Trojaner-Board - EXP/CVE-2012-4681.A.537 Trojaner auf Laptop hilfe nach Quarantäne

Dies war das Ergebnis des aswMBR Scans:

Code:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software

Run date: 2012-12-31 00:25:21

-----------------------------

00:25:21.059    OS Version: Windows x64 6.1.7600 

00:25:21.060    Number of processors: 4 586 0x2505

00:25:21.061    ComputerName: ***  UserName: 

00:25:26.098    Initialize success

00:25:37.914    AVAST engine defs: 12123001

00:25:41.318    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

00:25:41.321    Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3

00:25:41.337    Disk 0 MBR read successfully

00:25:41.341    Disk 0 MBR scan

00:25:41.369    Disk 0 Windows 7 default MBR code

00:25:41.391    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        14336 MB offset 2048

00:25:41.414    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 29362176

00:25:41.433    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       462502 MB offset 29566976

00:25:41.539    Disk 0 scanning C:\Windows\system32\drivers

00:26:25.360    Service scanning

00:27:21.633    Modules scanning

00:27:21.644    Disk 0 trace - called modules:

00:27:21.686    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 

00:27:22.044    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006fda060]

00:27:22.056    3 CLASSPNP.SYS[fffff88001aa643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fed050]

00:27:27.426    AVAST engine scan C:\Windows

00:27:32.125    AVAST engine scan C:\Windows\system32

00:33:30.642    AVAST engine scan C:\Windows\system32\drivers

00:33:44.987    AVAST engine scan C:\Users\Milan Libischer

00:47:34.667    AVAST engine scan C:\ProgramData

00:57:33.726    Scan finished successfully

01:00:24.996    Disk 0 MBR has been saved successfully to "C:\Users\Milan Libischer\Documents\MBR.dat"

01:00:25.001    The log file has been saved successfully to "C:\Users\Milan Libischer\Documents\aswMBR 31.12.2012.txt"

Das Ergebnis des tdsskiller scans:

Code:

01:03:53.0288 1416  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

01:03:53.0416 1416  ============================================================

01:03:53.0416 1416  Current date / time: 2012/12/31 01:03:53.0416

01:03:53.0416 1416  SystemInfo:

01:03:53.0416 1416  

01:03:53.0416 1416  OS Version: 6.1.7600 ServicePack: 0.0

01:03:53.0416 1416  Product type: Workstation

01:03:53.0416 1416  ComputerName: ***

01:03:53.0417 1416  UserName: ***

01:03:53.0417 1416  Windows directory: C:\Windows

01:03:53.0417 1416  System windows directory: C:\Windows

01:03:53.0417 1416  Running under WOW64

01:03:53.0417 1416  Processor architecture: Intel x64

01:03:53.0417 1416  Number of processors: 4

01:03:53.0417 1416  Page size: 0x1000

01:03:53.0417 1416  Boot type: Normal boot

01:03:53.0417 1416  ============================================================

01:03:53.0911 1416  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

01:03:53.0915 1416  ============================================================

01:03:53.0915 1416  \Device\Harddisk0\DR0:

01:03:53.0932 1416  MBR partitions:

01:03:53.0932 1416  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000

01:03:53.0932 1416  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x38753000

01:03:53.0932 1416  ============================================================

01:03:53.0968 1416  C: <-> \Device\Harddisk0\DR0\Partition2

01:03:53.0968 1416  ============================================================

01:03:53.0968 1416  Initialize success

01:03:53.0968 1416  ============================================================

01:04:23.0446 3904  ============================================================

01:04:23.0446 3904  Scan started

01:04:23.0446 3904  Mode: Manual; SigCheck; TDLFS; 

01:04:23.0446 3904  ============================================================

01:04:24.0329 3904  ================ Scan system memory ========================

01:04:24.0329 3904  System memory - ok

01:04:24.0329 3904  ================ Scan services =============================

01:04:24.0593 3904  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys

01:04:24.0753 3904  1394ohci - ok

01:04:24.0803 3904  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys

01:04:24.0822 3904  ACPI - ok

01:04:24.0872 3904  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys

01:04:24.0997 3904  AcpiPmi - ok

01:04:25.0130 3904  [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

01:04:25.0141 3904  AdobeARMservice - ok

01:04:25.0375 3904  [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

01:04:25.0394 3904  AdobeFlashPlayerUpdateSvc - ok

01:04:25.0488 3904  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

01:04:25.0523 3904  adp94xx - ok

01:04:25.0544 3904  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

01:04:25.0560 3904  adpahci - ok

01:04:25.0565 3904  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

01:04:25.0578 3904  adpu320 - ok

01:04:25.0624 3904  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

01:04:25.0771 3904  AeLookupSvc - ok

01:04:25.0859 3904  [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD             C:\Windows\system32\drivers\afd.sys

01:04:25.0917 3904  AFD - ok

01:04:26.0008 3904  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys

01:04:26.0020 3904  agp440 - ok

01:04:26.0055 3904  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

01:04:26.0078 3904  ALG - ok

01:04:26.0129 3904  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys

01:04:26.0142 3904  aliide - ok

01:04:26.0179 3904  [ 671D9DCA48DA807780D8409C18ED0AE0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

01:04:26.0226 3904  AMD External Events Utility - ok

01:04:26.0238 3904  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys

01:04:26.0249 3904  amdide - ok

01:04:26.0276 3904  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

01:04:26.0305 3904  AmdK8 - ok

01:04:26.0447 3904  [ D3E6B2E1394D93FE9DB0BA24814B0D8F ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys

01:04:26.0636 3904  amdkmdag - ok

01:04:26.0673 3904  [ CC4D915D786D3DA973B2EA9B95D59A29 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys

01:04:26.0697 3904  amdkmdap - ok

01:04:26.0731 3904  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

01:04:26.0771 3904  AmdPPM - ok

01:04:26.0816 3904  [ 7A4B413614C055935567CF88A9734D38 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys

01:04:26.0827 3904  amdsata - ok

01:04:26.0862 3904  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

01:04:26.0877 3904  amdsbs - ok

01:04:26.0899 3904  [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys

01:04:26.0909 3904  amdxata - ok

01:04:26.0938 3904  [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS

01:04:27.0002 3904  AmUStor - ok

01:04:27.0152 3904  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

01:04:27.0180 3904  AntiVirSchedulerService - ok

01:04:27.0213 3904  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

01:04:27.0222 3904  AntiVirService - ok

01:04:27.0266 3904  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys

01:04:27.0319 3904  AppID - ok

01:04:27.0377 3904  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

01:04:27.0426 3904  AppIDSvc - ok

01:04:27.0445 3904  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll

01:04:27.0481 3904  Appinfo - ok

01:04:27.0510 3904  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys

01:04:27.0521 3904  arc - ok

01:04:27.0532 3904  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

01:04:27.0543 3904  arcsas - ok

01:04:27.0726 3904  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

01:04:27.0776 3904  aspnet_state - ok

01:04:27.0828 3904  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

01:04:27.0890 3904  AsyncMac - ok

01:04:27.0932 3904  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys

01:04:27.0942 3904  atapi - ok

01:04:28.0040 3904  [ 931884F5F2D7E6973366782690BF1754 ] athr            C:\Windows\system32\DRIVERS\athrx.sys

