS_Service      (b5a4b7d779cf4070df408de18bd33b02) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
21:52:15.0868 3928        RS_Service ( UnsignedFile.Multi.Generic ) - warning
21:52:15.0868 3928        RS_Service - detected UnsignedFile.Multi.Generic (1)
21:52:15.0903 3928        RTHDMIAzAudService (c20f64fcd5e2b40310a1774495877acd) C:\Windows\system32\drivers\RtHDMIVX.sys
21:52:15.0915 3928        RTHDMIAzAudService - ok
21:52:15.0959 3928        SamSs          (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
21:52:15.0973 3928        SamSs - ok
21:52:16.0010 3928        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:52:16.0022 3928        sbp2port - ok
21:52:16.0062 3928        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:52:16.0108 3928        SCardSvr - ok
21:52:16.0143 3928        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:52:16.0185 3928        scfilter - ok
21:52:16.0254 3928        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:52:16.0318 3928        Schedule - ok
21:52:16.0376 3928        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:52:16.0418 3928        SCPolicySvc - ok
21:52:16.0456 3928        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:52:16.0470 3928        SDRSVC - ok
21:52:16.0539 3928        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:52:16.0586 3928        secdrv - ok
21:52:16.0637 3928        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:52:16.0690 3928        seclogon - ok
21:52:16.0709 3928        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:52:16.0753 3928        SENS - ok
21:52:16.0762 3928        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:52:16.0775 3928        SensrSvc - ok
21:52:16.0799 3928        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:52:16.0818 3928        Serenum - ok
21:52:16.0832 3928        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:52:16.0846 3928        Serial - ok
21:52:16.0886 3928        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:52:16.0898 3928        sermouse - ok
21:52:16.0952 3928        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:52:16.0995 3928        SessionEnv - ok
21:52:17.0020 3928        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:52:17.0036 3928        sffdisk - ok
21:52:17.0047 3928        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:52:17.0070 3928        sffp_mmc - ok
21:52:17.0087 3928        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:52:17.0103 3928        sffp_sd - ok
21:52:17.0126 3928        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:52:17.0138 3928        sfloppy - ok
21:52:17.0212 3928        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:52:17.0261 3928        ShellHWDetection - ok
21:52:17.0298 3928        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:52:17.0315 3928        SiSRaid2 - ok
21:52:17.0346 3928        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:52:17.0357 3928        SiSRaid4 - ok
21:52:17.0479 3928        SkypeUpdate    (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
21:52:17.0489 3928        SkypeUpdate - ok
21:52:17.0506 3928        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:52:17.0551 3928        Smb - ok
21:52:17.0583 3928        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:52:17.0600 3928        SNMPTRAP - ok
21:52:17.0672 3928        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:52:17.0685 3928        spldr - ok
21:52:17.0805 3928        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:52:17.0861 3928        Spooler - ok
21:52:18.0167 3928        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:52:18.0298 3928        sppsvc - ok
21:52:18.0468 3928        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:52:18.0511 3928        sppuinotify - ok
21:52:18.0616 3928        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:52:18.0634 3928        srv - ok
21:52:18.0677 3928        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:52:18.0694 3928        srv2 - ok
21:52:18.0712 3928        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:52:18.0737 3928        srvnet - ok
21:52:18.0852 3928        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:52:18.0904 3928        SSDPSRV - ok
21:52:18.0941 3928        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:52:18.0993 3928        SstpSvc - ok
21:52:19.0101 3928        Steam Client Service - ok
21:52:19.0125 3928        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:52:19.0135 3928        stexstor - ok
21:52:19.0253 3928        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:52:19.0281 3928        stisvc - ok
21:52:19.0308 3928        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:52:19.0322 3928        swenum - ok
21:52:19.0372 3928        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:52:19.0423 3928        swprv - ok
21:52:19.0457 3928        SynTP          (ed6d1424e5b0c21a57b28dd8508d6843) C:\Windows\system32\DRIVERS\SynTP.sys
21:52:19.0471 3928        SynTP - ok
21:52:19.0727 3928        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:52:19.0815 3928        SysMain - ok
21:52:20.0128 3928        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:52:20.0149 3928        TabletInputService - ok
21:52:20.0180 3928        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:52:20.0226 3928        TapiSrv - ok
21:52:20.0279 3928        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:52:20.0340 3928        TBS - ok
21:52:20.0504 3928        Tcpip          (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
21:52:20.0557 3928        Tcpip - ok
21:52:20.0955 3928        TCPIP6          (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
21:52:21.0025 3928        TCPIP6 - ok
21:52:21.0120 3928        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:52:21.0164 3928        tcpipreg - ok
21:52:21.0213 3928        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:52:21.0256 3928        TDPIPE - ok
21:52:21.0283 3928        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:52:21.0331 3928        TDTCP - ok
21:52:21.0363 3928        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:52:21.0405 3928        tdx - ok
21:52:21.0469 3928        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:52:21.0480 3928        TermDD - ok
21:52:21.0604 3928        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:52:21.0657 3928        TermService - ok
21:52:21.0678 3928        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:52:21.0705 3928        Themes - ok
21:52:21.0755 3928        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:52:21.0813 3928        THREADORDER - ok
21:52:21.0861 3928        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:52:21.0907 3928        TrkWks - ok
21:52:22.0029 3928        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:52:22.0096 3928        TrustedInstaller - ok
21:52:22.0131 3928        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:52:22.0180 3928        tssecsrv - ok
21:52:22.0205 3928        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:52:22.0222 3928        TsUsbFlt - ok
21:52:22.0282 3928        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:52:22.0349 3928        tunnel - ok
21:52:22.0369 3928        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:52:22.0383 3928        uagp35 - ok
21:52:22.0402 3928        UBHelper        (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
21:52:22.0409 3928        UBHelper - ok
21:52:22.0476 3928        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:52:22.0535 3928        udfs - ok
21:52:22.0637 3928        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:52:22.0651 3928        UI0Detect - ok
21:52:22.0695 3928        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:52:22.0706 3928        uliagpkx - ok
21:52:22.0730 3928        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:52:22.0743 3928        umbus - ok
21:52:22.0781 3928        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:52:22.0794 3928        UmPass - ok
21:52:23.0112 3928        UNS            (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:52:23.0160 3928        UNS - ok
21:52:23.0249 3928        Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
21:52:23.0261 3928        Updater Service - ok
21:52:23.0528 3928        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:52:23.0576 3928        upnphost - ok
21:52:23.0682 3928        usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
21:52:23.0708 3928        usbaudio - ok
21:52:23.0766 3928        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:52:23.0779 3928        usbccgp - ok
21:52:23.0810 3928        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:52:23.0832 3928        usbcir - ok
21:52:23.0854 3928        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:52:23.0866 3928        usbehci - ok
21:52:23.0964 3928        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:52:23.0983 3928        usbhub - ok
21:52:24.0033 3928        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:52:24.0045 3928        usbohci - ok
21:52:24.0075 3928        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:52:24.0091 3928        usbprint - ok
21:52:24.0125 3928        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
21:52:24.0140 3928        usbscan - ok
21:52:24.0214 3928        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:52:24.0227 3928        USBSTOR - ok
21:52:24.0283 3928        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:52:24.0295 3928        usbuhci - ok
21:52:24.0343 3928        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
21:52:24.0361 3928        usbvideo - ok
21:52:24.0386 3928        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:52:24.0430 3928        UxSms - ok
21:52:24.0502 3928        VaultSvc        (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
21:52:24.0516 3928        VaultSvc - ok
21:52:24.0586 3928        VClone          (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
21:52:24.0596 3928        VClone - ok
21:52:24.0643 3928        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:52:24.0653 3928        vdrvroot - ok
21:52:24.0703 3928        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:52:24.0752 3928        vds - ok
21:52:24.0832 3928        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:52:24.0849 3928        vga - ok
21:52:24.0886 3928        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:52:24.0932 3928        VgaSave - ok
21:52:24.0970 3928        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:52:24.0984 3928        vhdmp - ok
21:52:25.0012 3928        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:52:25.0022 3928        viaide - ok
21:52:25.0049 3928        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:52:25.0061 3928        volmgr - ok
21:52:25.0107 3928        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:52:25.0123 3928        volmgrx - ok
21:52:25.0143 3928        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:52:25.0159 3928        volsnap - ok
21:52:25.0190 3928        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:52:25.0203 3928        vsmraid - ok
21:52:25.0549 3928        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:52:25.0643 3928        VSS - ok
21:52:25.0800 3928        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:52:25.0818 3928        vwifibus - ok
21:52:25.0834 3928        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:52:25.0853 3928        vwififlt - ok
21:52:25.0885 3928        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:52:25.0933 3928        W32Time - ok
21:52:25.0953 3928        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:52:25.0966 3928        WacomPen - ok
21:52:25.0994 3928        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:52:26.0035 3928        WANARP - ok
21:52:26.0038 3928        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:52:26.0083 3928        Wanarpv6 - ok
21:52:26.0160 3928        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:52:26.0206 3928        wbengine - ok
21:52:26.0304 3928        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:52:26.0326 3928        WbioSrvc - ok
21:52:26.0369 3928        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:52:26.0394 3928        wcncsvc - ok
21:52:26.0404 3928        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:52:26.0418 3928        WcsPlugInService - ok
21:52:26.0452 3928        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:52:26.0463 3928        Wd - ok
21:52:26.0494 3928        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:52:26.0519 3928        Wdf01000 - ok
21:52:26.0531 3928        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:52:26.0553 3928        WdiServiceHost - ok
21:52:26.0556 3928        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:52:26.0582 3928        WdiSystemHost - ok
21:52:26.0618 3928        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:52:26.0641 3928        WebClient - ok
21:52:26.0671 3928        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:52:26.0717 3928        Wecsvc - ok
21:52:26.0735 3928        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:52:26.0779 3928        wercplsupport - ok
21:52:26.0789 3928        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:52:26.0838 3928        WerSvc - ok
21:52:26.0946 3928        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:52:26.0990 3928        WfpLwf - ok
21:52:27.0001 3928        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:52:27.0011 3928        WIMMount - ok
21:52:27.0017 3928        WinHttpAutoProxySvc - ok
21:52:27.0066 3928        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:52:27.0112 3928        Winmgmt - ok
21:52:27.0181 3928        WinRing0_1_2_0  (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
21:52:27.0191 3928        WinRing0_1_2_0 - ok
21:52:27.0274 3928        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:52:27.0349 3928        WinRM - ok
21:52:27.0470 3928        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:52:27.0508 3928        Wlansvc - ok
21:52:27.0641 3928        wlidsvc        (e23a257a54fa12c2aef8ad51e6556357) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:52:27.0705 3928        wlidsvc - ok
21:52:27.0793 3928        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:52:27.0806 3928        WmiAcpi - ok
21:52:27.0862 3928        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:52:27.0878 3928        wmiApSrv - ok
21:52:27.0914 3928        WMPNetworkSvc - ok
21:52:27.0941 3928        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:52:27.0953 3928        WPCSvc - ok
21:52:27.0983 3928        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:52:28.0000 3928        WPDBusEnum - ok
21:52:28.0022 3928        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:52:28.0067 3928        ws2ifsl - ok
21:52:28.0071 3928        WSearch - ok
21:52:28.0194 3928        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
21:52:28.0274 3928        wuauserv - ok
21:52:28.0388 3928        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:52:28.0430 3928        WudfPf - ok
21:52:28.0455 3928        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:52:28.0497 3928        WUDFRd - ok
21:52:28.0544 3928        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:52:28.0588 3928        wudfsvc - ok
21:52:28.0610 3928        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:52:28.0633 3928        WwanSvc - ok
21:52:28.0710 3928        X6va002 - ok
21:52:28.0714 3928        X6va003 - ok
21:52:28.0809 3928        ZAtheros Wlan Agent (1ca8ac00abde45a4fe360aea515f844b) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
21:52:28.0813 3928        ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - warning
21:52:28.0813 3928        ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic (1)
21:52:28.0843 3928        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:52:29.0073 3928        \Device\Harddisk0\DR0 - ok
21:52:29.0099 3928        Boot (0x1200)  (851861819a0282d2d600ac8029e9b3e7) \Device\Harddisk0\DR0\Partition0
21:52:29.0100 3928        \Device\Harddisk0\DR0\Partition0 - ok
21:52:29.0122 3928        Boot (0x1200)  (f21262666ef44e626d25f4df17c0488a) \Device\Harddisk0\DR0\Partition1
21:52:29.0124 3928        \Device\Harddisk0\DR0\Partition1 - ok
21:52:29.0127 3928        ============================================================
21:52:29.0127 3928        Scan finished
21:52:29.0127 3928        ============================================================
21:52:29.0134 2116        Detected object count: 2
21:52:29.0134 2116        Actual detected object count: 2
21:52:34.0430 2116        RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:34.0430 2116        RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:52:34.0431 2116        ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - skipped by user
21:52:34.0431 2116        ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip

Chris4You 22.06.2012 21:02
Hi,

hmm, neue Variante... CF sollte das können...

