| |
| |||||||
Log-Analyse und Auswertung: 'PHP/WebShell.A.80'Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
05.07.2013, 16:21
| #1 | |
 |  'PHP/WebShell.A.80' Hallo! Ich benutz seit einiger Zeit unsren alten, ziemlich zugemüllten und sicherheitstechnisch leider nicht aktuellen Laptop wieder, weil meine Freundin den neuen häufig mit auf Dienstreisen hat. Heut gab AntiVir Alarm: Zitat:
aktualisiertes Malewarebytes hat im Quick Scan im Anschluss keine Funde angezeigt. Wäre super wenn ihr mir da durch helfen könntet rauszufinden, was ich mir da eingefangen hab und wie ichs wieder loswerden kann, so das der Laptop wieder sicher ist. Einen OTL-Quick-Scan habe ich gemacht, da die Dateien aber insg. über 30 Seiten lang sind bin ich mir grad unsicher, ob ich es gleich posten soll oder ob ihr spezielleres braucht. (allerdings war Firefox während dem Scan offen, beeinflusst das? alles andre war aus.) Vielen Dank schon mal! |
|
05.07.2013, 16:24
| #2 |
| /// Malware-holic   | 'PHP/WebShell.A.80' Hi kannst du posten.
__________________gibts Malwarebytes Logs mit funden? dann posten bitte. http://www.trojaner-board.de/125889-...en-posten.html
__________________ |
|
05.07.2013, 17:11
| #3 |
| | 'PHP/WebShell.A.80' hi, danke für die schnelle Antwort.
__________________Nein, gibt keine Malewarebytes-Logs mit Funden, auch sonst keine weiteren außer der Antivir-Meldung, die ich oben gepostet habe. [CODE]OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.07.2013 16:10:22 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\***\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 34,61% Memory free 6,20 Gb Paging File | 3,59 Gb Available in Paging File | 57,92% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 14,53 Gb Free Space | 9,75% Space Free | Partition Type: NTFS Drive D: | 139,28 Gb Total Space | 122,46 Gb Free Space | 87,92% Space Free | Partition Type: NTFS Drive F: | 149,04 Gb Total Space | 115,32 Gb Free Space | 77,37% Space Free | Partition Type: NTFS Drive G: | 149,04 Gb Total Space | 143,90 Gb Free Space | 96,55% Space Free | Partition Type: NTFS Drive H: | 3,72 Gb Total Space | 3,72 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: *** | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.05 15:00:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\Users\***\Desktop\OTL.exe PRC - [2013.06.06 21:31:32 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.04.04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe PRC - [2013.02.04 18:21:34 | 001,513,536 | ---- | M] (1und1 Mail und Media GmbH) -- C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe PRC - [2012.09.15 10:26:50 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.11 23:13:14 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.11 23:13:13 | 000,391,632 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe PRC - [2012.05.11 23:13:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.11 23:13:13 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.09.23 20:22:34 | 000,218,624 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe PRC - [2010.11.16 15:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2009.04.30 12:23:26 | 000,090,112 | ---- | M] () -- G:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.12.05 06:14:26 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2008.07.18 19:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe PRC - [2008.07.15 21:29:00 | 007,651,328 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe PRC - [2008.07.15 21:22:46 | 000,217,088 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe PRC - [2008.07.10 03:09:26 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe PRC - [2008.06.25 05:01:08 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe PRC - [2008.06.24 06:16:24 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2008.06.19 22:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe PRC - [2008.06.18 08:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe PRC - [2008.06.13 07:52:51 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.06.12 07:52:08 | 000,212,992 | ---- | M] (CyberLink Corp.) -- C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe PRC - [2008.06.04 03:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe PRC - [2008.05.20 03:15:06 | 000,172,032 | ---- | M] (CyberLink Corp.) -- C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe PRC - [2008.04.10 21:32:18 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008.03.18 06:27:11 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2008.01.26 04:32:38 | 000,778,240 | ---- | M] () -- C:\Program Files\P4P\P4P.exe PRC - [2008.01.23 20:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008.01.21 04:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe PRC - [2008.01.12 08:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe PRC - [2007.11.30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe PRC - [2007.11.05 05:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe PRC - [2007.10.03 07:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe PRC - [2007.08.15 21:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe PRC - [2007.08.08 10:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2007.08.03 22:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe PRC - [2007.07.06 02:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe PRC - [2007.02.06 19:29:59 | 000,065,536 | R--- | M] (Cognizance Corporation) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe PRC - [2005.07.07 01:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe ========== Modules (No Company Name) ========== MOD - [2013.06.06 21:31:31 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012.05.11 23:13:14 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2008.07.18 19:52:08 | 000,649,704 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2008.06.09 09:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2008.04.10 21:25:54 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll MOD - [2008.01.26 04:32:38 | 000,778,240 | ---- | M] () -- C:\Program Files\P4P\P4P.exe MOD - [2008.01.12 08:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe MOD - [2007.11.30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe MOD - [2007.11.13 01:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll MOD - [2007.08.14 23:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll MOD - [2007.07.12 23:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2007.07.12 23:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll ========== Services (SafeList) ========== SRV - [2013.06.06 21:31:31 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.05.11 23:13:14 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.11 23:13:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.11.16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2011.09.23 20:22:34 | 000,218,624 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Huawai Intenet Stick O2 Sparhandy\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc) SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE) SRV - [2011.02.02 12:00:32 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) SRV - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe) SRV - [2010.06.28 14:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2009.04.30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- G:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) SRV - [2008.03.18 06:27:11 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.21 04:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008.01.21 04:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007.10.03 07:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2007.08.08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2007.08.03 22:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) SRV - [2007.02.06 19:29:59 | 000,074,240 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll -- (ASBroker) SRV - [2006.06.21 12:13:59 | 000,131,584 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASChnl.dll -- (ASChannel) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\vsdatant.win7.sys -- (vsdatant7) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2013.07.05 15:58:32 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2012.05.11 23:13:14 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.05.11 23:13:14 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.09.23 20:22:37 | 000,116,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2011.09.23 20:22:37 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2011.09.23 20:22:37 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2011.09.23 20:22:37 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010.06.23 09:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.05.15 17:30:46 | 000,457,304 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant) DRV - [2010.02.02 00:04:47 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri) DRV - [2009.05.28 22:41:28 | 004,233,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) DRV - [2009.05.25 14:34:56 | 000,122,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdm.sys -- (s1029mdm) DRV - [2009.05.25 14:34:56 | 000,090,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029bus.sys -- (s1029bus) DRV - [2009.05.25 14:34:56 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdfl.sys -- (s1029mdfl) DRV - [2009.05.25 14:34:54 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029obex.sys -- (s1029obex) DRV - [2009.04.11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009.03.25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009.03.25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) DRV - [2009.03.25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) DRV - [2009.03.25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex) DRV - [2009.03.25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) DRV - [2009.03.25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) DRV - [2009.03.25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2008.06.25 16:58:59 | 007,534,720 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.06.25 16:58:59 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008.06.03 08:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2008.05.29 20:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby) DRV - [2008.05.20 03:15:42 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) DRV - [2008.03.21 06:12:59 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008.02.16 03:42:42 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2008.02.05 09:52:23 | 000,206,464 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etFilter.sys -- (FiltUSBET) DRV - [2008.01.31 13:18:57 | 000,006,528 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etScan.sys -- (ScanUSBET) DRV - [2007.12.19 03:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir) DRV - [2007.09.06 10:43:49 | 000,474,624 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etDevice.sys -- (DCamUSBET) DRV - [2007.08.03 06:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV - [2007.07.30 21:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007.07.30 20:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007.07.24 21:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2007.06.17 07:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) DRV - [2006.12.14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006.11.02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKLM\..\URLSearchHook: {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Program Files\Bigpoint_Games_DE\prxtbBigp.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {ff19b72a-36ed-4066-8865-a580ae938cce} - C:\Program Files\Free_i-Dressup\prxtbFre1.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\***\neue SimDOWNLO IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Program Files\Bigpoint_Games_DE\prxtbBigp.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {ff19b72a-36ed-4066-8865-a580ae938cce} - C:\Program Files\Free_i-Dressup\prxtbFre1.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{1564FE23-947F-4EBB-93F8-5F9B965DA32A}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\..\SearchScopes\{348B1588-3D54-4178-99D0-4731B5F690DF}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie IE - HKCU\..\SearchScopes\{3C9FA24E-6775-4517-A7BF-4ED64EF16BE0}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\..\SearchScopes\{598634F3-07BA-4C68-976D-8D1B8534EAE3}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_de IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "LEO Deu-Eng" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.web.de" FF - prefs.js..extensions.enabledAddons: info%40bmi-calculator-plus.com:1.0 FF - prefs.js..extensions.enabledAddons: %7Bc666c018-6409-4479-afa3-68e4129e7eff%7D:1.1.0 FF - prefs.js..extensions.enabledAddons: status4evar%40caligonstudios.com:2013.02.16.23 FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.1.0 FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515 FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.5.5 FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.1 FF - prefs.js..extensions.enabledAddons: %7Bada4b710-8346-4b82-8199-5de2b400a6ae%7D:2.1.2 FF - prefs.js..extensions.enabledAddons: ffe_ff3ff4%40game-point.net:2.0.1 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.9.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.99: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: G:\Filme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.) FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\***\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\Amazon - MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.06.06 21:31:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.06.06 21:31:20 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.06.06 21:31:33 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.06.06 21:31:20 | 000,000,000 | ---D | M] [2009.06.26 20:00:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2013.07.05 13:35:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions [2010.04.27 14:24:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013.05.17 18:44:07 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013.07.05 13:35:35 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2013.07.01 20:54:15 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions\ich@maltegoetz.de [2011.04.17 01:53:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions\nostmp [2012.10.14 02:03:32 | 000,827,050 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\ffe_ff3aeroff4@game-point.net.xpi [2013.06.06 21:34:55 | 000,827,317 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\ffe_ff3ff4@game-point.net.xpi [2013.05.22 22:54:56 | 001,358,137 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\fpw@informatik.tu-darmstadt.de.xpi [2012.11.11 21:15:09 | 000,027,699 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\info@bmi-calculator-plus.com.xpi [2013.03.31 00:22:35 | 000,215,171 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\jid0-HYNmqxA9zQGfJADREri4n2AHKSI@jetpack.xpi [2011.05.18 23:19:58 | 000,004,448 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\newoldmenu@rsjtdrjgfuzkfg.com.xpi [2013.02.28 23:22:56 | 000,151,803 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\status4evar@caligonstudios.com.xpi [2013.06.14 15:45:38 | 000,350,663 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012.12.11 23:44:07 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012.11.24 20:53:20 | 000,013,268 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\{c666c018-6409-4479-afa3-68e4129e7eff}.xpi [2013.05.11 00:27:47 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.04.21 22:17:40 | 000,765,412 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2012.11.24 23:28:42 | 000,001,831 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\searchplugins\leo-deu-eng.xml [2013.06.06 21:31:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013.06.06 21:31:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll [2009.10.23 16:01:34 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.web.de/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll CHR - plugin: Zylom Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll CHR - plugin: getPlusPlus for Adobe 16299 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa2.dll CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\***\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = G:\Filme\VideoLAN\VLC\npvlc.dll CHR - Extension: Google Drive = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: WOT = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.12_0\ CHR - Extension: WOT = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0\ CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\ CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2010.08.21 11:58:46 | 000,416,853 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 14389 more lines... O2 - BHO: (Bigpoint Games DE Toolbar) - {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Program Files\Bigpoint_Games_DE\prxtbBigp.dll (Conduit Ltd.) O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (WEB.DE MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (ASUS Security Protect Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.) O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.) O2 - BHO: (Free i-Dressup Toolbar) - {ff19b72a-36ed-4066-8865-a580ae938cce} - C:\Program Files\Free_i-Dressup\prxtbFre1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bigpoint Games DE Toolbar) - {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Program Files\Bigpoint_Games_DE\prxtbBigp.