| |
| |||||||
Log-Analyse und Auswertung: Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.07.2012, 14:00
| #1 |
| |  Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe) Hallo  Habe mir vor ein paar Tagen einen GVU Trojaner eingefangen. Habe diverse Programme wie Kaspersky Rescue Disc, Avira DE Cleaner usw. ausprobiert. Der Trojaner erzeugte ein ähnliches Bild wie die Version 2.04, jedoch war auch ein kleines Fenster zu sehen, in dem meine Webcam aktiviert war. Habe mich dann schließlich wagemutig dazu entschlossen, Combofix auszuprobieren. Das Programm hat eine sogenannte glom0_og.exe ausfindig gemacht und in seine Quarantäne verschoben. Seitdem kann ich meinen Laptop wieder ganz normal benutzen, jedoch kommt bei jedem Hochfahren folgende Fehlermeldung: "RunDLL: Fehler beim Laden von C:\Users\Denios\AppData\Local\Temp\glom0_og.exe Das angegebene Modul wurde nicht gefunden." Das sagt mir, dass der Virus noch nicht gänzlich weg ist... Also habe ich Defogger und OTL heruntergeladen, mein DaemonTools via erstem Programm gesperrt und einen QuickScan mit dem zweiten Programm ausgeführt. Meine Logfiles habe ich im Anhang beigefügt. Falls es irgendwie helfen sollte: Ich habe die 32bit Version von Windows Vista. Hoffe, dass mir jemand helfen kann und bedanke mich bereits im Voraus, Denios EDIT: Ach ja, mein Avira Antivirus hat nach einem Systemscan die glom0_og.exe.vir aus der Quarantäne von Combofix in seine eigene Quarantäne verschoben... Geändert von Denios (14.07.2012 um 14:08 Uhr) |
|
14.07.2012, 14:30
| #2 |
| /// Malware-holic   | Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe) hi
__________________steht nicht eindeutig bei combofix das man es nicht selbst ausführen soll? wo ist der bericht?
__________________ |
|
14.07.2012, 16:15
| #3 |
| | Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe) Ja, aber ich habe einen Beitrag in einem Forum gefunden, wo exakt das gleiche Problem war, und der Person wurde geraten, Combofix auszuführen...
__________________Wo finde ich denn den Bericht dazu? Ich hatte eine Text-Datei, die glaube ich so hieß, aber die hat mich sehr verwirrt, weil da drin stand, der User hieß "Susanne" oder so ähnlich... Die hab ich gelöscht... |
|
16.07.2012, 18:41
| #4 |
| /// Malware-holic | Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe) ist sie noch im papierkorb? deswegen nutzt man ja keine programme, die einen verwirren... öffne den quarantäne ordner von combofix, (quarantain, dort die quarantained-files.txt suchen und posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.07.2012, 23:03
| #5 |
| | Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe) Ist nicht mehr im Papierkorb... Ich habe zumindest draus gelernt für die Zukunft... Hier die quarantined-files.txt : Code:
ATTFilter 2012-07-12 03:36:31 . 2012-07-12 03:36:31 912 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-25_escape.reg.dat
2012-07-12 03:36:31 . 2012-07-12 03:36:31 928 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-24_flashusbdriver.reg.dat
2012-07-12 03:36:31 . 2012-07-12 03:36:31 924 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-22_WiBro_WiMAX.reg.dat
2012-07-12 03:36:31 . 2012-07-12 03:36:31 916 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-20_NXP_Driver.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 916 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-19_VIA_driver.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 948 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-18_Zinia_Serial_Driver.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 924 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-17_EMP_Chipset2.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 916 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-16_Shrewsbury.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 936 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-11_HSP_Plus_Default.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 884 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-09_Hsp.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 916 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-08_EMPChipset.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 896 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-07_Schorl.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 904 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-06_Spencer.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 892 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-05_Sloan.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 908 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-04_semseyite.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 920 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-03_Swallowtail.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 908 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-02_Siberian.reg.dat
2012-07-12 03:36:30 . 2012-07-12 03:36:30 908 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-01_Simmental.reg.dat
2012-07-12 03:36:28 . 2012-07-12 03:36:28 492 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-Sierra Utilities.reg.dat
2012-07-12 03:36:28 . 2012-07-12 03:36:28 1,348 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-RealPlayer 15.0.reg.dat
2012-07-12 03:36:26 . 2012-07-12 03:36:26 558 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-Half-Life.reg.dat
2012-07-12 03:36:03 . 2012-07-12 03:36:03 558 ----a-w- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-Wdf01000.sys.reg.dat
2012-07-12 03:35:54 . 2012-07-12 03:35:54 107 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-EfficientStickyNotes.reg.dat
2012-07-12 03:35:54 . 2012-07-12 03:35:54 140 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-WinampAgent.reg.dat
2012-07-12 03:35:52 . 2012-07-12 03:35:52 161 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-KiesAirMessage.reg.dat
2012-07-12 03:35:52 . 2012-07-12 03:35:52 145 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-RocketDock.reg.dat
2012-07-12 03:35:51 . 2012-07-12 03:35:51 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{6D8D66F3-14FC-4736-A096-FAC0EA66289C}.reg.dat
2012-07-12 03:35:51 . 2012-07-12 03:35:51 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}.reg.dat
2012-07-12 03:35:49 . 2012-07-12 03:35:49 118 ----a-w- C:\Qoobox\Quarantine\Registry_backups\URLSearchHooks-{6d8d66f3-14fc-4736-a096-fac0ea66289c}.reg.dat
2012-07-12 03:35:49 . 2012-07-12 03:35:49 118 ----a-w- C:\Qoobox\Quarantine\Registry_backups\URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2}.reg.dat
2012-07-12 03:20:29 . 2012-07-12 03:20:29 4,881 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2012-07-12 03:06:52 . 2012-07-12 03:11:49 133 ----a-w- C:\Qoobox\Quarantine\catchme.log
2012-07-10 20:10:00 . 2012-07-10 20:10:00 205,824 ----a-w- C:\Qoobox\Quarantine\C\Users\Denios\AppData\Local\Temp\glom0_og.exe.vir
2012-06-23 16:18:11 . 2012-06-23 16:18:11 115,137 ----a-w- C:\Qoobox\Quarantine\C\Users\Denios\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll.vir
2012-03-07 20:04:50 . 2012-03-10 02:53:26 1,197 ----a-w- C:\Qoobox\Quarantine\C\Users\Denios\AppData\Roaming\LOVE\mari0\options.txt.vir
2012-01-30 08:23:06 . 1998-01-23 11:20:34 305,664 ----a-w- C:\Qoobox\Quarantine\C\Windows\IsUn0407.exe.vir
2011-09-15 19:31:00 . 2011-09-15 19:31:03 254 ----a-w- C:\Qoobox\Quarantine\C\CFLog\CrashLog_20110915.txt.vir
2011-08-03 22:20:18 . 2011-08-03 22:20:23 208 ----a-w- C:\Qoobox\Quarantine\C\CFLog\CrashLog_20110804.txt.vir
2011-07-27 14:21:36 . 2011-07-27 14:28:38 88 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\28C7E75D75.sys.vir
|
|
18.07.2012, 19:45
| #6 |
| /// Malware-holic | Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe) download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ --> Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe) |
|
19.07.2012, 12:45
| #7 | |
| | Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe) Hier der log von TDSSKiller: Code:
ATTFilter 13:40:13.0938 2004 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
13:40:14.0021 2004 ============================================================
13:40:14.0021 2004 Current date / time: 2012/07/19 13:40:14.0021
