| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.12.2012, 17:50
| #1 |
 |  GVU Trojaner Hallo zusammen, habe ein Notebook mit dem altbekannten GVU Bundestrojaner bekommen und darf in entfernen  . Welches Version es ist, kann ich nicht sagen. Habe aber ein Foto gemacht:Betriebsystem ist Windows Vista  Gruß Christian |
|
04.12.2012, 19:14
| #2 |
| /// Malware-holic   | GVU Trojaner hi
__________________Starte neu, drücke f8, wähle abgesicherter Modus mit Netzwerk, melde dich im betroffenen Konto an. internet sollte funktionieren Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
04.12.2012, 19:16
| #3 |
| | GVU Trojaner hab noch schnell die Scans gemacht:
__________________ |
|
04.12.2012, 19:27
| #4 |
| /// Malware-holic | GVU Trojaner hi dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user. wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts. • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. Code:
ATTFilter :OTL
O4 - Startup: C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk = C:\ProgramData\lsass.exe (Microsoft Corporation)
[2012.12.03 22:09:00 | 095,023,320 | ---- | M] () -- C:\ProgramData\0tbpw.pad
:Files
:Commands
[EMPTYFLASH]
[emptytemp]
• Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.12.2012, 19:44
| #5 |
| | GVU TrojanerCode:
ATTFilter All processes killed
========== OTL ==========
File move failed. C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk scheduled to be moved on reboot.
File C:\ProgramData\lsass.exe not found.
File C:\ProgramData\0tbpw.pad not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Benutzer
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: All Users
User: Benutzer
->Temp folder emptied: 271445 bytes
->Temporary Internet Files folder emptied: 28750406 bytes
->Java cache emptied: 811484 bytes
->FireFox cache emptied: 60009450 bytes
->Google Chrome cache emptied: 7425305 bytes
->Flash cache emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 134 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 222678074 bytes
RecycleBin emptied: 594286783 bytes
Total Files Cleaned = 872,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 12042012_193755
Files\Folders moved on Reboot...
File\Folder C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
04.12.2012, 20:15
| #6 |
| /// Malware-holic | GVU Trojaner download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ --> GVU Trojaner |
|
04.12.2012, 20:22
| #7 |
| | GVU Trojaner so wie ich es gesehen habe, gab es 12 Funde Code:
ATTFilter 20:19:16.0835 2948 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:19:16.0866 2948 ============================================================
20:19:16.0866 2948 Current date / time: 2012/12/04 20:19:16.0866
20:19:16.0866 2948 SystemInfo:
20:19:16.0866 2948
20:19:16.0866 2948 OS Version: 6.0.6002 ServicePack: 2.0
20:19:16.0866 2948 Product type: Workstation
20:19:16.0866 2948 ComputerName: ANNIKA-PC
20:19:16.0866 2948 UserName: Annika
20:19:16.0866 2948 Windows directory: C:\Windows
20:19:16.0866 2948 System windows directory: C:\Windows
20:19:16.0866 2948 Processor architecture: Intel x86
20:19:16.0866 2948 Number of processors: 2
20:19:16.0866 2948 Page size: 0x1000
20:19:16.0866 2948 Boot type: Normal boot
20:19:16.0866 2948 ============================================================
20:19:18.0285 2948 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:19:18.0285 2948 Drive \Device\Harddisk1\DR2 - Size: 0xF1800000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:19:18.0285 2948 ============================================================
20:19:18.0285 2948 \Device\Harddisk0\DR0:
20:19:18.0285 2948 MBR partitions:
20:19:18.0285 2948 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x157C800, BlocksNum 0x11C53000
20:19:18.0285 2948 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x131CF800, BlocksNum 0x11C5E800
20:19:18.0285 2948 \Device\Harddisk1\DR2:
20:19:18.0285 2948 MBR partitions:
20:19:18.0285 2948 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x78BFE0
20:19:18.0285 2948 ============================================================
20:19:18.0301 2948 C: <-> \Device\Harddisk0\DR0\Partition1
20:19:18.0363 2948 D: <-> \Device\Harddisk0\DR0\Partition2
20:19:18.0363 2948 ============================================================
20:19:18.0363 2948 Initialize success
20:19:18.0363 2948 ============================================================
20:19:57.0395 5392 ============================================================
20:19:57.0395 5392 Scan started
20:19:57.0395 5392 Mode: Manual; SigCheck; TDLFS;
20:19:57.0395 5392 ============================================================
20:19:57.0753 5392 ================ Scan system memory ========================
20:19:57.0753 5392 System memory - ok
20:19:57.0753 5392 ================ Scan services =============================
20:19:57.0925 5392 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:19:58.0050 5392 ACPI - ok
20:19:58.0081 5392 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:19:58.0128 5392 adp94xx - ok
20:19:58.0175 5392 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:19:58.0206 5392 adpahci - ok
20:19:58.0237 5392 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:19:58.0253 5392 adpu160m - ok
20:19:58.0268 5392 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:19:58.0284 5392 adpu320 - ok
20:19:58.0331 5392 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:19:58.0409 5392 AeLookupSvc - ok
20:19:58.0455 5392 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
20:19:58.0518 5392 AFD - ok
20:19:58.0565 5392 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:19:58.0580 5392 agp440 - ok
20:19:58.0627 5392 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:19:58.0643 5392 aic78xx - ok
20:19:58.0658 5392 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
20:19:58.0767 5392 ALG - ok
20:19:58.0799 5392 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
20:19:58.0814 5392 aliide - ok
20:19:58.0830 5392 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:19:58.0845 5392 amdagp - ok
20:19:58.0877 5392 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
20:19:58.0892 5392 amdide - ok
20:19:58.0908 5392 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
20:19:58.0955 5392 AmdK7 - ok
20:19:58.0970 5392 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:19:59.0017 5392 AmdK8 - ok
20:19:59.0126 5392 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:19:59.0142 5392 AntiVirSchedulerService - ok
20:19:59.0220 5392 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:19:59.0235 5392 AntiVirService - ok
20:19:59.0282 5392 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
20:19:59.0329 5392 Appinfo - ok
20:19:59.0345 5392 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
20:19:59.0360 5392 arc - ok
20:19:59.0391 5392 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:19:59.0407 5392 arcsas - ok
20:19:59.0438 5392 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:19:59.0485 5392 AsyncMac - ok
20:19:59.0516 5392 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
20:19:59.0532 5392 atapi - ok
20:19:59.0579 5392 [ 740B9B4140CACCD0513D999EAB488E48 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
20:19:59.0657 5392 Ati External Event Utility - ok
20:19:59.0781 5392 [ 7526AD10925D1AA9E4E6B0FB393B701F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:20:00.0047 5392 atikmdag - ok
20:20:00.0109 5392 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:20:00.0125 5392 AudioEndpointBuilder - ok
20:20:00.0156 5392 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:20:00.0171 5392 Audiosrv - ok
20:20:00.0218 5392 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:20:00.0249 5392 avgntflt - ok
20:20:00.0296 5392 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:20:00.0312 5392 avipbb - ok
20:20:00.0327 5392 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:20:00.0343 5392 avkmgr - ok
20:20:00.0405 5392 [ 6FB43F0DADB3FDC287D080C19666AF8D ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:20:00.0452 5392 b57nd60x - ok
20:20:00.0483 5392 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
20:20:00.0515 5392 Beep - ok
20:20:00.0577 5392 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
20:20:00.0624 5392 BFE - ok
20:20:00.0686 5392 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
20:20:00.0749 5392 BITS - ok
20:20:00.0764 5392 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:20:00.0780 5392 blbdrive - ok
20:20:00.0811 5392 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:20:00.0858 5392 bowser - ok
20:20:00.0905 5392 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:20:00.0936 5392 BrFiltLo - ok