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (WEB.DE MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH) O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Free i-Dressup Toolbar) - {ff19b72a-36ed-4066-8865-a580ae938cce} - C:\Program Files\Free_i-Dressup\prxtbFre1.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Bigpoint Games DE Toolbar) - {0E3DBC69-A682-48DA-84E1-82C63A5D678E} - C:\Program Files\Bigpoint_Games_DE\prxtbBigp.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH) O3 - HKCU\..\Toolbar\WebBrowser: (Free i-Dressup Toolbar) - {FF19B72A-36ED-4066-8865-A580AE938CCE} - C:\Program Files\Free_i-Dressup\prxtbFre1.dll (Conduit Ltd.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe () O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ChkMail] C:\Program Files\ChkMail\ChkMail\ChkMail.exe (ChkMail) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASTSVCC.dll (Cognizance Corporation) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe () O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [PCMAgent] C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [PlayMovie] C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PowerForPhone] C:\Program Files\P4P\P4P.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm () O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll (Bioscrypt Inc.) O9 - Extra 'Tools' menuitem : ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll (Bioscrypt Inc.) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1026/Navigram.cab (Navigram Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.25.2) O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.25.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DD56FA5-DE1B-478C-AB76-FA5DD4A32FEC}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9DCA037F-18CB-4CCB-BF23-D809D7B85D54}: DhcpNameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A78EC9D7-F568-4B26-A915-66935720D571}: DhcpNameServer = 193.189.244.206 193.189.244.225 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D73336F7-D902-4394-ACE1-78F763D4E622}: DhcpNameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD10FF70-9B4D-4927-943C-69EAFEE5F622}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20 - AppInit_DLLs: (APSHook.dll) - APSHook.dll (Cognizance Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{39d5a075-600d-11de-85da-002354a126b8}\Shell\AutoRun\command - "" = I:\Toshiba\more4you.exe O33 - MountPoints2\{63574742-e610-11e0-b05f-002354a126b8}\Shell - "" = AutoRun O33 - MountPoints2\{63574742-e610-11e0-b05f-002354a126b8}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{63574760-e610-11e0-b05f-001e101fb45e}\Shell - "" = AutoRun O33 - MountPoints2\{63574760-e610-11e0-b05f-001e101fb45e}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{66f1f981-e7a6-11e0-a270-001e101f1ed9}\Shell - "" = AutoRun O33 - MountPoints2\{66f1f981-e7a6-11e0-a270-001e101f1ed9}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{767e2a53-2239-11df-bb10-002354a126b8}\Shell - "" = AutoRun O33 - MountPoints2\{767e2a53-2239-11df-bb10-002354a126b8}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{fdb8cdda-f50f-11e0-9984-001e101f2d88}\Shell - "" = AutoRun O33 - MountPoints2\{fdb8cdda-f50f-11e0-9984-001e101f2d88}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.07.05 15:58:32 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2013.07.05 14:59:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.06.21 21:30:31 | 005,261,912 | ---- | C] (Canneverbe Limited ) -- C:\Users\***\Desktop\cdbxp_setup_4.5.1.4003.exe [2013.06.10 18:55:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Realore_Whiterra Roads Of Rome 3 [2013.06.09 23:21:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Realore_Whiterra Roads Of Rome 2 [2013.06.07 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Realore_Whiterra Roads Of Rome 1.2 [2013.06.06 21:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012.09.20 21:09:49 | 006,722,216 | ---- | C] (Adobe Systems Inc.) -- C:\Users\***\Shockwave_Installer_Slim.exe [2012.06.13 20:55:04 | 000,894,952 | ---- | C] (Oracle Corporation) -- C:\Users\***\jxpiinstall.exe [2011.05.09 19:38:04 | 013,835,919 | ---- | C] (Written by Alexander Herzog) -- C:\Users\***\DosBoxoberfläche für alte spiele D-Fend-Reloaded-1.1.0-Setup.exe [2010.12.04 15:15:40 | 003,214,648 | ---- | C] (ASCOMP Software GmbH ) -- C:\Users\***\zr FESTPLATTENBEREINIGUNG UND DOPPELTE FINDENhddboostVV.exe.exe [2010.11.13 23:23:25 | 002,790,864 | ---- | C] (Adobe Systems, Inc.) -- C:\Users\***\install_flash_player.exe [2010.11.13 21:21:36 | 018,102,608 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Users\***\FreeYouTubeToMp3Converter39.exe [2010.04.18 19:12:20 | 033,850,672 | ---- | C] (Apple Inc.) -- C:\Users\***\QuickTimeInstaller.exe [2010.04.18 15:20:26 | 000,318,904 | ---- | C] (Microsoft Corporation) -- C:\Users\***\wmpfirefoxplugin.exe [2010.04.18 13:12:01 | 022,229,776 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Users\***\FreeYouTubeToMp3Converter.exe [2010.02.02 00:01:05 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe2744.dll [2010.01.03 19:48:53 | 005,061,520 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\***\mbam143-setup.exe [2010.01.03 19:09:39 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\***\spybotsd162.exe [2010.01.03 19:09:17 | 091,338,304 | ---- | C] (Lavasoft ) -- C:\Users\***\Ad-AwareInstallation.exe [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Users\***\Documents\*.tmp files -> C:\Users\***\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.07.05 15:58:32 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2013.07.05 15:45:46 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.07.05 15:45:46 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.07.05 15:45:46 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.07.05 15:45:46 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.07.05 15:33:05 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.05 15:33:05 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.05 15:16:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.07.05 15:00:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.07.05 14:30:46 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.07.05 13:33:57 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2013.07.05 13:33:54 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.07.05 13:33:09 | 000,042,462 | ---- | M] () -- C:\ProgramData\nvModes.001 [2013.07.05 13:33:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.05 13:32:57 | 3220,295,680 | -HS- | M] () -- C:\hiberfil.sys [2013.07.05 01:47:01 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2013.06.24 18:38:46 | 000,007,592 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat [2013.06.22 22:39:00 | 000,001,701 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2013.06.21 21:33:16 | 005,261,912 | ---- | M] (Canneverbe Limited ) -- C:\Users\***\Desktop\cdbxp_setup_4.5.1.4003.exe [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Users\***\Documents\*.tmp files -> C:\Users\***\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.07.05 14:30:46 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.11.04 16:41:01 | 000,030,641 | ---- | C] () -- C:\Users\***\435v rwetrtt.jpg [2012.11.04 00:51:48 | 000,262,117 | ---- | C] () -- C:\Users\***\ggdgdfgfg.jpg [2012.11.03 23:54:25 | 000,065,578 | ---- | C] () -- C:\Users\***\dsfsfsfsss.jpg [2012.11.02 14:41:22 | 000,149,967 | ---- | C] () -- C:\Users\***\Calciumtabelle.pdf [2012.10.22 23:47:01 | 000,258,428 | ---- | C] () -- C:\Users\***\1.bild.jpeg [2012.10.16 17:39:51 | 006,581,704 | ---- | C] () -- C:\Users\***\3.bild.pdf [2012.09.21 23:42:57 | 006,216,460 | ---- | C] () -- C:\Users\***\Besta SChweiz iKEA.pdf [2012.07.13 22:39:22 | 000,309,066 | ---- | C] () -- C:\Users\***\1183_littledays.zip [2012.07.13 22:39:15 | 000,027,415 | ---- | C] () -- C:\Users\***\1736_blackjack.zip [2012.07.13 22:38:54 | 000,091,517 | ---- | C] () -- C:\Users\***\2959_worstveld_sling_ext.zip [2012.07.13 22:38:50 | 000,040,200 | ---- | C] () -- C:\Users\***\1823_homework.zip [2012.07.13 22:38:46 | 000,045,191 | ---- | C] () -- C:\Users\***\0292_champagne.zip [2012.07.13 22:38:34 | 000,030,412 | ---- | C] () -- C:\Users\***\1624_ankecalligraphic.zip [2012.07.13 22:38:21 | 000,043,799 | ---- | C] () -- C:\Users\***\3973_windsong.zip [2012.07.13 22:38:12 | 000,098,641 | ---- | C] () -- C:\Users\***\brock-script.zip [2012.07.13 22:38:05 | 000,026,052 | ---- | C] () -- C:\Users\***\1573_athemeforamurder.zip [2012.07.13 22:37:54 | 000,011,919 | ---- | C] () -- C:\Users\***\1880_honeyistoleyourjumper.zip [2012.07.13 22:37:40 | 000,036,079 | ---- | C] () -- C:\Users\***\1881_janeausten.zip [2012.07.13 22:37:27 | 000,047,121 | ---- | C] () -- C:\Users\***\0814_freebooterscript.zip [2012.07.13 22:37:12 | 000,015,382 | ---- | C] () -- C:\Users\***\0435_anarchistic.zip [2012.07.13 22:37:04 | 000,017,429 | ---- | C] () -- C:\Users\***\james-fajardo.zip [2012.07.13 22:36:05 | 000,038,078 | ---- | C] () -- C:\Users\***\0618_lunabar.zip [2012.07.13 21:14:02 | 000,029,848 | ---- | C] () -- C:\Users\***\0824_adinekirnbergscript.zip [2012.07.13 21:11:35 | 000,175,717 | ---- | C] () -- C:\Users\***\4232_jellyka_castles_queen.zip [2012.07.13 21:11:31 | 000,058,650 | ---- | C] () -- C:\Users\***\0121_scriptina.zip [2012.07.13 21:10:44 | 000,047,301 | ---- | C] () -- C:\Users\***\0089_angelina.zip [2012.07.13 21:10:36 | 000,059,504 | ---- | C] () -- C:\Users\***\0921_younglove.zip [2012.07.13 21:10:30 | 000,125,416 | ---- | C] () -- C:\Users\***\4070_the_king_queen_font.zip [2012.07.13 20:56:00 | 000,127,507 | ---- | C] () -- C:\Users\***\Font janda-fabulous.zip [2012.07.13 20:55:48 | 000,311,139 | ---- | C] () -- C:\Users\***\Font janda-christmas-doodles.zip [2012.07.13 20:55:15 | 000,040,561 | ---- | C] () -- C:\Users\***\Font kg-keep-your-head-up.zip [2012.07.13 20:55:06 | 000,042,995 | ---- | C] () -- C:\Users\***\Font kg-like-a-skyscraper.zip [2012.07.13 20:54:56 | 000,023,620 | ---- | C] () -- C:\Users\***\Font kg-god-gave-me-you.zip [2012.07.13 20:54:47 | 000,039,433 | ---- | C] () -- C:\Users\***\Font kg-les-bouquinistes-de-paris.zip [2012.07.13 20:54:17 | 000,029,388 | ---- | C] () -- C:\Users\***\Font janda-swirlygirl.zip [2012.07.13 20:54:06 | 000,021,840 | ---- | C] () -- C:\Users\***\Font kg-sweet-n-sassy.zip [2012.07.13 20:53:50 | 000,026,023 | ---- | C] () -- C:\Users\***\Font kg-legacy-of-virtue.zip [2012.07.13 20:53:37 | 000,026,974 | ---- | C] () -- C:\Users\***\Font kg-mercy-in-the-morning.zip [2012.07.13 20:53:25 | 000,102,042 | ---- | C] () -- C:\Users\***\Font kg-heart-doodles.zip [2012.07.13 20:53:13 | 000,074,242 | ---- | C] () -- C:\Users\***\Font janda-apple-cobbler.zip [2012.07.13 20:52:44 | 000,018,158 | ---- | C] () -- C:\Users\***\Font kg-skinny-latte.zip [2012.07.13 20:52:32 | 000,040,749 | ---- | C] () -- C:\Users\***\Font janda-swirly-twirly.zip [2012.07.13 20:52:16 | 000,056,208 | ---- | C] () -- C:\Users\***\FONT janda-manatee.zip [2012.06.08 20:56:16 | 000,122,048 | ---- | C] () -- C:\Users\***\IMG_3571.jpeg [2012.03.31 22:14:23 | 000,000,021 | ---- | C] () -- C:\Windows\preview.ini [2011.12.27 00:20:04 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2011.12.27 00:07:38 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll [2011.12.26 17:43:28 | 001,322,592 | ---- | C] () -- C:\Users\***\MOV DAT IN AVI RADTools.exe [2011.10.23 13:14:59 | 000,350,978 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_ice.rar [2011.10.23 13:14:53 | 000,345,412 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_blonde.rar [2011.10.23 13:14:48 | 000,351,843 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_orange.rar [2011.10.23 13:14:45 | 000,351,690 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_gold.rar [2011.10.23 13:14:36 | 000,337,252 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_chocolate.rar [2011.10.23 13:14:33 | 000,339,787 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_caramel.rar [2011.10.23 13:14:07 | 000,325,380 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_black.rar [2011.10.23 13:14:04 | 002,268,114 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_mesh.rar [2011.10.23 13:13:07 | 008,796,943 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair93.rar [2011.10.22 22:11:47 | 004,080,888 | ---- | C] () -- C:\Users\***\Peggy_female_hair_mesh#007930.rar [2011.10.20 23:08:24 | 000,246,547 | ---- | C] () -- C:\Users\***\FEparty5_AAS.zip [2011.10.20 23:08:01 | 000,336,440 | ---- | C] () -- C:\Users\***\FEparty2_AAS.zip [2011.10.20 23:06:47 | 000,016,221 | ---- | C] () -- C:\Users\***\inbeatz_mesh16.rar [2011.10.20 23:06:46 | 000,125,972 | ---- | C] () -- C:\Users\***\inbeatz_mesh22.rar [2011.10.20 23:06:46 | 000,018,133 | ---- | C] () -- C:\Users\***\inbeatz_mesh14.rar [2011.10.20 23:06:46 | 000,010,915 | ---- | C] () -- C:\Users\***\inbeatz_mesh13.rar [2011.10.20 23:06:46 | 000,010,582 | ---- | C] () -- C:\Users\***\inbeatz_mesh12.rar [2011.10.14 01:56:07 | 000,306,430 | ---- | C] () -- C:\Users\***\TMturkformal.zip [2011.10.14 01:55:30 | 000,979,608 | ---- | C] () -- C:\Users\***\wws.zip [2011.10.11 10:55:33 | 000,374,138 | ---- | C] () -- C:\Users\***\38434.pdf [2011.10.09 20:58:54 | 000,006,359 | ---- | C] () -- C:\Users\***\274310_908140690_2721112_n.jpg [2011.10.09 20:40:10 | 026,061,148 | ---- | C] () -- C:\Users\***\Der_Leichenraeuber-Teil_2-Robert_Louis_Stevenson.zip [2011.10.09 20:39:57 | 024,551,883 | ---- | C] () -- C:\Users\***\Der_Leichenraeuber-Teil_1-Robert_Louis_Stevenson.zip [2011.10.09 20:39:29 | 025,784,868 | ---- | C] () -- C:\Users\***\Der_Untergang_des_Hauses_Usher-Teil_2-Edgar_Allan_Poe.zip [2011.10.09 08:19:40 | 000,024,267 | ---- | C] () -- C:\Users\***\cover-der-untergang-des-hauses-usher.gif [2011.10.09 08:18:23 | 023,881,969 | ---- | C] () -- C:\Users\***\Der_Untergang_des_Hauses_Usher-Teil_1-Edgar_Allan_Poe.zip [2011.10.09 08:16:41 | 030,433,043 | ---- | C] () -- C:\Users\***\Das_gefleckte_Band-Teil_2-Arthur_Conan_Doyle.zip [2011.10.09 08:15:21 | 028,631,167 | ---- | C] () -- C:\Users\***\Das_gefleckte_Band-Teil_1-Arthur_Conan_Doyle.zip [2011.08.23 20:19:42 | 006,437,900 | ---- | C] () -- C:\Users\***\CIMG2434.JPG [2011.08.23 20:19:32 | 006,078,116 | ---- | C] () -- C:\Users\***\CIMG2432.JPG [2011.06.24 01:10:14 | 000,002,850 | ---- | C] () -- C:\Users\***\WasWar FIRST VERSION.bak [2011.06.24 01:06:58 | 000,002,850 | ---- | C] () -- C:\Users\***\WasWar FIRST VERSION.yw5 [2011.05.17 23:21:44 | 000,036,193 | ---- | C] () -- C:\Users\***\2,h=343et.bild.jpg [2011.05.17 23:17:08 | 000,036,533 | ---- | C] () -- C:\Users\***\2,h=343.bhgild.jpg [2011.05.17 23:02:01 | 000,037,275 | ---- | C] () -- C:\Users\***\2,h=343.bivld.jpg [2011.05.15 00:58:19 | 000,024,290 | ---- | C] () -- C:\Users\***\2,h=343.bildd.jpg [2011.05.15 00:57:41 | 000,028,948 | ---- | C] () -- C:\Users\***\2,h=34s3.bild.jpg [2011.05.15 00:56:58 | 000,030,526 | ---- | C] () -- C:\Users\***\2,h=343.bild.jpg [2011.05.09 19:19:51 | 001,132,200 | ---- | C] () -- C:\Users\***\1869.zip [2011.04.29 20:49:12 | 001,602,254 | ---- | C] () -- C:\Users\***\projektfahrplan_samsung-galaxy-s2.pdf [2011.02.28 15:57:32 | 000,001,083 | ---- | C] () -- C:\Users\***\AppData\Roaming\mdbu.bin [2011.01.31 13:39:17 | 001,259,520 | ---- | C] () -- C:\Users\***\Giraffe.pps [2010.12.25 12:20:39 | 000,078,831 | ---- | C] () -- C:\Users\***\x2_3db1c13.jpg [2010.12.13 00:55:40 | 012,144,452 | ---- | C] () -- C:\Users\***\Anthony Robson - No.4 Aria (Alto) Bereite dich, Zion.mp3 [2010.12.07 23:28:03 | 011,357,600 | ---- | C] () -- C:\Users\***\Orchestra Sinfonica Nazionale della Rai & Elina Garanca & Coro Filarmonico del Regio di T... - L'amour est un oiseau rebelle (Havanaise).mp3 [2010.12.07 22:24:21 | 087,362,240 | ---- | C] ( ) -- C:\Users\***\fotokasten_comfort_3.6-Tchibo-Edition.exe [2010.12.06 21:25:29 | 007,612,431 | ---- | C] () -- C:\Users\***\Andreas Scholl & Stefano Montanari & Accademia Bizantina - What Power art thou.mp3 [2010.11.22 15:14:58 | 000,973,780 | ---- | C] () -- C:\Users\***\z1_reisezeit_2009.pdf [2010.11.21 23:27:45 | 000,204,517 | ---- | C] () -- C:\Users\***\media_871770.pdf [2010.11.21 23:24:43 | 000,203,683 | ---- | C] () -- C:\Users\***\media_872064.pdf [2010.11.11 01:57:33 | 000,105,984 | ---- | C] () -- C:\Users\***\5f50fe7a-52e4-42f6-a3ac-8ffc1a764c2e_2.mp3 [2010.11.11 00:07:52 | 053,182,768 | ---- | C] () -- C:\Users\***\avira_antivir_personal_de NEUE VERSION 10.exe [2010.06.10 12:19:32 | 000,034,502 | ---- | C] () -- C:\Users\***\369457.zip [2010.05.19 23:31:23 | 000,155,695 | ---- | C] () -- C:\Users\***\PDFSeptember 2009Mai 2010.pdf [2010.05.13 01:01:00 | 122,427,805 | ---- | C] () -- C:\Users\***\RoyalEnvoySetup.exe [2010.05.09 18:20:24 | 000,220,160 | ---- | C] () -- C:\Users\***\Foto des perfekten Mannes TW.pps [2010.04.18 13:18:50 | 001,008,736 | ---- | C] () -- C:\Users\***\AmazonMP3Installer-de_DE.exe [2010.04.09 17:54:55 | 000,000,687 | ---- | C] () -- C:\Users\***\MTS_Chaavik_1079516_NoAutonomousPlayFetch-PETS.rar [2010.04.09 14:14:26 | 065,639,962 | ---- | C] () -- C:\Users\***\DinerDash5BoomSetup.exe [2010.03.04 01:55:30 | 015,844,722 | ---- | C] () -- C:\Users\***\FindersKeepersSetup.exe [2010.02.02 19:52:31 | 004,585,545 | ---- | C] () -- C:\Users\***\W995__UG_DE_1225_4616_1.pdf [2010.01.19 18:58:09 | 000,007,592 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat [2010.01.10 02:19:48 | 011,963,422 | ---- | C] () -- C:\Users\***\FamilyFeudIISetup.exe [2009.08.14 23:57:28 | 015,627,356 | ---- | C] () -- C:\Users\***\YahtzeeSetup.exe [2009.08.14 23:54:38 | 069,201,270 | ---- | C] () -- C:\Users\***\SatisfashionSetup.exe [2009.07.22 21:54:36 | 000,097,792 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.07.14 22:12:36 | 020,874,987 | ---- | C] () -- C:\Users\***\TheGameOfLIFEPTSSetup.exe [2009.07.14 22:12:03 | 031,406,373 | ---- | C] () -- C:\Users\***\UNOUndercoverSetup.exe [2009.07.14 22:09:53 | 025,169,925 | ---- | C] () -- C:\Users\***\MahjonggAncientMayasSetup.exe [2009.06.23 17:58:26 | 000,042,462 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009.06.23 17:55:52 | 000,042,462 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008.07.02 05:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll [2008.05.22 19:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg [2007.03.12 18:59:00 | 000,299,008 | ---- | C] () -- C:\Program Files\navigram_register.exe ========== ZeroAccess Check ========== [2012.07.14 19:11:12 | 000,000,596 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\kxdclicb.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2009.10.21 03:21:21 | 000,000,000 | -HSD | M] -- C:\Users\***\AppData\Roaming\.# [2013.03.25 00:24:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\1&1 Mail & Media GmbH [2010.04.18 13:20:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon [2011.12.26 23:40:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AnvSoft [2013.07.01 03:14:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BITS [2011.07.27 14:48:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canneverbe Limited [2011.08.17 01:03:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CheckPoint [2012.01.11 18:58:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft [2012.01.11 18:57:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers [2009.08.15 00:02:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\eGames [2010.01.22 23:51:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Gamelab [2009.12.27 23:16:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GamesCafe [2013.04.14 20:12:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ [2009.07.14 14:08:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IrfanView [2013.05.06 20:53:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Islands [2013.05.12 19:52:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Islands2 [2013.05.04 23:35:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Islands3 [2013.06.02 16:09:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\island_tribe_4_realore_bfg_en [2009.11.13 20:24:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\iWin [2011.05.09 20:44:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Jane s Hotel 3 [2011.08.15 03:10:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\JewelMatch2 [2013.03.26 03:24:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Peace Craft [2013.03.29 06:05:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PeaceCraft2 [2013.03.08 07:06:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PeaceCraft3 [2009.12.26 22:58:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Playfirst [2009.09.26 01:02:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Skip-Bo [2010.02.01 23:58:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony [2010.02.01 23:55:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony Setup [2011.06.24 01:02:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spacejock Software [2009.08.10 00:37:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\UNOUndercover [2011.01.07 12:24:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ykusox [2011.01.02 00:34:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Yvymo ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 252 bytes -> C:\ProgramData\Temp:38FF076E @Alternate Data Stream - 246 bytes -> C:\ProgramData\Temp:84FA02E7 @Alternate Data Stream - 234 bytes -> C:\ProgramData\Temp:E5BA9ADD @Alternate Data Stream - 232 bytes -> C:\ProgramData\Temp:C9B27A06 @Alternate Data Stream - 225 bytes -> C:\ProgramData\Temp:EC0279DC @Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:99AC3203 @Alternate Data Stream - 206 bytes -> C:\ProgramData\Temp:DCA79AB3 @Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:F43B7E8F @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:A9ABA3FF < End of report > Code:
ATTFilter OTL Extras logfile created on: 05.07.2013 16:10:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 34,61% Memory free
6,20 Gb Paging File | 3,59 Gb Available in Paging File | 57,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 14,53 Gb Free Space | 9,75% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 122,46 Gb Free Space | 87,92% Space Free | Partition Type: NTFS
Drive F: | 149,04 Gb Total Space | 115,32 Gb Free Space | 77,37% Space Free | Partition Type: NTFS
Drive G: | 149,04 Gb Total Space | 143,90 Gb Free Space | 96,55% Space Free | Partition Type: NTFS
Drive H: | 3,72 Gb Total Space | 3,72 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "G:\Filme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "G:\Filme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{FAE23E7E-C456-4A5E-B357-E8E4E5EC51D0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05D9635A-8B2F-4F80-848F-E97C31BAA344}" = protocol=6 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{230F670B-9846-4251-BEF1-BEFFC9EF99EB}" = dir=in | app=c:\program files\asus\ai touchmedia\playmovie\pmvservice.exe |
"{2A0FE31C-80BC-4E19-A2BD-E5E8F241A6C7}" = protocol=17 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{2BF9FC6F-4A62-4E76-BC2E-C365EE7DBCBD}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{3315CCD0-F76D-4F2E-B134-ACE91DC6E421}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{3A165E6B-A367-46DF-AE78-AD71A87BEBFC}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{3ED5E282-A401-44B8-95E2-B7066FA23BC5}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{5A15BBD5-F629-4723-A18C-46E43D4B176F}" = protocol=17 | dir=in | app=g:\program files\sony ericsson\update service\update service.exe |
"{68B2243C-0A91-4157-A56C-D4341AE7F7A7}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\kernel\dmp\clbrowserengine.exe |
"{6C01D200-5584-4E19-87A6-9A44395B83AC}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\pcmservice.exe |
"{76E279AA-7EE8-4F23-AF16-ABD49210F7D8}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\powercinema.exe |
"{92E6A180-3607-450D-93F5-5FD617B53B12}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{95DEAC44-8D5D-4F09-BD64-552E8547BD76}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A4016150-03DA-4532-BF50-57FF5C903956}" = dir=in | app=c:\program files\asus\ai touchmedia\playmovie\playmovie.exe |
"{B58CB3CF-70DE-4204-AE78-CC2372831E38}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{BABC3380-1A7E-4613-AFEF-2335C866B5F1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C0A11FFD-8C6D-43D4-8B93-A466BFC0B7B3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CE0A70BE-9D2B-4DAB-B503-3D0D18FBA033}" = protocol=6 | dir=in | app=g:\program files\sony ericsson\update service\update service.exe |
"{EBCFF5EE-C815-4B1F-BAFA-319A9AF9E707}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\kernel\dms\clmsservice.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{250F0996-1830-40C8-9B1D-6874D808DD95}" = ChkMail
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = AI TouchMedia
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
"{27D51A76-371D-48B6-B06E-4137A15B7583}" = Express Gate
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5C98D841-6392-41F1-A80E-B1A741F32A95}" = DSL-Speedtest
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770103E9-E1C3-48C9-812B-2982C7070575}_is1" = Pazera Free MOV to AVI Converter 1.4
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = Die Sims™ 2 Apartment-Leben
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE52F670-9E10-4C0A-B0CB-D78BAB0A7923}" = NimoFilm
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}" = ASUS Security Protect Manager
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DE66EFAD-B9CC-4FD4-9157-6C18E5100161}" = Dolby Control Center
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE MailCheck für Internet Explorer
"10888a5b8643982a1f8e7de8c303ccbd" = Big Kahuna Reef 2 - Chain Reaction
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"am-skipbocastawaycapertm" = SKIP-BO Castaway Caper(TM)
"Any Video Converter_is1" = Any Video Converter 3.3.2
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BFGC" = Big Fish Games: Game Manager
"BFG-Farm Frenzy 3 - American Pie" = Farm Frenzy 3: American Pie
"BFG-Island Tribe" = Island Tribe
"BFG-Island Tribe 2" = Island Tribe 2
"BFG-Island Tribe 3" = Island Tribe 3
"BFG-Island Tribe 4" = Island Tribe 4
"BFG-Jane's Hotel Mania" = Jane's Hotel Mania
"BFG-My Kingdom for the Princess" = My Kingdom for the Princess
"BFG-My Kingdom for the Princess II" = My Kingdom for the Princess II
"BFG-My Kingdom for the Princess III" = My Kingdom for the Princess III
"BFG-Roads of Rome" = Roads of Rome
"BFG-Roads of Rome II" = Roads of Rome II
"Bigpoint_Games_DE Toolbar" = Bigpoint Games DE Toolbar
"D-Fend Reloaded" = D-Fend Reloaded 1.1.0 (deinstallieren)
"Digital Image Recovery_is1" = Digital Image Recovery 1.47
"Dolphin Dice9.03" = Dolphin Dice 9.03
"FKC22153088_is1" = fotokasten comfort
"FlashGet 2.0" = FlashGet 2.0
"fotokasten comfort_is1" = fotokasten comfort 4.4
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube Download_is1" = Free YouTube Download 2.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Free_i-Dressup Toolbar" = Free i-Dressup Toolbar
"Google Chrome" = Google Chrome
"Governor of Poker_is1" = Governor of Poker
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = AI TouchMedia
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"IrfanView" = IrfanView (remove only)
"Island Realms_is1" = Island Realms
"Jewel Match 2_is1" = Jewel Match 2
"Jojos Fashion Show 2_is1" = Jojos Fashion Show 2
"Jojos Fashion Show World Tour_is1" = Jojos Fashion Show World Tour
"Jojos Fashion Show_is1" = Jojos Fashion Show
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa2" = Picasa 2
"PROHYBRIDR" = 2007 Microsoft Office system
"Quilting Time_is1" = Quilting Time
"RADVideo" = RAD Video Tools
"Ranch Rush_is1" = Ranch Rush
"Royal Envoy 2" = Royal Envoy 2
"Royal Envoy_is1" = Royal Envoy
"Sims 2 Wardrobe Wrangler v1.1" = Sims 2 Wardrobe Wrangler v1.1
"Sims2Pack Clean Installer " = Sims2Pack Clean Installer
"SKIPBO Castaway Caper_is1" = SKIPBO Castaway Caper
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.12.2.4
"Spiel Des Lebens" = Spiel Des Lebens
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Update Service
"USB2.0 1.3M UVC WebCam" = USB2.0 1.3M UVC WebCam
"VLC media player" = VLC media player 1.0.5
"Wedding Salon" = Wedding Salon
"WinPolis" = WinPolis
"WinRAR archiver" = WinRAR
"XMedia Recode" = XMedia Recode 3.0.6.0
"Yahoo! Widget Engine" = Yahoo! Widgets
"YTdetect" = Yahoo! Detect
"yWriter5_is1" = yWriter5
"Zero Assumption Digital Image Recovery_is1" = Zero Assumption Digital Image Recovery 1.2
"ZMBV" = Zip Motion Block Video codec (Remove Only)
"ZoneAlarm" = ZoneAlarm
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Move Media Player" = Move Media Player
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.07.2011 07:51:47 | Computer Name = *** | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 23.07.2011 17:49:07 | Computer Name = *** | Source = WinMgmt | ID = 10
Description =
Error - 24.07.2011 07:46:22 | Computer Name = *** | Source = WinMgmt | ID = 10
Description =
Error - 25.07.2011 12:08:02 | Computer Name = *** | Source = WinMgmt | ID = 10
Description =
Error - 26.07.2011 13:24:48 | Computer Name = *** | Source = WinMgmt | ID = 10
Description =
Error - 27.07.2011 08:07:50 | Computer Name = *** | Source = WinMgmt | ID = 10
Description =
Error - 27.07.2011 08:31:51 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Power2Go.exe, Version 6.0.0.1924, Zeitstempel
0x4888181a, fehlerhaftes Modul btmmhook.dll, Version 5.2.0.500, Zeitstempel 0x47fe5d08,
Ausnahmecode 0x40000015, Fehleroffset 0x0000e7ef, Prozess-ID 0x1330, Anwendungsstartzeit
01cc4c58f3cd6c82.