Combofix
Lade Combo Fix von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichert es auf den Desktop.

Achtung: In einigen wenigen Fällen kann es vorkommen, das der Rechner nicht mehr booten kann und Neuaufgesetzt werden muß!

Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter.

Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen
Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird.
Nach Scanende wird ein Report (ComboFix.txt) angezeigt, den bitte kopieren und in deinem Thread einfuegen. Das Log solltest Du unter C:\ComboFix.txt finden...

Danach bitte gleich MAM:
Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Update" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

chris
Ps: Wie stehts (EM)?

chris

H4rdDiskDriv 22.06.2012 21:03
4:1 grad ...

Verdammte *****

Laptop bootet nicht mehr -.- da Avira schon ewig nen Suchlaufbalken was auch immer hatte wollt ich Laptop eben neu starten und jetzt ... naja

Wenn ich jetzt meine Festplatte formatiere und dann Win 7 neu drauf mache, ist dann der TDSS immernoch drauf?

Benni

Chris4You 22.06.2012 21:47
Hi,

schlecht... Lief gerade CF oder hast Du den Suchlauf von Avira unterbrochen?
Nach einem Vollständigen format sollte TDSS weg sein, unbedingt allerdings die Partitionen genau überprüfen (es sollte da eine kleine zustätzliche, sehr kleine geben die Tdss für sich nutzt sieht man z.B. mit gpartet. Ist aber nicht schlimm wenn die stehen bleibt, wichtig ist dass die nicht als "boot" markiert ist!)

Hast Du eine Installations-CD?

Reparatur unter der Recovery-Konsole Win 7 -> siehe weiter unten
Wie im Link beschrieben vorgehen und dann in der Konsole bootrec.exe /FixMbr eingeben.
Tipparchiv - MBR unter Vista oder Windows 7 reparieren - WinTotal.de

Falls keine WIN7-Boot-DVD vorhanden:
Lade folgendes Abbild runter und brenne es via Nero etc. (ImageBurn:ImgBurn Download - ImgBurn 2.5.6.0) auf DVD (64 Bit):
Windows_7_64
(32 Bit):Windows_7_32-bit
Dann von dieser DVD starten und wie beschrieben vorgehen!


chris

H4rdDiskDriv 22.06.2012 21:58
Naja bei den ganzen Meldungen hab ich dann einmal auf Details gedrückt und dann kam son kleiner Balken, der dann nicht wegging. Der wollte nicht weggehen und dann hab ich neugestartet.
CF lief nicht, nein.

Also was genau passiert ist:

Neustart halt, Windows war mitn Ladebalken am hochfahren und dann fängt er wieder an, dann kam ein blauhintergrundige Warnmeldung. sollte zw Normal starten und Sicherheitsmodus. Normal funktioniert nicht und bei sicherheit will Windows Systemreperatur machen, meint auch Systemwiederherstellungspunkt zu benutzen.

Naja soll ich den benutzen?

Chris4You 22.06.2012 22:12
Hi,

ja, mache eine Systemwiederherstellung und dann poste nochmal neue Logs... (OTL, TDSS)...

chris

H4rdDiskDriv 22.06.2012 23:51
OTL.txt
Code:
OTL logfile created on: 23.06.2012 00:38:04 - Run 2
OTL by OldTimer - Version 3.2.52.0    Folder = C:\Users\Benni\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 58,98% Memory free
7,73 Gb Paging File | 5,83 Gb Available in Paging File | 75,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,94 Gb Total Space | 328,17 Gb Free Space | 72,29% Space Free | Partition Type: NTFS
 
Computer Name: BENNI´S-PC | User Name: Benni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.23 00:26:16 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Downloads\OTL.exe
PRC - [2012.06.04 13:59:11 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.06.04 13:59:11 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.06.04 13:59:11 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.02.28 18:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.10.21 20:40:38 | 000,073,728 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
PRC - [2011.10.17 16:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.08.30 18:53:46 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009.12.28 05:37:10 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009.11.02 01:40:52 | 001,100,368 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009.10.01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.10.01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.09.25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009.07.10 03:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.12.28 05:37:10 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.07.28 23:35:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV - [2012.06.17 13:40:52 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.04 13:59:11 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.06.04 13:59:11 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.06.01 19:17:59 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.02.28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.21 20:40:38 | 000,073,728 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2011.10.17 16:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011.08.30 18:53:46 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.10.01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.09.30 15:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.09.25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.07.10 03:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.30 18:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.03.28 04:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Programme\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2007.01.11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.06.04 13:59:11 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.06.04 13:59:11 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.12.02 19:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011.11.23 16:13:10 | 002,796,544 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.10.17 15:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.09.16 17:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.07.29 00:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.07.29 00:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.28 22:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.31 20:08:06 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.02.10 22:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.12.18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.09.18 06:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.08.13 21:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.08.09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009.07.23 00:06:26 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009.06.20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV - [2010.11.01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={FB1FD20E-1ECB-4FD8-A1AE-1A3F96887A29}&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&lang=de&ds=od011&pr=sa&d=2012-03-22 15:23:38&v=10.2.0.3&sap=hp
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE363
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={FB1FD20E-1ECB-4FD8-A1AE-1A3F96887A29}&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&lang=de&ds=od011&pr=sa&d=2012-03-22 15:23:38&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/|hxxp://ts6.travian.de/dorf1.php"
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.3.1
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B3789daa5-d450-42db-ab92-525375a232f9%7D&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&ds=od011&v=10.2.0.3&lang=de&pr=sa&d=2012-03-22%2015%3A23%3A38&sap=ku&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Benni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.24 23:55:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 13:40:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.21 16:24:39 | 000,000,000 | ---D | M]
 
[2011.10.18 14:26:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Extensions
[2010.09.30 16:36:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.10.18 14:26:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2012.06.02 23:32:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\e9koplpd.default\extensions
[2011.03.19 19:26:51 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\e9koplpd.default\extensions\personas@christopher.beard
[2012.03.17 22:29:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.24 23:55:07 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.06.17 13:40:52 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.01 20:28:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.22 16:23:27 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011.10.01 20:28:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.01 20:28:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.01 20:28:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.01 20:28:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.01 20:28:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ccleaner] C:\Program Files (x86)\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [OscarEditor] C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe ()
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\XviD\CheckUpdate.exe ()
O4 - Startup: C:\Users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.exe - Verknüpfung.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B568ABAA-7280-411C-B11F-85168FC4DE44}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C05802F8-E6BF-4286-B352-97A9C53E16F2}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{01ef7b56-43f0-11df-ab52-00262d7912b4}\Shell - "" = AutoRun
O33 - MountPoints2\{01ef7b56-43f0-11df-ab52-00262d7912b4}\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.22 17:17:00 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Malwarebytes
[2012.06.22 17:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.22 17:16:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.21 19:55:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Regnum Online
[2012.06.21 19:53:32 | 000,000,000 | ---D | C] -- C:\Games
[2012.06.21 12:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.06.21 12:03:31 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\pdfforge
[2012.06.21 12:03:29 | 000,095,232 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.06.21 12:03:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012.06.12 00:17:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2012.06.11 13:46:43 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Local\Macromedia
[2012.06.06 17:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.06.02 19:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2012.06.02 19:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2012.05.27 14:47:29 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\LolClient2
[2009.11.05 05:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.23 00:13:55 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.23 00:13:55 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.23 00:05:29 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.23 00:05:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.23 00:05:00 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.22 19:44:25 | 000,000,000 | ---- | M] () -- C:\Users\Benni\defogger_reenable
[2012.06.21 19:44:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.21 12:03:32 | 000,001,204 | ---- | M] () -- C:\Users\Public\Desktop\PDFArchitect.lnk
[2012.06.21 12:03:32 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2012.06.19 02:35:18 | 000,007,604 | ---- | M] () -- C:\Users\Benni\AppData\Local\Resmon.ResmonCfg
[2012.06.17 19:53:09 | 000,249,275 | ---- | M] () -- C:\Users\Benni\Desktop\Skyrim add on.jpg
[2012.06.16 23:16:06 | 000,143,514 | ---- | M] () -- C:\Users\Benni\Desktop\181414_437905312910103_280672572_n.jpg
[2012.06.15 06:51:42 | 000,095,232 | ---- | M] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.06.05 17:09:56 | 001,527,614 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.05 17:09:56 | 000,664,868 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.05 17:09:56 | 000,625,010 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.05 17:09:56 | 000,135,004 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.05 17:09:56 | 000,110,648 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.04 13:59:11 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.06.04 13:59:11 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.06.02 19:37:53 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012.06.02 19:37:53 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012.05.29 17:15:45 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.25 07:46:53 | 000,031,915 | ---- | M] () -- C:\Users\Benni\Desktop\WismarAlterSchwede.jpg
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.22 19:44:25 | 000,000,000 | ---- | C] () -- C:\Users\Benni\defogger_reenable
[2012.06.21 12:03:32 | 000,001,204 | ---- | C] () -- C:\Users\Public\Desktop\PDFArchitect.lnk
[2012.06.21 12:03:32 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2012.06.17 19:52:46 | 000,249,275 | ---- | C] () -- C:\Users\Benni\Desktop\Skyrim add on.jpg
[2012.06.16 23:15:46 | 000,143,514 | ---- | C] () -- C:\Users\Benni\Desktop\181414_437905312910103_280672572_n.jpg
[2012.06.12 00:17:32 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2012.06.12 00:17:32 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2012.06.12 00:17:32 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2012.06.12 00:17:31 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.06.12 00:17:31 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.06.12 00:17:31 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2012.06.02 19:37:53 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012.06.02 19:37:53 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012.06.02 19:37:49 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.05.25 07:46:52 | 000,031,915 | ---- | C] () -- C:\Users\Benni\Desktop\WismarAlterSchwede.jpg
[2011.12.20 23:36:50 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.10.02 13:00:09 | 000,004,614 | ---- | C] () -- C:\Users\Benni\.recently-used.xbel
[2011.09.28 06:58:31 | 000,000,000 | ---- | C] () -- C:\Users\Benni\AppData\Local\{2A266CAB-D9B5-41DD-BEED-6B492DC72B8A}
[2011.07.28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.06.18 17:22:28 | 000,000,705 | ---- | C] () -- C:\Windows\kaillera.ini
[2011.04.09 03:13:52 | 000,002,048 | -HS- | C] () -- C:\Users\Benni\AppData\Local\{1a010c53-5aa6-5c59-2759-42e47dea94f8}\@
[2011.03.27 01:33:27 | 000,041,974 | ---- | C] () -- C:\Users\Benni\AppData\Roaming\room.dat
[2011.03.25 19:50:32 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.03.08 16:31:39 | 000,000,093 | ---- | C] () -- C:\Users\Benni\AppData\Local\fusioncache.dat
[2011.03.08 16:29:57 | 001,554,122 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.09 16:06:48 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.10.07 19:30:16 | 000,121,052 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.04.10 21:55:34 | 000,000,000 | ---- | C] () -- C:\Users\Benni\__ng3d.lock
[2010.03.04 22:29:38 | 000,004,608 | ---- | C] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.18 22:49:40 | 000,007,604 | ---- | C] () -- C:\Users\Benni\AppData\Local\Resmon.ResmonCfg
 
========== LOP Check ==========
 
[2010.10.13 22:55:09 | 000,000,000 | -HSD | M] -- C:\Users\Benni\AppData\Roaming\.#
[2010.01.18 13:46:25 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\GameConsole
[2011.09.29 19:36:57 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\gtk-2.0
[2010.03.26 23:15:00 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\HLSW
[2010.07.21 07:39:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\LolClient
[2012.05.27 14:47:29 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\LolClient2
[2012.01.23 07:46:01 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\OnLive App
[2010.10.16 21:03:55 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\OpenArena
[2012.03.22 16:13:08 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\OpenCandy
[2010.09.02 18:22:02 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\OpenOffice.org
[2012.06.21 12:11:51 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\pdfforge
[2011.10.18 14:26:16 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Prism
[2011.03.19 20:26:58 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\PunkBuster
[2012.06.23 10:03:49 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Rainmeter
[2012.03.04 15:44:55 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\RotMG.Production
[2010.04.01 05:16:13 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\SoftDMA
[2010.09.30 16:36:26 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\TomTom
[2012.06.23 00:18:34 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Ubisoft
[2012.01.07 01:56:39 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Unity
[2012.05.15 06:47:39 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0