20:20:00.0951 5392 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:20:00.0983 5392 BrFiltUp - ok
20:20:01.0029 5392 [ B1564976D98E91FC764D5DC28A0297DA ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
20:20:01.0092 5392 Bridge - ok
20:20:01.0107 5392 [ B1564976D98E91FC764D5DC28A0297DA ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:20:01.0123 5392 BridgeMP - ok
20:20:01.0154 5392 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
20:20:01.0217 5392 Browser - ok
20:20:01.0248 5392 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:20:01.0419 5392 Brserid - ok
20:20:01.0435 5392 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:20:01.0513 5392 BrSerWdm - ok
20:20:01.0529 5392 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:20:01.0591 5392 BrUsbMdm - ok
20:20:01.0607 5392 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:20:01.0653 5392 BrUsbSer - ok
20:20:01.0685 5392 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:20:01.0763 5392 BTHMODEM - ok
20:20:01.0825 5392 [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
20:20:01.0825 5392 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
20:20:01.0825 5392 BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
20:20:01.0856 5392 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:20:01.0887 5392 cdfs - ok
20:20:01.0934 5392 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:20:01.0965 5392 cdrom - ok
20:20:02.0012 5392 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
20:20:02.0043 5392 CertPropSvc - ok
20:20:02.0059 5392 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
20:20:02.0106 5392 circlass - ok
20:20:02.0121 5392 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
20:20:02.0168 5392 CLFS - ok
20:20:02.0246 5392 [ 8B67044AE0621C005245EF62EEF0746F ] CLHNService C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
20:20:02.0262 5392 CLHNService ( UnsignedFile.Multi.Generic ) - warning
20:20:02.0262 5392 CLHNService - detected UnsignedFile.Multi.Generic (1)
20:20:02.0309 5392 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:20:02.0324 5392 clr_optimization_v2.0.50727_32 - ok
20:20:02.0387 5392 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:20:02.0402 5392 clr_optimization_v4.0.30319_32 - ok
20:20:02.0449 5392 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:20:02.0480 5392 CmBatt - ok
20:20:02.0496 5392 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:20:02.0511 5392 cmdide - ok
20:20:02.0527 5392 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:20:02.0543 5392 Compbatt - ok
20:20:02.0558 5392 COMSysApp - ok
20:20:02.0558 5392 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:20:02.0574 5392 crcdisk - ok
20:20:02.0589 5392 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
20:20:02.0636 5392 Crusoe - ok
20:20:02.0683 5392 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:20:02.0730 5392 CryptSvc - ok
20:20:02.0777 5392 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:20:02.0855 5392 DcomLaunch - ok
20:20:02.0886 5392 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:20:02.0948 5392 DfsC - ok
20:20:03.0011 5392 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
20:20:03.0151 5392 DFSR - ok
20:20:03.0213 5392 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:20:03.0245 5392 Dhcp - ok
20:20:03.0276 5392 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
20:20:03.0307 5392 disk - ok
20:20:03.0338 5392 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
20:20:03.0354 5392 DKbFltr - ok
20:20:03.0401 5392 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:20:03.0447 5392 Dnscache - ok
20:20:03.0479 5392 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:20:03.0510 5392 dot3svc - ok
20:20:03.0557 5392 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:20:03.0603 5392 Dot4 - ok
20:20:03.0619 5392 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:20:03.0666 5392 Dot4Print - ok
20:20:03.0697 5392 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:20:03.0759 5392 dot4usb - ok
20:20:03.0806 5392 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
20:20:03.0853 5392 DPS - ok
20:20:03.0869 5392 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:20:03.0900 5392 drmkaud - ok
20:20:03.0931 5392 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:20:03.0978 5392 DXGKrnl - ok
20:20:04.0025 5392 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:20:04.0040 5392 E1G60 - ok
20:20:04.0087 5392 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
20:20:04.0118 5392 EapHost - ok
20:20:04.0165 5392 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
20:20:04.0181 5392 Ecache - ok
20:20:04.0290 5392 [ B1F2503E23425B386DF0F3413B2596F3 ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
20:20:04.0305 5392 eDataSecurity Service - ok
20:20:04.0352 5392 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:20:04.0368 5392 ehRecvr - ok
20:20:04.0383 5392 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
20:20:04.0415 5392 ehSched - ok
20:20:04.0446 5392 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
20:20:04.0461 5392 ehstart - ok
20:20:04.0493 5392 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:20:04.0524 5392 elxstor - ok
20:20:04.0571 5392 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:20:04.0633 5392 EMDMgmt - ok
20:20:04.0680 5392 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:20:04.0711 5392 ErrDev - ok
20:20:04.0773 5392 [ F25247D0E011A643EE60052CE23BE05E ] ETService C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
20:20:04.0789 5392 ETService ( UnsignedFile.Multi.Generic ) - warning
20:20:04.0789 5392 ETService - detected UnsignedFile.Multi.Generic (1)
20:20:04.0836 5392 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
20:20:04.0851 5392 EventSystem - ok
20:20:04.0945 5392 [ 54B6E150BFF4A47EB0D204119D262E46 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:20:04.0992 5392 EvtEng ( UnsignedFile.Multi.Generic ) - warning
20:20:04.0992 5392 EvtEng - detected UnsignedFile.Multi.Generic (1)
20:20:05.0054 5392 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
20:20:05.0085 5392 exfat - ok
20:20:05.0117 5392 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:20:05.0148 5392 fastfat - ok
20:20:05.0195 5392 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:20:05.0226 5392 fdc - ok
20:20:05.0257 5392 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
20:20:05.0273 5392 fdPHost - ok
20:20:05.0288 5392 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
20:20:05.0335 5392 FDResPub - ok
20:20:05.0351 5392 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:20:05.0366 5392 FileInfo - ok
20:20:05.0382 5392 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:20:05.0429 5392 Filetrace - ok
20:20:05.0444 5392 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:20:05.0475 5392 flpydisk - ok
20:20:05.0507 5392 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:20:05.0522 5392 FltMgr - ok
20:20:05.0569 5392 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
20:20:05.0631 5392 FontCache - ok
20:20:05.0694 5392 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:20:05.0709 5392 FontCache3.0.0.0 - ok
20:20:05.0741 5392 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:20:05.0772 5392 Fs_Rec - ok
20:20:05.0803 5392 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:20:05.0819 5392 gagp30kx - ok
20:20:05.0897 5392 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
20:20:05.0912 5392 GoogleDesktopManager-051210-111108 - ok
20:20:05.0943 5392 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
20:20:06.0006 5392 gpsvc - ok
20:20:06.0053 5392 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:20:06.0068 5392 gupdate - ok
20:20:06.0115 5392 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:20:06.0131 5392 gupdatem - ok
20:20:06.0177 5392 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:20:06.0193 5392 gusvc - ok
20:20:06.0240 5392 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:20:06.0318 5392 HdAudAddService - ok
20:20:06.0349 5392 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:20:06.0380 5392 HDAudBus - ok
20:20:06.0396 5392 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:20:06.0458 5392 HidBth - ok
20:20:06.0474 5392 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:20:06.0536 5392 HidIr - ok
20:20:06.0614 5392 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
20:20:06.0692 5392 hidserv - ok
20:20:06.0723 5392 [ 7F7E5E98CEFED8A10F7E56810EA7B6DF ] hidshim C:\Windows\system32\DRIVERS\hidshim.sys
20:20:06.0755 5392 hidshim - ok
20:20:06.0786 5392 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:20:06.0817 5392 HidUsb - ok
20:20:06.0848 5392 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:20:06.0879 5392 hkmsvc - ok