13:40:14.0021 2004 SystemInfo:
13:40:14.0021 2004
13:40:14.0021 2004 OS Version: 6.0.6002 ServicePack: 2.0
13:40:14.0021 2004 Product type: Workstation
13:40:14.0021 2004 ComputerName: DENIOS-PC
13:40:14.0021 2004 UserName: Denios
13:40:14.0022 2004 Windows directory: C:\Windows
13:40:14.0022 2004 System windows directory: C:\Windows
13:40:14.0022 2004 Processor architecture: Intel x86
13:40:14.0022 2004 Number of processors: 2
13:40:14.0022 2004 Page size: 0x1000
13:40:14.0022 2004 Boot type: Normal boot
13:40:14.0022 2004 ============================================================
13:40:14.0507 2004 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:40:14.0509 2004 ============================================================
13:40:14.0509 2004 \Device\Harddisk0\DR0:
13:40:14.0509 2004 MBR partitions:
13:40:14.0509 2004 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x381F0000
13:40:14.0509 2004 ============================================================
13:40:14.0548 2004 C: <-> \Device\Harddisk0\DR0\Partition0
13:40:14.0548 2004 ============================================================
13:40:14.0548 2004 Initialize success
13:40:14.0549 2004 ============================================================
13:40:18.0376 4820 ============================================================
13:40:18.0376 4820 Scan started
13:40:18.0376 4820 Mode: Manual; SigCheck; TDLFS;
13:40:18.0376 4820 ============================================================
13:40:19.0188 4820 ACEDRV07 (4e5451dd0aec8504d7f8030dd2d4c416) C:\Windows\system32\drivers\ACEDRV07.sys
13:40:19.0302 4820 ACEDRV07 ( UnsignedFile.Multi.Generic ) - warning
13:40:19.0302 4820 ACEDRV07 - detected UnsignedFile.Multi.Generic (1)
13:40:19.0376 4820 acedrv10 (553ba53445795cbc0d4f9fa37eb855a6) C:\Windows\system32\drivers\acedrv10.sys
13:40:19.0449 4820 acedrv10 - ok
13:40:19.0484 4820 acehlp10 (8ce00b6a46962a1808b19cd1dae5170c) C:\Windows\system32\drivers\acehlp10.sys
13:40:19.0501 4820 acehlp10 - ok
13:40:19.0567 4820 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:40:19.0592 4820 ACPI - ok
13:40:19.0704 4820 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:40:19.0717 4820 AdobeARMservice - ok
13:40:19.0812 4820 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:40:19.0829 4820 AdobeFlashPlayerUpdateSvc - ok
13:40:19.0904 4820 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
13:40:19.0931 4820 adp94xx - ok
13:40:19.0970 4820 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
13:40:19.0991 4820 adpahci - ok
13:40:20.0007 4820 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
13:40:20.0025 4820 adpu160m - ok
13:40:20.0049 4820 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
13:40:20.0067 4820 adpu320 - ok
13:40:20.0122 4820 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:40:20.0149 4820 AeLookupSvc - ok
13:40:20.0191 4820 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
13:40:20.0214 4820 AFD - ok
13:40:20.0280 4820 AgereModemAudio (efbc44fbd75e4f80bd927aebf6e7eade) C:\Windows\system32\agrsmsvc.exe
13:40:20.0292 4820 AgereModemAudio - ok
13:40:20.0376 4820 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
13:40:20.0406 4820 AgereSoftModem - ok
13:40:20.0471 4820 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
13:40:20.0484 4820 agp440 - ok
13:40:20.0530 4820 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:40:20.0543 4820 aic78xx - ok
13:40:20.0600 4820 AlfaFF (4490b8bdf38750458eb9b24835fda8fe) C:\Windows\system32\drivers\AlfaFF.sys
13:40:20.0610 4820 AlfaFF - ok
13:40:20.0628 4820 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:40:20.0654 4820 ALG - ok
13:40:20.0683 4820 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
13:40:20.0695 4820 aliide - ok
13:40:20.0749 4820 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
13:40:20.0762 4820 amdagp - ok
13:40:20.0774 4820 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
13:40:20.0786 4820 amdide - ok
13:40:20.0832 4820 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
13:40:20.0857 4820 AmdK7 - ok
13:40:20.0878 4820 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
13:40:20.0903 4820 AmdK8 - ok
13:40:21.0011 4820 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:40:21.0022 4820 AntiVirSchedulerService - ok
13:40:21.0042 4820 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:40:21.0052 4820 AntiVirService - ok
13:40:21.0107 4820 ApfiltrService (91b05bbb609c79d73e2332b6e5f99aea) C:\Windows\system32\DRIVERS\Apfiltr.sys
13:40:21.0120 4820 ApfiltrService - ok
13:40:21.0158 4820 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:40:21.0177 4820 Appinfo - ok
13:40:21.0216 4820 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
13:40:21.0232 4820 arc - ok
13:40:21.0281 4820 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
13:40:21.0297 4820 arcsas - ok
13:40:21.0336 4820 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:40:21.0370 4820 AsyncMac - ok
13:40:21.0422 4820 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
13:40:21.0439 4820 atapi - ok
13:40:21.0499 4820 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
13:40:21.0518 4820 atksgt - ok
13:40:21.0567 4820 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:40:21.0608 4820 AudioEndpointBuilder - ok
13:40:21.0615 4820 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:40:21.0650 4820 Audiosrv - ok
13:40:21.0679 4820 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
13:40:21.0693 4820 avgntflt - ok
13:40:21.0712 4820 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
13:40:21.0728 4820 avipbb - ok
13:40:21.0738 4820 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
13:40:21.0752 4820 avkmgr - ok
13:40:21.0817 4820 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:40:21.0855 4820 b57nd60x - ok
13:40:21.0929 4820 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:40:21.0964 4820 Beep - ok
13:40:22.0010 4820 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
13:40:22.0042 4820 BFE - ok
13:40:22.0112 4820 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
13:40:22.0194 4820 BITS - ok
13:40:22.0241 4820 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
13:40:22.0274 4820 blbdrive - ok
13:40:22.0296 4820 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
13:40:22.0314 4820 bowser - ok
13:40:22.0355 4820 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:40:22.0381 4820 BrFiltLo - ok
13:40:22.0395 4820 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:40:22.0421 4820 BrFiltUp - ok
13:40:22.0454 4820 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:40:22.0488 4820 Browser - ok
13:40:22.0534 4820 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:40:22.0590 4820 Brserid - ok
13:40:22.0620 4820 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:40:22.0676 4820 BrSerWdm - ok
13:40:22.0694 4820 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:40:22.0745 4820 BrUsbMdm - ok
13:40:22.0751 4820 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:40:22.0794 4820 BrUsbSer - ok
13:40:22.0819 4820 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:40:22.0861 4820 BTHMODEM - ok
13:40:23.0078 4820 catchme - ok
13:40:23.0112 4820 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:40:23.0141 4820 cdfs - ok
13:40:23.0170 4820 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:40:23.0196 4820 cdrom - ok
13:40:23.0230 4820 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:40:23.0256 4820 CertPropSvc - ok
13:40:23.0286 4820 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
13:40:23.0318 4820 circlass - ok
13:40:23.0357 4820 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:40:23.0378 4820 CLFS - ok
13:40:23.0432 4820 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:40:23.0447 4820 clr_optimization_v2.0.50727_32 - ok
13:40:23.0498 4820 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:40:23.0515 4820 clr_optimization_v4.0.30319_32 - ok
13:40:23.0540 4820 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
13:40:23.0573 4820 CmBatt - ok
13:40:23.0601 4820 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
13:40:23.0617 4820 cmdide - ok
13:40:23.0643 4820 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
13:40:23.0660 4820 Compbatt - ok