01:04:28.0099 3904  athr - ok

01:04:28.0162 3904  [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys

01:04:28.0201 3904  AtiHdmiService - ok

01:04:28.0290 3904  [ FC0E8778C000291CAF60EB88C011E931 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys

01:04:28.0305 3904  atksgt - ok

01:04:28.0349 3904  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

01:04:28.0412 3904  AudioEndpointBuilder - ok

01:04:28.0424 3904  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll

01:04:28.0466 3904  AudioSrv - ok

01:04:28.0559 3904  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys

01:04:28.0568 3904  avgntflt - ok

01:04:28.0619 3904  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys

01:04:28.0629 3904  avipbb - ok

01:04:28.0646 3904  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys

01:04:28.0656 3904  avkmgr - ok

01:04:28.0703 3904  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll

01:04:28.0777 3904  AxInstSV - ok

01:04:28.0833 3904  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

01:04:28.0878 3904  b06bdrv - ok

01:04:28.0924 3904  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

01:04:28.0955 3904  b57nd60a - ok

01:04:28.0993 3904  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

01:04:29.0015 3904  BDESVC - ok

01:04:29.0034 3904  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

01:04:29.0077 3904  Beep - ok

01:04:29.0121 3904  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll

01:04:29.0173 3904  BFE - ok

01:04:29.0215 3904  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll

01:04:29.0272 3904  BITS - ok

01:04:29.0295 3904  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

01:04:29.0321 3904  blbdrive - ok

01:04:29.0390 3904  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

01:04:29.0432 3904  bowser - ok

01:04:29.0472 3904  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

01:04:29.0518 3904  BrFiltLo - ok

01:04:29.0550 3904  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

01:04:29.0568 3904  BrFiltUp - ok

01:04:29.0619 3904  [ 6B054C67AAA87843504E8E3C09102009 ] Browser         C:\Windows\System32\browser.dll

01:04:29.0660 3904  Browser - ok

01:04:29.0688 3904  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

01:04:29.0721 3904  Brserid - ok

01:04:29.0736 3904  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

01:04:29.0767 3904  BrSerWdm - ok

01:04:29.0793 3904  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

01:04:29.0826 3904  BrUsbMdm - ok

01:04:29.0845 3904  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

01:04:29.0873 3904  BrUsbSer - ok

01:04:29.0888 3904  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

01:04:29.0927 3904  BTHMODEM - ok

01:04:29.0949 3904  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

01:04:30.0003 3904  bthserv - ok

01:04:30.0036 3904  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

01:04:30.0072 3904  cdfs - ok

01:04:30.0089 3904  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

01:04:30.0113 3904  cdrom - ok

01:04:30.0147 3904  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll

01:04:30.0192 3904  CertPropSvc - ok

01:04:30.0219 3904  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

01:04:30.0249 3904  circlass - ok

01:04:30.0273 3904  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

01:04:30.0289 3904  CLFS - ok

01:04:30.0339 3904  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

01:04:30.0358 3904  clr_optimization_v2.0.50727_32 - ok

01:04:30.0388 3904  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

01:04:30.0405 3904  clr_optimization_v2.0.50727_64 - ok

01:04:30.0550 3904  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

01:04:30.0602 3904  clr_optimization_v4.0.30319_32 - ok

01:04:30.0623 3904  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

01:04:30.0639 3904  clr_optimization_v4.0.30319_64 - ok

01:04:30.0667 3904  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

01:04:30.0695 3904  CmBatt - ok

01:04:30.0728 3904  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys

01:04:30.0738 3904  cmdide - ok

01:04:30.0787 3904  [ CA7720B73446FDDEC5C69519C1174C98 ] CNG             C:\Windows\system32\Drivers\cng.sys

01:04:30.0828 3904  CNG - ok

01:04:30.0862 3904  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

01:04:30.0874 3904  Compbatt - ok

01:04:30.0879 3904  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

01:04:30.0903 3904  CompositeBus - ok

01:04:30.0915 3904  COMSysApp - ok

01:04:30.0933 3904  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

01:04:30.0944 3904  crcdisk - ok

01:04:31.0002 3904  [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll

01:04:31.0037 3904  CryptSvc - ok

01:04:31.0154 3904  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

01:04:31.0178 3904  cvhsvc - ok

01:04:31.0362 3904  DAUpdaterSvc - ok

01:04:31.0418 3904  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll

01:04:31.0476 3904  DcomLaunch - ok

01:04:31.0507 3904  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

01:04:31.0558 3904  defragsvc - ok

01:04:31.0616 3904  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

01:04:31.0672 3904  DfsC - ok

01:04:31.0709 3904  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll

01:04:31.0778 3904  Dhcp - ok

01:04:31.0809 3904  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

01:04:31.0847 3904  discache - ok

01:04:31.0871 3904  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys

01:04:31.0882 3904  Disk - ok

01:04:31.0931 3904  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll

01:04:31.0959 3904  Dnscache - ok

01:04:31.0982 3904  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll

01:04:32.0034 3904  dot3svc - ok

01:04:32.0043 3904  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll

01:04:32.0086 3904  DPS - ok

01:04:32.0107 3904  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

01:04:32.0120 3904  drmkaud - ok

01:04:32.0182 3904  [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe

01:04:32.0195 3904  DsiWMIService - ok

01:04:32.0230 3904  [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

01:04:32.0258 3904  DXGKrnl - ok

01:04:32.0287 3904  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

01:04:32.0338 3904  EapHost - ok

01:04:32.0440 3904  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

01:04:32.0547 3904  ebdrv - ok

01:04:32.0614 3904  [ 156F6159457D0AA7E59B62681B56EB90 ] EFS             C:\Windows\System32\lsass.exe

01:04:32.0639 3904  EFS - ok

01:04:32.0708 3904  [ 3D69FAE60EDE442E004611A4EE4DB44C ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

01:04:32.0747 3904  ehRecvr - ok

01:04:32.0772 3904  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

01:04:32.0789 3904  ehSched - ok

01:04:32.0850 3904  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

01:04:32.0877 3904  elxstor - ok

01:04:32.0955 3904  [ 4791D9FDD38A125C1C1E311610E5A159 ] ePowerSvc       C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe

01:04:32.0982 3904  ePowerSvc - ok

01:04:33.0000 3904  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys

01:04:33.0028 3904  ErrDev - ok

01:04:33.0076 3904  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

01:04:33.0127 3904  EventSystem - ok

01:04:33.0220 3904  [ 8ADACFFAD67394C711698EA074CE3BAB ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys

01:04:33.0285 3904  ewusbnet - ok

01:04:33.0312 3904  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

01:04:33.0364 3904  exfat - ok

01:04:33.0372 3904  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

01:04:33.0419 3904  fastfat - ok

01:04:33.0469 3904  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe

01:04:33.0504 3904  Fax - ok

01:04:33.0530 3904  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

01:04:33.0556 3904  fdc - ok

01:04:33.0588 3904  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

01:04:33.0636 3904  fdPHost - ok

01:04:33.0672 3904  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

01:04:33.0709 3904  FDResPub - ok

01:04:33.0730 3904  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

01:04:33.0741 3904  FileInfo - ok

01:04:33.0771 3904  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

01:04:33.0807 3904  Filetrace - ok

01:04:33.0823 3904  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

01:04:33.0836 3904  flpydisk - ok

01:04:33.0843 3904  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

01:04:33.0857 3904  FltMgr - ok

01:04:33.0906 3904  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache       C:\Windows\system32\FntCache.dll

01:04:33.0967 3904  FontCache - ok

01:04:34.0000 3904  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

01:04:34.0008 3904  FontCache3.0.0.0 - ok

01:04:34.0026 3904  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

01:04:34.0037 3904  FsDepends - ok

01:04:34.0084 3904  [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

01:04:34.0094 3904  Fs_Rec - ok

01:04:34.0139 3904  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

01:04:34.0155 3904  fvevol - ok

01:04:34.0190 3904  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

01:04:34.0202 3904  gagp30kx - ok

01:04:34.0244 3904  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll

01:04:34.0282 3904  gpsvc - ok

01:04:34.0342 3904  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

01:04:34.0349 3904  GREGService - ok

01:04:34.0445 3904  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

01:04:34.0457 3904  gupdate - ok

01:04:34.0529 3904  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

01:04:34.0538 3904  gupdatem - ok

01:04:34.0599 3904  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys

01:04:34.0608 3904  hamachi - ok

01:04:34.0839 3904  [ A5963114373834D78782013BC803043E ] Hamachi2Svc     C:\Users\Milan Libischer\Downloads\hamachi-2.exe

01:04:34.0896 3904  Hamachi2Svc - ok

01:04:34.0940 3904  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

01:04:34.0962 3904  hcw85cir - ok

01:04:34.0995 3904  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

01:04:35.0030 3904  HdAudAddService - ok

01:04:35.0043 3904  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

01:04:35.0069 3904  HDAudBus - ok

01:04:35.0105 3904  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys

01:04:35.0114 3904  HECIx64 - ok

01:04:35.0150 3904  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

01:04:35.0168 3904  HidBatt - ok

01:04:35.0185 3904  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

01:04:35.0223 3904  HidBth - ok

01:04:35.0250 3904  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

01:04:35.0279 3904  HidIr - ok

01:04:35.0297 3904  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll

01:04:35.0344 3904  hidserv - ok

01:04:35.0371 3904  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

01:04:35.0396 3904  HidUsb - ok

01:04:35.0494 3904  [ D61F8E72032BDC43157F2B8AEA32B529 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

01:04:35.0503 3904  HiPatchService ( UnsignedFile.Multi.Generic ) - warning

01:04:35.0503 3904  HiPatchService - detected UnsignedFile.Multi.Generic (1)

01:04:35.0541 3904  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll

01:04:35.0588 3904  hkmsvc - ok

01:04:35.0612 3904  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

01:04:35.0636 3904  HomeGroupListener - ok

01:04:35.0667 3904  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll

01:04:35.0687 3904  HomeGroupProvider - ok

01:04:35.0735 3904  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys

01:04:35.0747 3904  HpSAMD - ok

01:04:35.0798 3904  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

01:04:35.0848 3904  HTTP - ok

01:04:35.0951 3904  [ D969D0E26C5B1E813B17066A8318D5D4 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys

01:04:35.0984 3904  hwdatacard - ok

01:04:36.0040 3904  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

01:04:36.0052 3904  hwpolicy - ok

01:04:36.0126 3904  [ B45B3647BA32749B94FA689175EC8C26 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys

01:04:36.0161 3904  hwusbdev - ok

01:04:36.0169 3904  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

01:04:36.0183 3904  i8042prt - ok

01:04:36.0227 3904  [ ABBF174CB394F5C437410A788B7E404A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys

01:04:36.0242 3904  iaStor - ok

01:04:36.0278 3904  [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys

01:04:36.0295 3904  iaStorV - ok

01:04:36.0351 3904  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

01:04:36.0377 3904  idsvc - ok

01:04:36.0424 3904  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

01:04:36.0435 3904  iirsp - ok

01:04:36.0477 3904  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll

01:04:36.0530 3904  IKEEXT - ok

01:04:36.0584 3904  [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys

01:04:36.0605 3904  Impcd - ok

01:04:36.0721 3904  [ A0EAB13A78CC5FB960EC76E3D6408DA3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

01:04:36.0773 3904  IntcAzAudAddService - ok

01:04:36.0809 3904  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys

01:04:36.0819 3904  intelide - ok

01:04:37.0028 3904  [ 2A22AB054F4630D2EF4BAB2853F6D5F6 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys

01:04:37.0323 3904  intelkmd - ok

01:04:37.0359 3904  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

01:04:37.0379 3904  intelppm - ok

01:04:37.0466 3904  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

01:04:37.0518 3904  IPBusEnum - ok

01:04:37.0546 3904  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

01:04:37.0583 3904  IpFilterDriver - ok

01:04:37.0626 3904  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

01:04:37.0690 3904  iphlpsvc - ok

01:04:37.0703 3904  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys

01:04:37.0734 3904  IPMIDRV - ok

01:04:37.0744 3904  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

01:04:37.0795 3904  IPNAT - ok

01:04:37.0813 3904  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

01:04:37.0829 3904  IRENUM - ok

01:04:37.0846 3904  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys

01:04:37.0857 3904  isapnp - ok

01:04:37.0880 3904  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

01:04:37.0892 3904  iScsiPrt - ok

01:04:37.0915 3904  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

01:04:37.0926 3904  kbdclass - ok

01:04:37.0943 3904  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

01:04:37.0968 3904  kbdhid - ok

01:04:37.0979 3904  [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso          C:\Windows\system32\lsass.exe

01:04:37.0990 3904  KeyIso - ok

01:04:38.0026 3904  [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

01:04:38.0037 3904  KSecDD - ok

01:04:38.0064 3904  [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

01:04:38.0076 3904  KSecPkg - ok

01:04:38.0099 3904  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

01:04:38.0146 3904  ksthunk - ok

01:04:38.0175 3904  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

01:04:38.0228 3904  KtmRm - ok

01:04:38.0270 3904  [ 32980B4E711D2EF7128C44DC2CF85706 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys

01:04:38.0279 3904  L1C - ok

01:04:38.0320 3904  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll

01:04:38.0348 3904  LanmanServer - ok

01:04:38.0381 3904  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

01:04:38.0429 3904  LanmanWorkstation - ok

01:04:38.0524 3904  [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys

01:04:38.0533 3904  lirsgt - ok

01:04:38.0590 3904  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

01:04:38.0652 3904  lltdio - ok

01:04:38.0740 3904  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

01:04:38.0807 3904  lltdsvc - ok

01:04:38.0845 3904  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

01:04:38.0879 3904  lmhosts - ok

01:04:38.0977 3904  [ 23D990150D56B670A62B21B9ABDD45EE ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