20:20:06.0911 5392 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:20:06.0926 5392 HpCISSs - ok
20:20:07.0035 5392 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:20:07.0035 5392 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:20:07.0035 5392 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:20:07.0035 5392 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:20:07.0098 5392 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:20:07.0098 5392 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:20:07.0129 5392 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:20:07.0176 5392 HSFHWAZL - ok
20:20:07.0223 5392 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:20:07.0332 5392 HSF_DPV - ok
20:20:07.0410 5392 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:20:07.0441 5392 HSXHWAZL - ok
20:20:07.0488 5392 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:20:07.0519 5392 HTTP - ok
20:20:07.0550 5392 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:20:07.0566 5392 i2omp - ok
20:20:07.0628 5392 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:20:07.0659 5392 i8042prt - ok
20:20:07.0675 5392 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:20:07.0706 5392 iaStorV - ok
20:20:07.0784 5392 [ B1A28FA1AFDE10B95FF9354B15701D70 ] ICQ Service C:\Program Files\ICQ6Toolbar\ICQ Service.exe
20:20:07.0800 5392 ICQ Service - ok
20:20:07.0987 5392 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:20:08.0065 5392 idsvc - ok
20:20:08.0081 5392 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:20:08.0096 5392 iirsp - ok
20:20:08.0143 5392 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
20:20:08.0174 5392 IKEEXT - ok
20:20:08.0205 5392 [ 58FF11C95C3681C9250914521CB9F036 ] int15 C:\Windows\system32\drivers\int15.sys
20:20:08.0221 5392 int15 - ok
20:20:08.0315 5392 [ B8716D9677B04B82FA405C8C54954728 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:20:08.0517 5392 IntcAzAudAddService - ok
20:20:08.0580 5392 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
20:20:08.0595 5392 intelide - ok
20:20:08.0642 5392 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:20:08.0673 5392 intelppm - ok
20:20:08.0720 5392 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:20:08.0751 5392 IPBusEnum - ok
20:20:08.0767 5392 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:08.0798 5392 IpFilterDriver - ok
20:20:08.0829 5392 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:20:08.0876 5392 iphlpsvc - ok
20:20:08.0876 5392 IpInIp - ok
20:20:08.0892 5392 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:20:08.0923 5392 IPMIDRV - ok
20:20:08.0954 5392 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:20:08.0985 5392 IPNAT - ok
20:20:09.0032 5392 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
20:20:09.0048 5392 irda - ok
20:20:09.0063 5392 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:20:09.0095 5392 IRENUM - ok
20:20:09.0110 5392 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
20:20:09.0173 5392 Irmon - ok
20:20:09.0188 5392 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:20:09.0219 5392 isapnp - ok
20:20:09.0266 5392 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:20:09.0282 5392 iScsiPrt - ok
20:20:09.0297 5392 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:20:09.0313 5392 iteatapi - ok
20:20:09.0329 5392 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:20:09.0344 5392 iteraid - ok
20:20:09.0375 5392 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:20:09.0391 5392 kbdclass - ok
20:20:09.0407 5392 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:20:09.0438 5392 kbdhid - ok
20:20:09.0453 5392 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
20:20:09.0485 5392 KeyIso - ok
20:20:09.0516 5392 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:20:09.0563 5392 KSecDD - ok
20:20:09.0609 5392 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:20:09.0641 5392 KtmRm - ok
20:20:09.0672 5392 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
20:20:09.0719 5392 LanmanServer - ok
20:20:09.0750 5392 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:20:09.0797 5392 LanmanWorkstation - ok
20:20:09.0875 5392 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:20:09.0921 5392 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:20:09.0921 5392 LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:20:09.0953 5392 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:20:09.0984 5392 lltdio - ok
20:20:09.0999 5392 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:20:10.0046 5392 lltdsvc - ok
20:20:10.0046 5392 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:20:10.0093 5392 lmhosts - ok
20:20:10.0124 5392 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:20:10.0140 5392 LSI_FC - ok
20:20:10.0155 5392 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:20:10.0171 5392 LSI_SAS - ok
20:20:10.0187 5392 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:20:10.0218 5392 LSI_SCSI - ok
20:20:10.0233 5392 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
20:20:10.0280 5392 luafv - ok
20:20:10.0296 5392 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:20:10.0327 5392 Mcx2Svc - ok
20:20:10.0358 5392 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:20:10.0374 5392 mdmxsdk - ok
20:20:10.0389 5392 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
20:20:10.0405 5392 megasas - ok
20:20:10.0436 5392 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
20:20:10.0483 5392 MegaSR - ok
20:20:10.0499 5392 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
20:20:10.0545 5392 MMCSS - ok
20:20:10.0577 5392 MobilityService - ok
20:20:10.0592 5392 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
20:20:10.0623 5392 Modem - ok
20:20:10.0639 5392 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:20:10.0670 5392 monitor - ok
20:20:10.0701 5392 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:20:10.0717 5392 mouclass - ok
20:20:10.0717 5392 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:20:10.0748 5392 mouhid - ok
20:20:10.0764 5392 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:20:10.0779 5392 MountMgr - ok
20:20:10.0811 5392 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
20:20:10.0826 5392 mpio - ok
20:20:10.0842 5392 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:20:10.0857 5392 mpsdrv - ok
20:20:10.0904 5392 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
20:20:10.0935 5392 MpsSvc - ok
20:20:10.0967 5392 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:20:10.0982 5392 Mraid35x - ok
20:20:10.0998 5392 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:20:11.0045 5392 MRxDAV - ok
20:20:11.0076 5392 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:11.0107 5392 mrxsmb - ok
20:20:11.0138 5392 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:11.0185 5392 mrxsmb10 - ok
20:20:11.0201 5392 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:11.0232 5392 mrxsmb20 - ok
20:20:11.0232 5392 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
20:20:11.0263 5392 msahci - ok
20:20:11.0279 5392 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:20:11.0294 5392 msdsm - ok
20:20:11.0325 5392 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
20:20:11.0372 5392 MSDTC - ok
20:20:11.0388 5392 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:20:11.0435 5392 Msfs - ok
20:20:11.0466 5392 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:20:11.0481 5392 msisadrv - ok
20:20:11.0513 5392 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:20:11.0544 5392 MSiSCSI - ok
20:20:11.0559 5392 msiserver - ok
20:20:11.0575 5392 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:20:11.0606 5392 MSKSSRV - ok
20:20:11.0622 5392 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:11.0653 5392 MSPCLOCK - ok
20:20:11.0669 5392 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:20:11.0684 5392 MSPQM - ok
20:20:11.0700 5392 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:20:11.0731 5392 MsRPC - ok
20:20:11.0747 5392 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:20:11.0762 5392 mssmbios - ok
20:20:11.0793 5392 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:20:11.0825 5392 MSTEE - ok
20:20:11.0840 5392 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
20:20:11.0856 5392 Mup - ok
20:20:11.0903 5392 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
20:20:11.0934 5392 napagent - ok
20:20:11.0981 5392 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:20:11.0996 5392 NativeWifiP - ok
20:20:12.0043 5392 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:20:12.0059 5392 NDIS - ok
20:20:12.0105 5392 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:20:12.0137 5392 NdisTapi - ok