13:40:23.0663 4820 COMSysApp - ok
13:40:23.0677 4820 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
13:40:23.0693 4820 crcdisk - ok
13:40:23.0723 4820 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
13:40:23.0757 4820 Crusoe - ok
13:40:23.0826 4820 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
13:40:23.0871 4820 CryptSvc - ok
13:40:23.0938 4820 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:40:23.0979 4820 DcomLaunch - ok
13:40:24.0008 4820 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
13:40:24.0050 4820 DfsC - ok
13:40:24.0180 4820 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
13:40:24.0284 4820 DFSR - ok
13:40:24.0416 4820 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
13:40:24.0450 4820 Dhcp - ok
13:40:24.0492 4820 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:40:24.0515 4820 disk - ok
13:40:24.0540 4820 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
13:40:24.0558 4820 DKbFltr - ok
13:40:24.0599 4820 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
13:40:24.0647 4820 Dnscache - ok
13:40:24.0697 4820 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
13:40:24.0735 4820 dot3svc - ok
13:40:24.0778 4820 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:40:24.0826 4820 DPS - ok
13:40:24.0868 4820 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:40:24.0907 4820 drmkaud - ok
13:40:24.0972 4820 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:40:24.0999 4820 dtsoftbus01 - ok
13:40:25.0067 4820 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
13:40:25.0116 4820 DXGKrnl - ok
13:40:25.0155 4820 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:40:25.0181 4820 E1G60 - ok
13:40:25.0215 4820 EagleXNt - ok
13:40:25.0236 4820 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:40:25.0257 4820 EapHost - ok
13:40:25.0295 4820 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:40:25.0310 4820 Ecache - ok
13:40:25.0367 4820 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
13:40:25.0383 4820 ehRecvr - ok
13:40:25.0394 4820 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:40:25.0408 4820 ehSched - ok
13:40:25.0424 4820 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:40:25.0437 4820 ehstart - ok
13:40:25.0500 4820 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
13:40:25.0519 4820 elxstor - ok
13:40:25.0571 4820 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
13:40:25.0594 4820 EMDMgmt - ok
13:40:25.0703 4820 ePowerSvc (2072cbe938dd355c4a52e9a4dcf5439f) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
13:40:25.0732 4820 ePowerSvc - ok
13:40:25.0803 4820 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
13:40:25.0837 4820 ErrDev - ok
13:40:25.0885 4820 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
13:40:25.0916 4820 EventSystem - ok
13:40:26.0063 4820 EvtEng (54b6e150bff4a47eb0d204119d262e46) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:40:26.0086 4820 EvtEng ( UnsignedFile.Multi.Generic ) - warning
13:40:26.0086 4820 EvtEng - detected UnsignedFile.Multi.Generic (1)
13:40:26.0155 4820 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:40:26.0174 4820 exfat - ok
13:40:26.0239 4820 Fabs - ok
13:40:26.0264 4820 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:40:26.0291 4820 fastfat - ok
13:40:26.0331 4820 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:40:26.0363 4820 fdc - ok
13:40:26.0395 4820 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:40:26.0428 4820 fdPHost - ok
13:40:26.0439 4820 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:40:26.0482 4820 FDResPub - ok
13:40:26.0515 4820 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:40:26.0528 4820 FileInfo - ok
13:40:26.0548 4820 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:40:26.0573 4820 Filetrace - ok
13:40:26.0730 4820 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
13:40:26.0827 4820 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
13:40:26.0827 4820 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
13:40:26.0968 4820 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:40:27.0002 4820 flpydisk - ok
13:40:27.0034 4820 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:40:27.0053 4820 FltMgr - ok
13:40:27.0134 4820 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
13:40:27.0170 4820 FontCache - ok
13:40:27.0311 4820 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:40:27.0325 4820 FontCache3.0.0.0 - ok
13:40:27.0371 4820 FPSensor (140c20d2ef25993e66e9d60e66977f3e) C:\Windows\system32\Drivers\FPSensor.sys
13:40:27.0387 4820 FPSensor - ok
13:40:27.0425 4820 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
13:40:27.0467 4820 Fs_Rec - ok
13:40:27.0498 4820 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
13:40:27.0520 4820 gagp30kx - ok
13:40:27.0608 4820 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
13:40:27.0624 4820 ggflt - ok
13:40:27.0720 4820 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
13:40:27.0737 4820 ggsemc - ok
13:40:27.0815 4820 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
13:40:27.0875 4820 gpsvc - ok
13:40:27.0940 4820 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
13:40:27.0984 4820 HdAudAddService - ok
13:40:28.0048 4820 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:40:28.0079 4820 HDAudBus - ok
13:40:28.0119 4820 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:40:28.0162 4820 HidBth - ok
13:40:28.0207 4820 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:40:28.0249 4820 HidIr - ok
13:40:28.0284 4820 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
13:40:28.0299 4820 hidserv - ok
13:40:28.0324 4820 hidshim (7f7e5e98cefed8a10f7e56810ea7b6df) C:\Windows\system32\DRIVERS\hidshim.sys
13:40:28.0354 4820 hidshim - ok
13:40:28.0384 4820 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
13:40:28.0405 4820 HidUsb - ok
13:40:28.0428 4820 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:40:28.0462 4820 hkmsvc - ok
13:40:28.0500 4820 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
13:40:28.0516 4820 HpCISSs - ok
13:40:28.0578 4820 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:40:28.0647 4820 HTTP - ok
13:40:28.0678 4820 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
13:40:28.0692 4820 i2omp - ok
13:40:28.0758 4820 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:40:28.0791 4820 i8042prt - ok
13:40:28.0838 4820 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\Windows\system32\DRIVERS\iaStor.sys
13:40:28.0854 4820 iaStor - ok
13:40:28.0918 4820 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
13:40:28.0934 4820 iaStorV - ok
13:40:29.0041 4820 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:40:29.0068 4820 idsvc - ok
13:40:29.0250 4820 IGBASVC (ea282b193d3a6b0a64085ad71b0817b0) c:\Program Files\Acer Bio Protection\BASVC.exe
13:40:29.0346 4820 IGBASVC ( UnsignedFile.Multi.Generic ) - warning
13:40:29.0346 4820 IGBASVC - detected UnsignedFile.Multi.Generic (1)
13:40:29.0452 4820 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:40:29.0467 4820 iirsp - ok
13:40:29.0519 4820 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
13:40:29.0561 4820 IKEEXT - ok
13:40:29.0596 4820 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) c:\Windows\system32\drivers\int15.sys
13:40:29.0605 4820 int15 ( UnsignedFile.Multi.Generic ) - warning
13:40:29.0605 4820 int15 - detected UnsignedFile.Multi.Generic (1)
13:40:29.0770 4820 IntcAzAudAddService (ffb0b713a54dd05193dbcd0b790b37ee) C:\Windows\system32\drivers\RTKVHDA.sys
13:40:29.0851 4820 IntcAzAudAddService - ok
13:40:29.0964 4820 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
13:40:29.0980 4820 intelide - ok
13:40:30.0013 4820 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:40:30.0047 4820 intelppm - ok
13:40:30.0074 4820 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:40:30.0109 4820 IPBusEnum - ok
13:40:30.0130 4820 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:40:30.0164 4820 IpFilterDriver - ok
13:40:30.0202 4820 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
13:40:30.0239 4820 iphlpsvc - ok
13:40:30.0243 4820 IpInIp - ok
13:40:30.0268 4820 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
13:40:30.0301 4820 IPMIDRV - ok