01:04:38.0989 3904  LMS - ok

01:04:39.0037 3904  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

01:04:39.0048 3904  LSI_FC - ok

01:04:39.0066 3904  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

01:04:39.0077 3904  LSI_SAS - ok

01:04:39.0081 3904  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

01:04:39.0092 3904  LSI_SAS2 - ok

01:04:39.0132 3904  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

01:04:39.0144 3904  LSI_SCSI - ok

01:04:39.0169 3904  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

01:04:39.0206 3904  luafv - ok

01:04:39.0244 3904  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

01:04:39.0271 3904  Mcx2Svc - ok

01:04:39.0289 3904  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

01:04:39.0300 3904  megasas - ok

01:04:39.0352 3904  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

01:04:39.0368 3904  MegaSR - ok

01:04:39.0399 3904  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

01:04:39.0450 3904  MMCSS - ok

01:04:39.0478 3904  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

01:04:39.0524 3904  Modem - ok

01:04:39.0558 3904  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

01:04:39.0584 3904  monitor - ok

01:04:39.0588 3904  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

01:04:39.0599 3904  mouclass - ok

01:04:39.0658 3904  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

01:04:39.0670 3904  mouhid - ok

01:04:39.0674 3904  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

01:04:39.0686 3904  mountmgr - ok

01:04:39.0827 3904  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

01:04:39.0847 3904  MozillaMaintenance - ok

01:04:39.0889 3904  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys

01:04:39.0903 3904  mpio - ok

01:04:39.0938 3904  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

01:04:39.0981 3904  mpsdrv - ok

01:04:40.0021 3904  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll

01:04:40.0082 3904  MpsSvc - ok

01:04:40.0102 3904  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

01:04:40.0145 3904  MRxDAV - ok

01:04:40.0186 3904  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

01:04:40.0221 3904  mrxsmb - ok

01:04:40.0292 3904  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

01:04:40.0317 3904  mrxsmb10 - ok

01:04:40.0331 3904  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

01:04:40.0353 3904  mrxsmb20 - ok

01:04:40.0387 3904  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys

01:04:40.0398 3904  msahci - ok

01:04:40.0420 3904  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys

01:04:40.0432 3904  msdsm - ok

01:04:40.0450 3904  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

01:04:40.0513 3904  MSDTC - ok

01:04:40.0557 3904  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

01:04:40.0599 3904  Msfs - ok

01:04:40.0609 3904  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

01:04:40.0643 3904  mshidkmdf - ok

01:04:40.0647 3904  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys

01:04:40.0659 3904  msisadrv - ok

01:04:40.0682 3904  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

01:04:40.0735 3904  MSiSCSI - ok

01:04:40.0738 3904  msiserver - ok

01:04:40.0770 3904  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

01:04:40.0803 3904  MSKSSRV - ok

01:04:40.0816 3904  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

01:04:40.0862 3904  MSPCLOCK - ok

01:04:40.0865 3904  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

01:04:40.0910 3904  MSPQM - ok

01:04:40.0929 3904  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

01:04:40.0946 3904  MsRPC - ok

01:04:40.0952 3904  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

01:04:40.0963 3904  mssmbios - ok

01:04:40.0974 3904  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

01:04:41.0025 3904  MSTEE - ok

01:04:41.0050 3904  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

01:04:41.0077 3904  MTConfig - ok

01:04:41.0093 3904  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

01:04:41.0103 3904  Mup - ok

01:04:41.0131 3904  [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

01:04:41.0138 3904  mwlPSDFilter - ok

01:04:41.0145 3904  [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

01:04:41.0152 3904  mwlPSDNServ - ok

01:04:41.0165 3904  [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

01:04:41.0172 3904  mwlPSDVDisk - ok

01:04:41.0221 3904  [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService      C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe

01:04:41.0235 3904  MWLService - ok

01:04:41.0278 3904  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll

01:04:41.0319 3904  napagent - ok

01:04:41.0361 3904  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

01:04:41.0393 3904  NativeWifiP - ok

01:04:41.0423 3904  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys

01:04:41.0450 3904  NDIS - ok

01:04:41.0479 3904  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

01:04:41.0529 3904  NdisCap - ok

01:04:41.0564 3904  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

01:04:41.0612 3904  NdisTapi - ok

01:04:41.0625 3904  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

01:04:41.0668 3904  Ndisuio - ok

01:04:41.0673 3904  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

01:04:41.0709 3904  NdisWan - ok

01:04:41.0724 3904  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

01:04:41.0760 3904  NDProxy - ok

01:04:41.0772 3904  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

01:04:41.0827 3904  NetBIOS - ok

01:04:41.0835 3904  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

01:04:41.0879 3904  NetBT - ok

01:04:41.0890 3904  [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon        C:\Windows\system32\lsass.exe

01:04:41.0900 3904  Netlogon - ok

01:04:41.0929 3904  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

01:04:41.0978 3904  Netman - ok

01:04:42.0015 3904  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

01:04:42.0026 3904  NetMsmqActivator - ok

01:04:42.0030 3904  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

01:04:42.0040 3904  NetPipeActivator - ok

01:04:42.0069 3904  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

01:04:42.0125 3904  netprofm - ok

01:04:42.0130 3904  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

01:04:42.0140 3904  NetTcpActivator - ok

01:04:42.0144 3904  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

01:04:42.0154 3904  NetTcpPortSharing - ok

01:04:42.0196 3904  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

01:04:42.0206 3904  nfrd960 - ok

01:04:42.0258 3904  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll

01:04:42.0302 3904  NlaSvc - ok

01:04:42.0403 3904  [ 5839A8027D6D324A7CD494051A96628C ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

01:04:42.0471 3904  NOBU - ok

01:04:42.0487 3904  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

01:04:42.0533 3904  Npfs - ok

01:04:42.0547 3904  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

01:04:42.0598 3904  nsi - ok

01:04:42.0611 3904  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

01:04:42.0673 3904  nsiproxy - ok

01:04:42.0715 3904  [ 356698A13C4630D5B31C37378D469196 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

01:04:42.0775 3904  Ntfs - ok

01:04:42.0824 3904  [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

01:04:42.0835 3904  NTI IScheduleSvc - ok

01:04:42.0857 3904  [ 28C59F594044CBF8598B18C927097091 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

01:04:42.0866 3904  NTIBackupSvc - ok

01:04:42.0891 3904  [ 710263B44C1D1AEE07525A53401FBE48 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys

01:04:42.0899 3904  NTIDrvr - ok

01:04:42.0920 3904  [ B8D903B2894FF9AFBD99CA51C35590D7 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