Error - 27.07.2011 08:34:52 | Computer Name = *** | Source = VSS | ID = 8194
Description =
Error - 27.07.2011 08:39:43 | Computer Name = *** | Source = MsiInstaller | ID = 11905
Description =
Error - 27.07.2011 08:40:42 | Computer Name = *** | Source = MsiInstaller | ID = 11311
Description =
[ ASUS Security Protect Manager Events ]
Error - 30.05.2013 18:04:58 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 02.06.2013 08:31:31 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 02.06.2013 08:31:33 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 05.06.2013 14:38:36 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 07.06.2013 05:12:36 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 25.06.2013 07:13:03 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 25.06.2013 07:13:11 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 29.06.2013 05:08:26 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 03.07.2013 16:27:25 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 03.07.2013 16:27:29 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
[ System Events ]
Error - 29.06.2013 05:31:13 | Computer Name = *** | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 01.07.2013 14:39:15 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description =
Error - 01.07.2013 14:39:15 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description =
Error - 01.07.2013 14:39:59 | Computer Name = *** | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 03.07.2013 16:27:00 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description =
Error - 03.07.2013 16:27:00 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description =
Error - 03.07.2013 16:29:05 | Computer Name = *** | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 05.07.2013 07:34:35 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description =
Error - 05.07.2013 07:34:35 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description =
Error - 05.07.2013 07:40:21 | Computer Name = *** | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >
|
|
05.07.2013, 17:16
| #4 |
| /// Malware-holic | 'PHP/WebShell.A.80' Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
05.07.2013, 21:35
| #5 |
| | 'PHP/WebShell.A.80' sorry, das es so lange gedauert hat, bin grad erst wieder heimgekommen. Hier der TDSSKiller-Log, es wurde kein Fund gemeldet: Code:
ATTFilter 22:30:32.0682 0172 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:30:33.0103 0172 ============================================================
22:30:33.0103 0172 Current date / time: 2013/07/05 22:30:33.0103
22:30:33.0103 0172 SystemInfo:
22:30:33.0103 0172
22:30:33.0103 0172 OS Version: 6.0.6002 ServicePack: 2.0
22:30:33.0103 0172 Product type: Workstation
22:30:33.0103 0172 ComputerName: ***
22:30:33.0103 0172 UserName: ***
22:30:33.0103 0172 Windows directory: C:\Windows
22:30:33.0103 0172 System windows directory: C:\Windows
22:30:33.0103 0172 Processor architecture: Intel x86
22:30:33.0103 0172 Number of processors: 2
22:30:33.0103 0172 Page size: 0x1000
22:30:33.0103 0172 Boot type: Normal boot
22:30:33.0103 0172 ============================================================
22:30:36.0395 0172 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:30:36.0722 0172 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x97695, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000050
22:30:36.0722 0172 ============================================================
22:30:36.0722 0172 \Device\Harddisk0\DR0:
22:30:36.0769 0172 MBR partitions:
22:30:36.0769 0172 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388B3B, BlocksNum 0x12A14C00
22:30:37.0315 0172 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13D9D77A, BlocksNum 0x1168FF47
22:30:37.0315 0172 \Device\Harddisk1\DR1:
22:30:37.0362 0172 MBR partitions:
22:30:37.0362 0172 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A17000
22:30:37.0362 0172 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x12A17800, BlocksNum 0x12A17000
22:30:37.0362 0172 ============================================================
22:30:37.0627 0172 C: <-> \Device\Harddisk0\DR0\Partition1
22:30:38.0485 0172 D: <-> \Device\Harddisk0\DR0\Partition2
22:30:38.0766 0172 F: <-> \Device\Harddisk1\DR1\Partition1
22:30:38.0813 0172 G: <-> \Device\Harddisk1\DR1\Partition2
22:30:38.0813 0172 ============================================================
22:30:38.0813 0172 Initialize success
22:30:38.0813 0172 ============================================================
22:31:23.0070 0928 ============================================================
22:31:23.0070 0928 Scan started
22:31:23.0070 0928 Mode: Manual;
22:31:23.0070 0928 ============================================================
22:31:25.0223 0928 ================ Scan system memory ========================
22:31:25.0223 0928 System memory - ok
22:31:25.0223 0928 ================ Scan services =============================
22:31:25.0301 0928 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:31:25.0301 0928 !SASCORE - ok
22:31:25.0644 0928 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
22:31:25.0644 0928 ACPI - ok
22:31:25.0862 0928 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:31:25.0862 0928 AdobeARMservice - ok
22:31:25.0909 0928 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:31:25.0925 0928 adp94xx - ok
22:31:25.0956 0928 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:31:25.0972 0928 adpahci - ok
22:31:26.0003 0928 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:31:26.0003 0928 adpu160m - ok
22:31:26.0034 0928 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:31:26.0034 0928 adpu320 - ok
22:31:26.0050 0928 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:31:26.0050 0928 AeLookupSvc - ok
22:31:26.0112 0928 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
22:31:26.0128 0928 AFD - ok
22:31:26.0143 0928 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
22:31:26.0143 0928 AgereModemAudio - ok
22:31:26.0190 0928 [ 1CFEBA39FC613E45B49D3EDDFBCDA289 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
22:31:26.0221 0928 AgereSoftModem - ok
22:31:26.0252 0928 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:31:26.0268 0928 agp440 - ok
22:31:26.0284 0928 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:31:26.0284 0928 aic78xx - ok
22:31:26.0299 0928 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:31:26.0315 0928 ALG - ok
22:31:26.0330 0928 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
22:31:26.0330 0928 aliide - ok
22:31:26.0346 0928 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:31:26.0346 0928 amdagp - ok
22:31:26.0362 0928 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
22:31:26.0362 0928 amdide - ok
22:31:26.0377 0928 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:31:26.0377 0928 AmdK7 - ok
22:31:26.0393 0928 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:31:26.0393 0928 AmdK8 - ok
22:31:26.0455 0928 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:31:26.0455 0928 AntiVirSchedulerService - ok
22:31:26.0486 0928 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:31:26.0486 0928 AntiVirService - ok
22:31:26.0518 0928 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:31:26.0518 0928 Appinfo - ok
22:31:26.0533 0928 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
22:31:26.0549 0928 arc - ok
22:31:26.0564 0928 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:31:26.0564 0928 arcsas - ok
22:31:26.0627 0928 [ 2EEDA27C19259C2340324EF7180D086B ] ASBroker C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
22:31:26.0627 0928 ASBroker - ok
22:31:26.0658 0928 [ BB3C0521ECCA4BB17AC55EB640DF0FA5 ] ASChannel C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll
22:31:26.0674 0928 ASChannel - ok
22:31:26.0720 0928 [ 5A055A4777CBBC8845DD598CB2EEBF69 ] ASLDRService C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
22:31:26.0720 0928 ASLDRService - ok
22:31:26.0736 0928 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys
22:31:26.0736 0928 ASMMAP - ok
22:31:26.0845 0928 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:31:26.0845 0928 AsyncMac - ok
22:31:26.0892 0928 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
22:31:26.0892 0928 atapi - ok
22:31:26.0908 0928 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
22:31:26.0908 0928 ATKGFNEXSrv - ok
22:31:26.0954 0928 [ F70D2392158CB68E775F8C4CD3D12FBB ] ATSWPDRV C:\Windows\system32\DRIVERS\ATSwpDrv.sys
22:31:26.0954 0928 ATSWPDRV - ok
22:31:27.0017 0928 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:31:27.0032 0928 AudioEndpointBuilder - ok
22:31:27.0032 0928 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:31:27.0032 0928 Audiosrv - ok
22:31:27.0079 0928 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:31:27.0079 0928 avgntflt - ok
22:31:27.0110 0928 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:31:27.0110 0928 avipbb - ok
22:31:27.0188 0928 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:31:27.0188 0928 avkmgr - ok
22:31:27.0220 0928 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:31:27.0235 0928 Beep - ok
22:31:27.0266 0928 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
22:31:27.0266 0928 BFE - ok
22:31:27.0344 0928 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
22:31:27.0360 0928 BITS - ok
22:31:27.0391 0928 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:31:27.0391 0928 blbdrive - ok
22:31:27.0422 0928 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:31:27.0422 0928 bowser - ok
22:31:27.0469 0928 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:31:27.0469 0928 BrFiltLo - ok
22:31:27.0485 0928 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:31:27.0485 0928 BrFiltUp - ok
22:31:27.0516 0928 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:31:27.0516 0928 Browser - ok
22:31:27.0547 0928 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:31:27.0547 0928 Brserid - ok
22:31:27.0563 0928 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:31:27.0563 0928 BrSerWdm - ok
22:31:27.0578 0928 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:31:27.0578 0928 BrUsbMdm - ok
22:31:27.0610 0928 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:31:27.0610 0928 BrUsbSer - ok
22:31:27.0641 0928 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
22:31:27.0641 0928 BthEnum - ok
22:31:27.0672 0928 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:31:27.0672 0928 BTHMODEM - ok
22:31:27.0688 0928 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:31:27.0688 0928 BthPan - ok
22:31:27.0797 0928 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
22:31:27.0953 0928 BTHPORT - ok
22:31:28.0046 0928 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
22:31:28.0046 0928 BthServ - ok
22:31:28.0078 0928 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
22:31:28.0078 0928 BTHUSB - ok
22:31:28.0109 0928 [ F2F7342742180D5060285499DEE50F99 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:31:28.0109 0928 btwaudio - ok
22:31:28.0171 0928 [ 32F59F26A30CFC508DA11DB3EA0F8B77 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
22:31:28.0171 0928 btwavdt - ok
22:31:28.0296 0928 [ 09CB316DB9D61ED9FC9A7B07A1A301F6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:31:28.0296 0928 btwdins - ok
22:31:28.0312 0928 [ ECB98391C756A7B9CFBAE89D9D1235E1 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:31:28.0312 0928 btwl2cap - ok
22:31:28.0343 0928 [ 03658734EF7D0F3B3F4636D3E8A38964 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:31:28.0343 0928 btwrchid - ok
22:31:28.0374 0928 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:31:28.0390 0928 cdfs - ok
22:31:28.0436 0928 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:31:28.0436 0928 cdrom - ok
22:31:28.0468 0928 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
22:31:28.0468 0928 CertPropSvc - ok
22:31:28.0483 0928 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:31:28.0483 0928 circlass - ok
22:31:28.0499 0928 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
22:31:28.0514 0928 CLFS - ok
22:31:28.0592 0928 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:31:28.0592 0928 clr_optimization_v2.0.50727_32 - ok
22:31:28.0655 0928 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:31:28.0686 0928 clr_optimization_v4.0.30319_32 - ok
22:31:28.0717 0928 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:31:28.0717 0928 CmBatt - ok
22:31:28.0733 0928 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:31:28.0733 0928 cmdide - ok
22:31:28.0748 0928 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:31:28.0764 0928 Compbatt - ok
22:31:28.0764 0928 COMSysApp - ok
22:31:28.0764 0928 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:31:28.0764 0928 crcdisk - ok
22:31:28.0811 0928 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:31:28.0826 0928 Crusoe - ok
22:31:28.0858 0928 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:31:28.0873 0928 CryptSvc - ok
22:31:28.0936 0928 [ 699CE24FE6B5120AF709A0B91582A02D ] DCamUSBET C:\Windows\system32\DRIVERS\etDevice.sys
22:31:28.0936 0928 DCamUSBET - ok
22:31:28.0998 0928 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:31:29.0029 0928 DcomLaunch - ok
22:31:29.0076 0928 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:31:29.0076 0928 DfsC - ok
22:31:29.0138 0928 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
22:31:29.0185 0928 DFSR - ok
22:31:29.0232 0928 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:31:29.0232 0928 Dhcp - ok
22:31:29.0263 0928 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
22:31:29.0263 0928 disk - ok
22:31:29.0294 0928 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:31:29.0294 0928 Dnscache - ok
22:31:29.0326 0928 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:31:29.0326 0928 dot3svc - ok
22:31:29.0357 0928 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:31:29.0357 0928 DPS - ok
22:31:29.0388 0928 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:31:29.0404 0928 drmkaud - ok
22:31:29.0435 0928 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:31:29.0435 0928 DXGKrnl - ok
22:31:29.0466 0928 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:31:29.0466 0928 E1G60 - ok
22:31:29.0482 0928 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:31:29.0482 0928 EapHost - ok
22:31:29.0513 0928 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:31:29.0513 0928 Ecache - ok
22:31:29.0575 0928 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:31:29.0575 0928 ehRecvr - ok
22:31:29.0591 0928 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
22:31:29.0591 0928 ehSched - ok
22:31:29.0606 0928 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
22:31:29.0606 0928 ehstart - ok
22:31:29.0700 0928 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:31:29.0825 0928 elxstor - ok
22:31:29.0918 0928 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:31:29.0950 0928 EMDMgmt - ok
22:31:29.0965 0928 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:31:29.0965 0928 ErrDev - ok
22:31:30.0012 0928 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
22:31:30.0043 0928 EventSystem - ok
22:31:30.0137 0928 [ E1556AF3FB0284C32896B9AC8494D9C2 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
22:31:30.0152 0928 ewusbnet - ok
22:31:30.0184 0928 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
22:31:30.0184 0928 ew_hwusbdev - ok
22:31:30.0277 0928 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
22:31:30.0277 0928 exfat - ok
22:31:30.0324 0928 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:31:30.0324 0928 fastfat - ok
22:31:30.0386 0928 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:31:30.0386 0928 fdc - ok
22:31:30.0433 0928 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:31:30.0433 0928 fdPHost - ok
22:31:30.0464 0928 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:31:30.0480 0928 FDResPub - ok
22:31:30.0542 0928 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:31:30.0542 0928 FileInfo - ok
22:31:30.0574 0928 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:31:30.0589 0928 Filetrace - ok
22:31:30.0605 0928 [ FD7CB14845A7F91BE11F80635B2CD8A6 ] FiltUSBET C:\Windows\system32\DRIVERS\etFilter.sys
22:31:30.0605 0928 FiltUSBET - ok
22:31:30.0620 0928 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:31:30.0636 0928 flpydisk - ok
22:31:30.0667 0928 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:31:30.0667 0928 FltMgr - ok
22:31:30.0776 0928 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
22:31:30.0839 0928 FontCache - ok
22:31:30.0901 0928 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:31:30.0901 0928 FontCache3.0.0.0 - ok
22:31:30.0932 0928 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:31:30.0948 0928 Fs_Rec - ok
22:31:30.0979 0928 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:31:30.0979 0928 gagp30kx - ok
22:31:31.0073 0928 [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
22:31:31.0073 0928 ghaio - ok
22:31:31.0166 0928 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
22:31:31.0276 0928 gpsvc - ok
22:31:31.0369 0928 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:31:31.0369 0928 gupdate - ok
22:31:31.0369 0928 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:31:31.0369 0928 gupdatem - ok
22:31:31.0400 0928 [ 649F407A844DDE2B97BC086AF97D663B ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:31:31.0416 0928 gusvc - ok
22:31:31.0463 0928 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:31:31.0463 0928 HdAudAddService - ok
22:31:31.0510 0928 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:31:31.0510 0928 HDAudBus - ok
22:31:31.0525 0928 [ FCB3F4BE408F72C1BD81BCABA87FC22F ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:31:31.0525 0928 HidBth - ok
22:31:31.0556 0928 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:31:31.0556 0928 HidIr - ok
22:31:31.0588 0928 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
22:31:31.0588 0928 hidserv - ok
22:31:31.0619 0928 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:31:31.0619 0928 HidUsb - ok
22:31:31.0666 0928 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:31:31.0666 0928 hkmsvc - ok
22:31:31.0712 0928 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:31:31.0712 0928 HpCISSs - ok
22:31:31.0790 0928 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:31:31.0900 0928 HTTP - ok
22:31:31.0978 0928 [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
22:31:31.0978 0928 huawei_enumerator - ok
22:31:32.0102 0928 [ A89423D0132C8AB69BA621B6CE191714 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:31:32.0102 0928 hwdatacard - ok
22:31:32.0196 0928 HWDeviceService.exe - ok
22:31:32.0243 0928 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:31:32.0243 0928 i2omp - ok
22:31:32.0321 0928 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:31:32.0321 0928 i8042prt - ok
22:31:32.0352 0928 [ 80C633722DA72E97F3F5B3B11325696D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:31:32.0352 0928 iaStor - ok
22:31:32.0368 0928 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:31:32.0368 0928 iaStorV - ok
22:31:32.0477 0928 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:31:32.0539 0928 idsvc - ok