13:40:30.0319 4820 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:40:30.0353 4820 IPNAT - ok
13:40:30.0382 4820 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
13:40:30.0420 4820 irda - ok
13:40:30.0458 4820 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:40:30.0494 4820 IRENUM - ok
13:40:30.0535 4820 Irmon (cbb0d940221a281bcfeaea695bd1cda5) C:\Windows\System32\irmon.dll
13:40:30.0590 4820 Irmon - ok
13:40:30.0614 4820 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
13:40:30.0630 4820 isapnp - ok
13:40:30.0689 4820 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:40:30.0710 4820 iScsiPrt - ok
13:40:30.0731 4820 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:40:30.0746 4820 iteatapi - ok
13:40:30.0790 4820 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:40:30.0806 4820 iteraid - ok
13:40:30.0859 4820 k57nd60x (eac21e8014c7e6ee341afffb7e2bbd54) C:\Windows\system32\DRIVERS\k57nd60x.sys
13:40:30.0896 4820 k57nd60x - ok
13:40:30.0921 4820 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:40:30.0938 4820 kbdclass - ok
13:40:30.0956 4820 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
13:40:30.0983 4820 kbdhid - ok
13:40:31.0009 4820 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:40:31.0032 4820 KeyIso - ok
13:40:31.0088 4820 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
13:40:31.0114 4820 KSecDD - ok
13:40:31.0158 4820 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:40:31.0201 4820 KtmRm - ok
13:40:31.0246 4820 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
13:40:31.0267 4820 LanmanServer - ok
13:40:31.0302 4820 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
13:40:31.0347 4820 LanmanWorkstation - ok
13:40:31.0408 4820 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
13:40:31.0422 4820 lirsgt - ok
13:40:31.0450 4820 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:40:31.0483 4820 lltdio - ok
13:40:31.0526 4820 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:40:31.0562 4820 lltdsvc - ok
13:40:31.0585 4820 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:40:31.0671 4820 lmhosts - ok
13:40:31.0712 4820 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
13:40:31.0733 4820 LSI_FC - ok
13:40:31.0762 4820 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
13:40:31.0783 4820 LSI_SAS - ok
13:40:31.0801 4820 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
13:40:31.0829 4820 LSI_SCSI - ok
13:40:31.0860 4820 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:40:31.0886 4820 luafv - ok
13:40:31.0909 4820 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
13:40:31.0923 4820 Mcx2Svc - ok
13:40:31.0987 4820 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
13:40:31.0999 4820 megasas - ok
13:40:32.0140 4820 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
13:40:32.0164 4820 MegaSR - ok
13:40:32.0275 4820 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:40:32.0295 4820 Microsoft Office Groove Audit Service - ok
13:40:32.0346 4820 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:40:32.0379 4820 MMCSS - ok
13:40:32.0394 4820 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:40:32.0430 4820 Modem - ok
13:40:32.0462 4820 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:40:32.0487 4820 monitor - ok
13:40:32.0494 4820 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:40:32.0506 4820 mouclass - ok
13:40:32.0522 4820 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:40:32.0547 4820 mouhid - ok
13:40:32.0554 4820 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:40:32.0567 4820 MountMgr - ok
13:40:32.0667 4820 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:40:32.0680 4820 MozillaMaintenance - ok
13:40:32.0729 4820 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
13:40:32.0745 4820 mpio - ok
13:40:32.0776 4820 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:40:32.0802 4820 mpsdrv - ok
13:40:32.0837 4820 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
13:40:32.0871 4820 MpsSvc - ok
13:40:32.0896 4820 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:40:32.0911 4820 Mraid35x - ok
13:40:32.0944 4820 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:40:32.0964 4820 MRxDAV - ok
13:40:32.0994 4820 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:40:33.0035 4820 mrxsmb - ok
13:40:33.0067 4820 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:40:33.0087 4820 mrxsmb10 - ok
13:40:33.0094 4820 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:40:33.0112 4820 mrxsmb20 - ok
13:40:33.0148 4820 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
13:40:33.0164 4820 msahci - ok
13:40:33.0191 4820 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
13:40:33.0208 4820 msdsm - ok
13:40:33.0268 4820 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:40:33.0313 4820 MSDTC - ok
13:40:33.0345 4820 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:40:33.0387 4820 Msfs - ok
13:40:33.0416 4820 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:40:33.0438 4820 msisadrv - ok
13:40:33.0480 4820 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:40:33.0525 4820 MSiSCSI - ok
13:40:33.0530 4820 msiserver - ok
13:40:33.0582 4820 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:40:33.0625 4820 MSKSSRV - ok
13:40:33.0653 4820 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:40:33.0696 4820 MSPCLOCK - ok
13:40:33.0704 4820 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:40:33.0747 4820 MSPQM - ok
13:40:33.0790 4820 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:40:33.0815 4820 MsRPC - ok
13:40:33.0837 4820 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:40:33.0853 4820 mssmbios - ok
13:40:33.0885 4820 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:40:33.0917 4820 MSTEE - ok
13:40:33.0944 4820 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:40:33.0962 4820 Mup - ok
13:40:34.0000 4820 mwlPSDFilter (2de94e435c3efde58c7b1856d4f20724) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
13:40:34.0013 4820 mwlPSDFilter - ok
13:40:34.0028 4820 mwlPSDNServ (61920a7146eed3d903dbbb8ec295af76) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
13:40:34.0040 4820 mwlPSDNServ - ok
13:40:34.0050 4820 mwlPSDVDisk (e0f49721e68ebd2983e84c44fada6665) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
13:40:34.0063 4820 mwlPSDVDisk - ok
13:40:34.0137 4820 MWLService (fd257cd94057d02108b954156d7b2770) C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
13:40:34.0154 4820 MWLService - ok
13:40:34.0183 4820 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
13:40:34.0216 4820 napagent - ok
13:40:34.0253 4820 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:40:34.0273 4820 NativeWifiP - ok
13:40:34.0323 4820 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:40:34.0356 4820 NDIS - ok
13:40:34.0407 4820 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:40:34.0435 4820 NdisTapi - ok
13:40:34.0449 4820 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:40:34.0492 4820 Ndisuio - ok
13:40:34.0529 4820 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:40:34.0564 4820 NdisWan - ok
13:40:34.0576 4820 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:40:34.0610 4820 NDProxy - ok
13:40:34.0623 4820 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:40:34.0657 4820 NetBIOS - ok
13:40:34.0686 4820 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:40:34.0714 4820 netbt - ok
13:40:34.0742 4820 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:40:34.0761 4820 Netlogon - ok
13:40:34.0790 4820 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:40:34.0828 4820 Netman - ok
13:40:34.0843 4820 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:40:34.0872 4820 netprofm - ok
13:40:34.0929 4820 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:40:34.0941 4820 NetTcpPortSharing - ok
13:40:35.0151 4820 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
13:40:35.0251 4820 NETw5v32 - ok
13:40:35.0364 4820 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:40:35.0375 4820 nfrd960 - ok
13:40:35.0409 4820 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:40:35.0438 4820 NlaSvc - ok
13:40:35.0473 4820 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:40:35.0510 4820 Npfs - ok