01:04:42.0970 3904  NTISchedulerSvc - ok

01:04:42.0998 3904  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

01:04:43.0052 3904  Null - ok

01:04:43.0082 3904  [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys

01:04:43.0096 3904  nvraid - ok

01:04:43.0103 3904  [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys

01:04:43.0115 3904  nvstor - ok

01:04:43.0138 3904  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys

01:04:43.0150 3904  nv_agp - ok

01:04:43.0159 3904  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

01:04:43.0183 3904  ohci1394 - ok

01:04:43.0231 3904  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

01:04:43.0243 3904  ose - ok

01:04:43.0435 3904  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

01:04:43.0594 3904  osppsvc - ok

01:04:43.0643 3904  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

01:04:43.0665 3904  p2pimsvc - ok

01:04:43.0685 3904  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

01:04:43.0701 3904  p2psvc - ok

01:04:43.0727 3904  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

01:04:43.0739 3904  Parport - ok

01:04:43.0787 3904  [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

01:04:43.0798 3904  partmgr - ok

01:04:43.0821 3904  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

01:04:43.0844 3904  PcaSvc - ok

01:04:43.0864 3904  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys

01:04:43.0876 3904  pci - ok

01:04:43.0898 3904  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys

01:04:43.0909 3904  pciide - ok

01:04:43.0924 3904  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

01:04:43.0936 3904  pcmcia - ok

01:04:43.0940 3904  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

01:04:43.0950 3904  pcw - ok

01:04:43.0979 3904  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

01:04:44.0037 3904  PEAUTH - ok

01:04:44.0117 3904  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

01:04:44.0139 3904  PerfHost - ok

01:04:44.0185 3904  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll

01:04:44.0259 3904  pla - ok

01:04:44.0331 3904  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

01:04:44.0362 3904  PlugPlay - ok

01:04:44.0374 3904  PnkBstrA - ok

01:04:44.0402 3904  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

01:04:44.0431 3904  PNRPAutoReg - ok

01:04:44.0454 3904  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

01:04:44.0471 3904  PNRPsvc - ok

01:04:44.0554 3904  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

01:04:44.0632 3904  PolicyAgent - ok

01:04:44.0659 3904  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

01:04:44.0705 3904  Power - ok

01:04:44.0746 3904  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

01:04:44.0791 3904  PptpMiniport - ok

01:04:44.0814 3904  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys

01:04:44.0838 3904  Processor - ok

01:04:44.0873 3904  [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc         C:\Windows\system32\profsvc.dll

01:04:44.0913 3904  ProfSvc - ok

01:04:44.0923 3904  [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe

01:04:44.0934 3904  ProtectedStorage - ok

01:04:44.0966 3904  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

01:04:45.0006 3904  Psched - ok

01:04:45.0074 3904  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

01:04:45.0114 3904  ql2300 - ok

01:04:45.0119 3904  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

01:04:45.0131 3904  ql40xx - ok

01:04:45.0163 3904  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

01:04:45.0185 3904  QWAVE - ok

01:04:45.0215 3904  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

01:04:45.0251 3904  QWAVEdrv - ok

01:04:45.0264 3904  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

01:04:45.0325 3904  RasAcd - ok

01:04:45.0362 3904  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

01:04:45.0398 3904  RasAgileVpn - ok

01:04:45.0420 3904  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

01:04:45.0478 3904  RasAuto - ok

01:04:45.0510 3904  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

01:04:45.0560 3904  Rasl2tp - ok

01:04:45.0566 3904  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll

01:04:45.0626 3904  RasMan - ok

01:04:45.0643 3904  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

01:04:45.0693 3904  RasPppoe - ok

01:04:45.0697 3904  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

01:04:45.0743 3904  RasSstp - ok

01:04:45.0762 3904  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

01:04:45.0807 3904  rdbss - ok

01:04:45.0835 3904  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

01:04:45.0850 3904  rdpbus - ok

01:04:45.0861 3904  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

01:04:45.0895 3904  RDPCDD - ok

01:04:45.0900 3904  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

01:04:45.0945 3904  RDPENCDD - ok

01:04:45.0951 3904  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

01:04:45.0989 3904  RDPREFMP - ok

01:04:46.0042 3904  [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

01:04:46.0071 3904  RDPWD - ok

01:04:46.0099 3904  [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

01:04:46.0113 3904  rdyboost - ok

01:04:46.0142 3904  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

01:04:46.0180 3904  RemoteAccess - ok

01:04:46.0206 3904  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

01:04:46.0258 3904  RemoteRegistry - ok

01:04:46.0290 3904  [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo       C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe

01:04:46.0300 3904  RichVideo ( UnsignedFile.Multi.Generic ) - warning

01:04:46.0300 3904  RichVideo - detected UnsignedFile.Multi.Generic (1)

01:04:46.0340 3904  [ 77B3B747EB2413072B8E4306018D0C9B ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys

01:04:46.0390 3904  RMCAST - ok

01:04:46.0427 3904  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

01:04:46.0468 3904  RpcEptMapper - ok

01:04:46.0486 3904  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

01:04:46.0498 3904  RpcLocator - ok

01:04:46.0515 3904  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll

01:04:46.0556 3904  RpcSs - ok

01:04:46.0577 3904  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

01:04:46.0617 3904  rspndr - ok

01:04:46.0634 3904  [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs           C:\Windows\system32\lsass.exe