< End of report >
mhmm OTL zeigt mir lustigerweise keine Extra.txt


TDSS Killer
Code:
00:46:55.0197 1868        TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
00:46:55.0476 1868        ============================================================
00:46:55.0477 1868        Current date / time: 2012/06/23 00:46:55.0476
00:46:55.0477 1868        SystemInfo:
00:46:55.0477 1868       
00:46:55.0477 1868        OS Version: 6.1.7601 ServicePack: 1.0
00:46:55.0477 1868        Product type: Workstation
00:46:55.0477 1868        ComputerName: BENNI´S-PC
00:46:55.0477 1868        UserName: Benni
00:46:55.0477 1868        Windows directory: C:\Windows
00:46:55.0477 1868        System windows directory: C:\Windows
00:46:55.0477 1868        Running under WOW64
00:46:55.0477 1868        Processor architecture: Intel x64
00:46:55.0477 1868        Number of processors: 4
00:46:55.0477 1868        Page size: 0x1000
00:46:55.0477 1868        Boot type: Normal boot
00:46:55.0477 1868        ============================================================
00:46:56.0044 1868        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:46:56.0049 1868        ============================================================
00:46:56.0049 1868        \Device\Harddisk0\DR0:
00:46:56.0049 1868        MBR partitions:
00:46:56.0049 1868        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
00:46:56.0049 1868        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x38BE3030
00:46:56.0049 1868        ============================================================
00:46:56.0073 1868        C: <-> \Device\Harddisk0\DR0\Partition1
00:46:56.0073 1868        ============================================================
00:46:56.0073 1868        Initialize success
00:46:56.0073 1868        ============================================================
00:47:02.0792 2944        ============================================================
00:47:02.0792 2944        Scan started
00:47:02.0792 2944        Mode: Manual; SigCheck; TDLFS;
00:47:02.0792 2944        ============================================================
00:47:03.0998 2944        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
00:47:04.0089 2944        1394ohci - ok
00:47:04.0149 2944        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
00:47:04.0183 2944        ACPI - ok
00:47:04.0235 2944        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
00:47:04.0293 2944        AcpiPmi - ok
00:47:04.0423 2944        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:47:04.0442 2944        AdobeARMservice - ok
00:47:04.0534 2944        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
00:47:04.0565 2944        adp94xx - ok
00:47:04.0630 2944        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
00:47:04.0663 2944        adpahci - ok
00:47:04.0688 2944        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
00:47:04.0702 2944        adpu320 - ok
00:47:04.0730 2944        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
00:47:04.0804 2944        AeLookupSvc - ok
00:47:04.0891 2944        AFD            (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
00:47:04.0954 2944        AFD - ok
00:47:05.0038 2944        AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
00:47:05.0095 2944        AgereModemAudio - ok
00:47:05.0210 2944        AgereSoftModem  (a6ab6f0ace87da76b4c401813d18be95) C:\Windows\system32\DRIVERS\agrsm64.sys
00:47:05.0280 2944        AgereSoftModem - ok
00:47:05.0341 2944        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
00:47:05.0364 2944        agp440 - ok
00:47:05.0412 2944        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
00:47:05.0488 2944        ALG - ok
00:47:05.0561 2944        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
00:47:05.0581 2944        aliide - ok
00:47:05.0642 2944        AMD External Events Utility (a2f5bea5b45a8e7c4776f39c25e8699d) C:\Windows\system32\atiesrxx.exe
00:47:05.0712 2944        AMD External Events Utility - ok
00:47:05.0730 2944        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
00:47:05.0740 2944        amdide - ok
00:47:05.0799 2944        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
00:47:05.0844 2944        AmdK8 - ok
00:47:06.0466 2944        amdkmdag        (5b03217859b014b090cb5060c1d96875) C:\Windows\system32\DRIVERS\atikmdag.sys
00:47:06.0774 2944        amdkmdag - ok
00:47:06.0950 2944        amdkmdap        (35d2184a99ad4cd5d17284d6c9f382c9) C:\Windows\system32\DRIVERS\atikmpag.sys
00:47:07.0005 2944        amdkmdap - ok
00:47:07.0072 2944        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
00:47:07.0113 2944        AmdPPM - ok
00:47:07.0177 2944        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
00:47:07.0194 2944        amdsata - ok
00:47:07.0219 2944        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
00:47:07.0238 2944        amdsbs - ok
00:47:07.0252 2944        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
00:47:07.0263 2944        amdxata - ok
00:47:07.0324 2944        AmUStor        (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
00:47:07.0389 2944        AmUStor - ok
00:47:07.0493 2944        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
00:47:07.0519 2944        AntiVirSchedulerService - ok
00:47:07.0608 2944        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
00:47:07.0624 2944        AntiVirService - ok
00:47:07.0697 2944        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
00:47:07.0777 2944        AppID - ok
00:47:07.0810 2944        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
00:47:07.0872 2944        AppIDSvc - ok
00:47:07.0905 2944        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
00:47:07.0965 2944        Appinfo - ok
00:47:08.0003 2944        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
00:47:08.0028 2944        arc - ok
00:47:08.0045 2944        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
00:47:08.0057 2944        arcsas - ok
00:47:08.0117 2944        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:47:08.0200 2944        AsyncMac - ok
00:47:08.0252 2944        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
00:47:08.0273 2944        atapi - ok
00:47:08.0470 2944        athr            (7d0398396727195cc73d703001d3cff4) C:\Windows\system32\DRIVERS\athrx.sys
00:47:08.0570 2944        athr - ok
00:47:09.0244 2944        atikmdag        (5b03217859b014b090cb5060c1d96875) C:\Windows\system32\DRIVERS\atikmdag.sys
00:47:09.0385 2944        atikmdag - ok
00:47:09.0643 2944        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:47:09.0745 2944        AudioEndpointBuilder - ok
00:47:09.0752 2944        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:47:09.0801 2944        AudioSrv - ok
00:47:09.0911 2944        avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
00:47:10.0001 2944        avgntflt - ok
00:47:10.0081 2944        avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
00:47:10.0097 2944        avipbb - ok
00:47:10.0165 2944        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
00:47:10.0179 2944        avkmgr - ok
00:47:10.0249 2944        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
00:47:10.0314 2944        AxInstSV - ok
00:47:10.0389 2944        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
00:47:10.0448 2944        b06bdrv - ok
00:47:10.0508 2944        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:47:10.0540 2944        b57nd60a - ok
00:47:10.0659 2944        BCM43XX        (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
00:47:10.0732 2944        BCM43XX - ok
00:47:10.0790 2944        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
00:47:10.0841 2944        BDESVC - ok
00:47:10.0918 2944        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:47:10.0982 2944        Beep - ok
00:47:11.0067 2944        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
00:47:11.0133 2944        BFE - ok
00:47:11.0191 2944        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
00:47:11.0259 2944        BITS - ok
00:47:11.0318 2944        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
00:47:11.0364 2944        blbdrive - ok
00:47:11.0414 2944        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
00:47:11.0438 2944        bowser - ok
00:47:11.0484 2944        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:47:11.0532 2944        BrFiltLo - ok
00:47:11.0563 2944        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:47:11.0591 2944        BrFiltUp - ok
00:47:11.0655 2944        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
00:47:11.0736 2944        Browser - ok
00:47:11.0772 2944        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:47:11.0848 2944        Brserid - ok
00:47:11.0860 2944        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:47:11.0901 2944        BrSerWdm - ok
00:47:11.0950 2944        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:47:11.0994 2944        BrUsbMdm - ok
00:47:12.0032 2944        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:47:12.0070 2944        BrUsbSer - ok
00:47:12.0094 2944        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
00:47:12.0135 2944        BTHMODEM - ok
00:47:12.0192 2944        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
00:47:12.0259 2944        bthserv - ok
00:47:12.0308 2944        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:47:12.0374 2944        cdfs - ok
00:47:12.0421 2944        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
00:47:12.0461 2944        cdrom - ok
00:47:12.0512 2944        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:47:12.0579 2944        CertPropSvc - ok
00:47:12.0637 2944        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
00:47:12.0684 2944        circlass - ok
00:47:12.0731 2944        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:47:12.0754 2944        CLFS - ok
00:47:12.0827 2944        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:47:12.0843 2944        clr_optimization_v2.0.50727_32 - ok
00:47:12.0888 2944        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:47:12.0904 2944        clr_optimization_v2.0.50727_64 - ok
00:47:13.0010 2944        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:47:13.0031 2944        clr_optimization_v4.0.30319_32 - ok
00:47:13.0063 2944        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:47:13.0075 2944        clr_optimization_v4.0.30319_64 - ok
00:47:13.0089 2944        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
00:47:13.0121 2944        CmBatt - ok
00:47:13.0152 2944        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
00:47:13.0163 2944        cmdide - ok
00:47:13.0242 2944        CNG            (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
00:47:13.0305 2944        CNG - ok
00:47:13.0378 2944        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
00:47:13.0400 2944        Compbatt - ok
00:47:13.0453 2944        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
00:47:13.0515 2944        CompositeBus - ok
00:47:13.0536 2944        COMSysApp - ok
00:47:13.0671 2944        cpuz130 - ok
00:47:13.0692 2944        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
00:47:13.0713 2944        crcdisk - ok
00:47:13.0775 2944        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
00:47:13.0868 2944        CryptSvc - ok
00:47:13.0956 2944        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:47:14.0049 2944        DcomLaunch - ok
00:47:14.0127 2944        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
00:47:14.0214 2944        defragsvc - ok
00:47:14.0274 2944        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
00:47:14.0361 2944        DfsC - ok
00:47:14.0447 2944        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
00:47:14.0528 2944        Dhcp - ok
00:47:14.0562 2944        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:47:14.0633 2944        discache - ok
00:47:14.0689 2944        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
00:47:14.0714 2944        Disk - ok
00:47:14.0835 2944        DKbFltr        (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys
00:47:14.0850 2944        DKbFltr - ok
00:47:14.0883 2944        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
00:47:14.0956 2944        Dnscache - ok
00:47:15.0006 2944        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
00:47:15.0099 2944        dot3svc - ok
00:47:15.0133 2944        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
00:47:15.0203 2944        DPS - ok
00:47:15.0281 2944        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:47:15.0333 2944        drmkaud - ok
00:47:15.0409 2944        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
00:47:15.0453 2944        DXGKrnl - ok
00:47:15.0480 2944        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
00:47:15.0549 2944        EapHost - ok
00:47:15.0750 2944        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
00:47:15.0826 2944        ebdrv - ok
00:47:15.0964 2944        EFS            (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
00:47:16.0003 2944        EFS - ok
00:47:16.0133 2944        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
00:47:16.0205 2944        ehRecvr - ok
00:47:16.0237 2944        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
00:47:16.0272 2944        ehSched - ok
00:47:16.0375 2944        ElbyCDIO        (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
00:47:16.0394 2944        ElbyCDIO - ok
00:47:16.0445 2944        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
00:47:16.0471 2944        elxstor - ok
00:47:16.0629 2944        ePowerSvc      (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
00:47:16.0674 2944        ePowerSvc - ok
00:47:16.0738 2944        EPSON_PM_RPCV4_01 (1e345f2a2d95da3190596e691cde9342) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
00:47:16.0807 2944        EPSON_PM_RPCV4_01 - ok
00:47:16.0923 2944        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
00:47:16.0967 2944        ErrDev - ok
00:47:17.0048 2944        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
00:47:17.0135 2944        EventSystem - ok
00:47:17.0203 2944        EverestDriver - ok
00:47:17.0273 2944        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:47:17.0366 2944        exfat - ok
00:47:17.0387 2944        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:47:17.0451 2944        fastfat - ok
00:47:17.0542 2944        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
00:47:17.0621 2944        Fax - ok
00:47:17.0689 2944        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
00:47:17.0728 2944        fdc - ok
00:47:17.0781 2944        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
00:47:17.0863 2944        fdPHost - ok
00:47:17.0881 2944        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
00:47:17.0949 2944        FDResPub - ok
00:47:17.0982 2944        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:47:17.0993 2944        FileInfo - ok
00:47:18.0017 2944        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:47:18.0084 2944        Filetrace - ok
00:47:18.0129 2944        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
00:47:18.0163 2944        flpydisk - ok
00:47:18.0208 2944        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
00:47:18.0237 2944        FltMgr - ok
00:47:18.0332 2944        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
00:47:18.0416 2944        FontCache - ok
00:47:18.0512 2944        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:47:18.0529 2944        FontCache3.0.0.0 - ok
00:47:18.0567 2944        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:47:18.0592 2944        FsDepends - ok
00:47:18.0633 2944        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
00:47:18.0646 2944        Fs_Rec - ok
00:47:18.0715 2944        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:47:18.0732 2944        fvevol - ok
00:47:18.0749 2944        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
00:47:18.0761 2944        gagp30kx - ok
00:47:18.0821 2944        GGSAFERDriver - ok
00:47:18.0925 2944        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
00:47:19.0001 2944        gpsvc - ok
00:47:19.0153 2944        Greg_Service    (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
00:47:19.0189 2944        Greg_Service - ok
00:47:19.0304 2944        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:47:19.0321 2944        gupdate - ok
00:47:19.0351 2944        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:47:19.0362 2944        gupdatem - ok
00:47:19.0481 2944        hamachi        (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
00:47:19.0497 2944        hamachi - ok
00:47:19.0743 2944        Hamachi2Svc    (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
00:47:19.0815 2944        Hamachi2Svc - ok
00:47:19.0967 2944        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:47:20.0040 2944        hcw85cir - ok
00:47:20.0125 2944        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
00:47:20.0166 2944        HdAudAddService - ok
00:47:20.0190 2944        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
00:47:20.0224 2944        HDAudBus - ok
00:47:20.0280 2944        HECIx64        (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
00:47:20.0298 2944        HECIx64 - ok
00:47:20.0322 2944        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
00:47:20.0360 2944        HidBatt - ok
00:47:20.0387 2944        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
00:47:20.0435 2944        HidBth - ok
00:47:20.0480 2944        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
00:47:20.0528 2944        HidIr - ok
00:47:20.0557 2944        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
00:47:20.0618 2944        hidserv - ok
00:47:20.0688 2944        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
00:47:20.0712 2944        HidUsb - ok
00:47:20.0780 2944        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
00:47:20.0855 2944        hkmsvc - ok
00:47:20.0925 2944        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
00:47:20.0995 2944        HomeGroupListener - ok