13:40:35.0543 4820 NSCIRDA (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys
13:40:35.0573 4820 NSCIRDA - ok
13:40:35.0609 4820 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:40:35.0646 4820 nsi - ok
13:40:35.0665 4820 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:40:35.0702 4820 nsiproxy - ok
13:40:35.0783 4820 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:40:35.0816 4820 Ntfs - ok
13:40:35.0894 4820 NTI IScheduleSvc (944e3911888b9fffd843b91c8abbd3f6) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
13:40:35.0903 4820 NTI IScheduleSvc - ok
13:40:35.0936 4820 NTIBackupSvc (973dcb15731339fca176e534055cf115) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
13:40:35.0945 4820 NTIBackupSvc - ok
13:40:35.0987 4820 NTIDrvr (6dcaa65f49ef3b97a5cffc0cb5de1c2f) C:\Windows\system32\Drivers\NTIDrvr.sys
13:40:35.0996 4820 NTIDrvr - ok
13:40:36.0018 4820 NTISchedulerSvc (58751f9248d50bce1053976c9e2f0859) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
13:40:36.0029 4820 NTISchedulerSvc - ok
13:40:36.0060 4820 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:40:36.0103 4820 ntrigdigi - ok
13:40:36.0106 4820 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:40:36.0132 4820 Null - ok
13:40:36.0163 4820 nuvotonhidgeneric (85d8845b7b6a434b7ce35723bf0e5c57) C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys
13:40:36.0173 4820 nuvotonhidgeneric - ok
13:40:36.0194 4820 NVHDA (5942c96a3ac3029490961949f9009344) C:\Windows\system32\drivers\nvhda32v.sys
13:40:36.0205 4820 NVHDA - ok
13:40:36.0568 4820 nvlddmkm (7faa756fefdd371745c88f8ae3141f0f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:40:36.0783 4820 nvlddmkm - ok
13:40:36.0914 4820 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
13:40:36.0928 4820 nvraid - ok
13:40:36.0960 4820 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
13:40:36.0977 4820 nvstor - ok
13:40:37.0013 4820 nvsvc (4cb7bca1918eb21bee0140ac6c69e481) C:\Windows\system32\nvvsvc.exe
13:40:37.0030 4820 nvsvc - ok
13:40:37.0065 4820 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
13:40:37.0082 4820 nv_agp - ok
13:40:37.0086 4820 NwlnkFlt - ok
13:40:37.0092 4820 NwlnkFwd - ok
13:40:37.0198 4820 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:40:37.0222 4820 odserv - ok
13:40:37.0274 4820 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
13:40:37.0307 4820 ohci1394 - ok
13:40:37.0357 4820 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:40:37.0377 4820 ose - ok
13:40:37.0502 4820 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:40:37.0591 4820 p2pimsvc - ok
13:40:37.0602 4820 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:40:37.0639 4820 p2psvc - ok
13:40:37.0678 4820 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:40:37.0752 4820 Parport - ok
13:40:37.0790 4820 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
13:40:37.0812 4820 partmgr - ok
13:40:37.0839 4820 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:40:37.0912 4820 Parvdm - ok
13:40:37.0954 4820 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:40:37.0981 4820 PcaSvc - ok
13:40:38.0041 4820 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:40:38.0067 4820 pci - ok
13:40:38.0105 4820 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
13:40:38.0126 4820 pciide - ok
13:40:38.0181 4820 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
13:40:38.0205 4820 pcmcia - ok
13:40:38.0279 4820 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:40:38.0369 4820 PEAUTH - ok
13:40:38.0558 4820 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:40:38.0627 4820 pla - ok
13:40:38.0730 4820 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
13:40:38.0754 4820 PlugPlay - ok
13:40:38.0809 4820 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:40:38.0834 4820 PNRPAutoReg - ok
13:40:38.0842 4820 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:40:38.0867 4820 PNRPsvc - ok
13:40:38.0909 4820 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
13:40:38.0937 4820 PolicyAgent - ok
13:40:39.0001 4820 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:40:39.0027 4820 PptpMiniport - ok
13:40:39.0058 4820 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
13:40:39.0083 4820 Processor - ok
13:40:39.0123 4820 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
13:40:39.0146 4820 ProfSvc - ok
13:40:39.0160 4820 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:40:39.0175 4820 ProtectedStorage - ok
13:40:39.0194 4820 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:40:39.0214 4820 PSched - ok
13:40:39.0288 4820 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
13:40:39.0322 4820 ql2300 - ok
13:40:39.0374 4820 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:40:39.0386 4820 ql40xx - ok
13:40:39.0426 4820 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:40:39.0444 4820 QWAVE - ok
13:40:39.0479 4820 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:40:39.0493 4820 QWAVEdrv - ok
13:40:39.0536 4820 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:40:39.0562 4820 RasAcd - ok
13:40:39.0581 4820 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:40:39.0608 4820 RasAuto - ok
13:40:39.0626 4820 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:40:39.0658 4820 Rasl2tp - ok
13:40:39.0690 4820 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
13:40:39.0721 4820 RasMan - ok
13:40:39.0741 4820 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:40:39.0761 4820 RasPppoe - ok
13:40:39.0778 4820 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:40:39.0804 4820 RasSstp - ok
13:40:39.0827 4820 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:40:39.0849 4820 rdbss - ok
13:40:39.0865 4820 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:40:39.0890 4820 RDPCDD - ok
13:40:39.0928 4820 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
13:40:39.0956 4820 rdpdr - ok
13:40:39.0964 4820 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:40:39.0992 4820 RDPENCDD - ok
13:40:40.0042 4820 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
13:40:40.0069 4820 RDPWD - ok
13:40:40.0223 4820 RegSrvc (3ff45b7f17d5837216abae652cc61540) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:40:40.0236 4820 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
13:40:40.0236 4820 RegSrvc - detected UnsignedFile.Multi.Generic (1)
13:40:40.0268 4820 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:40:40.0303 4820 RemoteAccess - ok
13:40:40.0333 4820 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
13:40:40.0362 4820 RemoteRegistry - ok
13:40:40.0376 4820 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:40:40.0393 4820 RpcLocator - ok
13:40:40.0482 4820 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:40:40.0523 4820 RpcSs - ok
13:40:40.0581 4820 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:40:40.0613 4820 rspndr - ok
13:40:40.0681 4820 RS_Service (38494041f19f6cd005b711f5e08fae08) C:\Program Files\Acer\Acer VCM\RS_Service.exe
13:40:40.0690 4820 RS_Service ( UnsignedFile.Multi.Generic ) - warning
13:40:40.0690 4820 RS_Service - detected UnsignedFile.Multi.Generic (1)
13:40:40.0732 4820 RTSTOR (9b09f336de36a7a6ca871de8a7847b65) C:\Windows\system32\drivers\RTSTOR.SYS
13:40:40.0767 4820 RTSTOR - ok
13:40:40.0798 4820 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:40:40.0816 4820 SamSs - ok
13:40:40.0843 4820 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:40:40.0863 4820 sbp2port - ok
13:40:40.0903 4820 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
13:40:40.0941 4820 SCardSvr - ok
13:40:41.0027 4820 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
13:40:41.0092 4820 Schedule - ok
13:40:41.0142 4820 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:40:41.0177 4820 SCPolicySvc - ok
13:40:41.0217 4820 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
13:40:41.0261 4820 sdbus - ok
13:40:41.0308 4820 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:40:41.0354 4820 SDRSVC - ok
13:40:41.0378 4820 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:40:41.0446 4820 secdrv - ok
13:40:41.0479 4820 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:40:41.0513 4820 seclogon - ok