20:20:12.0152 5392 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:20:12.0168 5392 Ndisuio - ok
20:20:12.0215 5392 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:20:12.0246 5392 NdisWan - ok
20:20:12.0277 5392 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:20:12.0308 5392 NDProxy - ok
20:20:12.0339 5392 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:20:12.0339 5392 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:20:12.0339 5392 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:20:12.0371 5392 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:20:12.0386 5392 NetBIOS - ok
20:20:12.0402 5392 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:20:12.0433 5392 netbt - ok
20:20:12.0464 5392 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
20:20:12.0480 5392 Netlogon - ok
20:20:12.0495 5392 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
20:20:12.0542 5392 Netman - ok
20:20:12.0573 5392 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
20:20:12.0605 5392 netprofm - ok
20:20:12.0636 5392 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:20:12.0651 5392 NetTcpPortSharing - ok
20:20:12.0761 5392 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
20:20:12.0932 5392 NETw5v32 - ok
20:20:12.0948 5392 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:20:12.0963 5392 nfrd960 - ok
20:20:12.0995 5392 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:20:13.0026 5392 NlaSvc - ok
20:20:13.0057 5392 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:20:13.0119 5392 Npfs - ok
20:20:13.0135 5392 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
20:20:13.0166 5392 NSCIRDA - ok
20:20:13.0182 5392 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
20:20:13.0229 5392 nsi - ok
20:20:13.0244 5392 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:20:13.0260 5392 nsiproxy - ok
20:20:13.0307 5392 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:20:13.0416 5392 Ntfs - ok
20:20:13.0431 5392 [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
20:20:13.0463 5392 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - warning
20:20:13.0463 5392 NTIBackupSvc - detected UnsignedFile.Multi.Generic (1)
20:20:13.0478 5392 [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
20:20:13.0494 5392 NTIDrvr - ok
20:20:13.0541 5392 [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
20:20:13.0556 5392 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
20:20:13.0556 5392 NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
20:20:13.0572 5392 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
20:20:13.0619 5392 ntrigdigi - ok
20:20:13.0634 5392 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
20:20:13.0665 5392 Null - ok
20:20:13.0697 5392 [ 85D8845B7B6A434B7CE35723BF0E5C57 ] nuvotonhidgeneric C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys
20:20:13.0712 5392 nuvotonhidgeneric - ok
20:20:13.0759 5392 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:20:13.0775 5392 nvraid - ok
20:20:13.0790 5392 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:20:13.0806 5392 nvstor - ok
20:20:13.0853 5392 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:20:13.0868 5392 nv_agp - ok
20:20:13.0868 5392 NwlnkFlt - ok
20:20:13.0884 5392 NwlnkFwd - ok
20:20:13.0962 5392 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:20:13.0993 5392 odserv - ok
20:20:14.0040 5392 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:20:14.0071 5392 ohci1394 - ok
20:20:14.0102 5392 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:20:14.0133 5392 ose - ok
20:20:14.0180 5392 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:20:14.0258 5392 p2pimsvc - ok
20:20:14.0258 5392 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
20:20:14.0289 5392 p2psvc - ok
20:20:14.0321 5392 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
20:20:14.0367 5392 Parport - ok
20:20:14.0383 5392 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:20:14.0399 5392 partmgr - ok
20:20:14.0430 5392 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:20:14.0477 5392 Parvdm - ok
20:20:14.0508 5392 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
20:20:14.0555 5392 PcaSvc - ok
20:20:14.0586 5392 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
20:20:14.0586 5392 pci - ok
20:20:14.0601 5392 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
20:20:14.0633 5392 pciide - ok
20:20:14.0664 5392 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:20:14.0679 5392 pcmcia - ok
20:20:14.0726 5392 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:20:14.0835 5392 PEAUTH - ok
20:20:14.0898 5392 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
20:20:14.0991 5392 pla - ok
20:20:15.0038 5392 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:20:15.0054 5392 PlugPlay - ok
20:20:15.0085 5392 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:20:15.0101 5392 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:20:15.0101 5392 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:20:15.0132 5392 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:20:15.0147 5392 PNRPAutoReg - ok
20:20:15.0194 5392 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:20:15.0225 5392 PNRPsvc - ok
20:20:15.0257 5392 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:20:15.0288 5392 PolicyAgent - ok
20:20:15.0335 5392 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:20:15.0381 5392 PptpMiniport - ok
20:20:15.0397 5392 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
20:20:15.0428 5392 Processor - ok
20:20:15.0459 5392 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
20:20:15.0475 5392 ProfSvc - ok
20:20:15.0491 5392 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:20:15.0491 5392 ProtectedStorage - ok
20:20:15.0537 5392 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:20:15.0569 5392 PSched - ok
20:20:15.0600 5392 [ 628321C8DD76AD369B362B202E655A68 ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
20:20:15.0631 5392 PSDFilter - ok
20:20:15.0647 5392 [ 79D7117E62709C7690CF3DD55ACEAD37 ] PSDNServ C:\Windows\system32\DRIVERS\PSDNServ.sys
20:20:15.0662 5392 PSDNServ - ok
20:20:15.0678 5392 [ CAE5E82827990CF4BD4A49576BDE3A43 ] psdvdisk C:\Windows\system32\DRIVERS\PSDVdisk.sys
20:20:15.0693 5392 psdvdisk - ok
20:20:15.0756 5392 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:20:15.0881 5392 ql2300 - ok
20:20:15.0912 5392 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:20:15.0927 5392 ql40xx - ok
20:20:15.0974 5392 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
20:20:16.0005 5392 QWAVE - ok
20:20:16.0005 5392 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:20:16.0037 5392 QWAVEdrv - ok
20:20:16.0052 5392 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:20:16.0099 5392 RasAcd - ok
20:20:16.0115 5392 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
20:20:16.0146 5392 RasAuto - ok
20:20:16.0161 5392 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:20:16.0193 5392 Rasl2tp - ok
20:20:16.0224 5392 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
20:20:16.0239 5392 RasMan - ok
20:20:16.0255 5392 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:20:16.0271 5392 RasPppoe - ok
20:20:16.0286 5392 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:20:16.0302 5392 RasSstp - ok
20:20:16.0333 5392 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:20:16.0349 5392 rdbss - ok
20:20:16.0380 5392 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:20:16.0411 5392 RDPCDD - ok
20:20:16.0458 5392 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:20:16.0505 5392 rdpdr - ok
20:20:16.0520 5392 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:20:16.0567 5392 RDPENCDD - ok
20:20:16.0598 5392 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:20:16.0645 5392 RDPWD - ok
20:20:16.0707 5392 [ 3FF45B7F17D5837216ABAE652CC61540 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:20:16.0739 5392 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
20:20:16.0739 5392 RegSrvc - detected UnsignedFile.Multi.Generic (1)
20:20:16.0785 5392 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:20:16.0817 5392 RemoteAccess - ok
20:20:16.0832 5392 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:20:16.0863 5392 RemoteRegistry - ok
20:20:16.0910 5392 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo c:\Program Files\Cyberlink\Shared files\RichVideo.exe
20:20:16.0910 5392 RichVideo - ok
20:20:16.0957 5392 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
20:20:16.0988 5392 RpcLocator - ok
20:20:17.0019 5392 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
20:20:17.0035 5392 RpcSs - ok
20:20:17.0082 5392 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:20:17.0113 5392 rspndr - ok