00:47:21.0037 2944        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
00:47:21.0079 2944        HomeGroupProvider - ok
00:47:21.0112 2944        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
00:47:21.0131 2944        HpSAMD - ok
00:47:21.0229 2944        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
00:47:21.0304 2944        HTTP - ok
00:47:21.0331 2944        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
00:47:21.0342 2944        hwpolicy - ok
00:47:21.0402 2944        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
00:47:21.0429 2944        i8042prt - ok
00:47:21.0495 2944        iaStor          (8180a2392e732e8871589b54fab6991f) C:\Windows\system32\DRIVERS\iaStor.sys
00:47:21.0532 2944        iaStor - ok
00:47:21.0645 2944        IAStorDataMgrSvc (17125b7d2f56b4b35441561c780c2ccb) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
00:47:21.0659 2944        IAStorDataMgrSvc - ok
00:47:21.0738 2944        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
00:47:21.0773 2944        iaStorV - ok
00:47:21.0889 2944        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:47:21.0932 2944        idsvc - ok
00:47:22.0311 2944        igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
00:47:22.0517 2944        igfx - ok
00:47:22.0635 2944        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
00:47:22.0654 2944        iirsp - ok
00:47:22.0742 2944        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
00:47:22.0827 2944        IKEEXT - ok
00:47:22.0908 2944        Impcd          (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
00:47:22.0961 2944        Impcd - ok
00:47:23.0304 2944        IntcAzAudAddService (150ac23f21dbdbf8488408ba944b0d65) C:\Windows\system32\drivers\RTKVHD64.sys
00:47:23.0418 2944        IntcAzAudAddService - ok
00:47:23.0572 2944        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
00:47:23.0593 2944        intelide - ok
00:47:23.0639 2944        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
00:47:23.0687 2944        intelppm - ok
00:47:23.0746 2944        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
00:47:23.0807 2944        IPBusEnum - ok
00:47:23.0858 2944        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:47:23.0940 2944        IpFilterDriver - ok
00:47:24.0013 2944        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
00:47:24.0120 2944        iphlpsvc - ok
00:47:24.0155 2944        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
00:47:24.0188 2944        IPMIDRV - ok
00:47:24.0241 2944        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:47:24.0324 2944        IPNAT - ok
00:47:24.0364 2944        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:47:24.0414 2944        IRENUM - ok
00:47:24.0438 2944        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
00:47:24.0449 2944        isapnp - ok
00:47:24.0475 2944        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
00:47:24.0492 2944        iScsiPrt - ok
00:47:24.0575 2944        k57nd60a        (376bc8e5f4a0ea0f0f16818bb1a95d4b) C:\Windows\system32\DRIVERS\k57nd60a.sys
00:47:24.0601 2944        k57nd60a - ok
00:47:24.0644 2944        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
00:47:24.0657 2944        kbdclass - ok
00:47:24.0719 2944        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
00:47:24.0759 2944        kbdhid - ok
00:47:24.0832 2944        KeyIso          (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
00:47:24.0863 2944        KeyIso - ok
00:47:24.0901 2944        KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
00:47:24.0921 2944        KSecDD - ok
00:47:24.0969 2944        KSecPkg        (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
00:47:24.0982 2944        KSecPkg - ok
00:47:25.0013 2944        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:47:25.0077 2944        ksthunk - ok
00:47:25.0125 2944        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
00:47:25.0190 2944        KtmRm - ok
00:47:25.0240 2944        L1E            (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
00:47:25.0278 2944        L1E - ok
00:47:25.0321 2944        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
00:47:25.0391 2944        LanmanServer - ok
00:47:25.0426 2944        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
00:47:25.0493 2944        LanmanWorkstation - ok
00:47:25.0557 2944        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:47:25.0639 2944        lltdio - ok
00:47:25.0710 2944        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
00:47:25.0793 2944        lltdsvc - ok
00:47:25.0815 2944        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
00:47:25.0861 2944        lmhosts - ok
00:47:25.0986 2944        LMS            (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:47:26.0008 2944        LMS - ok
00:47:26.0074 2944        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
00:47:26.0098 2944        LSI_FC - ok
00:47:26.0116 2944        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
00:47:26.0132 2944        LSI_SAS - ok
00:47:26.0147 2944        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:47:26.0159 2944        LSI_SAS2 - ok
00:47:26.0179 2944        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:47:26.0192 2944        LSI_SCSI - ok
00:47:26.0214 2944        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:47:26.0276 2944        luafv - ok
00:47:26.0332 2944        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
00:47:26.0360 2944        Mcx2Svc - ok
00:47:26.0384 2944        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
00:47:26.0395 2944        megasas - ok
00:47:26.0419 2944        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
00:47:26.0438 2944        MegaSR - ok
00:47:26.0464 2944        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:47:26.0529 2944        MMCSS - ok
00:47:26.0545 2944        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:47:26.0611 2944        Modem - ok
00:47:26.0651 2944        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:47:26.0685 2944        monitor - ok
00:47:26.0747 2944        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
00:47:26.0768 2944        mouclass - ok
00:47:26.0817 2944        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
00:47:26.0844 2944        mouhid - ok
00:47:26.0908 2944        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
00:47:26.0932 2944        mountmgr - ok
00:47:27.0045 2944        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:47:27.0066 2944        MozillaMaintenance - ok
00:47:27.0099 2944        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
00:47:27.0114 2944        mpio - ok
00:47:27.0149 2944        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:47:27.0198 2944        mpsdrv - ok
00:47:27.0285 2944        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
00:47:27.0382 2944        MpsSvc - ok
00:47:27.0470 2944        MQAC            (cd22d2563039dda6793f7624719363a7) C:\Windows\system32\drivers\mqac.sys
00:47:27.0511 2944        MQAC - ok
00:47:27.0547 2944        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
00:47:27.0579 2944        MRxDAV - ok
00:47:27.0618 2944        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:47:27.0647 2944        mrxsmb - ok
00:47:27.0689 2944        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:47:27.0740 2944        mrxsmb10 - ok
00:47:27.0771 2944        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:47:27.0796 2944        mrxsmb20 - ok
00:47:27.0827 2944        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
00:47:27.0845 2944        msahci - ok
00:47:27.0888 2944        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
00:47:27.0903 2944        msdsm - ok
00:47:27.0931 2944        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
00:47:27.0962 2944        MSDTC - ok
00:47:28.0003 2944        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:47:28.0054 2944        Msfs - ok
00:47:28.0099 2944        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:47:28.0178 2944        mshidkmdf - ok
00:47:28.0196 2944        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
00:47:28.0207 2944        msisadrv - ok
00:47:28.0243 2944        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
00:47:28.0310 2944        MSiSCSI - ok
00:47:28.0313 2944        msiserver - ok
00:47:28.0343 2944        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:47:28.0387 2944        MSKSSRV - ok
00:47:28.0445 2944        MSMQ            (faaeaef99e53561beee58f946ca56f0d) C:\Windows\system32\mqsvc.exe
00:47:28.0485 2944        MSMQ - ok
00:47:28.0538 2944        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:47:28.0605 2944        MSPCLOCK - ok
00:47:28.0629 2944        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:47:28.0689 2944        MSPQM - ok
00:47:28.0737 2944        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
00:47:28.0770 2944        MsRPC - ok
00:47:28.0816 2944        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
00:47:28.0828 2944        mssmbios - ok
00:47:28.0879 2944        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:47:28.0959 2944        MSTEE - ok
00:47:28.0977 2944        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
00:47:28.0993 2944        MTConfig - ok
00:47:29.0015 2944        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:47:29.0027 2944        Mup - ok
00:47:29.0083 2944        mwlPSDFilter    (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
00:47:29.0098 2944        mwlPSDFilter - ok
00:47:29.0146 2944        mwlPSDNServ    (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
00:47:29.0158 2944        mwlPSDNServ - ok
00:47:29.0170 2944        mwlPSDVDisk    (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
00:47:29.0182 2944        mwlPSDVDisk - ok
00:47:29.0238 2944        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
00:47:29.0320 2944        napagent - ok
00:47:29.0382 2944        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:47:29.0427 2944        NativeWifiP - ok
00:47:29.0528 2944        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
00:47:29.0574 2944        NDIS - ok
00:47:29.0599 2944        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:47:29.0664 2944        NdisCap - ok
00:47:29.0701 2944        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:47:29.0769 2944        NdisTapi - ok
00:47:29.0830 2944        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
00:47:29.0918 2944        Ndisuio - ok
00:47:29.0964 2944        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
00:47:30.0043 2944        NdisWan - ok
00:47:30.0073 2944        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
00:47:30.0140 2944        NDProxy - ok
00:47:30.0189 2944        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:47:30.0251 2944        NetBIOS - ok
00:47:30.0305 2944        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
00:47:30.0400 2944        NetBT - ok
00:47:30.0454 2944        Netlogon        (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
00:47:30.0480 2944        Netlogon - ok
00:47:30.0553 2944        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
00:47:30.0643 2944        Netman - ok
00:47:30.0690 2944        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
00:47:30.0779 2944        netprofm - ok
00:47:30.0860 2944        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:47:30.0897 2944        NetTcpPortSharing - ok
00:47:30.0921 2944        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
00:47:30.0932 2944        nfrd960 - ok
00:47:31.0005 2944        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
00:47:31.0091 2944        NlaSvc - ok
00:47:31.0109 2944        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:47:31.0154 2944        Npfs - ok
00:47:31.0175 2944        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
00:47:31.0220 2944        nsi - ok
00:47:31.0231 2944        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:47:31.0296 2944        nsiproxy - ok
00:47:31.0420 2944        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
00:47:31.0475 2944        Ntfs - ok
00:47:31.0590 2944        NTI IScheduleSvc (14e66f603fb187713aeb02ad3b0390cf) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
00:47:31.0606 2944        NTI IScheduleSvc - ok
00:47:31.0756 2944        NTIDrvr        (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
00:47:31.0770 2944        NTIDrvr - ok
00:47:31.0802 2944        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:47:31.0870 2944        Null - ok
00:47:31.0927 2944        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
00:47:31.0940 2944        nvraid - ok
00:47:31.0966 2944        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
00:47:31.0981 2944        nvstor - ok
00:47:32.0042 2944        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
00:47:32.0065 2944        nv_agp - ok
00:47:32.0084 2944        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
00:47:32.0116 2944        ohci1394 - ok
00:47:32.0168 2944        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:47:32.0227 2944        p2pimsvc - ok
00:47:32.0260 2944        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
00:47:32.0283 2944        p2psvc - ok
00:47:32.0364 2944        PAC207          (3a6dceb1848470320e4a3c12d7a35b1c) C:\Windows\system32\DRIVERS\PFC027.SYS
00:47:32.0421 2944        PAC207 - ok
00:47:32.0448 2944        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
00:47:32.0466 2944        Parport - ok
00:47:32.0499 2944        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
00:47:32.0513 2944        partmgr - ok
00:47:32.0548 2944        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
00:47:32.0595 2944        PcaSvc - ok
00:47:32.0632 2944        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
00:47:32.0662 2944        pci - ok
00:47:32.0701 2944        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
00:47:32.0722 2944        pciide - ok
00:47:32.0759 2944        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
00:47:32.0776 2944        pcmcia - ok
00:47:32.0795 2944        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:47:32.0806 2944        pcw - ok
00:47:32.0856 2944        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:47:32.0938 2944        PEAUTH - ok
00:47:33.0026 2944        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
00:47:33.0062 2944        PerfHost - ok
00:47:33.0240 2944        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
00:47:33.0327 2944        pla - ok
00:47:33.0407 2944        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
00:47:33.0457 2944        PlugPlay - ok
00:47:33.0500 2944        PnkBstrA - ok
00:47:33.0539 2944        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
00:47:33.0572 2944        PNRPAutoReg - ok
00:47:33.0612 2944        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:47:33.0640 2944        PNRPsvc - ok
00:47:33.0697 2944        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
00:47:33.0767 2944        PolicyAgent - ok
00:47:33.0801 2944        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
00:47:33.0866 2944        Power - ok
00:47:33.0951 2944        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
00:47:34.0028 2944        PptpMiniport - ok
00:47:34.0056 2944        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
00:47:34.0070 2944        Processor - ok
00:47:34.0108 2944        ProfSvc        (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
00:47:34.0191 2944        ProfSvc - ok
00:47:34.0233 2944        ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
00:47:34.0249 2944        ProtectedStorage - ok
00:47:34.0296 2944        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
00:47:34.0363 2944        Psched - ok
00:47:34.0492 2944        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
00:47:34.0545 2944        ql2300 - ok
00:47:34.0677 2944        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
00:47:34.0698 2944        ql40xx - ok
00:47:34.0739 2944        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
00:47:34.0787 2944        QWAVE - ok
00:47:34.0810 2944        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:47:34.0853 2944        QWAVEdrv - ok
00:47:34.0874 2944        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
00:47:34.0936 2944        RasAcd - ok
00:47:34.0990 2944        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:47:35.0068 2944        RasAgileVpn - ok
00:47:35.0094 2944        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
00:47:35.0141 2944        RasAuto - ok
00:47:35.0181 2944        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:47:35.0264 2944        Rasl2tp - ok
00:47:35.0324 2944        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
00:47:35.0401 2944        RasMan - ok
00:47:35.0457 2944        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
00:47:35.0525 2944        RasPppoe - ok
00:47:35.0550 2944        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
00:47:35.0622 2944        RasSstp - ok
00:47:35.0660 2944        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
00:47:35.0723 2944        rdbss - ok
00:47:35.0747 2944        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
00:47:35.0776 2944        rdpbus - ok
00:47:35.0815 2944        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:47:35.0893 2944        RDPCDD - ok
00:47:35.0899 2944        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
00:47:35.0943 2944        RDPENCDD - ok
00:47:35.0948 2944        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
00:47:35.0991 2944        RDPREFMP - ok
00:47:36.0026 2944        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
00:47:36.0093 2944        RDPWD - ok
00:47:36.0131 2944        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
00:47:36.0145 2944        rdyboost - ok
00:47:36.0209 2944        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
00:47:36.0291 2944        RemoteAccess - ok
00:47:36.0327 2944        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