22:31:32.0570 0928 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:31:32.0570 0928 iirsp - ok
22:31:32.0617 0928 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
22:31:32.0617 0928 IKEEXT - ok
22:31:32.0695 0928 [ 58072F5FD95ECE78F9FA7BDA1210A9E7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:31:32.0711 0928 IntcAzAudAddService - ok
22:31:32.0758 0928 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:31:32.0758 0928 intelide - ok
22:31:32.0773 0928 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:31:32.0773 0928 intelppm - ok
22:31:32.0820 0928 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:31:32.0836 0928 IPBusEnum - ok
22:31:32.0882 0928 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:31:32.0898 0928 IpFilterDriver - ok
22:31:32.0960 0928 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:31:32.0960 0928 iphlpsvc - ok
22:31:32.0960 0928 IpInIp - ok
22:31:32.0992 0928 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:31:32.0992 0928 IPMIDRV - ok
22:31:33.0007 0928 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:31:33.0023 0928 IPNAT - ok
22:31:33.0054 0928 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:31:33.0163 0928 IRENUM - ok
22:31:33.0335 0928 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:31:33.0350 0928 isapnp - ok
22:31:33.0444 0928 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:31:33.0444 0928 iScsiPrt - ok
22:31:33.0475 0928 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:31:33.0491 0928 iteatapi - ok
22:31:33.0553 0928 [ 8BCD857C7932AD005D5F9C89329DA2E1 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
22:31:33.0553 0928 itecir - ok
22:31:33.0584 0928 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:31:33.0584 0928 iteraid - ok
22:31:33.0600 0928 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:31:33.0600 0928 kbdclass - ok
22:31:33.0631 0928 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:31:33.0631 0928 kbdhid - ok
22:31:33.0662 0928 [ 27BD4AC228EF6C0D490617C32E86A672 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
22:31:33.0662 0928 kbfiltr - ok
22:31:33.0678 0928 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
22:31:33.0678 0928 KeyIso - ok
22:31:33.0756 0928 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:31:33.0787 0928 KSecDD - ok
22:31:33.0928 0928 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:31:33.0974 0928 KtmRm - ok
22:31:34.0021 0928 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
22:31:34.0021 0928 LanmanServer - ok
22:31:34.0052 0928 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:31:34.0052 0928 LanmanWorkstation - ok
22:31:34.0162 0928 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:31:34.0162 0928 LightScribeService - ok
22:31:34.0177 0928 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:31:34.0193 0928 lltdio - ok
22:31:34.0333 0928 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:31:34.0349 0928 lltdsvc - ok
22:31:34.0364 0928 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:31:34.0380 0928 lmhosts - ok
22:31:34.0411 0928 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:31:34.0411 0928 LSI_FC - ok
22:31:34.0458 0928 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:31:34.0458 0928 LSI_SAS - ok
22:31:34.0520 0928 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:31:34.0520 0928 LSI_SCSI - ok
22:31:34.0536 0928 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:31:34.0536 0928 luafv - ok
22:31:34.0583 0928 [ 8039F480C192DD99FED4EBC71FFBF795 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
22:31:34.0583 0928 lullaby - ok
22:31:34.0614 0928 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:31:34.0614 0928 Mcx2Svc - ok
22:31:34.0661 0928 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
22:31:34.0661 0928 megasas - ok
22:31:34.0692 0928 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:31:34.0708 0928 MegaSR - ok
22:31:34.0723 0928 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:31:34.0723 0928 MMCSS - ok
22:31:34.0879 0928 [ 38106C7BD34EAE89D2769AC0BA2E846B ] Mobile Partner. RunOuc C:\Program Files\Huawai Intenet Stick O2 Sparhandy\UpdateDog\ouc.exe
22:31:34.0879 0928 Mobile Partner. RunOuc - ok
22:31:34.0895 0928 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:31:34.0895 0928 Modem - ok
22:31:34.0942 0928 [ CBB59C41F19EFEA1A000793E08070A62 ] MODEMCSA C:\Windows\system32\drivers\MODEMCSA.sys
22:31:34.0942 0928 MODEMCSA - ok
22:31:34.0957 0928 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:31:34.0957 0928 monitor - ok
22:31:34.0973 0928 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:31:34.0973 0928 mouclass - ok
22:31:34.0973 0928 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:31:34.0973 0928 mouhid - ok
22:31:34.0988 0928 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:31:34.0988 0928 MountMgr - ok
22:31:35.0066 0928 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:31:35.0082 0928 MozillaMaintenance - ok
22:31:35.0144 0928 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
22:31:35.0222 0928 mpio - ok
22:31:35.0254 0928 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:31:35.0254 0928 mpsdrv - ok
22:31:35.0300 0928 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
22:31:35.0300 0928 MpsSvc - ok
22:31:35.0332 0928 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:31:35.0332 0928 Mraid35x - ok
22:31:35.0363 0928 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:31:35.0363 0928 MRxDAV - ok
22:31:35.0394 0928 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:31:35.0394 0928 mrxsmb - ok
22:31:35.0441 0928 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:31:35.0441 0928 mrxsmb10 - ok
22:31:35.0472 0928 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:31:35.0472 0928 mrxsmb20 - ok
22:31:35.0503 0928 [ DE77526BDE93142BDC90CFA9F5CEAD36 ] msahci C:\Windows\system32\drivers\msahci.sys
22:31:35.0503 0928 msahci - ok
22:31:35.0519 0928 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:31:35.0612 0928 msdsm - ok
22:31:35.0644 0928 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:31:35.0644 0928 MSDTC - ok
22:31:35.0659 0928 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:31:35.0659 0928 Msfs - ok
22:31:35.0675 0928 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:31:35.0675 0928 msisadrv - ok
22:31:35.0706 0928 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:31:35.0722 0928 MSiSCSI - ok
22:31:35.0722 0928 msiserver - ok
22:31:35.0737 0928 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:31:35.0753 0928 MSKSSRV - ok
22:31:35.0768 0928 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:31:35.0768 0928 MSPCLOCK - ok
22:31:35.0784 0928 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:31:35.0784 0928 MSPQM - ok
22:31:35.0815 0928 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:31:35.0815 0928 MsRPC - ok
22:31:35.0831 0928 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:31:35.0831 0928 mssmbios - ok
22:31:35.0846 0928 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:31:35.0846 0928 MSTEE - ok
22:31:35.0893 0928 [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys
22:31:35.0893 0928 MTsensor - ok
22:31:35.0909 0928 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
22:31:35.0909 0928 Mup - ok
22:31:36.0034 0928 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
22:31:36.0034 0928 napagent - ok
22:31:36.0080 0928 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:31:36.0080 0928 NativeWifiP - ok
22:31:36.0158 0928 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:31:36.0190 0928 NDIS - ok
22:31:36.0236 0928 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:31:36.0236 0928 NdisTapi - ok
22:31:36.0236 0928 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:31:36.0236 0928 Ndisuio - ok
22:31:36.0268 0928 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:31:36.0268 0928 NdisWan - ok
22:31:36.0283 0928 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:31:36.0283 0928 NDProxy - ok
22:31:36.0283 0928 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:31:36.0299 0928 NetBIOS - ok
22:31:36.0314 0928 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:31:36.0314 0928 netbt - ok
22:31:36.0330 0928 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
22:31:36.0330 0928 Netlogon - ok
22:31:36.0361 0928 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:31:36.0361 0928 Netman - ok
22:31:36.0392 0928 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:31:36.0392 0928 netprofm - ok
22:31:36.0439 0928 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:31:36.0439 0928 NetTcpPortSharing - ok
22:31:37.0079 0928 [ F0C42E0CDCE558D658FA53A222B4CCB1 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
22:31:37.0375 0928 NETw5v32 - ok
22:31:37.0406 0928 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:31:37.0406 0928 nfrd960 - ok
22:31:37.0469 0928 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:31:37.0469 0928 NlaSvc - ok
22:31:37.0609 0928 [ 25D6B2EB0A1FC4AB413AFE7EC4793EC1 ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
22:31:37.0609 0928 nosGetPlusHelper - ok
22:31:37.0656 0928 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:31:37.0656 0928 Npfs - ok
22:31:37.0687 0928 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:31:37.0687 0928 nsi - ok
22:31:37.0703 0928 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:31:37.0703 0928 nsiproxy - ok
22:31:37.0781 0928 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:31:37.0812 0928 Ntfs - ok
22:31:37.0812 0928 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:31:37.0828 0928 ntrigdigi - ok
22:31:37.0828 0928 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:31:37.0828 0928 Null - ok
22:31:37.0859 0928 [ 11BE4B269549173CFF542591E4BE2C08 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
22:31:37.0859 0928 NVHDA - ok
22:31:38.0077 0928 [ 7DB332F85AB7894C69DFB934EEE23EB9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:31:38.0296 0928 nvlddmkm - ok
22:31:38.0327 0928 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:31:38.0342 0928 nvraid - ok
22:31:38.0374 0928 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:31:38.0420 0928 nvstor - ok
22:31:38.0467 0928 [ 16DAEB9301135432916D1DAE3FED0B88 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:31:38.0483 0928 nvsvc - ok
22:31:38.0498 0928 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:31:38.0514 0928 nv_agp - ok
22:31:38.0514 0928 NwlnkFlt - ok
22:31:38.0514 0928 NwlnkFwd - ok
22:31:38.0592 0928 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:31:38.0608 0928 odserv - ok
22:31:38.0639 0928 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:31:38.0639 0928 ohci1394 - ok
22:31:38.0998 0928 [ DA345DE3B450E9E1691E7B9956D8FFC3 ] OMSI download service G:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
22:31:38.0998 0928 OMSI download service - ok
22:31:39.0076 0928 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:31:39.0091 0928 ose - ok
22:31:39.0185 0928 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:31:39.0341 0928 p2pimsvc - ok
22:31:39.0356 0928 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
22:31:39.0356 0928 p2psvc - ok
22:31:39.0403 0928 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:31:39.0419 0928 Parport - ok
22:31:39.0450 0928 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:31:39.0450 0928 partmgr - ok
22:31:39.0466 0928 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:31:39.0466 0928 Parvdm - ok
22:31:39.0481 0928 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:31:39.0481 0928 PcaSvc - ok
22:31:39.0544 0928 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
22:31:39.0544 0928 pci - ok
22:31:39.0559 0928 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
22:31:39.0559 0928 pciide - ok
22:31:39.0622 0928 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:31:39.0653 0928 pcmcia - ok
22:31:39.0856 0928 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:31:40.0012 0928 PEAUTH - ok
22:31:40.0230 0928 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:31:40.0277 0928 pla - ok
22:31:40.0308 0928 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:31:40.0324 0928 PlugPlay - ok
22:31:40.0370 0928 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:31:40.0370 0928 PNRPAutoReg - ok
22:31:40.0417 0928 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:31:40.0417 0928 PNRPsvc - ok
22:31:40.0480 0928 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:31:40.0511 0928 PolicyAgent - ok
22:31:40.0573 0928 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:31:40.0573 0928 PptpMiniport - ok
22:31:40.0589 0928 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
22:31:40.0589 0928 Processor - ok
22:31:40.0620 0928 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
22:31:40.0636 0928 ProfSvc - ok
22:31:40.0651 0928 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:31:40.0651 0928 ProtectedStorage - ok
22:31:40.0714 0928 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:31:40.0714 0928 PSched - ok
22:31:40.0729 0928 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
22:31:40.0729 0928 PxHelp20 - ok
22:31:40.0838 0928 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:31:40.0901 0928 ql2300 - ok
22:31:40.0916 0928 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:31:40.0979 0928 ql40xx - ok
22:31:41.0026 0928 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:31:41.0041 0928 QWAVE - ok
22:31:41.0041 0928 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:31:41.0041 0928 QWAVEdrv - ok
22:31:41.0088 0928 [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
22:31:41.0088 0928 RapiMgr - ok
22:31:41.0104 0928 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:31:41.0119 0928 RasAcd - ok
22:31:41.0135 0928 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:31:41.0291 0928 RasAuto - ok
22:31:41.0338 0928 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:31:41.0338 0928 Rasl2tp - ok
22:31:41.0369 0928 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
22:31:41.0369 0928 RasMan - ok
22:31:41.0400 0928 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:31:41.0400 0928 RasPppoe - ok
22:31:41.0416 0928 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:31:41.0416 0928 RasSstp - ok
22:31:41.0431 0928 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:31:41.0447 0928 rdbss - ok
22:31:41.0462 0928 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:31:41.0462 0928 RDPCDD - ok
22:31:41.0494 0928 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:31:41.0494 0928 rdpdr - ok
22:31:41.0494 0928 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:31:41.0509 0928 RDPENCDD - ok
22:31:41.0540 0928 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:31:41.0540 0928 RDPWD - ok
22:31:41.0587 0928 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:31:41.0587 0928 RemoteAccess - ok
22:31:41.0603 0928 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:31:41.0603 0928 RemoteRegistry - ok
22:31:41.0634 0928 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:31:41.0634 0928 RFCOMM - ok
22:31:41.0665 0928 [ A5B12A4B3B774432DB9B9FA221190E59 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
22:31:41.0681 0928 rimmptsk - ok
22:31:41.0696 0928 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
22:31:41.0696 0928 rimsptsk - ok
22:31:41.0696 0928 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
22:31:41.0712 0928 rismxdp - ok
22:31:41.0728 0928 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:31:41.0728 0928 RpcLocator - ok
22:31:41.0759 0928 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
22:31:41.0759 0928 RpcSs - ok
22:31:41.0774 0928 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:31:41.0774 0928 rspndr - ok
22:31:41.0821 0928 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
22:31:41.0821 0928 RTL8169 - ok
22:31:41.0868 0928 [ 1C5C2CB892553D2CF3F45A4BB323FCD6 ] s1018bus C:\Windows\system32\DRIVERS\s1018bus.sys
22:31:41.0868 0928 s1018bus - ok
22:31:41.0915 0928 [ 38F5EA219593F19B6B3A1B9C169E3B61 ] s1018mdfl C:\Windows\system32\DRIVERS\s1018mdfl.sys
22:31:41.0930 0928 s1018mdfl - ok
22:31:41.0993 0928 [ 666AF6B64FC7DF92D3CA4819EA91631D ] s1018mdm C:\Windows\system32\DRIVERS\s1018mdm.sys
22:31:41.0993 0928 s1018mdm - ok
22:31:42.0086 0928 [ F4CEDA6E2DDFF2AF8BD745615A7CA9C0 ] s1018mgmt C:\Windows\system32\DRIVERS\s1018mgmt.sys
22:31:42.0086 0928 s1018mgmt - ok
22:31:42.0164 0928 [ 3622D9FF2253DCBE885B10736609A4CA ] s1018nd5 C:\Windows\system32\DRIVERS\s1018nd5.sys
22:31:42.0164 0928 s1018nd5 - ok
22:31:42.0367 0928 [ 49431EFDA842B474531C29FFAE9F5D09 ] s1018obex C:\Windows\system32\DRIVERS\s1018obex.sys
22:31:42.0367 0928 s1018obex - ok
22:31:42.0430 0928 [ AC6B514CB4474F4C867D7CDC9CD54F05 ] s1018unic C:\Windows\system32\DRIVERS\s1018unic.sys
22:31:42.0430 0928 s1018unic - ok
22:31:42.0523 0928 [ 69013A123A00B3042C260B0056DF0152 ] s1029bus C:\Windows\system32\DRIVERS\s1029bus.sys
22:31:42.0523 0928 s1029bus - ok
22:31:42.0570 0928 [ 1565FC31F872963FE8AF471123D8424C ] s1029mdfl C:\Windows\system32\DRIVERS\s1029mdfl.sys
22:31:42.0570 0928 s1029mdfl - ok
22:31:42.0617 0928 [ D67A8042ECF6C983AC0E308B36603677 ] s1029mdm C:\Windows\system32\DRIVERS\s1029mdm.sys
22:31:42.0632 0928 s1029mdm - ok
22:31:42.0648 0928 [ 6FC093ABA554E45755DC2F3896B6C8D7 ] s1029obex C:\Windows\system32\DRIVERS\s1029obex.sys
22:31:42.0648 0928 s1029obex - ok
22:31:42.0679 0928 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
22:31:42.0695 0928 SamSs - ok
22:31:42.0742 0928 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:31:42.0742 0928 SASDIFSV - ok
22:31:42.0773 0928 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:31:42.0773 0928 SASKUTIL - ok
22:31:42.0804 0928 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:31:42.0804 0928 sbp2port - ok
22:31:42.0851 0928 [ 2393ED056AE02F5DBB3A7D6E40A5FDC2 ] ScanUSBET C:\Windows\system32\DRIVERS\etScan.sys
22:31:42.0851 0928 ScanUSBET - ok
22:31:42.0882 0928 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:31:42.0882 0928 SCardSvr - ok
22:31:42.0929 0928 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
22:31:42.0944 0928 Schedule - ok
22:31:42.0944 0928 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:31:42.0944 0928 SCPolicySvc - ok
22:31:42.0991 0928 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:31:43.0007 0928 sdbus - ok
22:31:43.0069 0928 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:31:43.0085 0928 SDRSVC - ok
22:31:43.0116 0928 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:31:43.0116 0928 secdrv - ok
22:31:43.0132 0928 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:31:43.0147 0928 seclogon - ok
22:31:43.0241 0928 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\Windows\system32\DRIVERS\seehcri.sys
22:31:43.0241 0928 seehcri - ok
22:31:43.0256 0928 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
22:31:43.0319 0928 SENS - ok
22:31:43.0350 0928 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:31:43.0350 0928 Serenum - ok
22:31:43.0381 0928 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:31:43.0397 0928 Serial - ok