20:20:17.0160 5392 [ 065A51298212455584F1811B033B617E ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
20:20:17.0175 5392 RTHDMIAzAudService - ok
20:20:17.0207 5392 [ 8DAB5975B5C7923D61506A48E251DBAD ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
20:20:17.0253 5392 RTSTOR - ok
20:20:17.0269 5392 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
20:20:17.0269 5392 SamSs - ok
20:20:17.0300 5392 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:20:17.0316 5392 sbp2port - ok
20:20:17.0347 5392 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:20:17.0363 5392 SCardSvr - ok
20:20:17.0409 5392 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
20:20:17.0487 5392 Schedule - ok
20:20:17.0519 5392 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:20:17.0534 5392 SCPolicySvc - ok
20:20:17.0565 5392 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:20:17.0597 5392 sdbus - ok
20:20:17.0628 5392 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:20:17.0675 5392 SDRSVC - ok
20:20:17.0690 5392 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:20:17.0753 5392 secdrv - ok
20:20:17.0768 5392 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
20:20:17.0799 5392 seclogon - ok
20:20:17.0815 5392 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
20:20:17.0862 5392 SENS - ok
20:20:17.0877 5392 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:20:17.0924 5392 Serenum - ok
20:20:17.0940 5392 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
20:20:18.0002 5392 Serial - ok
20:20:18.0033 5392 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:20:18.0065 5392 sermouse - ok
20:20:18.0080 5392 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
20:20:18.0111 5392 SessionEnv - ok
20:20:18.0127 5392 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:20:18.0143 5392 sffdisk - ok
20:20:18.0158 5392 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:20:18.0189 5392 sffp_mmc - ok
20:20:18.0221 5392 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:20:18.0252 5392 sffp_sd - ok
20:20:18.0267 5392 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:20:18.0314 5392 sfloppy - ok
20:20:18.0361 5392 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:20:18.0392 5392 SharedAccess - ok
20:20:18.0423 5392 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:20:18.0455 5392 ShellHWDetection - ok
20:20:18.0470 5392 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:20:18.0486 5392 sisagp - ok
20:20:18.0501 5392 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:20:18.0517 5392 SiSRaid2 - ok
20:20:18.0533 5392 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:20:18.0548 5392 SiSRaid4 - ok
20:20:18.0657 5392 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
20:20:18.0813 5392 slsvc - ok
20:20:18.0860 5392 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:20:18.0923 5392 SLUINotify - ok
20:20:18.0954 5392 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:20:18.0985 5392 Smb - ok
20:20:19.0016 5392 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:20:19.0032 5392 SNMPTRAP - ok
20:20:19.0047 5392 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
20:20:19.0063 5392 spldr - ok
20:20:19.0094 5392 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
20:20:19.0141 5392 Spooler - ok
20:20:19.0172 5392 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:20:19.0235 5392 srv - ok
20:20:19.0266 5392 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:20:19.0313 5392 srv2 - ok
20:20:19.0328 5392 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:20:19.0375 5392 srvnet - ok
20:20:19.0391 5392 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:20:19.0437 5392 SSDPSRV - ok
20:20:19.0469 5392 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
20:20:19.0484 5392 ssmdrv - ok
20:20:19.0515 5392 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:20:19.0531 5392 SstpSvc - ok
20:20:19.0562 5392 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
20:20:19.0593 5392 stisvc - ok
20:20:19.0625 5392 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:20:19.0640 5392 swenum - ok
20:20:19.0671 5392 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
20:20:19.0703 5392 swprv - ok
20:20:19.0718 5392 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:20:19.0734 5392 Symc8xx - ok
20:20:19.0749 5392 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:20:19.0765 5392 Sym_hi - ok
20:20:19.0765 5392 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:20:19.0781 5392 Sym_u3 - ok
20:20:19.0812 5392 [ 4C9BB4B3B9EAC26211484C30B914C6DC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:20:19.0827 5392 SynTP - ok
20:20:19.0874 5392 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
20:20:19.0937 5392 SysMain - ok
20:20:19.0983 5392 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:20:20.0015 5392 TabletInputService - ok
20:20:20.0046 5392 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:20:20.0077 5392 TapiSrv - ok
20:20:20.0108 5392 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
20:20:20.0124 5392 TBS - ok
20:20:20.0186 5392 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:20:20.0249 5392 Tcpip - ok
20:20:20.0264 5392 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:20:20.0311 5392 Tcpip6 - ok
20:20:20.0342 5392 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:20:20.0389 5392 tcpipreg - ok
20:20:20.0420 5392 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:20:20.0451 5392 TDPIPE - ok
20:20:20.0467 5392 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:20:20.0498 5392 TDTCP - ok
20:20:20.0514 5392 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:20:20.0561 5392 tdx - ok
20:20:20.0654 5392 [ 8A9828975A857E477EFEF5A61BA45AC0 ] TeamViewer6 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
20:20:20.0748 5392 TeamViewer6 - ok
20:20:20.0779 5392 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:20:20.0795 5392 TermDD - ok
20:20:20.0826 5392 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
20:20:20.0857 5392 TermService - ok
20:20:20.0888 5392 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
20:20:20.0904 5392 Themes - ok
20:20:20.0919 5392 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
20:20:20.0951 5392 THREADORDER - ok
20:20:20.0982 5392 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
20:20:20.0997 5392 TrkWks - ok
20:20:21.0060 5392 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:20:21.0091 5392 TrustedInstaller - ok
20:20:21.0122 5392 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:20:21.0153 5392 tssecsrv - ok
20:20:21.0185 5392 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:20:21.0200 5392 tunmp - ok
20:20:21.0231 5392 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:20:21.0247 5392 tunnel - ok
20:20:21.0263 5392 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:20:21.0294 5392 uagp35 - ok
20:20:21.0294 5392 [ F763E070843EE2803DE1395002B42938 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
20:20:21.0309 5392 UBHelper - ok
20:20:21.0341 5392 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:20:21.0372 5392 udfs - ok
20:20:21.0403 5392 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:20:21.0450 5392 UI0Detect - ok
20:20:21.0450 5392 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:20:21.0481 5392 uliagpkx - ok
20:20:21.0497 5392 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:20:21.0528 5392 uliahci - ok
20:20:21.0559 5392 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:20:21.0575 5392 UlSata - ok
20:20:21.0590 5392 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:20:21.0606 5392 ulsata2 - ok
20:20:21.0621 5392 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:20:21.0653 5392 umbus - ok
20:20:21.0668 5392 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
20:20:21.0715 5392 upnphost - ok
20:20:21.0731 5392 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:20:21.0762 5392 usbccgp - ok
20:20:21.0777 5392 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:20:21.0824 5392 usbcir - ok
20:20:21.0871 5392 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:20:21.0902 5392 usbehci - ok
20:20:21.0933 5392 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:20:21.0949 5392 usbhub - ok
20:20:21.0965 5392 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:20:22.0011 5392 usbohci - ok
20:20:22.0058 5392 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:20:22.0074 5392 usbprint - ok
20:20:22.0121 5392 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:20:22.0167 5392 usbscan - ok
20:20:22.0183 5392 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:20:22.0199 5392 USBSTOR - ok
20:20:22.0230 5392 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:20:22.0245 5392 usbuhci - ok