13:40:41.0530 4820 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
13:40:41.0564 4820 SENS - ok
13:40:41.0585 4820 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:40:41.0639 4820 Serenum - ok
13:40:41.0663 4820 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:40:41.0718 4820 Serial - ok
13:40:41.0769 4820 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:40:41.0802 4820 sermouse - ok
13:40:41.0845 4820 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:40:41.0880 4820 SessionEnv - ok
13:40:41.0905 4820 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
13:40:41.0930 4820 sffdisk - ok
13:40:41.0950 4820 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
13:40:41.0983 4820 sffp_mmc - ok
13:40:41.0993 4820 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
13:40:42.0026 4820 sffp_sd - ok
13:40:42.0041 4820 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:40:42.0084 4820 sfloppy - ok
13:40:42.0129 4820 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
13:40:42.0160 4820 SharedAccess - ok
13:40:42.0214 4820 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
13:40:42.0270 4820 ShellHWDetection - ok
13:40:42.0309 4820 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
13:40:42.0325 4820 sisagp - ok
13:40:42.0375 4820 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
13:40:42.0390 4820 SiSRaid2 - ok
13:40:42.0411 4820 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
13:40:42.0431 4820 SiSRaid4 - ok
13:40:42.0683 4820 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:40:42.0806 4820 Skype C2C Service - ok
13:40:42.0891 4820 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files\Skype\Updater\Updater.exe
13:40:42.0904 4820 SkypeUpdate - ok
13:40:43.0184 4820 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
13:40:43.0337 4820 slsvc - ok
13:40:43.0537 4820 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
13:40:43.0574 4820 SLUINotify - ok
13:40:43.0612 4820 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:40:43.0647 4820 Smb - ok
13:40:43.0677 4820 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:40:43.0701 4820 SNMPTRAP - ok
13:40:43.0723 4820 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:40:43.0744 4820 spldr - ok
13:40:43.0826 4820 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
13:40:43.0869 4820 Spooler - ok
13:40:43.0911 4820 sptd - ok
13:40:43.0954 4820 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
13:40:44.0007 4820 srv - ok
13:40:44.0036 4820 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
13:40:44.0081 4820 srv2 - ok
13:40:44.0090 4820 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
13:40:44.0114 4820 srvnet - ok
13:40:44.0159 4820 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\Windows\system32\DRIVERS\ssadbus.sys
13:40:44.0196 4820 ssadbus - ok
13:40:44.0237 4820 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\Windows\system32\DRIVERS\ssadmdfl.sys
13:40:44.0259 4820 ssadmdfl - ok
13:40:44.0300 4820 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\Windows\system32\DRIVERS\ssadmdm.sys
13:40:44.0319 4820 ssadmdm - ok
13:40:44.0367 4820 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:40:44.0404 4820 SSDPSRV - ok
13:40:44.0435 4820 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
13:40:44.0447 4820 ssmdrv - ok
13:40:44.0511 4820 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:40:44.0533 4820 SstpSvc - ok
13:40:44.0591 4820 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
13:40:44.0628 4820 stisvc - ok
13:40:44.0677 4820 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:40:44.0697 4820 swenum - ok
13:40:44.0743 4820 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
13:40:44.0785 4820 swprv - ok
13:40:44.0810 4820 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:40:44.0829 4820 Symc8xx - ok
13:40:44.0846 4820 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:40:44.0861 4820 Sym_hi - ok
13:40:44.0866 4820 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:40:44.0881 4820 Sym_u3 - ok
13:40:44.0941 4820 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
13:40:44.0979 4820 SysMain - ok
13:40:45.0020 4820 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:40:45.0039 4820 TabletInputService - ok
13:40:45.0072 4820 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
13:40:45.0096 4820 TapiSrv - ok
13:40:45.0112 4820 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:40:45.0140 4820 TBS - ok
13:40:45.0214 4820 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
13:40:45.0244 4820 Tcpip - ok
13:40:45.0255 4820 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
13:40:45.0286 4820 Tcpip6 - ok
13:40:45.0325 4820 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
13:40:45.0354 4820 tcpipreg - ok
13:40:45.0412 4820 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:40:45.0453 4820 TDPIPE - ok
13:40:45.0486 4820 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:40:45.0527 4820 TDTCP - ok
13:40:45.0563 4820 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:40:45.0596 4820 tdx - ok
13:40:45.0649 4820 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:40:45.0667 4820 TermDD - ok
13:40:45.0715 4820 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
13:40:45.0754 4820 TermService - ok
13:40:45.0809 4820 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
13:40:45.0833 4820 Themes - ok
13:40:45.0863 4820 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:40:45.0903 4820 THREADORDER - ok
13:40:45.0945 4820 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:40:45.0988 4820 TrkWks - ok
13:40:46.0041 4820 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
13:40:46.0071 4820 TrustedInstaller - ok
13:40:46.0119 4820 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:40:46.0155 4820 tssecsrv - ok
13:40:46.0183 4820 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:40:46.0197 4820 tunmp - ok
13:40:46.0227 4820 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:40:46.0241 4820 tunnel - ok
13:40:46.0264 4820 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
13:40:46.0277 4820 uagp35 - ok
13:40:46.0316 4820 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
13:40:46.0326 4820 UBHelper - ok
13:40:46.0362 4820 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:40:46.0392 4820 udfs - ok
13:40:46.0481 4820 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:40:46.0531 4820 UI0Detect - ok
13:40:46.0566 4820 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
13:40:46.0586 4820 uliagpkx - ok
13:40:46.0635 4820 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
13:40:46.0655 4820 uliahci - ok
13:40:46.0681 4820 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:40:46.0694 4820 UlSata - ok
13:40:46.0703 4820 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:40:46.0715 4820 ulsata2 - ok
13:40:46.0743 4820 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:40:46.0768 4820 umbus - ok
13:40:46.0791 4820 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:40:46.0822 4820 upnphost - ok
13:40:46.0945 4820 UPnPService (7ce0fe34fd8fb7f52d1e503b0c1e4fa9) C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
13:40:46.0958 4820 UPnPService ( UnsignedFile.Multi.Generic ) - warning
13:40:46.0958 4820 UPnPService - detected UnsignedFile.Multi.Generic (1)
13:40:47.0020 4820 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:40:47.0045 4820 usbccgp - ok
13:40:47.0068 4820 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:40:47.0129 4820 usbcir - ok
13:40:47.0177 4820 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:40:47.0217 4820 usbehci - ok
13:40:47.0271 4820 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:40:47.0308 4820 usbhub - ok
13:40:47.0333 4820 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:40:47.0390 4820 usbohci - ok
13:40:47.0430 4820 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:40:47.0455 4820 usbprint - ok
13:40:47.0499 4820 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:40:47.0519 4820 USBSTOR - ok
13:40:47.0572 4820 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:40:47.0593 4820 usbuhci - ok
13:40:47.0612 4820 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
13:40:47.0638 4820 usbvideo - ok