00:47:36.0406 2944        RemoteRegistry - ok
00:47:36.0428 2944        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
00:47:36.0495 2944        RpcEptMapper - ok
00:47:36.0510 2944        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
00:47:36.0526 2944        RpcLocator - ok
00:47:36.0581 2944        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:47:36.0653 2944        RpcSs - ok
00:47:36.0714 2944        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
00:47:36.0797 2944        rspndr - ok
00:47:36.0908 2944        RS_Service      (b5a4b7d779cf4070df408de18bd33b02) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
00:47:36.0942 2944        RS_Service ( UnsignedFile.Multi.Generic ) - warning
00:47:36.0942 2944        RS_Service - detected UnsignedFile.Multi.Generic (1)
00:47:37.0016 2944        RTHDMIAzAudService (c20f64fcd5e2b40310a1774495877acd) C:\Windows\system32\drivers\RtHDMIVX.sys
00:47:37.0040 2944        RTHDMIAzAudService - ok
00:47:37.0067 2944        SamSs          (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
00:47:37.0084 2944        SamSs - ok
00:47:37.0120 2944        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
00:47:37.0134 2944        sbp2port - ok
00:47:37.0167 2944        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
00:47:37.0219 2944        SCardSvr - ok
00:47:37.0251 2944        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
00:47:37.0323 2944        scfilter - ok
00:47:37.0404 2944        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
00:47:37.0502 2944        Schedule - ok
00:47:37.0537 2944        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:47:37.0579 2944        SCPolicySvc - ok
00:47:37.0621 2944        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
00:47:37.0689 2944        SDRSVC - ok
00:47:37.0780 2944        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
00:47:37.0846 2944        secdrv - ok
00:47:37.0877 2944        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
00:47:37.0934 2944        seclogon - ok
00:47:37.0995 2944        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
00:47:38.0077 2944        SENS - ok
00:47:38.0113 2944        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
00:47:38.0173 2944        SensrSvc - ok
00:47:38.0239 2944        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
00:47:38.0266 2944        Serenum - ok
00:47:38.0285 2944        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
00:47:38.0304 2944        Serial - ok
00:47:38.0359 2944        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
00:47:38.0400 2944        sermouse - ok
00:47:38.0449 2944        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
00:47:38.0499 2944        SessionEnv - ok
00:47:38.0526 2944        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
00:47:38.0576 2944        sffdisk - ok
00:47:38.0598 2944        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
00:47:38.0638 2944        sffp_mmc - ok
00:47:38.0661 2944        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
00:47:38.0696 2944        sffp_sd - ok
00:47:38.0744 2944        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
00:47:38.0772 2944        sfloppy - ok
00:47:38.0820 2944        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
00:47:38.0893 2944        SharedAccess - ok
00:47:38.0968 2944        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
00:47:39.0046 2944        ShellHWDetection - ok
00:47:39.0071 2944        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:47:39.0082 2944        SiSRaid2 - ok
00:47:39.0108 2944        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
00:47:39.0120 2944        SiSRaid4 - ok
00:47:39.0241 2944        SkypeUpdate    (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
00:47:39.0262 2944        SkypeUpdate - ok
00:47:39.0281 2944        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
00:47:39.0364 2944        Smb - ok
00:47:39.0412 2944        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
00:47:39.0447 2944        SNMPTRAP - ok
00:47:39.0478 2944        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
00:47:39.0489 2944        spldr - ok
00:47:39.0564 2944        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
00:47:39.0626 2944        Spooler - ok
00:47:39.0860 2944        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
00:47:39.0980 2944        sppsvc - ok
00:47:40.0075 2944        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
00:47:40.0153 2944        sppuinotify - ok
00:47:40.0232 2944        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
00:47:40.0281 2944        srv - ok
00:47:40.0324 2944        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
00:47:40.0361 2944        srv2 - ok
00:47:40.0387 2944        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
00:47:40.0418 2944        srvnet - ok
00:47:40.0470 2944        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
00:47:40.0551 2944        SSDPSRV - ok
00:47:40.0570 2944        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
00:47:40.0618 2944        SstpSvc - ok
00:47:40.0729 2944        Steam Client Service - ok
00:47:40.0755 2944        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
00:47:40.0775 2944        stexstor - ok
00:47:40.0874 2944        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
00:47:40.0934 2944        stisvc - ok
00:47:40.0970 2944        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
00:47:40.0991 2944        swenum - ok
00:47:41.0038 2944        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
00:47:41.0108 2944        swprv - ok
00:47:41.0181 2944        SynTP          (ed6d1424e5b0c21a57b28dd8508d6843) C:\Windows\system32\DRIVERS\SynTP.sys
00:47:41.0205 2944        SynTP - ok
00:47:41.0338 2944        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
00:47:41.0410 2944        SysMain - ok
00:47:41.0535 2944        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
00:47:41.0576 2944        TabletInputService - ok
00:47:41.0617 2944        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
00:47:41.0690 2944        TapiSrv - ok
00:47:41.0723 2944        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
00:47:41.0791 2944        TBS - ok
00:47:41.0954 2944        Tcpip          (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
00:47:42.0012 2944        Tcpip - ok
00:47:42.0280 2944        TCPIP6          (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
00:47:42.0331 2944        TCPIP6 - ok
00:47:42.0450 2944        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
00:47:42.0519 2944        tcpipreg - ok
00:47:42.0549 2944        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
00:47:42.0604 2944        TDPIPE - ok
00:47:42.0625 2944        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
00:47:42.0668 2944        TDTCP - ok
00:47:42.0705 2944        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
00:47:42.0763 2944        tdx - ok
00:47:42.0823 2944        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
00:47:42.0845 2944        TermDD - ok
00:47:42.0904 2944        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
00:47:42.0979 2944        TermService - ok
00:47:42.0997 2944        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
00:47:43.0035 2944        Themes - ok
00:47:43.0066 2944        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:47:43.0114 2944        THREADORDER - ok
00:47:43.0126 2944        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
00:47:43.0186 2944        TrkWks - ok
00:47:43.0260 2944        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
00:47:43.0335 2944        TrustedInstaller - ok
00:47:43.0372 2944        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:47:43.0447 2944        tssecsrv - ok
00:47:43.0512 2944        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
00:47:43.0575 2944        TsUsbFlt - ok
00:47:43.0643 2944        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
00:47:43.0727 2944        tunnel - ok
00:47:43.0755 2944        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
00:47:43.0766 2944        uagp35 - ok
00:47:43.0819 2944        UBHelper        (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
00:47:43.0832 2944        UBHelper - ok
00:47:43.0889 2944        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
00:47:43.0963 2944        udfs - ok
00:47:44.0000 2944        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
00:47:44.0017 2944        UI0Detect - ok
00:47:44.0080 2944        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
00:47:44.0102 2944        uliagpkx - ok
00:47:44.0148 2944        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
00:47:44.0190 2944        umbus - ok
00:47:44.0237 2944        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
00:47:44.0274 2944        UmPass - ok
00:47:44.0486 2944        UNS            (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
00:47:44.0552 2944        UNS - ok
00:47:44.0660 2944        Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
00:47:44.0681 2944        Updater Service - ok
00:47:44.0794 2944        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
00:47:44.0864 2944        upnphost - ok
00:47:44.0937 2944        usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
00:47:44.0968 2944        usbaudio - ok
00:47:45.0028 2944        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
00:47:45.0063 2944        usbccgp - ok
00:47:45.0097 2944        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
00:47:45.0141 2944        usbcir - ok
00:47:45.0161 2944        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
00:47:45.0191 2944        usbehci - ok
00:47:45.0277 2944        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
00:47:45.0331 2944        usbhub - ok
00:47:45.0356 2944        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
00:47:45.0389 2944        usbohci - ok
00:47:45.0437 2944        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
00:47:45.0477 2944        usbprint - ok
00:47:45.0499 2944        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
00:47:45.0518 2944        usbscan - ok
00:47:45.0559 2944        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:47:45.0619 2944        USBSTOR - ok
00:47:45.0672 2944        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
00:47:45.0713 2944        usbuhci - ok
00:47:45.0776 2944        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
00:47:45.0808 2944        usbvideo - ok
00:47:45.0837 2944        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
00:47:45.0907 2944        UxSms - ok
00:47:45.0945 2944        VaultSvc        (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
00:47:45.0962 2944        VaultSvc - ok
00:47:46.0013 2944        VClone          (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
00:47:46.0057 2944        VClone - ok
00:47:46.0111 2944        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
00:47:46.0131 2944        vdrvroot - ok
00:47:46.0197 2944        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
00:47:46.0259 2944        vds - ok
00:47:46.0279 2944        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
00:47:46.0297 2944        vga - ok
00:47:46.0300 2944        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
00:47:46.0363 2944        VgaSave - ok
00:47:46.0391 2944        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
00:47:46.0406 2944        vhdmp - ok
00:47:46.0451 2944        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
00:47:46.0462 2944        viaide - ok
00:47:46.0479 2944        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
00:47:46.0492 2944        volmgr - ok
00:47:46.0545 2944        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
00:47:46.0569 2944        volmgrx - ok
00:47:46.0609 2944        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
00:47:46.0627 2944        volsnap - ok
00:47:46.0655 2944        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
00:47:46.0668 2944        vsmraid - ok
00:47:46.0790 2944        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
00:47:46.0883 2944        VSS - ok
00:47:47.0017 2944        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
00:47:47.0056 2944        vwifibus - ok
00:47:47.0074 2944        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
00:47:47.0096 2944        vwififlt - ok
00:47:47.0135 2944        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
00:47:47.0189 2944        W32Time - ok
00:47:47.0205 2944        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
00:47:47.0232 2944        WacomPen - ok
00:47:47.0258 2944        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:47:47.0323 2944        WANARP - ok
00:47:47.0343 2944        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:47:47.0388 2944        Wanarpv6 - ok
00:47:47.0500 2944        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
00:47:47.0563 2944        wbengine - ok
00:47:47.0682 2944        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
00:47:47.0724 2944        WbioSrvc - ok
00:47:47.0772 2944        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
00:47:47.0824 2944        wcncsvc - ok
00:47:47.0845 2944        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
00:47:47.0881 2944        WcsPlugInService - ok
00:47:47.0926 2944        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
00:47:47.0940 2944        Wd - ok
00:47:47.0992 2944        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
00:47:48.0026 2944        Wdf01000 - ok
00:47:48.0039 2944        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:47:48.0160 2944        WdiServiceHost - ok
00:47:48.0164 2944        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:47:48.0190 2944        WdiSystemHost - ok
00:47:48.0230 2944        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
00:47:48.0270 2944        WebClient - ok
00:47:48.0316 2944        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
00:47:48.0394 2944        Wecsvc - ok
00:47:48.0421 2944        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
00:47:48.0466 2944        wercplsupport - ok
00:47:48.0508 2944        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
00:47:48.0596 2944        WerSvc - ok
00:47:48.0652 2944        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
00:47:48.0700 2944        WfpLwf - ok
00:47:48.0718 2944        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
00:47:48.0730 2944        WIMMount - ok
00:47:48.0749 2944        WinDefend - ok
00:47:48.0755 2944        WinHttpAutoProxySvc - ok
00:47:48.0823 2944        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
00:47:48.0912 2944        Winmgmt - ok
00:47:49.0010 2944        WinRing0_1_2_0  (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
00:47:49.0031 2944        WinRing0_1_2_0 - ok
00:47:49.0176 2944        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
00:47:49.0261 2944        WinRM - ok
00:47:49.0453 2944        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
00:47:49.0514 2944        Wlansvc - ok
00:47:49.0748 2944        wlidsvc        (e23a257a54fa12c2aef8ad51e6556357) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:47:49.0816 2944        wlidsvc - ok
00:47:49.0965 2944        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
00:47:50.0006 2944        WmiAcpi - ok
00:47:50.0073 2944        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
00:47:50.0114 2944        wmiApSrv - ok
00:47:50.0154 2944        WMPNetworkSvc - ok
00:47:50.0213 2944        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
00:47:50.0247 2944        WPCSvc - ok
00:47:50.0280 2944        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
00:47:50.0301 2944        WPDBusEnum - ok
00:47:50.0329 2944        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
00:47:50.0378 2944        ws2ifsl - ok
00:47:50.0394 2944        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
00:47:50.0430 2944        wscsvc - ok
00:47:50.0433 2944        WSearch - ok
00:47:50.0595 2944        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
00:47:50.0697 2944        wuauserv - ok
00:47:50.0820 2944        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
00:47:50.0897 2944        WudfPf - ok
00:47:50.0977 2944        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:47:51.0062 2944        WUDFRd - ok
00:47:51.0107 2944        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
00:47:51.0153 2944        wudfsvc - ok
00:47:51.0177 2944        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
00:47:51.0213 2944        WwanSvc - ok
00:47:51.0351 2944        X6va002 - ok
00:47:51.0404 2944        X6va003 - ok
00:47:51.0516 2944        ZAtheros Wlan Agent (1ca8ac00abde45a4fe360aea515f844b) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
00:47:51.0524 2944        ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - warning
00:47:51.0525 2944        ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic (1)
00:47:51.0549 2944        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
00:47:51.0867 2944        \Device\Harddisk0\DR0 - ok
00:47:51.0872 2944        Boot (0x1200)  (851861819a0282d2d600ac8029e9b3e7) \Device\Harddisk0\DR0\Partition0
00:47:51.0874 2944        \Device\Harddisk0\DR0\Partition0 - ok
00:47:51.0907 2944        Boot (0x1200)  (f21262666ef44e626d25f4df17c0488a) \Device\Harddisk0\DR0\Partition1
00:47:51.0909 2944        \Device\Harddisk0\DR0\Partition1 - ok
00:47:51.0909 2944        ============================================================
00:47:51.0909 2944        Scan finished
00:47:51.0909 2944        ============================================================
00:47:51.0924 0984        Detected object count: 2
00:47:51.0924 0984        Actual detected object count: 2
00:48:08.0997 0984        RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
00:48:08.0997 0984        RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:48:08.0997 0984        ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - skipped by user
00:48:08.0997 0984        ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip

Chris4You 25.06.2012 06:52
Hi,

bitte neuen ComboFix runterladen (wird immer wieder neu zusammengestellt), aber noch nicht ausführen.

Dann offline gehen...

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"
http://oldtimer.geekstogo.com/OTL/OTL_Main_Tutorial.gif
Code:

:OTL
[2011.04.09 03:13:52 | 000,002,048 | -HS- | C] () -- C:\Users\Benni\AppData\Local\{1a010c53-5aa6-5c59-2759-42e47dea94f8}\@
[2010.10.13 22:55:09 | 000,000,000 | -HSD | M] -- C:\Users\Benni\AppData\Roaming\.#
 
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2:64bit: - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.

:Commands
[emptytemp]
[Reboot]
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

Dann in den abgesicherten Modus booten (F8 beim Booten drücken), ComboFix wie bereits gepostet laufen lassen, Log posten...

chris

H4rdDiskDriv 25.06.2012 10:23
Also OTL will nicht o.O
Administrator, Neu Downloaden, Kompalibitätsmodus funktioniert alles nicht.
Und CF meinte das Avira an ist aber ich hab nachgeschaut war eigentlich nicht an(im taskmanager).

Code:
All processes killed
========== OTL ==========
C:\Users\Benni\AppData\Local\{1a010c53-5aa6-5c59-2759-42e47dea94f8}\@ moved successfully.
C:\Users\Benni\AppData\Roaming\.# folder moved successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:05EE1EEF deleted successfully.
ADS C:\ProgramData\Temp:444C53BA deleted successfully.
ADS C:\ProgramData\Temp:0B9176C0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Benni
->Temp folder emptied: 70320 bytes
->Temporary Internet Files folder emptied: 3394686 bytes
->Java cache emptied: 20102165 bytes
->FireFox cache emptied: 90252857 bytes
->Flash cache emptied: 42066 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 401408 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 840 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50300 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 109,00 mb
 
 
OTL by OldTimer - Version 3.2.52.0 log created on 06252012_100716

Files\Folders moved on Reboot...
C:\Users\Benni\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
Code:
ComboFix 12-06-25.01 - Benni 25.06.2012  10:33:03.1.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3956.2806 [GMT 2:00]
ausgeführt von:: c:\users\Benni\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\windows\IsUn0407.exe
c:\windows\system32\drivers\etc\hosts.ics
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-05-25 bis 2012-06-25  ))))))))))))))))))))))))))))))
.
.
2012-06-25 08:41 . 2012-06-25 08:41        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-06-25 08:07 . 2012-06-25 08:07        --------        dc----w-        C:\_OTL
2012-06-22 22:46 . 2012-06-22 22:46        --------        dc----w-        C:\TDSS
2012-06-22 15:17 . 2012-06-22 15:17        --------        d-----w-        c:\users\Benni\AppData\Roaming\Malwarebytes
2012-06-22 15:16 . 2012-06-22 15:16        --------        d-----w-        c:\programdata\Malwarebytes
2012-06-22 15:16 . 2012-06-23 08:03        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-21 17:53 . 2012-06-23 08:03        --------        dc----w-        C:\Games
2012-06-21 10:03 . 2012-06-21 10:11        --------        d-----w-        c:\users\Benni\AppData\Roaming\pdfforge
2012-06-21 10:03 . 2012-06-15 04:51        95232        ----a-w-        c:\windows\system32\pdfcmon.dll
2012-06-21 10:03 . 2005-04-15 18:58        1071088        ----a-w-        c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-21 10:03 . 2004-03-08 23:00        662288        ----a-w-        c:\windows\SysWow64\MSCOMCT2.OCX
2012-06-21 10:03 . 1998-06-23 23:00        137000        ----a-w-        c:\windows\SysWow64\MSMAPI32.OCX
2012-06-21 10:03 . 2012-06-21 10:03        --------        d-----w-        c:\program files (x86)\PDFCreator
2012-06-21 10:03 . 1998-07-06 16:56        125712        ----a-w-        c:\windows\SysWow64\VB6DE.DLL
2012-06-21 10:03 . 1998-07-06 16:55        158208        ----a-w-        c:\windows\SysWow64\MSCMCDE.DLL
2012-06-21 10:03 . 1998-07-06 16:55        64512        ----a-w-        c:\windows\SysWow64\MSCC2DE.DLL
2012-06-21 10:03 . 1998-07-05 23:00        23552        ----a-w-        c:\windows\SysWow64\MSMPIDE.DLL
2012-06-11 22:17 . 2011-05-30 13:42        255488        ----a-w-        c:\windows\system32\xvidvfw.dll
2012-06-11 22:17 . 2011-05-23 07:49        173568        ----a-w-        c:\windows\system32\xvid.ax
2012-06-11 22:17 . 2011-05-23 07:45        696832        ----a-w-        c:\windows\system32\xvidcore.dll
2012-06-11 22:17 . 2011-05-30 13:42        240640        ----a-w-        c:\windows\SysWow64\xvidvfw.dll
2012-06-11 22:17 . 2011-05-23 09:52        153088        ----a-w-        c:\windows\SysWow64\xvid.ax
2012-06-11 22:17 . 2011-05-23 07:46        645632        ----a-w-        c:\windows\SysWow64\xvidcore.dll
2012-06-11 11:46 . 2012-06-11 11:46        --------        d-----w-        c:\users\Benni\AppData\Local\Macromedia
2012-06-08 17:52 . 2012-05-08 17:02        8955792        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CF7CD86-7F5D-478B-806F-3BB74D1C682B}\mpengine.dll
2012-06-07 14:25 . 2012-06-07 14:25        770384        ----a-w-        c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-07 14:25 . 2012-06-07 14:25        421200        ----a-w-        c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-06 15:43 . 2012-06-06 15:43        --------        d-----w-        c:\programdata\Battle.net
2012-06-02 17:37 . 2009-12-05 17:42        85504        ----a-w-        c:\windows\SysWow64\ff_vfw.dll
2012-06-02 17:37 . 2012-06-02 17:37        --------        d-----w-        c:\program files (x86)\ffdshow
2012-05-27 12:47 . 2012-05-27 12:47        --------        d-----w-        c:\users\Benni\AppData\Roaming\LolClient2
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-25 08:23 . 2010-08-19 16:46        131072        ----a-w-        c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2012-06-11 11:45 . 2012-04-02 19:00        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-11 11:45 . 2011-06-08 16:49        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-04 11:59 . 2012-03-08 14:05        98848        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2012-06-04 11:59 . 2012-03-08 14:05        132832        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-05-23 23:29 . 2012-05-23 23:29        955848        ----a-w-        c:\windows\system32\npDeployJava1.dll
2012-05-23 23:29 . 2012-01-14 08:28        839112        ----a-w-        c:\windows\system32\deployJava1.dll
2012-05-04 21:48 . 2012-04-02 19:48        8744608        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-06 20:34 . 2012-04-06 20:34        275360        ----a-w-        c:\windows\system32\DreamScene.dll
2012-04-04 16:47 . 2012-05-21 14:24        772504        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll
2012-04-04 16:47 . 2011-08-27 16:15        687504        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2012-04-01 21:40 . 2012-04-01 21:40        2300696        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-04-01 21:39 . 2012-04-01 21:39        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\MOUSE Editor\MouseEditor.exe" [2010-12-23 3344384]
"ccleaner"="c:\program files (x86)\CCleaner\CCleaner64.exe" [2012-05-23 5208928]
"Xvid"="c:\program files (x86)\XviD\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1100368]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-06-04 348624]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.exe - Verknüpfung.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - c:\program files (x86)\DSL-Manager\DslMgr.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-06-04 86224]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 136176]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
R2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
R2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2011-10-21 73728]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 cpuz130;cpuz130;c:\users\Benni\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\EVEREST Ultimate Edition\kerneld.amd64 [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
R3 X6va002;X6va002;c:\users\Benni\AppData\Local\Temp\002B700.tmp [x]
R3 X6va003;X6va003;c:\users\Benni\AppData\Local\Temp\003B156.tmp [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 17:38]
.
2012-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 17:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-07-22 323072]
"PLFSetI"="c:\windows\PLFSetI.exe" [2009-12-28 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://isearch.avg.com/?cid={FB1FD20E-1ECB-4FD8-A1AE-1A3F96887A29}&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&lang=de&ds=od011&pr=sa&d=2012-03-22 15:23&v=10.2.0.3&sap=hp
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\e9koplpd.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/|hxxp://ts6.travian.de/dorf1.php
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B3789daa5-d450-42db-ab92-525375a232f9%7D&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&ds=od011&v=10.2.0.3&lang=de&pr=sa&d=2012-03-22%2015%3A23%3A38&sap=ku&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
ShellIconOverlayIdentifiers-{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{43B74FAB-FB58-447D-8D3A-5F638AF36FD1} - c:\programdata\{9F3E013D-5CC0-40CE-82C2-47A599C1BC72}\Netzmanager1.041b_091125a.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\EVEREST Ultimate Edition\kerneld.amd64"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va002]
"ImagePath"="\??\c:\users\Benni\AppData\Local\Temp\002B700.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\Benni\AppData\Local\Temp\003B156.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-598987727-3280365519-1545562274-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:ba,cc,d6,33,5d,6d,c2,9b,20,2e,2f,32,9a,52,cd,eb,5f,58,35,46,99,a2,32,
  7a,bc,ca,ef,66,6e,7e,8c,77,82,5f,4f,f0,a3,a6,70,2e,c9,33,69,ec,49,4c,ea,c5,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-598987727-3280365519-1545562274-1001\Software\SecuROM\License information*]
"datasecu"=hex:11,86,7a,b0,b7,81,06,bc,e8,7a,ef,aa,47,ec,f7,ec,87,4c,be,de,8c,
  d6,90,59,e4,94,07,f4,3a,82,ae,20,90,7e,29,75,82,d0,f8,2e,8f,e2,2d,82,59,75,\
"rkeysecu"=hex:5e,77,cf,8f,e9,3c,8e,63,76,b9,f2,ef,ec,45,bd,78
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-06-25  10:46:51 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-06-25 08:46
.
Vor Suchlauf: 16 Verzeichnis(se), 349.707.870.208 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 349.594.447.872 Bytes frei
.
- - End Of File - - 9FF178EE0492932EBBAB298AEFFE88A9