01:04:46.0644 3904  SamSs - ok

01:04:46.0664 3904  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys

01:04:46.0674 3904  sbp2port - ok

01:04:46.0709 3904  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

01:04:46.0755 3904  SCardSvr - ok

01:04:46.0769 3904  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

01:04:46.0816 3904  scfilter - ok

01:04:46.0860 3904  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll

01:04:46.0885 3904  Schedule - ok

01:04:46.0912 3904  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll

01:04:46.0948 3904  SCPolicySvc - ok

01:04:46.0970 3904  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

01:04:46.0998 3904  SDRSVC - ok

01:04:47.0021 3904  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

01:04:47.0058 3904  secdrv - ok

01:04:47.0073 3904  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll

01:04:47.0117 3904  seclogon - ok

01:04:47.0135 3904  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll

01:04:47.0171 3904  SENS - ok

01:04:47.0214 3904  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

01:04:47.0242 3904  SensrSvc - ok

01:04:47.0267 3904  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

01:04:47.0280 3904  Serenum - ok

01:04:47.0327 3904  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

01:04:47.0363 3904  Serial - ok

01:04:47.0399 3904  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

01:04:47.0445 3904  sermouse - ok

01:04:47.0482 3904  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll

01:04:47.0521 3904  SessionEnv - ok

01:04:47.0540 3904  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys

01:04:47.0563 3904  sffdisk - ok

01:04:47.0576 3904  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys

01:04:47.0601 3904  sffp_mmc - ok

01:04:47.0622 3904  [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys

01:04:47.0650 3904  sffp_sd - ok

01:04:47.0670 3904  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

01:04:47.0680 3904  sfloppy - ok

01:04:47.0743 3904  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys

01:04:47.0767 3904  Sftfs - ok

01:04:47.0861 3904  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

01:04:47.0881 3904  sftlist - ok

01:04:47.0900 3904  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys

01:04:47.0912 3904  Sftplay - ok

01:04:47.0932 3904  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys

01:04:47.0942 3904  Sftredir - ok

01:04:47.0958 3904  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys

01:04:47.0966 3904  Sftvol - ok

01:04:48.0018 3904  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

01:04:48.0029 3904  sftvsa - ok

01:04:48.0060 3904  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

01:04:48.0110 3904  SharedAccess - ok

01:04:48.0136 3904  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll

01:04:48.0164 3904  ShellHWDetection - ok

01:04:48.0202 3904  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

01:04:48.0212 3904  SiSRaid2 - ok

01:04:48.0228 3904  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

01:04:48.0240 3904  SiSRaid4 - ok

01:04:48.0471 3904  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

01:04:48.0587 3904  Skype C2C Service - ok

01:04:48.0724 3904  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

01:04:48.0741 3904  SkypeUpdate - ok

01:04:48.0786 3904  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

01:04:48.0824 3904  Smb - ok

01:04:48.0860 3904  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

01:04:48.0880 3904  SNMPTRAP - ok

01:04:48.0900 3904  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

01:04:48.0912 3904  spldr - ok

01:04:48.0939 3904  [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler         C:\Windows\System32\spoolsv.exe

01:04:48.0967 3904  Spooler - ok

01:04:49.0050 3904  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe

01:04:49.0160 3904  sppsvc - ok

01:04:49.0172 3904  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

01:04:49.0208 3904  sppuinotify - ok

01:04:49.0261 3904  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv             C:\Windows\system32\DRIVERS\srv.sys

01:04:49.0315 3904  srv - ok

01:04:49.0323 3904  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

01:04:49.0362 3904  srv2 - ok

01:04:49.0376 3904  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

01:04:49.0391 3904  srvnet - ok

01:04:49.0424 3904  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

01:04:49.0484 3904  SSDPSRV - ok

01:04:49.0490 3904  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

01:04:49.0528 3904  SstpSvc - ok

01:04:49.0601 3904  Steam Client Service - ok

01:04:49.0638 3904  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

01:04:49.0648 3904  stexstor - ok

01:04:49.0686 3904  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll

01:04:49.0712 3904  stisvc - ok

01:04:49.0729 3904  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

01:04:49.0740 3904  swenum - ok

01:04:49.0766 3904  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

01:04:49.0814 3904  swprv - ok

01:04:49.0858 3904  [ CE9B5A79AEE330BC7E88C0441E5727BB ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys

01:04:49.0871 3904  SynTP - ok

01:04:49.0915 3904  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll

01:04:49.0963 3904  SysMain - ok

01:04:49.0983 3904  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll

01:04:50.0010 3904  TabletInputService - ok

01:04:50.0036 3904  tandpl - ok

01:04:50.0042 3904  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll

01:04:50.0092 3904  TapiSrv - ok

01:04:50.0110 3904  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

01:04:50.0147 3904  TBS - ok

01:04:50.0246 3904  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

01:04:50.0296 3904  Tcpip - ok

01:04:50.0325 3904  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

01:04:50.0363 3904  TCPIP6 - ok

01:04:50.0392 3904  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

01:04:50.0429 3904  tcpipreg - ok

01:04:50.0449 3904  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

01:04:50.0469 3904  TDPIPE - ok

01:04:50.0526 3904  [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

01:04:50.0557 3904  TDTCP - ok

01:04:50.0611 3904  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

01:04:50.0664 3904  tdx - ok

01:04:50.0669 3904  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

01:04:50.0680 3904  TermDD - ok

01:04:50.0720 3904  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll

01:04:50.0774 3904  TermService - ok

01:04:50.0832 3904  [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys

01:04:50.0841 3904  TFsExDisk - ok

01:04:50.0873 3904  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

01:04:50.0896 3904  Themes - ok

01:04:50.0910 3904  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

01:04:50.0945 3904  THREADORDER - ok

01:04:50.0967 3904  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

01:04:51.0008 3904  TrkWks - ok

01:04:51.0057 3904  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

01:04:51.0094 3904  TrustedInstaller - ok

01:04:51.0127 3904  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

01:04:51.0181 3904  tssecsrv - ok

01:04:51.0213 3904  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

01:04:51.0265 3904  tunnel - ok

01:04:51.0305 3904  [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys

01:04:51.0313 3904  TurboB - ok

01:04:51.0356 3904  [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe

01:04:51.0366 3904  TurboBoost - ok

01:04:51.0398 3904  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

01:04:51.0411 3904  uagp35 - ok

01:04:51.0435 3904  [ 40079B0B801C5432BA435B5AD61CE6E3 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys

01:04:51.0444 3904  UBHelper - ok

01:04:51.0460 3904  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

01:04:51.0515 3904  udfs - ok

01:04:51.0535 3904  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

01:04:51.0550 3904  UI0Detect - ok

01:04:51.0574 3904  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys

01:04:51.0585 3904  uliagpkx - ok

01:04:51.0604 3904  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

01:04:51.0627 3904  umbus - ok

01:04:51.0661 3904  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

01:04:51.0673 3904  UmPass - ok

01:04:51.0802 3904  [ CBDEE152D73200EE49031A26310B9D3E ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

01:04:51.0861 3904  UNS - ok

01:04:51.0916 3904  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe

01:04:51.0927 3904  Updater Service - ok

01:04:51.0960 3904  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

01:04:52.0010 3904  upnphost - ok

01:04:52.0104 3904  [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

01:04:52.0127 3904  usbaudio - ok

01:04:52.0172 3904  [ B26AFB54A534D634523C4FB66765B026 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

01:04:52.0207 3904  usbccgp - ok

01:04:52.0233 3904  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys

01:04:52.0249 3904  usbcir - ok

01:04:52.0253 3904  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

01:04:52.0283 3904  usbehci - ok

01:04:52.0290 3904  [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

01:04:52.0319 3904  usbhub - ok

01:04:52.0353 3904  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys

01:04:52.0365 3904  usbohci - ok

01:04:52.0413 3904  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

01:04:52.0439 3904  usbprint - ok

01:04:52.0503 3904  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

01:04:52.0518 3904  usbscan - ok

01:04:52.0549 3904  [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

01:04:52.0563 3904  USBSTOR - ok

01:04:52.0573 3904  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

01:04:52.0586 3904  usbuhci - ok

01:04:52.0617 3904  [ D501E12614B00A3252073101D6A1A74B ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

01:04:52.0633 3904  usbvideo - ok

01:04:52.0656 3904  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

01:04:52.0692 3904  UxSms - ok

01:04:52.0712 3904  [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc        C:\Windows\system32\lsass.exe