22:31:43.0412 0928 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:31:43.0412 0928 sermouse - ok
22:31:43.0444 0928 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:31:43.0444 0928 SessionEnv - ok
22:31:43.0459 0928 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
22:31:43.0475 0928 sffdisk - ok
22:31:43.0475 0928 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:31:43.0475 0928 sffp_mmc - ok
22:31:43.0506 0928 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
22:31:43.0506 0928 sffp_sd - ok
22:31:43.0522 0928 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:31:43.0537 0928 sfloppy - ok
22:31:43.0553 0928 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:31:43.0568 0928 SharedAccess - ok
22:31:43.0600 0928 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:31:43.0600 0928 ShellHWDetection - ok
22:31:43.0631 0928 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:31:43.0631 0928 sisagp - ok
22:31:43.0693 0928 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:31:43.0693 0928 SiSRaid2 - ok
22:31:43.0709 0928 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:31:43.0709 0928 SiSRaid4 - ok
22:31:43.0865 0928 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
22:31:43.0943 0928 slsvc - ok
22:31:44.0052 0928 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:31:44.0052 0928 SLUINotify - ok
22:31:44.0099 0928 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:31:44.0099 0928 Smb - ok
22:31:44.0161 0928 [ C8A58FC905C9184FA70E37F71060C64D ] smserial C:\Windows\system32\DRIVERS\smserial.sys
22:31:44.0286 0928 smserial - ok
22:31:44.0333 0928 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:31:44.0395 0928 SNMPTRAP - ok
22:31:44.0411 0928 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:31:44.0411 0928 spldr - ok
22:31:44.0458 0928 [ 739DB668DBD812285ECC553E64A5E212 ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
22:31:44.0458 0928 spmgr - ok
22:31:44.0520 0928 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
22:31:44.0520 0928 Spooler - ok
22:31:44.0598 0928 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:31:44.0614 0928 srv - ok
22:31:44.0660 0928 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:31:44.0660 0928 srv2 - ok
22:31:44.0692 0928 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:31:44.0692 0928 srvnet - ok
22:31:44.0770 0928 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:31:44.0770 0928 SSDPSRV - ok
22:31:44.0801 0928 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
22:31:44.0801 0928 ssmdrv - ok
22:31:44.0848 0928 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:31:44.0863 0928 SstpSvc - ok
22:31:45.0004 0928 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
22:31:45.0191 0928 stisvc - ok
22:31:45.0238 0928 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:31:45.0238 0928 swenum - ok
22:31:45.0347 0928 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
22:31:45.0378 0928 swprv - ok
22:31:45.0394 0928 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:31:45.0409 0928 Symc8xx - ok
22:31:45.0440 0928 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:31:45.0440 0928 Sym_hi - ok
22:31:45.0456 0928 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:31:45.0456 0928 Sym_u3 - ok
22:31:45.0487 0928 [ BE78198C69135EF1FA157E08FD5C90FF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:31:45.0487 0928 SynTP - ok
22:31:45.0565 0928 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
22:31:45.0612 0928 SysMain - ok
22:31:45.0659 0928 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:31:45.0659 0928 TabletInputService - ok
22:31:45.0690 0928 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:31:45.0690 0928 TapiSrv - ok
22:31:45.0706 0928 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:31:45.0706 0928 TBS - ok
22:31:45.0784 0928 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:31:45.0815 0928 Tcpip - ok
22:31:45.0846 0928 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:31:45.0846 0928 Tcpip6 - ok
22:31:45.0908 0928 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:31:45.0908 0928 tcpipreg - ok
22:31:45.0971 0928 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:31:46.0064 0928 TDPIPE - ok
22:31:46.0096 0928 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:31:46.0111 0928 TDTCP - ok
22:31:46.0189 0928 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:31:46.0205 0928 tdx - ok
22:31:46.0236 0928 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:31:46.0236 0928 TermDD - ok
22:31:46.0314 0928 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
22:31:46.0330 0928 TermService - ok
22:31:46.0361 0928 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
22:31:46.0361 0928 Themes - ok
22:31:46.0361 0928 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:31:46.0361 0928 THREADORDER - ok
22:31:46.0408 0928 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:31:46.0408 0928 TrkWks - ok
22:31:46.0470 0928 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:31:46.0470 0928 TrustedInstaller - ok
22:31:46.0517 0928 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:31:46.0657 0928 tssecsrv - ok
22:31:46.0704 0928 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:31:46.0704 0928 tunmp - ok
22:31:46.0735 0928 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:31:46.0735 0928 tunnel - ok
22:31:46.0766 0928 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:31:46.0782 0928 uagp35 - ok
22:31:46.0813 0928 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:31:46.0813 0928 udfs - ok
22:31:46.0844 0928 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:31:46.0844 0928 UI0Detect - ok
22:31:46.0860 0928 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:31:46.0860 0928 uliagpkx - ok
22:31:46.0876 0928 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:31:46.0876 0928 uliahci - ok
22:31:46.0907 0928 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:31:46.0907 0928 UlSata - ok
22:31:46.0938 0928 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:31:46.0938 0928 ulsata2 - ok
22:31:46.0954 0928 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:31:46.0954 0928 umbus - ok
22:31:46.0969 0928 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:31:46.0969 0928 upnphost - ok
22:31:47.0000 0928 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:31:47.0063 0928 usbccgp - ok
22:31:47.0094 0928 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:31:47.0094 0928 usbcir - ok
22:31:47.0125 0928 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:31:47.0125 0928 usbehci - ok
22:31:47.0141 0928 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:31:47.0141 0928 usbhub - ok
22:31:47.0156 0928 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:31:47.0172 0928 usbohci - ok
22:31:47.0188 0928 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:31:47.0188 0928 usbprint - ok
22:31:47.0203 0928 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:31:47.0203 0928 USBSTOR - ok
22:31:47.0219 0928 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:31:47.0219 0928 usbuhci - ok
22:31:47.0281 0928 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:31:47.0297 0928 usbvideo - ok
22:31:47.0406 0928 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
22:31:47.0406 0928 UxSms - ok
22:31:47.0484 0928 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
22:31:47.0562 0928 vds - ok
22:31:47.0671 0928 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:31:47.0671 0928 vga - ok
22:31:47.0702 0928 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:31:47.0702 0928 VgaSave - ok
22:31:47.0765 0928 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:31:47.0765 0928 viaagp - ok
22:31:47.0796 0928 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:31:47.0796 0928 ViaC7 - ok
22:31:47.0827 0928 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
22:31:47.0827 0928 viaide - ok
22:31:47.0858 0928 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:31:47.0858 0928 volmgr - ok
22:31:47.0952 0928 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:31:47.0968 0928 volmgrx - ok
22:31:47.0983 0928 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:31:47.0983 0928 volsnap - ok
22:31:48.0046 0928 [ 6BE75CFCE25E42E79C0757C60D88FECB ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
22:31:48.0046 0928 Vsdatant - ok
22:31:48.0139 0928 vsdatant7 - ok
22:31:48.0186 0928 vsmon - ok
22:31:48.0217 0928 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:31:48.0217 0928 vsmraid - ok
22:31:48.0264 0928 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
22:31:48.0326 0928 VSS - ok
22:31:48.0342 0928 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
22:31:48.0342 0928 W32Time - ok
22:31:48.0373 0928 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:31:48.0373 0928 WacomPen - ok
22:31:48.0404 0928 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:31:48.0404 0928 Wanarp - ok
22:31:48.0404 0928 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:31:48.0404 0928 Wanarpv6 - ok
22:31:48.0467 0928 [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
22:31:48.0467 0928 WcesComm - ok
22:31:48.0482 0928 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:31:48.0670 0928 wcncsvc - ok
22:31:48.0701 0928 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:31:48.0701 0928 WcsPlugInService - ok
22:31:48.0716 0928 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
22:31:48.0716 0928 Wd - ok
22:31:48.0748 0928 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:31:48.0748 0928 Wdf01000 - ok
22:31:48.0763 0928 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:31:48.0763 0928 WdiServiceHost - ok
22:31:48.0763 0928 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:31:48.0779 0928 WdiSystemHost - ok
22:31:48.0794 0928 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
22:31:48.0794 0928 WebClient - ok
22:31:48.0857 0928 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:31:48.0857 0928 Wecsvc - ok
22:31:48.0888 0928 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:31:48.0888 0928 wercplsupport - ok
22:31:48.0919 0928 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
22:31:48.0919 0928 WerSvc - ok
22:31:49.0060 0928 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:31:49.0075 0928 WinDefend - ok
22:31:49.0075 0928 WinHttpAutoProxySvc - ok
22:31:49.0184 0928 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:31:49.0184 0928 Winmgmt - ok
22:31:49.0309 0928 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:31:49.0403 0928 WinRM - ok
22:31:49.0465 0928 [ 676F4B665BDD8053EAA53AC1695B8074 ] winusb C:\Windows\system32\DRIVERS\winusb.sys
22:31:49.0465 0928 winusb - ok
22:31:49.0574 0928 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:31:49.0637 0928 Wlansvc - ok
22:31:49.0668 0928 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:31:49.0668 0928 WmiAcpi - ok
22:31:49.0699 0928 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:31:49.0699 0928 wmiApSrv - ok
22:31:49.0808 0928 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:31:49.0840 0928 WMPNetworkSvc - ok
22:31:49.0871 0928 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:31:49.0902 0928 WPCSvc - ok
22:31:49.0964 0928 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:31:49.0964 0928 WPDBusEnum - ok
22:31:50.0027 0928 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:31:50.0027 0928 WpdUsb - ok
22:31:50.0557 0928 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:31:50.0666 0928 WPFFontCache_v0400 - ok
22:31:50.0713 0928 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:31:50.0713 0928 ws2ifsl - ok
22:31:50.0744 0928 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
22:31:50.0744 0928 wscsvc - ok
22:31:50.0744 0928 WSearch - ok
22:31:50.0900 0928 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:31:51.0197 0928 wuauserv - ok
22:31:51.0212 0928 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:31:51.0212 0928 WUDFRd - ok
22:31:51.0228 0928 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:31:51.0244 0928 wudfsvc - ok
22:31:51.0290 0928 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
22:31:51.0322 0928 yukonwlh - ok
22:31:51.0400 0928 [ 4D840C6AF3C020ED3A35EFBA9025CF4A ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl
22:31:51.0400 0928 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
22:31:51.0462 0928 ================ Scan global ===============================
22:31:51.0478 0928 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:31:51.0524 0928 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:31:51.0540 0928 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:31:51.0634 0928 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:31:51.0634 0928 [Global] - ok
22:31:51.0634 0928 ================ Scan MBR ==================================
22:31:51.0680 0928 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0
22:31:52.0320 0928 \Device\Harddisk0\DR0 - ok
22:31:52.0648 0928 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk1\DR1
22:31:52.0648 0928 \Device\Harddisk1\DR1 - ok
22:31:52.0663 0928 ================ Scan VBR ==================================
22:31:52.0679 0928 [ 852688C270F1C4BDD3CBA4F72546DA49 ] \Device\Harddisk0\DR0\Partition1
22:31:52.0694 0928 \Device\Harddisk0\DR0\Partition1 - ok
22:31:52.0726 0928 [ 856719FF8728B548306DDFD3F7AE8188 ] \Device\Harddisk0\DR0\Partition2
22:31:52.0726 0928 \Device\Harddisk0\DR0\Partition2 - ok
22:31:52.0726 0928 [ 6599E8079B52BFC8A1BED094B1D60C87 ] \Device\Harddisk1\DR1\Partition1
22:31:52.0741 0928 \Device\Harddisk1\DR1\Partition1 - ok
22:31:52.0772 0928 [ 67175C26A39AEE28EDEBB2BAFA46F08E ] \Device\Harddisk1\DR1\Partition2
22:31:52.0772 0928 \Device\Harddisk1\DR1\Partition2 - ok
22:31:52.0772 0928 ============================================================
22:31:52.0772 0928 Scan finished
22:31:52.0772 0928 ============================================================
22:31:52.0804 6128 Detected object count: 0
22:31:52.0804 6128 Actual detected object count: 0
|
|
05.07.2013, 21:47
| #6 |
| /// Malware-holic | 'PHP/WebShell.A.80' tdss killer nach Anleitung konfigurieren, erneut ausführen
__________________ --> 'PHP/WebShell.A.80' |
|
05.07.2013, 22:02
| #7 |
| | 'PHP/WebShell.A.80' oh mist, das einstellen hatte ich überlesen, tut mir leid, das ich deine Zeit umsonst in Anspruch genommen hab. Beim richtigen Scannen nach deiner Anweisung gabs auch prompt Funde: Teil 1 Code:
ATTFilter 22:30:32.0682 0172 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:30:33.0103 0172 ============================================================
22:30:33.0103 0172 Current date / time: 2013/07/05 22:30:33.0103
22:30:33.0103 0172 SystemInfo:
22:30:33.0103 0172
22:30:33.0103 0172 OS Version: 6.0.6002 ServicePack: 2.0
22:30:33.0103 0172 Product type: Workstation
22:30:33.0103 0172 ComputerName: ***
22:30:33.0103 0172 UserName: ***
22:30:33.0103 0172 Windows directory: C:\Windows
22:30:33.0103 0172 System windows directory: C:\Windows
22:30:33.0103 0172 Processor architecture: Intel x86
22:30:33.0103 0172 Number of processors: 2
22:30:33.0103 0172 Page size: 0x1000
22:30:33.0103 0172 Boot type: Normal boot
22:30:33.0103 0172 ============================================================
22:30:36.0395 0172 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:30:36.0722 0172 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x97695, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000050
22:30:36.0722 0172 ============================================================
22:30:36.0722 0172 \Device\Harddisk0\DR0:
22:30:36.0769 0172 MBR partitions:
22:30:36.0769 0172 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388B3B, BlocksNum 0x12A14C00
22:30:37.0315 0172 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13D9D77A, BlocksNum 0x1168FF47
22:30:37.0315 0172 \Device\Harddisk1\DR1:
22:30:37.0362 0172 MBR partitions:
22:30:37.0362 0172 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A17000
22:30:37.0362 0172 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x12A17800, BlocksNum 0x12A17000
22:30:37.0362 0172 ============================================================
22:30:37.0627 0172 C: <-> \Device\Harddisk0\DR0\Partition1
22:30:38.0485 0172 D: <-> \Device\Harddisk0\DR0\Partition2
22:30:38.0766 0172 F: <-> \Device\Harddisk1\DR1\Partition1
22:30:38.0813 0172 G: <-> \Device\Harddisk1\DR1\Partition2
22:30:38.0813 0172 ============================================================
22:30:38.0813 0172 Initialize success
22:30:38.0813 0172 ============================================================
22:31:23.0070 0928 ============================================================
22:31:23.0070 0928 Scan started
22:31:23.0070 0928 Mode: Manual;
22:31:23.0070 0928 ============================================================
22:31:25.0223 0928 ================ Scan system memory ========================
22:31:25.0223 0928 System memory - ok
22:31:25.0223 0928 ================ Scan services =============================
22:31:25.0301 0928 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:31:25.0301 0928 !SASCORE - ok
22:31:25.0644 0928 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
22:31:25.0644 0928 ACPI - ok
22:31:25.0862 0928 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:31:25.0862 0928 AdobeARMservice - ok
22:31:25.0909 0928 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:31:25.0925 0928 adp94xx - ok
22:31:25.0956 0928 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:31:25.0972 0928 adpahci - ok
22:31:26.0003 0928 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:31:26.0003 0928 adpu160m - ok
22:31:26.0034 0928 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:31:26.0034 0928 adpu320 - ok
22:31:26.0050 0928 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:31:26.0050 0928 AeLookupSvc - ok
22:31:26.0112 0928 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
22:31:26.0128 0928 AFD - ok
22:31:26.0143 0928 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
22:31:26.0143 0928 AgereModemAudio - ok
22:31:26.0190 0928 [ 1CFEBA39FC613E45B49D3EDDFBCDA289 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
22:31:26.0221 0928 AgereSoftModem - ok
22:31:26.0252 0928 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:31:26.0268 0928 agp440 - ok
22:31:26.0284 0928 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:31:26.0284 0928 aic78xx - ok
22:31:26.0299 0928 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:31:26.0315 0928 ALG - ok
22:31:26.0330 0928 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
22:31:26.0330 0928 aliide - ok
22:31:26.0346 0928 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:31:26.0346 0928 amdagp - ok
22:31:26.0362 0928 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
22:31:26.0362 0928 amdide - ok
22:31:26.0377 0928 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:31:26.0377 0928 AmdK7 - ok
22:31:26.0393 0928 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:31:26.0393 0928 AmdK8 - ok
22:31:26.0455 0928 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:31:26.0455 0928 AntiVirSchedulerService - ok
22:31:26.0486 0928 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:31:26.0486 0928 AntiVirService - ok