20:20:22.0261 5392 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:20:22.0308 5392 usbvideo - ok
20:20:22.0339 5392 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
20:20:22.0355 5392 UxSms - ok
20:20:22.0386 5392 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
20:20:22.0417 5392 vds - ok
20:20:22.0448 5392 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:20:22.0479 5392 vga - ok
20:20:22.0495 5392 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
20:20:22.0511 5392 VgaSave - ok
20:20:22.0542 5392 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:20:22.0557 5392 viaagp - ok
20:20:22.0573 5392 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:20:22.0604 5392 ViaC7 - ok
20:20:22.0604 5392 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
20:20:22.0635 5392 viaide - ok
20:20:22.0651 5392 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:20:22.0667 5392 volmgr - ok
20:20:22.0682 5392 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:20:22.0713 5392 volmgrx - ok
20:20:22.0745 5392 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:20:22.0776 5392 volsnap - ok
20:20:22.0791 5392 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:20:22.0807 5392 vsmraid - ok
20:20:22.0854 5392 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
20:20:22.0932 5392 VSS - ok
20:20:22.0963 5392 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
20:20:22.0979 5392 W32Time - ok
20:20:22.0994 5392 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:20:23.0057 5392 WacomPen - ok
20:20:23.0072 5392 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:20:23.0103 5392 Wanarp - ok
20:20:23.0103 5392 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:20:23.0119 5392 Wanarpv6 - ok
20:20:23.0166 5392 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:20:23.0181 5392 wcncsvc - ok
20:20:23.0213 5392 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:20:23.0244 5392 WcsPlugInService - ok
20:20:23.0259 5392 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
20:20:23.0275 5392 Wd - ok
20:20:23.0306 5392 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:20:23.0353 5392 Wdf01000 - ok
20:20:23.0369 5392 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:20:23.0400 5392 WdiServiceHost - ok
20:20:23.0400 5392 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:20:23.0415 5392 WdiSystemHost - ok
20:20:23.0462 5392 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
20:20:23.0493 5392 WebClient - ok
20:20:23.0525 5392 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:20:23.0540 5392 Wecsvc - ok
20:20:23.0556 5392 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:20:23.0587 5392 wercplsupport - ok
20:20:23.0618 5392 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
20:20:23.0649 5392 WerSvc - ok
20:20:23.0665 5392 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:20:23.0727 5392 winachsf - ok
20:20:23.0774 5392 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:20:23.0790 5392 WinDefend - ok
20:20:23.0790 5392 WinHttpAutoProxySvc - ok
20:20:23.0852 5392 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:20:23.0868 5392 Winmgmt - ok
20:20:23.0915 5392 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
20:20:23.0993 5392 WinRM - ok
20:20:24.0024 5392 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:20:24.0071 5392 Wlansvc - ok
20:20:24.0164 5392 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:20:24.0227 5392 wlidsvc - ok
20:20:24.0258 5392 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:20:24.0305 5392 WmiAcpi - ok
20:20:24.0351 5392 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:20:24.0383 5392 wmiApSrv - ok
20:20:24.0429 5392 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:20:24.0492 5392 WMPNetworkSvc - ok
20:20:24.0507 5392 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:20:24.0554 5392 WPCSvc - ok
20:20:24.0601 5392 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:20:24.0617 5392 WPDBusEnum - ok
20:20:24.0663 5392 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:20:24.0679 5392 WpdUsb - ok
20:20:24.0788 5392 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:20:24.0819 5392 WPFFontCache_v0400 - ok
20:20:24.0851 5392 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:20:24.0882 5392 ws2ifsl - ok
20:20:24.0913 5392 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
20:20:24.0944 5392 wscsvc - ok
20:20:24.0944 5392 WSearch - ok
20:20:25.0022 5392 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:20:25.0147 5392 wuauserv - ok
20:20:25.0178 5392 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:20:25.0209 5392 WUDFRd - ok
20:20:25.0225 5392 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:20:25.0272 5392 wudfsvc - ok
20:20:25.0303 5392 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
20:20:25.0319 5392 XAudio - ok
20:20:25.0334 5392 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
20:20:25.0381 5392 XAudioService - ok
20:20:25.0459 5392 [ 556B5CFE8D21B256ADD7F87D7F4B4123 ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
20:20:25.0475 5392 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
20:20:25.0475 5392 ================ Scan global ===============================
20:20:25.0506 5392 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:20:25.0553 5392 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:20:25.0584 5392 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:20:25.0615 5392 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:20:25.0615 5392 [Global] - ok
20:20:25.0631 5392 ================ Scan MBR ==================================
20:20:25.0631 5392 [ BB9D3A6A13C5010348DA7C900BB6AF50 ] \Device\Harddisk0\DR0
20:20:26.0567 5392 \Device\Harddisk0\DR0 - ok
20:20:26.0567 5392 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR2
20:20:26.0925 5392 \Device\Harddisk1\DR2 - ok
20:20:26.0925 5392 ================ Scan VBR ==================================
20:20:27.0019 5392 [ 6F24D73C77BC60BD85B19E9803565021 ] \Device\Harddisk0\DR0\Partition1
20:20:27.0019 5392 \Device\Harddisk0\DR0\Partition1 - ok
20:20:27.0050 5392 [ A4DCEABAC3EBFD4DF4EBC28B095D9DA3 ] \Device\Harddisk0\DR0\Partition2
20:20:27.0050 5392 \Device\Harddisk0\DR0\Partition2 - ok
20:20:27.0050 5392 [ BE705E9E57160F71D6013885B1ADD8DC ] \Device\Harddisk1\DR2\Partition1
20:20:27.0050 5392 \Device\Harddisk1\DR2\Partition1 - ok
20:20:27.0050 5392 ============================================================
20:20:27.0050 5392 Scan finished
20:20:27.0050 5392 ============================================================
20:20:27.0066 5388 Detected object count: 12
20:20:27.0066 5388 Actual detected object count: 12
20:20:35.0396 5388 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0396 5388 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:35.0396 5388 CLHNService ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0396 5388 CLHNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:35.0396 5388 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0396 5388 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:35.0396 5388 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0396 5388 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:35.0396 5388 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0396 5388 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:35.0396 5388 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0396 5388 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:35.0396 5388 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0396 5388 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:35.0396 5388 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0396 5388 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:35.0396 5388 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0396 5388 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:35.0412 5388 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0412 5388 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:35.0412 5388 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0412 5388 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:35.0412 5388 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:35.0412 5388 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
04.12.2012, 20:24
| #8 | |
| /// Malware-holic | GVU TrojanerCombofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.12.2012, 20:49
| #9 |
| | GVU TrojanerCode:
ATTFilter ComboFix 12-12-04.01 - Benutzer 04.12.2012 20:32:52.1.2 - x86
ausgeführt von:: c:\users\Benutzer\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Benutzer\AppData\Roaming\.#
c:\users\Benutzer\AppData\Roaming\Local
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-11-04 bis 2012-12-04 ))))))))))))))))))))))))))))))
.