Chris4You 25.06.2012 10:54
Hi,

ok, lade dir den neuen CF auf einem anderen Rechner runter und kopiere ihn dann per USB auf den verseuchten Rechner (Desktop)...


ComboFix-Script
Die nachfolgenden Zeilen (ohne Zitat!) abkopieren und in den Windows-Editor(start->Programme->zubehör->edior)
kopieren und auf dem Desktop unter dem Namen "CFScript.txt" speichern (ohne Anführungszeichen!).
Code:

File::
c:\users\Benni\AppData\Local\Temp\002B700.tmp
c:\users\Benni\AppData\Local\Temp\003B156.tmp
c:\users\Benni\AppData\Local\Temp\cpuz130\cpuz_x64.sys

Driver::
cpuz_x64
X6va002
X6va003
Danach die CFScript.txt mit der Mause anklicken und gedrückt halten und über dem ComboFix-Symbol fallen lassen
(Maustaste loslassen, nennt man "Drag-and-Drop";o).
Jetzt sollte combofix starten und das script ausführen, poste das combofix-Log!

Geht der Browser, kannst Du surfen...
Ist der Admin-Account gesperrt oder hängt er sich beim Laden auf?

Fix-It von MS: Microsoft Fix it Center Online
Damit können verschiedene Fehler bereinigt werden...

Insgesamt sieht das nach einer beschädigten Registry aus...

chris

chris

H4rdDiskDriv 25.06.2012 15:18
Ist eigentlich alles Normal bis das er etwas langsam ist.
Ich habe eigentlich keine Probleme beim starten.
Ahw, mir fällt grad auf das Avira garkeine Meldungen mehr macht.

CF Log kommt gleich.
Code:
ComboFix 12-06-25.03 - Benni 25.06.2012  16:28:23.2.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3956.2429 [GMT 2:00]
ausgeführt von:: c:\users\Benni\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Benni\Desktop\CFScript.txt.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-05-25 bis 2012-06-25  ))))))))))))))))))))))))))))))
.
.
2012-06-25 14:37 . 2012-06-25 14:37        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-06-25 08:07 . 2012-06-25 08:07        --------        dc----w-        C:\_OTL
2012-06-22 22:46 . 2012-06-22 22:46        --------        dc----w-        C:\TDSS
2012-06-22 15:17 . 2012-06-22 15:17        --------        d-----w-        c:\users\Benni\AppData\Roaming\Malwarebytes
2012-06-22 15:16 . 2012-06-22 15:16        --------        d-----w-        c:\programdata\Malwarebytes
2012-06-22 15:16 . 2012-06-23 08:03        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-21 17:53 . 2012-06-23 08:03        --------        dc----w-        C:\Games
2012-06-21 10:03 . 2012-06-21 10:11        --------        d-----w-        c:\users\Benni\AppData\Roaming\pdfforge
2012-06-21 10:03 . 2012-06-15 04:51        95232        ----a-w-        c:\windows\system32\pdfcmon.dll
2012-06-21 10:03 . 2005-04-15 18:58        1071088        ----a-w-        c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-21 10:03 . 2004-03-08 23:00        662288        ----a-w-        c:\windows\SysWow64\MSCOMCT2.OCX
2012-06-21 10:03 . 1998-06-23 23:00        137000        ----a-w-        c:\windows\SysWow64\MSMAPI32.OCX
2012-06-21 10:03 . 2012-06-21 10:03        --------        d-----w-        c:\program files (x86)\PDFCreator
2012-06-21 10:03 . 1998-07-06 16:56        125712        ----a-w-        c:\windows\SysWow64\VB6DE.DLL
2012-06-21 10:03 . 1998-07-06 16:55        158208        ----a-w-        c:\windows\SysWow64\MSCMCDE.DLL
2012-06-21 10:03 . 1998-07-06 16:55        64512        ----a-w-        c:\windows\SysWow64\MSCC2DE.DLL
2012-06-21 10:03 . 1998-07-05 23:00        23552        ----a-w-        c:\windows\SysWow64\MSMPIDE.DLL
2012-06-11 22:17 . 2011-05-30 13:42        255488        ----a-w-        c:\windows\system32\xvidvfw.dll
2012-06-11 22:17 . 2011-05-23 07:49        173568        ----a-w-        c:\windows\system32\xvid.ax
2012-06-11 22:17 . 2011-05-23 07:45        696832        ----a-w-        c:\windows\system32\xvidcore.dll
2012-06-11 22:17 . 2011-05-30 13:42        240640        ----a-w-        c:\windows\SysWow64\xvidvfw.dll
2012-06-11 22:17 . 2011-05-23 09:52        153088        ----a-w-        c:\windows\SysWow64\xvid.ax
2012-06-11 22:17 . 2011-05-23 07:46        645632        ----a-w-        c:\windows\SysWow64\xvidcore.dll
2012-06-11 11:46 . 2012-06-11 11:46        --------        d-----w-        c:\users\Benni\AppData\Local\Macromedia
2012-06-08 17:52 . 2012-05-08 17:02        8955792        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CF7CD86-7F5D-478B-806F-3BB74D1C682B}\mpengine.dll
2012-06-07 14:25 . 2012-06-07 14:25        770384        ----a-w-        c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-07 14:25 . 2012-06-07 14:25        421200        ----a-w-        c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-06 15:43 . 2012-06-06 15:43        --------        d-----w-        c:\programdata\Battle.net
2012-06-02 17:37 . 2009-12-05 17:42        85504        ----a-w-        c:\windows\SysWow64\ff_vfw.dll
2012-06-02 17:37 . 2012-06-02 17:37        --------        d-----w-        c:\program files (x86)\ffdshow
2012-05-27 12:47 . 2012-05-27 12:47        --------        d-----w-        c:\users\Benni\AppData\Roaming\LolClient2
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-25 14:39 . 2010-08-19 16:46        4194304        ----a-w-        c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2012-06-11 11:45 . 2012-04-02 19:00        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-11 11:45 . 2011-06-08 16:49        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-04 11:59 . 2012-03-08 14:05        98848        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2012-06-04 11:59 . 2012-03-08 14:05        132832        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-05-23 23:29 . 2012-05-23 23:29        955848        ----a-w-        c:\windows\system32\npDeployJava1.dll
2012-05-23 23:29 . 2012-01-14 08:28        839112        ----a-w-        c:\windows\system32\deployJava1.dll
2012-05-04 21:48 . 2012-04-02 19:48        8744608        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-06 20:34 . 2012-04-06 20:34        275360        ----a-w-        c:\windows\system32\DreamScene.dll
2012-04-04 16:47 . 2012-05-21 14:24        772504        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll
2012-04-04 16:47 . 2011-08-27 16:15        687504        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2012-04-01 21:40 . 2012-04-01 21:40        2300696        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-04-01 21:39 . 2012-04-01 21:39        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
.
.
(((((((((((((((((((((((((((((  SnapShot@2012-06-25_08.41.58  )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-05 00:35 . 2012-06-25 09:05        91436              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-25 09:05        40404              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-18 11:44 . 2012-06-25 09:05        16306              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-598987727-3280365519-1545562274-1001_UserData.bin
- 2010-01-18 11:44 . 2012-06-25 08:18        16306              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-598987727-3280365519-1545562274-1001_UserData.bin
+ 2012-06-25 14:38 . 2012-06-25 14:38        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-25 08:41 . 2012-06-25 08:41        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-25 08:41 . 2012-06-25 08:41        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-25 14:38 . 2012-06-25 14:38        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:36 . 2012-06-25 14:14        625010              c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-05 15:09        625010              c:\windows\system32\perfh009.dat
- 2009-12-28 12:26 . 2012-06-05 15:09        664868              c:\windows\system32\perfh007.dat
+ 2009-12-28 12:26 . 2012-06-25 14:14        664868              c:\windows\system32\perfh007.dat
+ 2009-07-14 02:36 . 2012-06-25 14:14        110648              c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-06-05 15:09        110648              c:\windows\system32\perfc009.dat
- 2009-12-28 12:26 . 2012-06-05 15:09        135004              c:\windows\system32\perfc007.dat
+ 2009-12-28 12:26 . 2012-06-25 14:14        135004              c:\windows\system32\perfc007.dat
+ 2012-06-10 03:20 . 2012-06-25 14:37        877808              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2012-06-10 03:20 . 2012-06-25 08:23        877808              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-06-25 08:23        351644              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-25 14:37        351644              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-04-29 20:41 . 2012-06-25 08:23        61858768              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-598987727-3280365519-1545562274-1001-12288.dat
+ 2010-04-29 20:41 . 2012-06-25 14:38        61858768              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-598987727-3280365519-1545562274-1001-12288.dat
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\MOUSE Editor\MouseEditor.exe" [2010-12-23 3344384]
"ccleaner"="c:\program files (x86)\CCleaner\CCleaner64.exe" [2012-05-23 5208928]
"Xvid"="c:\program files (x86)\XviD\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1100368]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-06-04 348624]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.exe - Verknüpfung.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - c:\program files (x86)\DSL-Manager\DslMgr.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 cpuz130;cpuz130;c:\users\Benni\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\EVEREST Ultimate Edition\kerneld.amd64 [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
R3 X6va002;X6va002;c:\users\Benni\AppData\Local\Temp\002B700.tmp [x]
R3 X6va003;X6va003;c:\users\Benni\AppData\Local\Temp\003B156.tmp [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-06-04 86224]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2011-10-21 73728]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 17:38]
.
2012-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 17:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-07-22 323072]
"PLFSetI"="c:\windows\PLFSetI.exe" [2009-12-28 200704]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://isearch.avg.com/?cid={FB1FD20E-1ECB-4FD8-A1AE-1A3F96887A29}&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&lang=de&ds=od011&pr=sa&d=2012-03-22 15:23&v=10.2.0.3&sap=hp
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\e9koplpd.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/|hxxp://ts6.travian.de/dorf1.php
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B3789daa5-d450-42db-ab92-525375a232f9%7D&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&ds=od011&v=10.2.0.3&lang=de&pr=sa&d=2012-03-22%2015%3A23%3A38&sap=ku&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\EVEREST Ultimate Edition\kerneld.amd64"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va002]
"ImagePath"="\??\c:\users\Benni\AppData\Local\Temp\002B700.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\Benni\AppData\Local\Temp\003B156.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-598987727-3280365519-1545562274-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:ba,cc,d6,33,5d,6d,c2,9b,20,2e,2f,32,9a,52,cd,eb,5f,58,35,46,99,a2,32,
  7a,bc,ca,ef,66,6e,7e,8c,77,82,5f,4f,f0,a3,a6,70,2e,c9,33,69,ec,49,4c,ea,c5,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-598987727-3280365519-1545562274-1001\Software\SecuROM\License information*]
"datasecu"=hex:11,86,7a,b0,b7,81,06,bc,e8,7a,ef,aa,47,ec,f7,ec,87,4c,be,de,8c,
  d6,90,59,e4,94,07,f4,3a,82,ae,20,90,7e,29,75,82,d0,f8,2e,8f,e2,2d,82,59,75,\
"rkeysecu"=hex:5e,77,cf,8f,e9,3c,8e,63,76,b9,f2,ef,ec,45,bd,78
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-25  16:52:26 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-06-25 14:52
ComboFix2.txt  2012-06-25 08:46
.
Vor Suchlauf: 18 Verzeichnis(se), 354.564.161.536 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 354.955.718.656 Bytes frei
.
- - End Of File - - 77BECB1C20D487EB509C9006693CC80F
Für was ist das "Fix it" jetzt?