22:31:26.0518 0928 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:31:26.0518 0928 Appinfo - ok
22:31:26.0533 0928 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
22:31:26.0549 0928 arc - ok
22:31:26.0564 0928 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:31:26.0564 0928 arcsas - ok
22:31:26.0627 0928 [ 2EEDA27C19259C2340324EF7180D086B ] ASBroker C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
22:31:26.0627 0928 ASBroker - ok
22:31:26.0658 0928 [ BB3C0521ECCA4BB17AC55EB640DF0FA5 ] ASChannel C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll
22:31:26.0674 0928 ASChannel - ok
22:31:26.0720 0928 [ 5A055A4777CBBC8845DD598CB2EEBF69 ] ASLDRService C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
22:31:26.0720 0928 ASLDRService - ok
22:31:26.0736 0928 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys
22:31:26.0736 0928 ASMMAP - ok
22:31:26.0845 0928 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:31:26.0845 0928 AsyncMac - ok
22:31:26.0892 0928 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
22:31:26.0892 0928 atapi - ok
22:31:26.0908 0928 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
22:31:26.0908 0928 ATKGFNEXSrv - ok
22:31:26.0954 0928 [ F70D2392158CB68E775F8C4CD3D12FBB ] ATSWPDRV C:\Windows\system32\DRIVERS\ATSwpDrv.sys
22:31:26.0954 0928 ATSWPDRV - ok
22:31:27.0017 0928 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:31:27.0032 0928 AudioEndpointBuilder - ok
22:31:27.0032 0928 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:31:27.0032 0928 Audiosrv - ok
22:31:27.0079 0928 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:31:27.0079 0928 avgntflt - ok
22:31:27.0110 0928 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:31:27.0110 0928 avipbb - ok
22:31:27.0188 0928 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:31:27.0188 0928 avkmgr - ok
22:31:27.0220 0928 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:31:27.0235 0928 Beep - ok
22:31:27.0266 0928 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
22:31:27.0266 0928 BFE - ok
22:31:27.0344 0928 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
22:31:27.0360 0928 BITS - ok
22:31:27.0391 0928 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:31:27.0391 0928 blbdrive - ok
22:31:27.0422 0928 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:31:27.0422 0928 bowser - ok
22:31:27.0469 0928 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:31:27.0469 0928 BrFiltLo - ok
22:31:27.0485 0928 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:31:27.0485 0928 BrFiltUp - ok
22:31:27.0516 0928 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:31:27.0516 0928 Browser - ok
22:31:27.0547 0928 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:31:27.0547 0928 Brserid - ok
22:31:27.0563 0928 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:31:27.0563 0928 BrSerWdm - ok
22:31:27.0578 0928 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:31:27.0578 0928 BrUsbMdm - ok
22:31:27.0610 0928 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:31:27.0610 0928 BrUsbSer - ok
22:31:27.0641 0928 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
22:31:27.0641 0928 BthEnum - ok
22:31:27.0672 0928 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:31:27.0672 0928 BTHMODEM - ok
22:31:27.0688 0928 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:31:27.0688 0928 BthPan - ok
22:31:27.0797 0928 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
22:31:27.0953 0928 BTHPORT - ok
22:31:28.0046 0928 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
22:31:28.0046 0928 BthServ - ok
22:31:28.0078 0928 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
22:31:28.0078 0928 BTHUSB - ok
22:31:28.0109 0928 [ F2F7342742180D5060285499DEE50F99 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:31:28.0109 0928 btwaudio - ok
22:31:28.0171 0928 [ 32F59F26A30CFC508DA11DB3EA0F8B77 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
22:31:28.0171 0928 btwavdt - ok
22:31:28.0296 0928 [ 09CB316DB9D61ED9FC9A7B07A1A301F6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:31:28.0296 0928 btwdins - ok
22:31:28.0312 0928 [ ECB98391C756A7B9CFBAE89D9D1235E1 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:31:28.0312 0928 btwl2cap - ok
22:31:28.0343 0928 [ 03658734EF7D0F3B3F4636D3E8A38964 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:31:28.0343 0928 btwrchid - ok
22:31:28.0374 0928 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:31:28.0390 0928 cdfs - ok
22:31:28.0436 0928 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:31:28.0436 0928 cdrom - ok
22:31:28.0468 0928 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
22:31:28.0468 0928 CertPropSvc - ok
22:31:28.0483 0928 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:31:28.0483 0928 circlass - ok
22:31:28.0499 0928 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
22:31:28.0514 0928 CLFS - ok
22:31:28.0592 0928 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:31:28.0592 0928 clr_optimization_v2.0.50727_32 - ok
22:31:28.0655 0928 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:31:28.0686 0928 clr_optimization_v4.0.30319_32 - ok
22:31:28.0717 0928 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:31:28.0717 0928 CmBatt - ok
22:31:28.0733 0928 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:31:28.0733 0928 cmdide - ok
22:31:28.0748 0928 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:31:28.0764 0928 Compbatt - ok
22:31:28.0764 0928 COMSysApp - ok
22:31:28.0764 0928 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:31:28.0764 0928 crcdisk - ok
22:31:28.0811 0928 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:31:28.0826 0928 Crusoe - ok
22:31:28.0858 0928 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:31:28.0873 0928 CryptSvc - ok
22:31:28.0936 0928 [ 699CE24FE6B5120AF709A0B91582A02D ] DCamUSBET C:\Windows\system32\DRIVERS\etDevice.sys
22:31:28.0936 0928 DCamUSBET - ok
22:31:28.0998 0928 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:31:29.0029 0928 DcomLaunch - ok
22:31:29.0076 0928 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:31:29.0076 0928 DfsC - ok
22:31:29.0138 0928 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
22:31:29.0185 0928 DFSR - ok
22:31:29.0232 0928 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:31:29.0232 0928 Dhcp - ok
22:31:29.0263 0928 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
22:31:29.0263 0928 disk - ok
22:31:29.0294 0928 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:31:29.0294 0928 Dnscache - ok
22:31:29.0326 0928 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:31:29.0326 0928 dot3svc - ok
22:31:29.0357 0928 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:31:29.0357 0928 DPS - ok
22:31:29.0388 0928 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:31:29.0404 0928 drmkaud - ok
22:31:29.0435 0928 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:31:29.0435 0928 DXGKrnl - ok
22:31:29.0466 0928 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:31:29.0466 0928 E1G60 - ok
22:31:29.0482 0928 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:31:29.0482 0928 EapHost - ok
22:31:29.0513 0928 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:31:29.0513 0928 Ecache - ok
22:31:29.0575 0928 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:31:29.0575 0928 ehRecvr - ok
22:31:29.0591 0928 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
22:31:29.0591 0928 ehSched - ok
22:31:29.0606 0928 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
22:31:29.0606 0928 ehstart - ok
22:31:29.0700 0928 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:31:29.0825 0928 elxstor - ok
22:31:29.0918 0928 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:31:29.0950 0928 EMDMgmt - ok
22:31:29.0965 0928 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:31:29.0965 0928 ErrDev - ok
22:31:30.0012 0928 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
22:31:30.0043 0928 EventSystem - ok
22:31:30.0137 0928 [ E1556AF3FB0284C32896B9AC8494D9C2 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
22:31:30.0152 0928 ewusbnet - ok
22:31:30.0184 0928 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
22:31:30.0184 0928 ew_hwusbdev - ok
22:31:30.0277 0928 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
22:31:30.0277 0928 exfat - ok
22:31:30.0324 0928 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:31:30.0324 0928 fastfat - ok
22:31:30.0386 0928 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:31:30.0386 0928 fdc - ok
22:31:30.0433 0928 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:31:30.0433 0928 fdPHost - ok
22:31:30.0464 0928 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:31:30.0480 0928 FDResPub - ok
22:31:30.0542 0928 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:31:30.0542 0928 FileInfo - ok
22:31:30.0574 0928 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:31:30.0589 0928 Filetrace - ok
22:31:30.0605 0928 [ FD7CB14845A7F91BE11F80635B2CD8A6 ] FiltUSBET C:\Windows\system32\DRIVERS\etFilter.sys
22:31:30.0605 0928 FiltUSBET - ok
22:31:30.0620 0928 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:31:30.0636 0928 flpydisk - ok
22:31:30.0667 0928 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:31:30.0667 0928 FltMgr - ok
22:31:30.0776 0928 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
22:31:30.0839 0928 FontCache - ok
22:31:30.0901 0928 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:31:30.0901 0928 FontCache3.0.0.0 - ok
22:31:30.0932 0928 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:31:30.0948 0928 Fs_Rec - ok
22:31:30.0979 0928 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:31:30.0979 0928 gagp30kx - ok
22:31:31.0073 0928 [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
22:31:31.0073 0928 ghaio - ok
22:31:31.0166 0928 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
22:31:31.0276 0928 gpsvc - ok
22:31:31.0369 0928 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:31:31.0369 0928 gupdate - ok
22:31:31.0369 0928 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:31:31.0369 0928 gupdatem - ok
22:31:31.0400 0928 [ 649F407A844DDE2B97BC086AF97D663B ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:31:31.0416 0928 gusvc - ok
22:31:31.0463 0928 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:31:31.0463 0928 HdAudAddService - ok
22:31:31.0510 0928 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:31:31.0510 0928 HDAudBus - ok
22:31:31.0525 0928 [ FCB3F4BE408F72C1BD81BCABA87FC22F ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:31:31.0525 0928 HidBth - ok
22:31:31.0556 0928 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:31:31.0556 0928 HidIr - ok
22:31:31.0588 0928 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
22:31:31.0588 0928 hidserv - ok
22:31:31.0619 0928 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:31:31.0619 0928 HidUsb - ok
22:31:31.0666 0928 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:31:31.0666 0928 hkmsvc - ok
22:31:31.0712 0928 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:31:31.0712 0928 HpCISSs - ok
22:31:31.0790 0928 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:31:31.0900 0928 HTTP - ok
22:31:31.0978 0928 [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
22:31:31.0978 0928 huawei_enumerator - ok
22:31:32.0102 0928 [ A89423D0132C8AB69BA621B6CE191714 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:31:32.0102 0928 hwdatacard - ok
22:31:32.0196 0928 HWDeviceService.exe - ok
22:31:32.0243 0928 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:31:32.0243 0928 i2omp - ok
22:31:32.0321 0928 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:31:32.0321 0928 i8042prt - ok
22:31:32.0352 0928 [ 80C633722DA72E97F3F5B3B11325696D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:31:32.0352 0928 iaStor - ok
22:31:32.0368 0928 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:31:32.0368 0928 iaStorV - ok
22:31:32.0477 0928 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:31:32.0539 0928 idsvc - ok
22:31:32.0570 0928 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:31:32.0570 0928 iirsp - ok
22:31:32.0617 0928 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
22:31:32.0617 0928 IKEEXT - ok
22:31:32.0695 0928 [ 58072F5FD95ECE78F9FA7BDA1210A9E7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:31:32.0711 0928 IntcAzAudAddService - ok
22:31:32.0758 0928 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:31:32.0758 0928 intelide - ok
22:31:32.0773 0928 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:31:32.0773 0928 intelppm - ok
22:31:32.0820 0928 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:31:32.0836 0928 IPBusEnum - ok
22:31:32.0882 0928 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:31:32.0898 0928 IpFilterDriver - ok
22:31:32.0960 0928 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:31:32.0960 0928 iphlpsvc - ok
22:31:32.0960 0928 IpInIp - ok
22:31:32.0992 0928 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:31:32.0992 0928 IPMIDRV - ok
22:31:33.0007 0928 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:31:33.0023 0928 IPNAT - ok
22:31:33.0054 0928 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:31:33.0163 0928 IRENUM - ok
22:31:33.0335 0928 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:31:33.0350 0928 isapnp - ok
22:31:33.0444 0928 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:31:33.0444 0928 iScsiPrt - ok
22:31:33.0475 0928 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:31:33.0491 0928 iteatapi - ok
22:31:33.0553 0928 [ 8BCD857C7932AD005D5F9C89329DA2E1 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
22:31:33.0553 0928 itecir - ok
22:31:33.0584 0928 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:31:33.0584 0928 iteraid - ok
22:31:33.0600 0928 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:31:33.0600 0928 kbdclass - ok
22:31:33.0631 0928 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:31:33.0631 0928 kbdhid - ok
22:31:33.0662 0928 [ 27BD4AC228EF6C0D490617C32E86A672 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
22:31:33.0662 0928 kbfiltr - ok
22:31:33.0678 0928 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
22:31:33.0678 0928 KeyIso - ok
22:31:33.0756 0928 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:31:33.0787 0928 KSecDD - ok
22:31:33.0928 0928 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:31:33.0974 0928 KtmRm - ok
22:31:34.0021 0928 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
22:31:34.0021 0928 LanmanServer - ok
22:31:34.0052 0928 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:31:34.0052 0928 LanmanWorkstation - ok
22:31:34.0162 0928 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:31:34.0162 0928 LightScribeService - ok
22:31:34.0177 0928 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:31:34.0193 0928 lltdio - ok
22:31:34.0333 0928 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:31:34.0349 0928 lltdsvc - ok
22:31:34.0364 0928 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:31:34.0380 0928 lmhosts - ok
22:31:34.0411 0928 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:31:34.0411 0928 LSI_FC - ok
22:31:34.0458 0928 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:31:34.0458 0928 LSI_SAS - ok
22:31:34.0520 0928 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:31:34.0520 0928 LSI_SCSI - ok
22:31:34.0536 0928 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:31:34.0536 0928 luafv - ok
22:31:34.0583 0928 [ 8039F480C192DD99FED4EBC71FFBF795 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
22:31:34.0583 0928 lullaby - ok
22:31:34.0614 0928 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:31:34.0614 0928 Mcx2Svc - ok
22:31:34.0661 0928 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
22:31:34.0661 0928 megasas - ok
22:31:34.0692 0928 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:31:34.0708 0928 MegaSR - ok
22:31:34.0723 0928 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:31:34.0723 0928 MMCSS - ok
22:31:34.0879 0928 [ 38106C7BD34EAE89D2769AC0BA2E846B ] Mobile Partner. RunOuc C:\Program Files\Huawai Intenet Stick O2 Sparhandy\UpdateDog\ouc.exe
22:31:34.0879 0928 Mobile Partner. RunOuc - ok
22:31:34.0895 0928 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:31:34.0895 0928 Modem - ok
22:31:34.0942 0928 [ CBB59C41F19EFEA1A000793E08070A62 ] MODEMCSA C:\Windows\system32\drivers\MODEMCSA.sys
22:31:34.0942 0928 MODEMCSA - ok
22:31:34.0957 0928 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:31:34.0957 0928 monitor - ok
22:31:34.0973 0928 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:31:34.0973 0928 mouclass - ok
22:31:34.0973 0928 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:31:34.0973 0928 mouhid - ok
22:31:34.0988 0928 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:31:34.0988 0928 MountMgr - ok
22:31:35.0066 0928 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:31:35.0082 0928 MozillaMaintenance - ok
22:31:35.0144 0928 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
22:31:35.0222 0928 mpio - ok
22:31:35.0254 0928 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:31:35.0254 0928 mpsdrv - ok
22:31:35.0300 0928 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
22:31:35.0300 0928 MpsSvc - ok
22:31:35.0332 0928 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:31:35.0332 0928 Mraid35x - ok
22:31:35.0363 0928 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:31:35.0363 0928 MRxDAV - ok
22:31:35.0394 0928 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:31:35.0394 0928 mrxsmb - ok
22:31:35.0441 0928 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:31:35.0441 0928 mrxsmb10 - ok
22:31:35.0472 0928 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:31:35.0472 0928 mrxsmb20 - ok
22:31:35.0503 0928 [ DE77526BDE93142BDC90CFA9F5CEAD36 ] msahci C:\Windows\system32\drivers\msahci.sys
22:31:35.0503 0928 msahci - ok
22:31:35.0519 0928 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:31:35.0612 0928 msdsm - ok
22:31:35.0644 0928 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:31:35.0644 0928 MSDTC - ok
22:31:35.0659 0928 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:31:35.0659 0928 Msfs - ok
22:31:35.0675 0928 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:31:35.0675 0928 msisadrv - ok
22:31:35.0706 0928 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:31:35.0722 0928 MSiSCSI - ok
22:31:35.0722 0928 msiserver - ok
22:31:35.0737 0928 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:31:35.0753 0928 MSKSSRV - ok
22:31:35.0768 0928 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:31:35.0768 0928 MSPCLOCK - ok
22:31:35.0784 0928 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:31:35.0784 0928 MSPQM - ok
22:31:35.0815 0928 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:31:35.0815 0928 MsRPC - ok
22:31:35.0831 0928 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:31:35.0831 0928 mssmbios - ok
22:31:35.0846 0928 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:31:35.0846 0928 MSTEE - ok
22:31:35.0893 0928 [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys
22:31:35.0893 0928 MTsensor - ok