.
2012-12-04 19:40 . 2012-12-04 19:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-04 18:33 . 2012-12-04 18:33 -------- d-----w- C:\_OTL
2012-11-17 19:46 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6EC2C6E8-0FEF-4026-9E00-DD1BC8F6443B}\mpengine.dll
2012-11-14 18:19 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 18:16 . 2012-10-12 14:29 2047488 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-24 07:18 . 2012-10-24 07:18 1207568 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-13 13:28 . 2012-10-12 12:40 2048 ----a-w- c:\windows\system32\tzres.dll
2011-07-19 14:46 . 2011-04-14 16:29 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-12 11:19 . 2010-02-11 18:46 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 15:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-03 68856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-03-01 119608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-19 6294048]
"Skytel"="Skytel.exe" [2008-09-19 1833504]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-12-17 858632]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-11-28 417792]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-09-11 544768]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-10-08 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-10-08 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-10-17 167936]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-12 30192]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-08 1226608]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-09 348664]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 72525179
*Deregistered* - 72525179
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-14 12:44]
.
2012-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-14 12:44]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_8730
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 10.74.210.210 10.74.210.211
FF - ProfilePath - c:\users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\3mumciai.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/xmas/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
FF - ExtSQL: !HIDDEN! 2009-10-06 18:54; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2009-12-27 13:27; {800b5000-a755-47e1-992b-48a1c1357f07}; c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-eRecoveryService - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-04 20:41
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-12-04 20:47:40
ComboFix-quarantined-files.txt 2012-12-04 19:47
.
Vor Suchlauf: 11 Verzeichnis(se), 110.898.909.184 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 110.825.992.192 Bytes frei
.
- - End Of File - - E6038641BE8E99CF9E2F5EA349A7DAF9
|
|
05.12.2012, 21:10
| #10 |
| | GVU Trojaner Habe nochmal tdss killer scannen lassen... immernoch 12 Funde. Was kann ich jetzt noch tun? |
|
05.12.2012, 21:19
| #11 |
| /// Malware-holic | GVU Trojaner Hatte ich irgendwas von tdss killer geschrieben? Was du tun kannst, ist warten, bis du drann bist, es ist auch nicht nötig, nach noch nicht mal 1 Tag ne persönliche Nachicht zu schreiben. Wir machen das hier in unserer Freizeit, und du bezahlst keinen Cent dafür. Wenn es dir nicht schnell genug geht, rate ich dir, gehe in ein PC geschäft, dort zahlst du aber für geleistete Arbeit. Falls du hier weiterarbeiten willst: malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
06.12.2012, 16:32
| #12 |
| | GVU Trojaner Alles klar, hab verstanden  Hier der Log von Malwarebytes ... keine Funde Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.05.09 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Benutzer :: Benutzer-PC [Administrator] 05.12.2012 21:26:04 mbam-log-2012-12-05 (21-26-04).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 358875 Laufzeit: 1 Stunde(n), 29 Minute(n), 3 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
06.12.2012, 17:04
| #13 |
| /// Malware-holic | GVU Trojaner hi lade den CCleaner standard: CCleaner Download - CCleaner 3.25.1872 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
06.12.2012, 17:18
| #14 |
| | GVU Trojaner es erscheint mir sehr unübersichtlich das Auszug, ich hoffe so ists aber recht: Code:
ATTFilter Acer Arcade Deluxe CyberLink Corp. 14.08.2009 79,2MB 2.0.5817 notwendig Acer Crystal Eye Webcam 2.0.9.2 SuYin 14.08.2009 3,05MB 2.0.9.2 notwendig Acer eAudio Management CyberLink Corp. 14.08.2009 4,71MB 3.0.3009 notwendig Acer eDataSecurity Management Egis Inc. 14.08.2009 69,3MB 3.0.3065 notwendig Acer Empowering Technology Acer Incorporated 22.01.2009 147MB 3.0.3013 notwendig Acer ePower Management Acer Incorporated 14.08.2009 9,84MB 3.0.3016 notwendig Acer eRecovery Management Acer Incorporated 14.08.2009 27,5MB 3.0.3014 notwendig Acer eSettings Management Acer Incorporated 14.08.2009 27,3MB 3.0.3007 notwendig Acer GridVista 14.08.2009 1,51MB 2.72.317 notwendig Acer Mobility Center Plug-In Acer Inc. 22.01.2009 4,12MB 3.0.3000 notwendig Acer Product Registration Acer Incorporated 03.10.2009 5,92MB 3.0.0.10 notwendig Acer ScreenSaver Acer Incorporated 22.01.2009 1.02.1111 notwendig Adobe Flash Player 10 Plugin Adobe Systems Incorporated 09.09.2011 10.3.183.7 notwendig Adobe Flash Player ActiveX Adobe Systems Incorporated 14.08.2009 9.0.124.0 notwendig Adobe Reader 9 - Deutsch Adobe Systems Incorporated 22.01.2009 232MB 9.0.0 notwendig Agatha Christie Peril at End House Oberon Media 14.08.2009 69,5MB notwendig Alice Greenfingers Oberon Media 14.08.2009 14,0MB notwendig Alien Shooter Oberon Media 14.08.2009 39,3MB notwendig ATI Catalyst Install Manager ATI Technologies, Inc. 14.08.2009 13,7MB 3.0.704.0 notwendig Avira Free Antivirus Avira 14.11.2012 128MB 12.1.9.1236 notwendig Beetle Junior Oberon Media 14.08.2009 9,43MB notwendig Bricks of Egypt Oberon Media 14.08.2009 7,42MB notwendig C:\Program Files\Acer GameZone\GameConsole Oberon Media, Inc. 22.01.2009 38,4MB 2.0.1.2 notwendig Cake Mania Oberon Media 14.08.2009 18,2MB