Chris4You 25.06.2012 17:00
Hi,

das Script wurde nicht gestartet, die Treiber sind noch da...

Bitte nochmal probieren:
1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:

KILLALL::

File::
c:\users\Benni\AppData\Local\Temp\002B700.tmp
c:\users\Benni\AppData\Local\Temp\003B156.tmp
c:\users\Benni\AppData\Local\Temp\cpuz130\cpuz_x64.sys

Driver::
cpuz_x64
X6va002
X6va003
3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer!)

5. Dann ziehe die CFScript.txt auf die ComboFix.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.

http://virus-protect.org/artikel/bilder/cfscript.gif

6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

chris

H4rdDiskDriv 25.06.2012 21:04
Code:
ComboFix 12-06-25.03 - Benni 25.06.2012  21:41:22.3.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3956.2633 [GMT 2:00]
ausgeführt von:: c:\users\Benni\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Benni\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Benni\AppData\Local\Temp\002B700.tmp"
"c:\users\Benni\AppData\Local\Temp\003B156.tmp"
"c:\users\Benni\AppData\Local\Temp\cpuz130\cpuz_x64.sys"
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA002
-------\Legacy_X6VA003
-------\Service_X6va002
-------\Service_X6va003
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-05-25 bis 2012-06-25  ))))))))))))))))))))))))))))))
.
.
2012-06-25 08:07 . 2012-06-25 08:07        --------        dc----w-        C:\_OTL
2012-06-22 22:46 . 2012-06-22 22:46        --------        dc----w-        C:\TDSS
2012-06-22 15:17 . 2012-06-22 15:17        --------        d-----w-        c:\users\Benni\AppData\Roaming\Malwarebytes
2012-06-22 15:16 . 2012-06-22 15:16        --------        d-----w-        c:\programdata\Malwarebytes
2012-06-22 15:16 . 2012-06-23 08:03        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-21 17:53 . 2012-06-23 08:03        --------        dc----w-        C:\Games
2012-06-21 10:03 . 2012-06-21 10:11        --------        d-----w-        c:\users\Benni\AppData\Roaming\pdfforge
2012-06-21 10:03 . 2012-06-15 04:51        95232        ----a-w-        c:\windows\system32\pdfcmon.dll
2012-06-21 10:03 . 2005-04-15 18:58        1071088        ----a-w-        c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-21 10:03 . 2004-03-08 23:00        662288        ----a-w-        c:\windows\SysWow64\MSCOMCT2.OCX
2012-06-21 10:03 . 1998-06-23 23:00        137000        ----a-w-        c:\windows\SysWow64\MSMAPI32.OCX
2012-06-21 10:03 . 2012-06-21 10:03        --------        d-----w-        c:\program files (x86)\PDFCreator
2012-06-21 10:03 . 1998-07-06 16:56        125712        ----a-w-        c:\windows\SysWow64\VB6DE.DLL
2012-06-21 10:03 . 1998-07-06 16:55        158208        ----a-w-        c:\windows\SysWow64\MSCMCDE.DLL
2012-06-21 10:03 . 1998-07-06 16:55        64512        ----a-w-        c:\windows\SysWow64\MSCC2DE.DLL
2012-06-21 10:03 . 1998-07-05 23:00        23552        ----a-w-        c:\windows\SysWow64\MSMPIDE.DLL
2012-06-11 22:17 . 2011-05-30 13:42        255488        ----a-w-        c:\windows\system32\xvidvfw.dll
2012-06-11 22:17 . 2011-05-23 07:49        173568        ----a-w-        c:\windows\system32\xvid.ax
2012-06-11 22:17 . 2011-05-23 07:45        696832        ----a-w-        c:\windows\system32\xvidcore.dll
2012-06-11 22:17 . 2011-05-30 13:42        240640        ----a-w-        c:\windows\SysWow64\xvidvfw.dll
2012-06-11 22:17 . 2011-05-23 09:52        153088        ----a-w-        c:\windows\SysWow64\xvid.ax
2012-06-11 22:17 . 2011-05-23 07:46        645632        ----a-w-        c:\windows\SysWow64\xvidcore.dll
2012-06-11 11:46 . 2012-06-11 11:46        --------        d-----w-        c:\users\Benni\AppData\Local\Macromedia
2012-06-08 17:52 . 2012-05-08 17:02        8955792        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CF7CD86-7F5D-478B-806F-3BB74D1C682B}\mpengine.dll
2012-06-07 14:25 . 2012-06-07 14:25        770384        ----a-w-        c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-07 14:25 . 2012-06-07 14:25        421200        ----a-w-        c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-06 15:43 . 2012-06-06 15:43        --------        d-----w-        c:\programdata\Battle.net
2012-06-02 17:37 . 2009-12-05 17:42        85504        ----a-w-        c:\windows\SysWow64\ff_vfw.dll
2012-06-02 17:37 . 2012-06-02 17:37        --------        d-----w-        c:\program files (x86)\ffdshow
2012-05-27 12:47 . 2012-05-27 12:47        --------        d-----w-        c:\users\Benni\AppData\Roaming\LolClient2
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-25 19:50 . 2010-08-19 16:46        4194304        ----a-w-        c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2012-06-11 11:45 . 2012-04-02 19:00        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-11 11:45 . 2011-06-08 16:49        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-04 11:59 . 2012-03-08 14:05        98848        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2012-06-04 11:59 . 2012-03-08 14:05        132832        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-05-23 23:29 . 2012-05-23 23:29        955848        ----a-w-        c:\windows\system32\npDeployJava1.dll
2012-05-23 23:29 . 2012-01-14 08:28        839112        ----a-w-        c:\windows\system32\deployJava1.dll
2012-05-04 21:48 . 2012-04-02 19:48        8744608        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-06 20:34 . 2012-04-06 20:34        275360        ----a-w-        c:\windows\system32\DreamScene.dll
2012-04-04 16:47 . 2012-05-21 14:24        772504        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll
2012-04-04 16:47 . 2011-08-27 16:15        687504        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2012-04-01 21:40 . 2012-04-01 21:40        2300696        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-04-01 21:39 . 2012-04-01 21:39        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
.
.
(((((((((((((((((((((((((((((  SnapShot@2012-06-25_08.41.58  )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-05 00:35 . 2012-06-25 14:42        91680              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-25 14:42        40420              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-18 11:44 . 2012-06-25 14:42        16424              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-598987727-3280365519-1545562274-1001_UserData.bin
- 2012-06-25 08:41 . 2012-06-25 08:41        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-25 19:50 . 2012-06-25 19:50        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-25 19:50 . 2012-06-25 19:50        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-25 08:41 . 2012-06-25 08:41        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:36 . 2012-06-25 14:14        625010              c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-05 15:09        625010              c:\windows\system32\perfh009.dat
- 2009-12-28 12:26 . 2012-06-05 15:09        664868              c:\windows\system32\perfh007.dat
+ 2009-12-28 12:26 . 2012-06-25 14:14        664868              c:\windows\system32\perfh007.dat
- 2009-07-14 02:36 . 2012-06-05 15:09        110648              c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-06-25 14:14        110648              c:\windows\system32\perfc009.dat
- 2009-12-28 12:26 . 2012-06-05 15:09        135004              c:\windows\system32\perfc007.dat
+ 2009-12-28 12:26 . 2012-06-25 14:14        135004              c:\windows\system32\perfc007.dat
+ 2012-06-10 03:20 . 2012-06-25 14:37        877808              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2012-06-10 03:20 . 2012-06-25 08:23        877808              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-06-25 08:23        351644              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-25 19:49        351644              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-04-29 20:41 . 2012-06-25 19:49        61862340              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-598987727-3280365519-1545562274-1001-12288.dat
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\MOUSE Editor\MouseEditor.exe" [2010-12-23 3344384]
"ccleaner"="c:\program files (x86)\CCleaner\CCleaner64.exe" [2012-05-23 5208928]
"Xvid"="c:\program files (x86)\XviD\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1100368]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-06-04 348624]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.exe - Verknüpfung.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - c:\program files (x86)\DSL-Manager\DslMgr.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 cpuz130;cpuz130;c:\users\Benni\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\EVEREST Ultimate Edition\kerneld.amd64 [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-06-04 86224]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2011-10-21 73728]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 17:38]
.
2012-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 17:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-07-22 323072]
"PLFSetI"="c:\windows\PLFSetI.exe" [2009-12-28 200704]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://isearch.avg.com/?cid={FB1FD20E-1ECB-4FD8-A1AE-1A3F96887A29}&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&lang=de&ds=od011&pr=sa&d=2012-03-22 15:23&v=10.2.0.3&sap=hp
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360110d016l03d8z105t4971e441
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\e9koplpd.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/|hxxp://ts6.travian.de/dorf1.php
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B3789daa5-d450-42db-ab92-525375a232f9%7D&mid=dc161533aa3947d0a2a8d16f6b68595f-410f23d519b479a34fceb40994758e119ed9e140&ds=od011&v=10.2.0.3&lang=de&pr=sa&d=2012-03-22%2015%3A23%3A38&sap=ku&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\EVEREST Ultimate Edition\kerneld.amd64"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-598987727-3280365519-1545562274-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:ba,cc,d6,33,5d,6d,c2,9b,20,2e,2f,32,9a,52,cd,eb,5f,58,35,46,99,a2,32,
  7a,bc,ca,ef,66,6e,7e,8c,77,82,5f,4f,f0,a3,a6,70,2e,c9,33,69,ec,49,4c,ea,c5,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-598987727-3280365519-1545562274-1001\Software\SecuROM\License information*]
"datasecu"=hex:11,86,7a,b0,b7,81,06,bc,e8,7a,ef,aa,47,ec,f7,ec,87,4c,be,de,8c,
  d6,90,59,e4,94,07,f4,3a,82,ae,20,90,7e,29,75,82,d0,f8,2e,8f,e2,2d,82,59,75,\
"rkeysecu"=hex:5e,77,cf,8f,e9,3c,8e,63,76,b9,f2,ef,ec,45,bd,78
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-25  21:56:45 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-06-25 19:56
ComboFix2.txt  2012-06-25 14:52
ComboFix3.txt  2012-06-25 08:46
.
Vor Suchlauf: 19 Verzeichnis(se), 354.694.369.280 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 354.299.482.112 Bytes frei
.
- - End Of File - - A8604EB5D8A80C8A54F6F4A4F8879762


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:25 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131