01:04:52.0722 3904  VaultSvc - ok

01:04:52.0725 3904  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys

01:04:52.0736 3904  vdrvroot - ok

01:04:52.0765 3904  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe

01:04:52.0784 3904  vds - ok

01:04:52.0810 3904  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

01:04:52.0824 3904  vga - ok

01:04:52.0840 3904  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

01:04:52.0881 3904  VgaSave - ok

01:04:52.0938 3904  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys

01:04:52.0953 3904  vhdmp - ok

01:04:52.0973 3904  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys

01:04:52.0982 3904  viaide - ok

01:04:52.0989 3904  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys

01:04:53.0000 3904  volmgr - ok

01:04:53.0015 3904  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

01:04:53.0030 3904  volmgrx - ok

01:04:53.0075 3904  [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

01:04:53.0092 3904  volsnap - ok

01:04:53.0151 3904  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

01:04:53.0163 3904  vsmraid - ok

01:04:53.0212 3904  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe

01:04:53.0260 3904  VSS - ok

01:04:53.0272 3904  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

01:04:53.0286 3904  vwifibus - ok

01:04:53.0290 3904  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

01:04:53.0318 3904  vwififlt - ok

01:04:53.0347 3904  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

01:04:53.0409 3904  W32Time - ok

01:04:53.0452 3904  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

01:04:53.0464 3904  WacomPen - ok

01:04:53.0498 3904  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

01:04:53.0540 3904  WANARP - ok

01:04:53.0556 3904  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

01:04:53.0591 3904  Wanarpv6 - ok

01:04:53.0670 3904  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

01:04:53.0704 3904  WatAdminSvc - ok

01:04:53.0766 3904  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe

01:04:53.0811 3904  wbengine - ok

01:04:53.0826 3904  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

01:04:53.0846 3904  WbioSrvc - ok

01:04:53.0858 3904  [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

01:04:53.0879 3904  wcncsvc - ok

01:04:53.0883 3904  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

01:04:53.0902 3904  WcsPlugInService - ok

01:04:53.0923 3904  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys

01:04:53.0933 3904  Wd - ok

01:04:53.0963 3904  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

01:04:53.0984 3904  Wdf01000 - ok

01:04:54.0026 3904  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

01:04:54.0056 3904  WdiServiceHost - ok

01:04:54.0060 3904  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

01:04:54.0078 3904  WdiSystemHost - ok

01:04:54.0091 3904  [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient       C:\Windows\System32\webclnt.dll

01:04:54.0124 3904  WebClient - ok

01:04:54.0142 3904  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

01:04:54.0186 3904  Wecsvc - ok

01:04:54.0207 3904  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

01:04:54.0250 3904  wercplsupport - ok

01:04:54.0266 3904  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

01:04:54.0311 3904  WerSvc - ok

01:04:54.0328 3904  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

01:04:54.0361 3904  WfpLwf - ok

01:04:54.0405 3904  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

01:04:54.0415 3904  WIMMount - ok

01:04:54.0439 3904  WinDefend - ok

01:04:54.0451 3904  WinHttpAutoProxySvc - ok

01:04:54.0496 3904  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

01:04:54.0614 3904  Winmgmt - ok

01:04:54.0671 3904  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll

01:04:54.0758 3904  WinRM - ok

01:04:54.0827 3904  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

01:04:54.0841 3904  WinUsb - ok

01:04:54.0876 3904  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

01:04:54.0907 3904  Wlansvc - ok

01:04:55.0097 3904  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

01:04:55.0150 3904  wlidsvc - ok

01:04:55.0173 3904  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

01:04:55.0183 3904  WmiAcpi - ok

01:04:55.0212 3904  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

01:04:55.0241 3904  wmiApSrv - ok

01:04:55.0274 3904  WMPNetworkSvc - ok

01:04:55.0302 3904  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

01:04:55.0313 3904  WPCSvc - ok

01:04:55.0332 3904  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

01:04:55.0355 3904  WPDBusEnum - ok

01:04:55.0381 3904  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

01:04:55.0427 3904  ws2ifsl - ok

01:04:55.0432 3904  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll

01:04:55.0461 3904  wscsvc - ok

01:04:55.0465 3904  WSearch - ok

01:04:55.0556 3904  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

01:04:55.0614 3904  wuauserv - ok

01:04:55.0628 3904  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

01:04:55.0665 3904  WudfPf - ok

01:04:55.0708 3904  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

01:04:55.0758 3904  WUDFRd - ok

01:04:55.0778 3904  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

01:04:55.0825 3904  wudfsvc - ok

01:04:55.0846 3904  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll

01:04:55.0880 3904  WwanSvc - ok

01:04:55.0973 3904  X6va009 - ok

01:04:56.0030 3904  [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys

01:04:56.0059 3904  xnacc - ok

01:04:56.0150 3904  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys

01:04:56.0191 3904  xusb21 - ok

01:04:56.0211 3904  ================ Scan global ===============================

01:04:56.0239 3904  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

01:04:56.0289 3904  [ 4343295C52C8B1ADD906F1A37B940AA1 ] C:\Windows\system32\winsrv.dll

01:04:56.0297 3904  [ 4343295C52C8B1ADD906F1A37B940AA1 ] C:\Windows\system32\winsrv.dll

01:04:56.0327 3904  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

01:04:56.0369 3904  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

01:04:56.0372 3904  [Global] - ok

01:04:56.0373 3904  ================ Scan MBR ==================================

01:04:56.0389 3904  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

01:04:56.0915 3904  \Device\Harddisk0\DR0 - ok

01:04:56.0916 3904  ================ Scan VBR ==================================

01:04:56.0921 3904  [ 267ABCA3B0218DC5CB5D61E7A305659C ] \Device\Harddisk0\DR0\Partition1

01:04:56.0923 3904  \Device\Harddisk0\DR0\Partition1 - ok

01:04:56.0963 3904  [ BBF91395D69A0AF591FF1AF178662701 ] \Device\Harddisk0\DR0\Partition2

01:04:56.0965 3904  \Device\Harddisk0\DR0\Partition2 - ok

01:04:56.0965 3904  ============================================================

01:04:56.0965 3904  Scan finished

01:04:56.0965 3904  ============================================================

01:04:56.0980 1148  Detected object count: 2

01:04:56.0980 1148  Actual detected object count: 2

01:06:54.0936 1148  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe - copied to quarantine

01:06:54.0937 1148  HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

01:06:54.0967 1148  C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe - copied to quarantine

01:06:54.0967 1148  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

Der ComboFix Scan ergab folgenden Log:(weder Updates noch die installation der wiederherstellungskonsole wurden Vorgeschlagen)

[CODE]
Combofix Logfile:

Code:

ComboFix 12-12-31.01 - *** 31.12.2012  14:59:21.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3764.2337 [GMT 1:00]

ausgeführt von:: c:\users\***\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\install.exe

c:\programdata\FullRemove.exe

c:\windows\SysWow64\URTTemp

c:\windows\SysWow64\URTTemp\regtlib.exe

c:\windows\wininit.ini

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-11-28 bis 2012-12-31  ))))))))))))))))))))))))))))))

.

.