notwendig CCleaner Piriform 25.11.2012 5,05MB 3.25 notwendig Chicken Invaders 2 Oberon Media 14.08.2009 19,1MB notwendig Cradle of Rome Oberon Media 14.08.2009 38,8MB notwendig CyberLink PowerDirector CyberLink Corp. 22.01.2009 199MB 6.5.3023d notwendig DivX-Setup DivX, LLC 12.12.2010 3,11MB 2.2.0.24 notwendig Dream Day First Home Oberon Media 14.08.2009 128MB notwendig eSobi v2 esobi Inc. 22.01.2009 16,8MB 2.0.3.000201 notwendig Galapago Oberon Media 14.08.2009 46,9MB notwendig Go-Go Gourmet Oberon Media 14.08.2009 36,0MB notwendig Google Chrome Google Inc. 12.12.2010 299MB 23.0.1271.95 notwendig Google Desktop Google 13.07.2010 30,2MB 5.9.1005.12335 unnötig Google Toolbar for Internet Explorer Google Inc. 12.10.2012 10,6MB 7.4.3230.2052 unnötig HDAUDIO Soft Data Fax Modem with SmartCP 14.08.2009 724KB notwendig HP Customer Participation Program 10.0 HP 21.04.2012 211MB 10.0 notwendig HP Imaging Device Functions 10.0 HP 21.04.2012 3,21MB 10.0 notwendig HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3 HP 21.04.2012 18,6MB 10.0 notwendig HP Photosmart Essential 2.5 HP 21.04.2012 3,20MB 2.5 notwendig HP Smart Web Printing HP 21.04.2012 8,28MB 3.5 notwendig HP Solution Center 10.0 HP 21.04.2012 3,20MB 10.0 notwendig HP Update Hewlett-Packard 21.04.2012 3,46MB 4.000.007.003 notwendig ICQ Toolbar ICQ 03.10.2009 3.0.0 unnötig ICQ7.4 ICQ 01.02.2011 46,9MB 7.4 notwendig Intel(R) PROSet/Wireless WiFi-Software Intel(R) Corporation 21.10.2009 78,4MB 12.02.0000 notwendig Java(TM) 6 Update 22 Oracle 22.04.2011 97,0MB 6.0.220 notwendig Launch Manager 14.08.2009 2,40MB notwendig Magic Farm Oberon Media 14.08.2009 22,6MB notwendig Magic Match Adventures Oberon Media 14.08.2009 89,6MB notwendig Malwarebytes Anti-Malware Version 1.65.1.1000 Malwarebytes Corporation 05.12.2012 12,7MB 1.65.1.1000 notwendig Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 07.10.2009 36,9MB notwendig Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 06.10.2009 36,9MB notwendig Microsoft .NET Framework 4 Client Profile Microsoft Corporation 25.06.2010 120MB 4.0.30319 notwendig Microsoft Office File Validation Add-In Microsoft Corporation 18.09.2011 7,95MB 14.0.5130.5003 notwendig Microsoft Office Home and Student 2007 Microsoft Corporation 08.03.2012 328MB 12.0.6612.1000 notwendig Microsoft Office Live Add-in 1.5 Microsoft Corporation 28.05.2010 506KB 2.0.4024.1 notwendig Microsoft Office Suite Activation Assistant Microsoft Corporation 22.01.2009 8,36MB 2.9 notwendig Microsoft Silverlight Microsoft Corporation 16.05.2012 4.1.10329.0 notwendig Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 22.01.2009 1,74MB 3.1.0000 notwendig Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 06.10.2009 251KB 8.0.50727.4053 notwendig Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 06.10.2009 199KB 9.0.30729.4148 notwendig Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 25.05.2011 592KB 9.0.30729.5570 notwendig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 03.10.2009 590KB 9.0.30729 notwendig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 25.03.2010 589KB 9.0.30729.4148 notwendig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 17.06.2011 594KB 9.0.30729.6161 notwendig Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 05.11.2011 16,5MB 10.0.40219 notwendig Microsoft Works Microsoft Corporation 10.12.2009 08.05.0822 notwendig Mozilla Firefox 5.0 (x86 de) Mozilla 19.07.2011 35,3MB 5.0 notwendig MSXML 4.0 SP2 (KB954430) Microsoft Corporation 22.01.2009 1,28MB 4.20.9870.0 notwendig MSXML 4.0 SP2 (KB973688) Microsoft Corporation 25.11.2009 1,34MB 4.20.9876.0 notwendig Mystery Solitaire - Secret Island Oberon Media 14.08.2009 20,7MB notwendig Mythic Mahjong Oberon Media 14.08.2009 45,8MB notwendig NTI Backup Now 5 NewTech Infosystems 22.01.2009 28,8MB 5.1.2.606 notwendig NTI Media Maker 8 NewTech Infosystems 22.01.2009 187MB 8.0.2.6329 notwendig Nuvoton EC Generic HID Driver Nuvoton Technology Corporation 14.08.2009 2,44MB 7.80.5000 notwendig OCR Software by I.R.I.S. 10.0 HP 21.04.2012 3,20MB 10.0 notwendig OpenOffice.org 3.4.1 Apache Software Foundation 01.09.2012 331MB 3.41.9593 notwendig Orion Convesoft 14.08.2009 12,2MB 2.0.1 notwendig PhotoNow! CyberLink Corp. 14.08.2009 1,65MB 1.1.4619 notwendig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 14.08.2009 28,0MB 6.0.1.5704 notwendig Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 22.01.2009 6,57MB 3.0.1.3 notwendig RollerCoaster Tycoon 3 Atari 01.02.2011 1,33GB notwendig Shop for HP Supplies HP 21.04.2012 211MB 10.0 unnötig Software per stampante EPSON 25.10.2009 notwendig Synaptics Pointing Device Driver Synaptics 11.11.2008 14,3MB 11.1.4.0 notwendig TeamViewer 6 TeamViewer GmbH 16.06.2011 15,2MB 6.0.10722 notwendig The Rise of Atlantis Oberon Media 14.08.2009 25,6MB notwendig Tiks Texas Hold em Oberon Media 14.08.2009 18,7MB notwendig Windows Live Essentials Microsoft Corporation 22.01.2009 136MB 14.0.8050.1202 unnötig Windows Live ID-Anmelde-Assistent Microsoft Corporation 28.05.2010 4,68MB 6.500.3165.0 unnötig Windows Live Sync Microsoft Corporation 22.01.2009 2,79MB 14.0.8050.1202 unnötig Windows Live-Uploadtool Microsoft Corporation 22.01.2009 225KB 14.0.8014.1029 unnötig |
|
06.12.2012, 21:04
| #15 |
| /// Malware-holic | GVU Trojaner deinstaliere: Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Google Desktop Google Toolbar ICQ Toolbar Java downloade Java jre: Java-Downloads für alle Betriebssysteme klicke: Download der Java-Software für Windows Offline laden, und instalieren Mozilla Firefox : öffnen, hilfe, update Deinstaliere: Shop for Windows Live : alle für dich unnötigen Öffne ccleaner, analysieren, starten, PC neustarten. Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu GVU Trojaner |
| bekannte, bundes, bundestrojaner, chris, christian, ebook, entferne, entfernen, foto, gvu trojaner, hallo zusammen, notebook, troja, trojane, trojaner, version, windows, zusammen |
Linear-Darstellung