13:40:47.0670 4820 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
13:40:47.0691 4820 UxSms - ok
13:40:47.0732 4820 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
13:40:47.0763 4820 vds - ok
13:40:47.0802 4820 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
13:40:47.0828 4820 vga - ok
13:40:47.0864 4820 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:40:47.0897 4820 VgaSave - ok
13:40:47.0923 4820 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
13:40:47.0940 4820 viaagp - ok
13:40:47.0956 4820 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
13:40:47.0989 4820 ViaC7 - ok
13:40:47.0998 4820 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
13:40:48.0015 4820 viaide - ok
13:40:48.0021 4820 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:40:48.0037 4820 volmgr - ok
13:40:48.0079 4820 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:40:48.0101 4820 volmgrx - ok
13:40:48.0153 4820 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:40:48.0173 4820 volsnap - ok
13:40:48.0215 4820 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
13:40:48.0233 4820 vsmraid - ok
13:40:48.0309 4820 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
13:40:48.0355 4820 VSS - ok
13:40:48.0383 4820 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
13:40:48.0414 4820 W32Time - ok
13:40:48.0494 4820 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:40:48.0566 4820 WacomPen - ok
13:40:48.0610 4820 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:40:48.0645 4820 Wanarp - ok
13:40:48.0649 4820 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:40:48.0684 4820 Wanarpv6 - ok
13:40:48.0718 4820 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
13:40:48.0758 4820 wcncsvc - ok
13:40:48.0818 4820 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
13:40:48.0856 4820 WcsPlugInService - ok
13:40:48.0897 4820 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
13:40:48.0918 4820 Wd - ok
13:40:48.0979 4820 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
13:40:49.0013 4820 Wdf01000 - ok
13:40:49.0031 4820 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:40:49.0078 4820 WdiServiceHost - ok
13:40:49.0082 4820 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:40:49.0128 4820 WdiSystemHost - ok
13:40:49.0157 4820 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
13:40:49.0180 4820 WebClient - ok
13:40:49.0214 4820 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
13:40:49.0257 4820 Wecsvc - ok
13:40:49.0300 4820 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
13:40:49.0329 4820 wercplsupport - ok
13:40:49.0352 4820 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
13:40:49.0382 4820 WerSvc - ok
13:40:49.0453 4820 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
13:40:49.0473 4820 WinDefend - ok
13:40:49.0480 4820 WinHttpAutoProxySvc - ok
13:40:49.0548 4820 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
13:40:49.0578 4820 Winmgmt - ok
13:40:49.0674 4820 WinRing0_1_2_0 (845af1ba23c8d5e64def61bcc441604c) C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys
13:40:49.0696 4820 WinRing0_1_2_0 - ok
13:40:49.0807 4820 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
13:40:49.0860 4820 WinRM - ok
13:40:49.0925 4820 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
13:40:49.0962 4820 Wlansvc - ok
13:40:50.0123 4820 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:40:50.0188 4820 wlidsvc - ok
13:40:50.0330 4820 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:40:50.0364 4820 WmiAcpi - ok
13:40:50.0421 4820 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
13:40:50.0457 4820 wmiApSrv - ok
13:40:50.0589 4820 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:40:50.0629 4820 WMPNetworkSvc - ok
13:40:50.0661 4820 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
13:40:50.0713 4820 WPCSvc - ok
13:40:50.0760 4820 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
13:40:50.0798 4820 WPDBusEnum - ok
13:40:50.0875 4820 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
13:40:50.0899 4820 WpdUsb - ok
13:40:51.0060 4820 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:40:51.0098 4820 WPFFontCache_v0400 - ok
13:40:51.0143 4820 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
13:40:51.0185 4820 ws2ifsl - ok
13:40:51.0219 4820 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
13:40:51.0243 4820 wscsvc - ok
13:40:51.0247 4820 WSearch - ok
13:40:51.0382 4820 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
13:40:51.0456 4820 wuauserv - ok
13:40:51.0609 4820 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:40:51.0637 4820 WUDFRd - ok
13:40:51.0673 4820 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
13:40:51.0702 4820 wudfsvc - ok
13:40:51.0727 4820 XDva386 - ok
13:40:51.0753 4820 XDva387 - ok
13:40:51.0761 4820 XDva388 - ok
13:40:51.0781 4820 XDva389 - ok
13:40:51.0793 4820 XDva390 - ok
13:40:51.0809 4820 XDva391 - ok
13:40:51.0828 4820 XDva392 - ok
13:40:51.0834 4820 XDva394 - ok
13:40:51.0852 4820 XDva397 - ok
13:40:51.0885 4820 MBR (0x1B8) (5586eabcc0d095db340d873e2b236896) \Device\Harddisk0\DR0
13:40:52.0689 4820 \Device\Harddisk0\DR0 - ok
13:40:52.0724 4820 Boot (0x1200) (b4884c410e93612724e470beee766baf) \Device\Harddisk0\DR0\Partition0
13:40:52.0751 4820 \Device\Harddisk0\DR0\Partition0 - ok
13:40:52.0752 4820 ============================================================
13:40:52.0752 4820 Scan finished
13:40:52.0752 4820 ============================================================
13:40:52.0766 6028 Detected object count: 8
13:40:52.0766 6028 Actual detected object count: 8
13:41:10.0507 6028 ACEDRV07 ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:10.0508 6028 ACEDRV07 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:41:10.0511 6028 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:10.0511 6028 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:41:10.0513 6028 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:10.0513 6028 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:41:10.0516 6028 IGBASVC ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:10.0516 6028 IGBASVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:41:10.0518 6028 int15 ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:10.0518 6028 int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:41:10.0521 6028 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:10.0521 6028 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:41:10.0523 6028 RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:10.0524 6028 RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:41:10.0526 6028 UPnPService ( UnsignedFile.Multi.Generic ) - skipped by user
13:41:10.0526 6028 UPnPService ( UnsignedFile.Multi.Generic ) - User select action: Skip
GVU Trojaner mit "Webcam" (neue Version) - ein möglicher Fix - Viren und andere Sicherheitsrisiken - Avira Support Forum und einigem (diesmal überlegtem) Nachforschen eigenhändig die "ctfmon.lnk" ausfindig gemacht (Mbam hat sie plötzlich gefunden) und gelöscht... habe mich vorher 10x informiert, dass man das so machen kann und es in keinem Fall schadet. Seitdem habe ich auch keine Fehlermeldung beim Hochfahren. Vielen Dank für die Bemühungen Hoffe, der Virus ist jetzt ganz weg... EDIT: Hier noch der Mbam-log von dem Suchlauf, als die ctfmon.lnk gefunden wurde: Zitat:
Geändert von Denios (19.07.2012 um 12:54 Uhr) |
|
20.07.2012, 18:20
| #8 |
| /// Malware-holic | Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe) warte doch bitte einfach mal, bis es so weit ist, ansonsten kann ich mir die anweisungen auch schenken.. lade den CCleaner standard: CCleaner Download - CCleaner 3.20.1750 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
21.07.2012, 00:40
| #9 |
| | Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe) Okay, tut mir leid, ich bin da manchmal etwas übereifrig... Trotzdem vielen Dank für deine Hilfe!!! Hier die Liste der installierten Programme: Code:
ATTFilter 7-Zip 4.65 07.09.2010 3,13MB notwendig Acer Arcade Deluxe CyberLink Corp. 24.02.2009 96,3MB 2.5.6121 unnötig Acer Backup Manager NewTech Infosystems 07.09.2010 233MB 1.0.0.58 notwendig Acer Bio Protection Egis Technology Inc. 07.09.2010 102MB 6.1.20 notwendig Acer Crystal Eye Webcam Suyin Optronics Corp 07.09.2010 2,92MB 5.2.1.1 notwendig Acer eRecovery Management Acer Incorporated 07.09.2010 11,7MB 4.00.3008 notwendig Acer GridVista 07.09.2010 1,51MB 2.72.317 unbekannt Acer PowerSmart Manager Acer Incorporated 07.09.2010 7,32MB 4.01.3016 notwendig Acer Product Registration Acer Incorporated 07.09.2010 5,92MB 3.0.0.10 notwendig Acer ScreenSaver Acer 07.09.2010 unbekannt Acer VCM Acer Incorporated 07.09.2010 13,7MB 4.00.3004 unbekannt Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 12.07.2012 11.3.300.265 notwendig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 12.07.2012 11.3.300.265 notwendig Adobe Reader X (10.1.0) - Deutsch Adobe Systems Incorporated 18.06.2011 165MB 10.1.0 notwendig Adobe Shockwave Player 11.6 Adobe Systems, Inc. 12.06.2012 10,0MB 11.6.5.635 notwendig Agere Systems HDA Modem Agere Systems 04.09.2010 unbekannt Airport Mania First Flight Oberon Media 04.09.2010 30,9MB unbekannt ALPS Touch Pad Driver Alps Electric 07.09.2010 11,6MB 7.5.2015.101 notwendig AmIcoSingLun Alcor Micro Co., Ltd. 07.09.2010 2,73MB 1.2.117.1 unbekannt ANNO 1404 Ubisoft 03.01.2012 3,19GB 1.00.0000 notwendig Apple Application Support Apple Inc. 18.06.2011 52,8MB 1.4.1 unbekannt Apple Software Update Apple Inc. 18.06.2011 2,15MB 2.1.1.116 unbekannt Ashampoo Burning Studio Elements 10.0.9 Ashampoo GmbH & Co. KG 27.06.2011 130MB 3.1.1 unnötig Avira Free Antivirus Avira 08.05.2012 111MB 12.0.0.1125 notwendig Bandisoft MPEG-1 Decoder 16.11.2011 8,68MB unbekannt Broadcom Gigabit NetLink Controller Broadcom Corporation 10.02.2009 360KB 11.34.02 notwendig C:\Program Files\Acer GameZone\GameConsole Oberon Media, Inc. 07.09.2010 41,7MB 2.0.1.6 unnötig Cake Mania 2 Oberon Media 04.09.2010 44,5MB unnötig CamStudio 19.02.2012 8,21MB unnötig CCleaner Piriform 22.06.2012 4,76MB 3.20 notwendig click.to version 0.9.7.1370 Axonic 03.05.2012 17,1MB 0.9.7.1370 unnötig Compatibility Pack für 2007 Office System Microsoft Corporation 11.05.2012 39,8MB 12.0.6612.1000 notwendig Cooking Dash Oberon Media 04.09.2010 25,5MB unnötig Cortona3D Viewer ParallelGraphics 04.11.2011 9,06MB 6.0.180 unbekannt Cradle of Rome Oberon Media 04.09.2010 38,8MB unnötig Dairy Dash Oberon Media 04.09.2010 20,7MB unnötig Dream Day Honeymoon Oberon Media 04.09.2010 103MB unnötig Dream Day Wedding Oberon Media 04.09.2010 87,2MB unnötig Efficient Sticky Notes 1.68 Efficient Software 20.01.2012 13,3MB unnötig eSobi v2 esobi Inc. 07.09.2010 22,9MB 2.0.3.000223 unbekannt Facebook Video Calling 1.2.0.159 Skype Limited 20.03.2012 4,76MB 1.2.159 notwendig ffdshow [rev 3154] [2009-12-09] 10.07.2012 16,8MB 1.0 unbekannt Firebird SQL Server - MAGIX Edition MAGIX AG 12.02.2011 10,1MB 2.1.27.0 unnötig G DATA Logox 4 Speechengine G DATA Software AG 26.12.2010 unnötig G DATA WebSpeech 4 G DATA Software AG 26.12.2010 unnötig Galapago Oberon Media 04.09.2010 46,9MB unbekannt Intel(R) PROSet/Wireless WiFi-Software Intel(R) Corporation 29.05.2012 78,4MB 12.02.0000 notwendig Java(TM) 6 Update 33 Oracle 15.07.2012 95,6MB 6.0.330 unbekannt Jewel Quest Solitaire Oberon Media 04.09.2010 27,6MB unnötig Launch Manager Acer Inc. 07.09.2010 3,24MB 2.0.01 unbekannt Luxor 2 Oberon Media 04.09.2010 24,6MB unnötig Mahjong Escape Ancient China Oberon Media 04.09.2010 14,2MB unnötig Malwarebytes Anti-Malware Version 1.62.0.1300 Malwarebytes Corporation 12.07.2012 11,4MB 1.62.0.1300 notwendig Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 19.07.2011 37,0MB unbekannt Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 09.09.2010 27,8MB unbekannt Microsoft .NET Framework 4 Client Profile Microsoft Corporation 23.06.2012 120MB 4.0.30320 unbekannt Microsoft DirectX SDK (June 2010) Microsoft Corporation 15.04.2011 1,04GB 9.29.1962.0 notwendig Microsoft Office Enterprise 2007 Microsoft Corporation 03.03.2012 616MB 12.0.6612.1000 unnötig Microsoft Office Home and Student 2007 Microsoft Corporation 03.03.2012 296MB 12.0.6612.1000 unnötig Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 11.05.2012 34,7MB 12.0.6612.1000 unnötig Microsoft Office Suite Activation Assistant Microsoft Corporation 24.02.2009 8,36MB 2.9 unnötig Microsoft Silverlight Microsoft Corporation 21.05.2012 40,2MB 5.1.10411.0 unbekannt Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 24.02.2009 1,74MB 3.1.0000 unbekannt Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 24.01.2012 251KB 8.0.50727.4053 unbekannt Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 21.07.2011 294KB 8.0.59193 unbekannt Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Corporation 27.02.2012 2,64MB 8.0.51011 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 12.02.2011 234KB 9.0.30729 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 07.09.2010 590KB 9.0.30729.4148 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 21.07.2011 594KB 9.0.30729.6161 unbekannt Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 03.04.2012 16,5MB 10.0.40219 unbekannt Microsoft Works Microsoft Corporation 12.04.2012 376MB 9.7.0621 notwendig Microsoft XNA Framework Redistributable 3.1 Microsoft Corporation 12.05.2011 7,54MB 3.1.10527.0 Mozilla Firefox (3.6.13) Mozilla 12.12.2010 28,9MB 3.6.13 (de) unnötig Mozilla Firefox 14.0.1 (x86 de) Mozilla 18.07.2012 42,5MB 14.0.1 notwendig Mozilla Maintenance Service Mozilla 18.07.2012 344KB 14.0.1 notwendig MSXML 4.0 SP2 (KB954430) Microsoft Corporation 24.02.2009 1,28MB 4.20.9870.0 unbekannt MSXML 4.0 SP2 (KB973688) Microsoft Corporation 09.09.2010 1,34MB 4.20.9876.0 unbekannt MyWinLocker Egis Technology Inc. 07.09.2010 35,1MB 3.1.59.0 notwendig NTI Backup Now 5 NewTech Infosystems 24.02.2009 29,5MB 5.1.2.616 unnötig NTI Media Maker 8 NewTech Infosystems 24.02.2009 187MB 8.0.2.6509 unnötig Nuvoton EC Generic HID Driver Nuvoton Technology Corporation 07.09.2010 2,44MB 7.80.5000 notwendig NVIDIA Drivers NVIDIA Corporation 10.12.2010 2,60GB 1.3 notwendig NVIDIA PhysX NVIDIA Corporation 07.09.2010 119MB 9.09.0203 notwendig Ocean Express Oberon Media 04.09.2010 16,6MB unbekannt Orion Convesoft 07.09.2010 15,0MB 2.5.0 unbekannt Paint.NET v3.5.8 dotPDN LLC 03.08.2011 10,4MB 3.58.0 notwendig Pando Media Booster Pando Networks Inc. 10.10.2011 7,16MB 2.3.6.0 unbekannt Parking Dash Oberon Media 04.09.2010 24,4MB unnötig ProtectDisc Helper Driver 10 09.09.2010 96,0KB 10.0.0.3 unbekannt Puzzle Express Oberon Media 04.09.2010 12,4MB unnötig QuickTime Apple Inc. 18.06.2011 73,7MB 7.69.80.9 notwendig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 07.09.2010 10,0MB 6.0.1.5807 notwendig Samsung Kies Samsung Electronics Co., Ltd. 23.06.2012 200MB 2.3.2.12054_20 notwendig SAMSUNG USB Driver for Mobile Phones SAMSUNG Electronics Co., Ltd. 12.07.2012 38,4MB 1.5.5.0 notwendig Skype Click to Call Skype Technologies S.A. 25.06.2012 17,7MB 6.0.10297 notwendig Skype™ 5.9 Skype Technologies S.A. 17.06.2012 19,0MB 5.9.123 notwendig SWF Opener UnH Solutions 02.03.2011 1,50MB 1.3 unnötig SWFPlayer 2.6.2.0 Michael Faust, Alpha Interactive 02.03.2011 2,25MB 2.6.2.0 unnötig Text-To-Speech-Runtime Magix Development GmbH 09.09.2010 258KB 1.0.0.0 unnötig Total Commander (Remove or Repair) Ghisler Software GmbH 28.05.2011 6,02MB 7.56a unbekannt Tradewinds 2 Oberon Media 04.09.2010 15,4MB unnötig Tri-Peaks Solitaire To Go Oberon Media 04.09.2010 21,3MB unnötig Turbo Pizza Oberon Media 04.09.2010 175MB unbekannt VLC media player 2.0.0 VideoLAN 28.02.2012 89,3MB 2.0.0 notwendig Wedding Dash Oberon Media 04.09.2010 19,8MB unnötig Windows Live Essentials Microsoft Corporation 20.07.2011 15.4.3538.0513 notwendig Windows Live Sync Microsoft Corporation 24.02.2009 2,79MB 14.0.8050.1202 notwendig Xfire (remove only) 27.06.2011 16,6MB notwendig XMedia Recode 3.0.6.0 Sebastian Dörfler 10.01.2012 18,3MB 3.0.6.0 unbekannt Zuma Deluxe Oberon Media 04.09.2010 11,8MB unbekannt |
|
| Themen zu Letzte Schritte beim Entfernen eines GVU-Trojaners (RunDLL Fehlermeldung, glom0_og.exe) |
| appdata, avira, bild, combofix, diverse, dll, entfernen, fehlermeldung, folge, gesperrt, glom0, hochfahren, kaspersky, laden, laptop, logfiles, modul, programme, quarantäne, rundll, temp, tools, trojaner, virus, webcam, windows |
Linear-Darstellung