2012-12-31 14:16 . 2012-12-31 14:16        --------        d-----w-        c:\users\Henry\AppData\Local\temp

2012-12-31 14:16 . 2012-12-31 14:16        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-12-31 14:16 . 2012-12-31 14:16        --------        d-----w-        c:\users\Gast\AppData\Local\temp

2012-12-31 00:06 . 2012-12-31 00:06        --------        d-----w-        C:\TDSSKiller_Quarantine

2012-12-30 22:39 . 2012-12-30 22:39        --------        d-----w-        c:\programdata\Malwarebytes

2012-12-22 02:01 . 2012-12-16 16:52        46080        ----a-w-        c:\windows\system32\atmlib.dll

2012-12-22 02:01 . 2012-12-16 14:25        34304        ----a-w-        c:\windows\SysWow64\atmlib.dll

2012-12-22 02:01 . 2012-12-16 14:40        367616        ----a-w-        c:\windows\system32\atmfd.dll

2012-12-22 02:01 . 2012-12-16 14:25        295424        ----a-w-        c:\windows\SysWow64\atmfd.dll

2012-12-13 19:40 . 2012-10-27 05:36        1197568        ----a-w-        c:\windows\system32\wininet.dll

2012-12-13 19:39 . 2012-09-06 17:38        295792        ----a-w-        c:\windows\system32\drivers\volsnap.sys

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-11 19:54 . 2012-10-12 23:10        697272        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2012-12-11 19:54 . 2012-01-10 17:38        73656        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-11-14 17:39 . 2012-11-14 17:39        477168        ----a-w-        c:\windows\SysWow64\npdeployJava1.dll

2012-11-14 17:39 . 2011-01-12 18:49        473072        ----a-w-        c:\windows\SysWow64\deployJava1.dll

2012-10-04 16:45 . 2012-12-13 19:40        44032        ----a-w-        c:\windows\apppatch\acwow64.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-10-16 1521352]

.

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

2012-10-16 23:46        1521352        ----a-w-        c:\program files (x86)\Ask.com\GenericAskToolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-10-16 1521352]

.

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58        94208        ----a-w-        c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58        94208        ----a-w-        c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58        94208        ----a-w-        c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2010-05-27 02:40        120176        ----a-w-        c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"GoogleChromeAutoLaunch_BD9CE8D9AF03ACAD7E09EEFF0A24603C"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2012-12-05 1242728]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]

"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]

"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-05 98304]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]

"MDS_Menu"="c:\program files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"ArcadeMovieService"="c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [2011-02-17 124136]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]

"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-14 348664]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]

"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-10-16 1573576]

"LogMeIn Hamachi Ui"="c:\users\***\Downloads\hamachi-2-ui.exe" [2012-12-10 2254768]

.

c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]

R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]

R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\DAUpdaterSvc.Service.exe [x]

R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-12-07 246224]

R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]

R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]

R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]

R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2009-07-15 16392]

R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-20 1255736]

R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-05-02 27760]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-20 202752]

S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]

S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-06-15 822304]

S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\users\***\Downloads\hamachi-2.exe [2012-12-10 2465712]

S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-02-21 8704]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]

S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]

S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01 2533400]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]

S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]

S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-06-05 10326784]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-06-25 76912]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

.

.

Inhalt des "geplante Tasks" Ordners

.

2012-12-31 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-12 19:54]

.

2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-22 17:57]

.

2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-22 17:57]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58        97792        ----a-w-        c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58        97792        ----a-w-        c:\users\***AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58        97792        ----a-w-        c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58        97792        ----a-w-        c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2010-05-27 02:42        137584        ----a-w-        c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-22 10081312]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-22 877600]

"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-02-05 324608]

"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-05 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-05 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-05 413208]

"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-06-15 496160]

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.google.de/

uLocal Page = c:\windows\system32\blank.htm

mDefault_Page_URL = hxxp://acer.msn.com

mStart Page = hxxp://acer.msn.com

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Free YouTube Download - c:\users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

TCP: Interfaces\{2D71057B-DD2C-4205-8B27-D7D2BFFC34A0}: NameServer = 212.23.97.2 212.23.97.3

TCP: Interfaces\{34CB7274-4F0C-45A7-8161-AA3E60EB34A9}: NameServer = 212.23.115.148 212.23.97.2

TCP: Interfaces\{D16F0FEC-D0CB-455A-9A49-4A10B4725A60}: NameServer = 212.23.115.148 212.23.97.2

TCP: Interfaces\{EB7E679A-68AF-4B4D-A068-E43F3587A635}: NameServer = 212.23.115.148 212.23.97.3

FF - ProfilePath - c:\users\Milan Libischer\AppData\Roaming\Mozilla\Firefox\Profiles\0pv78wgo.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2857573&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=66B73BE4-3A8F-4023-857F-21BFBE8E1DEC&apn_ptnrs=U3&apn_sauid=4C454B66-CE86-474C-81A2-F866ECCF8141&apn_dtid=OSJ000YYDE&&q=

FF - ExtSQL: 2012-11-14 18:39; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

FF - ExtSQL: 2012-11-14 18:50; toolbar@ask.com; c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\0pv78wgo.default\extensions\toolbar@ask.com

FF - ExtSQL: 2012-11-28 19:05; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\0pv78wgo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-NPSStartup - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

Toolbar-Locked - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-BattlEye A2 Free - c:\program files (x86)\steam\steamapps\common\arma 2 freeBattlEye\UnInstallBE.exe

AddRemove-BattlEye for A2 - c:\program files (x86)\Bohemia Interactive\ArmABattlEye\UnInstallBE.exe

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]

"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-1470259330-3820463359-1782755890-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

@Allowed: (Read) (RestrictedCode)

"??"=hex:41,a8,7b,a0,36,6e,a3,d4,63,68,d1,f6,7c,3b,2a,c6,30,50,68,5c,f6,ae,ce,

   54,8f,37,f1,06,eb,38,3a,04,b2,6d,c6,c2,11,db,db,c7,15,f6,9e,f0,53,cd,dc,57,\

"??"=hex:01,3a,42,c4,61,50,a3,f9,f7,2f,61,ee,cd,cc,6e,5a

.

[HKEY_USERS\S-1-5-21-1470259330-3820463359-1782755890-1001\Software\SecuROM\License information*]

"datasecu"=hex:5b,36,e2,32,25,aa,82,9d,c4,f4,ec,0a,72,8a,2a,cc,11,6e,06,a8,63,

   ce,36,53,d5,e2,c8,35,78,01,ce,2e,e2,89,ff,77,16,3d,1b,99,e5,42,46,6f,1e,88,\

"rkeysecu"=hex:ca,ba,be,a8,b9,06,d4,bd,b9,8e,e0,e6,8f,55,ed,d9

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2012-12-31  15:33:22

ComboFix-quarantined-files.txt  2012-12-31 14:33

.

Vor Suchlauf: 14 Verzeichnis(se), 16.630.263.808 Bytes frei

Nach Suchlauf: 18 Verzeichnis(se), 17.350.733.824 Bytes frei

.

- - End Of File - - C0387955C7244D9F81D1042C23920321

--- --- ---