22:31:35.0909 0928 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
22:31:35.0909 0928 Mup - ok
22:31:36.0034 0928 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
22:31:36.0034 0928 napagent - ok
22:31:36.0080 0928 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:31:36.0080 0928 NativeWifiP - ok
22:31:36.0158 0928 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:31:36.0190 0928 NDIS - ok
22:31:36.0236 0928 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:31:36.0236 0928 NdisTapi - ok
22:31:36.0236 0928 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:31:36.0236 0928 Ndisuio - ok
22:31:36.0268 0928 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:31:36.0268 0928 NdisWan - ok
22:31:36.0283 0928 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:31:36.0283 0928 NDProxy - ok
22:31:36.0283 0928 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:31:36.0299 0928 NetBIOS - ok
22:31:36.0314 0928 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:31:36.0314 0928 netbt - ok
22:31:36.0330 0928 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
22:31:36.0330 0928 Netlogon - ok
22:31:36.0361 0928 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:31:36.0361 0928 Netman - ok
22:31:36.0392 0928 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:31:36.0392 0928 netprofm - ok
22:31:36.0439 0928 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:31:36.0439 0928 NetTcpPortSharing - ok
22:31:37.0079 0928 [ F0C42E0CDCE558D658FA53A222B4CCB1 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
22:31:37.0375 0928 NETw5v32 - ok
22:31:37.0406 0928 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:31:37.0406 0928 nfrd960 - ok
22:31:37.0469 0928 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:31:37.0469 0928 NlaSvc - ok
22:31:37.0609 0928 [ 25D6B2EB0A1FC4AB413AFE7EC4793EC1 ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
22:31:37.0609 0928 nosGetPlusHelper - ok
22:31:37.0656 0928 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:31:37.0656 0928 Npfs - ok
22:31:37.0687 0928 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:31:37.0687 0928 nsi - ok
22:31:37.0703 0928 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:31:37.0703 0928 nsiproxy - ok
22:31:37.0781 0928 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:31:37.0812 0928 Ntfs - ok
22:31:37.0812 0928 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:31:37.0828 0928 ntrigdigi - ok
22:31:37.0828 0928 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:31:37.0828 0928 Null - ok
22:31:37.0859 0928 [ 11BE4B269549173CFF542591E4BE2C08 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
22:31:37.0859 0928 NVHDA - ok
22:31:38.0077 0928 [ 7DB332F85AB7894C69DFB934EEE23EB9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:31:38.0296 0928 nvlddmkm - ok
22:31:38.0327 0928 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:31:38.0342 0928 nvraid - ok
22:31:38.0374 0928 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:31:38.0420 0928 nvstor - ok
22:31:38.0467 0928 [ 16DAEB9301135432916D1DAE3FED0B88 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:31:38.0483 0928 nvsvc - ok
22:31:38.0498 0928 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:31:38.0514 0928 nv_agp - ok
22:31:38.0514 0928 NwlnkFlt - ok
22:31:38.0514 0928 NwlnkFwd - ok
22:31:38.0592 0928 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:31:38.0608 0928 odserv - ok
22:31:38.0639 0928 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:31:38.0639 0928 ohci1394 - ok
22:31:38.0998 0928 [ DA345DE3B450E9E1691E7B9956D8FFC3 ] OMSI download service G:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
22:31:38.0998 0928 OMSI download service - ok
22:31:39.0076 0928 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:31:39.0091 0928 ose - ok
22:31:39.0185 0928 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:31:39.0341 0928 p2pimsvc - ok
22:31:39.0356 0928 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
22:31:39.0356 0928 p2psvc - ok
22:31:39.0403 0928 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:31:39.0419 0928 Parport - ok
22:31:39.0450 0928 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:31:39.0450 0928 partmgr - ok
22:31:39.0466 0928 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:31:39.0466 0928 Parvdm - ok
22:31:39.0481 0928 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:31:39.0481 0928 PcaSvc - ok
22:31:39.0544 0928 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
22:31:39.0544 0928 pci - ok
22:31:39.0559 0928 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
22:31:39.0559 0928 pciide - ok
22:31:39.0622 0928 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:31:39.0653 0928 pcmcia - ok
22:31:39.0856 0928 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:31:40.0012 0928 PEAUTH - ok
22:31:40.0230 0928 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:31:40.0277 0928 pla - ok
22:31:40.0308 0928 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:31:40.0324 0928 PlugPlay - ok
22:31:40.0370 0928 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:31:40.0370 0928 PNRPAutoReg - ok
22:31:40.0417 0928 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:31:40.0417 0928 PNRPsvc - ok
22:31:40.0480 0928 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:31:40.0511 0928 PolicyAgent - ok
22:31:40.0573 0928 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:31:40.0573 0928 PptpMiniport - ok
22:31:40.0589 0928 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
22:31:40.0589 0928 Processor - ok
22:31:40.0620 0928 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
22:31:40.0636 0928 ProfSvc - ok
22:31:40.0651 0928 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:31:40.0651 0928 ProtectedStorage - ok
22:31:40.0714 0928 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:31:40.0714 0928 PSched - ok
22:31:40.0729 0928 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
22:31:40.0729 0928 PxHelp20 - ok
22:31:40.0838 0928 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:31:40.0901 0928 ql2300 - ok
22:31:40.0916 0928 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:31:40.0979 0928 ql40xx - ok
22:31:41.0026 0928 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:31:41.0041 0928 QWAVE - ok
22:31:41.0041 0928 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:31:41.0041 0928 QWAVEdrv - ok
22:31:41.0088 0928 [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
22:31:41.0088 0928 RapiMgr - ok
22:31:41.0104 0928 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:31:41.0119 0928 RasAcd - ok
22:31:41.0135 0928 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:31:41.0291 0928 RasAuto - ok
22:31:41.0338 0928 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:31:41.0338 0928 Rasl2tp - ok
22:31:41.0369 0928 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
22:31:41.0369 0928 RasMan - ok
22:31:41.0400 0928 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:31:41.0400 0928 RasPppoe - ok
22:31:41.0416 0928 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:31:41.0416 0928 RasSstp - ok
22:31:41.0431 0928 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:31:41.0447 0928 rdbss - ok
22:31:41.0462 0928 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:31:41.0462 0928 RDPCDD - ok
22:31:41.0494 0928 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:31:41.0494 0928 rdpdr - ok
22:31:41.0494 0928 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:31:41.0509 0928 RDPENCDD - ok
22:31:41.0540 0928 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:31:41.0540 0928 RDPWD - ok
22:31:41.0587 0928 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:31:41.0587 0928 RemoteAccess - ok
22:31:41.0603 0928 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:31:41.0603 0928 RemoteRegistry - ok
22:31:41.0634 0928 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:31:41.0634 0928 RFCOMM - ok
22:31:41.0665 0928 [ A5B12A4B3B774432DB9B9FA221190E59 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
22:31:41.0681 0928 rimmptsk - ok
22:31:41.0696 0928 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
22:31:41.0696 0928 rimsptsk - ok
22:31:41.0696 0928 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
22:31:41.0712 0928 rismxdp - ok
22:31:41.0728 0928 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:31:41.0728 0928 RpcLocator - ok
22:31:41.0759 0928 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
22:31:41.0759 0928 RpcSs - ok
22:31:41.0774 0928 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:31:41.0774 0928 rspndr - ok
22:31:41.0821 0928 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
22:31:41.0821 0928 RTL8169 - ok
22:31:41.0868 0928 [ 1C5C2CB892553D2CF3F45A4BB323FCD6 ] s1018bus C:\Windows\system32\DRIVERS\s1018bus.sys
22:31:41.0868 0928 s1018bus - ok
22:31:41.0915 0928 [ 38F5EA219593F19B6B3A1B9C169E3B61 ] s1018mdfl C:\Windows\system32\DRIVERS\s1018mdfl.sys
22:31:41.0930 0928 s1018mdfl - ok
22:31:41.0993 0928 [ 666AF6B64FC7DF92D3CA4819EA91631D ] s1018mdm C:\Windows\system32\DRIVERS\s1018mdm.sys
22:31:41.0993 0928 s1018mdm - ok
22:31:42.0086 0928 [ F4CEDA6E2DDFF2AF8BD745615A7CA9C0 ] s1018mgmt C:\Windows\system32\DRIVERS\s1018mgmt.sys
22:31:42.0086 0928 s1018mgmt - ok
22:31:42.0164 0928 [ 3622D9FF2253DCBE885B10736609A4CA ] s1018nd5 C:\Windows\system32\DRIVERS\s1018nd5.sys
22:31:42.0164 0928 s1018nd5 - ok
22:31:42.0367 0928 [ 49431EFDA842B474531C29FFAE9F5D09 ] s1018obex C:\Windows\system32\DRIVERS\s1018obex.sys
22:31:42.0367 0928 s1018obex - ok
22:31:42.0430 0928 [ AC6B514CB4474F4C867D7CDC9CD54F05 ] s1018unic C:\Windows\system32\DRIVERS\s1018unic.sys
22:31:42.0430 0928 s1018unic - ok
22:31:42.0523 0928 [ 69013A123A00B3042C260B0056DF0152 ] s1029bus C:\Windows\system32\DRIVERS\s1029bus.sys
22:31:42.0523 0928 s1029bus - ok
22:31:42.0570 0928 [ 1565FC31F872963FE8AF471123D8424C ] s1029mdfl C:\Windows\system32\DRIVERS\s1029mdfl.sys
22:31:42.0570 0928 s1029mdfl - ok
22:31:42.0617 0928 [ D67A8042ECF6C983AC0E308B36603677 ] s1029mdm C:\Windows\system32\DRIVERS\s1029mdm.sys
22:31:42.0632 0928 s1029mdm - ok
22:31:42.0648 0928 [ 6FC093ABA554E45755DC2F3896B6C8D7 ] s1029obex C:\Windows\system32\DRIVERS\s1029obex.sys
22:31:42.0648 0928 s1029obex - ok
22:31:42.0679 0928 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
22:31:42.0695 0928 SamSs - ok
22:31:42.0742 0928 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:31:42.0742 0928 SASDIFSV - ok
22:31:42.0773 0928 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:31:42.0773 0928 SASKUTIL - ok
22:31:42.0804 0928 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:31:42.0804 0928 sbp2port - ok
22:31:42.0851 0928 [ 2393ED056AE02F5DBB3A7D6E40A5FDC2 ] ScanUSBET C:\Windows\system32\DRIVERS\etScan.sys
22:31:42.0851 0928 ScanUSBET - ok
22:31:42.0882 0928 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:31:42.0882 0928 SCardSvr - ok
22:31:42.0929 0928 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
22:31:42.0944 0928 Schedule - ok
22:31:42.0944 0928 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:31:42.0944 0928 SCPolicySvc - ok
22:31:42.0991 0928 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:31:43.0007 0928 sdbus - ok
22:31:43.0069 0928 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:31:43.0085 0928 SDRSVC - ok
22:31:43.0116 0928 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:31:43.0116 0928 secdrv - ok
22:31:43.0132 0928 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:31:43.0147 0928 seclogon - ok
22:31:43.0241 0928 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\Windows\system32\DRIVERS\seehcri.sys
22:31:43.0241 0928 seehcri - ok
22:31:43.0256 0928 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
22:31:43.0319 0928 SENS - ok
22:31:43.0350 0928 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:31:43.0350 0928 Serenum - ok
22:31:43.0381 0928 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:31:43.0397 0928 Serial - ok
22:31:43.0412 0928 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:31:43.0412 0928 sermouse - ok
22:31:43.0444 0928 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:31:43.0444 0928 SessionEnv - ok
22:31:43.0459 0928 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
22:31:43.0475 0928 sffdisk - ok
22:31:43.0475 0928 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:31:43.0475 0928 sffp_mmc - ok
22:31:43.0506 0928 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
22:31:43.0506 0928 sffp_sd - ok
22:31:43.0522 0928 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:31:43.0537 0928 sfloppy - ok
22:31:43.0553 0928 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:31:43.0568 0928 SharedAccess - ok
22:31:43.0600 0928 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:31:43.0600 0928 ShellHWDetection - ok
22:31:43.0631 0928 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:31:43.0631 0928 sisagp - ok
22:31:43.0693 0928 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:31:43.0693 0928 SiSRaid2 - ok
22:31:43.0709 0928 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:31:43.0709 0928 SiSRaid4 - ok
22:31:43.0865 0928 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
22:31:43.0943 0928 slsvc - ok
22:31:44.0052 0928 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:31:44.0052 0928 SLUINotify - ok
22:31:44.0099 0928 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:31:44.0099 0928 Smb - ok
22:31:44.0161 0928 [ C8A58FC905C9184FA70E37F71060C64D ] smserial C:\Windows\system32\DRIVERS\smserial.sys
22:31:44.0286 0928 smserial - ok
22:31:44.0333 0928 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:31:44.0395 0928 SNMPTRAP - ok
22:31:44.0411 0928 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:31:44.0411 0928 spldr - ok
22:31:44.0458 0928 [ 739DB668DBD812285ECC553E64A5E212 ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
22:31:44.0458 0928 spmgr - ok
22:31:44.0520 0928 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
22:31:44.0520 0928 Spooler - ok
22:31:44.0598 0928 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:31:44.0614 0928 srv - ok
22:31:44.0660 0928 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:31:44.0660 0928 srv2 - ok
22:31:44.0692 0928 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:31:44.0692 0928 srvnet - ok
22:31:44.0770 0928 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:31:44.0770 0928 SSDPSRV - ok
22:31:44.0801 0928 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
22:31:44.0801 0928 ssmdrv - ok
22:31:44.0848 0928 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:31:44.0863 0928 SstpSvc - ok
22:31:45.0004 0928 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
22:31:45.0191 0928 stisvc - ok
22:31:45.0238 0928 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:31:45.0238 0928 swenum - ok
22:31:45.0347 0928 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
22:31:45.0378 0928 swprv - ok
22:31:45.0394 0928 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:31:45.0409 0928 Symc8xx - ok
22:31:45.0440 0928 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:31:45.0440 0928 Sym_hi - ok
22:31:45.0456 0928 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:31:45.0456 0928 Sym_u3 - ok
22:31:45.0487 0928 [ BE78198C69135EF1FA157E08FD5C90FF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:31:45.0487 0928 SynTP - ok
22:31:45.0565 0928 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
22:31:45.0612 0928 SysMain - ok
22:31:45.0659 0928 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:31:45.0659 0928 TabletInputService - ok
22:31:45.0690 0928 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:31:45.0690 0928 TapiSrv - ok
22:31:45.0706 0928 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:31:45.0706 0928 TBS - ok
22:31:45.0784 0928 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:31:45.0815 0928 Tcpip - ok
22:31:45.0846 0928 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:31:45.0846 0928 Tcpip6 - ok
22:31:45.0908 0928 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:31:45.0908 0928 tcpipreg - ok
22:31:45.0971 0928 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:31:46.0064 0928 TDPIPE - ok
22:31:46.0096 0928 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:31:46.0111 0928 TDTCP - ok
22:31:46.0189 0928 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:31:46.0205 0928 tdx - ok
22:31:46.0236 0928 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:31:46.0236 0928 TermDD - ok
22:31:46.0314 0928 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
22:31:46.0330 0928 TermService - ok
22:31:46.0361 0928 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
22:31:46.0361 0928 Themes - ok
22:31:46.0361 0928 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:31:46.0361 0928 THREADORDER - ok
22:31:46.0408 0928 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:31:46.0408 0928 TrkWks - ok
22:31:46.0470 0928 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:31:46.0470 0928 TrustedInstaller - ok
22:31:46.0517 0928 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:31:46.0657 0928 tssecsrv - ok
22:31:46.0704 0928 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:31:46.0704 0928 tunmp - ok
22:31:46.0735 0928 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:31:46.0735 0928 tunnel - ok
22:31:46.0766 0928 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:31:46.0782 0928 uagp35 - ok
22:31:46.0813 0928 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:31:46.0813 0928 udfs - ok
22:31:46.0844 0928 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:31:46.0844 0928 UI0Detect - ok
22:31:46.0860 0928 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:31:46.0860 0928 uliagpkx - ok
22:31:46.0876 0928 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:31:46.0876 0928 uliahci - ok
22:31:46.0907 0928 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:31:46.0907 0928 UlSata - ok
22:31:46.0938 0928 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:31:46.0938 0928 ulsata2 - ok
22:31:46.0954 0928 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:31:46.0954 0928 umbus - ok
22:31:46.0969 0928 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:31:46.0969 0928 upnphost - ok
22:31:47.0000 0928 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:31:47.0063 0928 usbccgp - ok
22:31:47.0094 0928 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:31:47.0094 0928 usbcir - ok
22:31:47.0125 0928 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:31:47.0125 0928 usbehci - ok
22:31:47.0141 0928 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:31:47.0141 0928 usbhub - ok
22:31:47.0156 0928 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:31:47.0172 0928 usbohci - ok
22:31:47.0188 0928 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:31:47.0188 0928 usbprint - ok
22:31:47.0203 0928 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:31:47.0203 0928 USBSTOR - ok
22:31:47.0219 0928 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:31:47.0219 0928 usbuhci - ok
22:31:47.0281 0928 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:31:47.0297 0928 usbvideo - ok
22:31:47.0406 0928 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
22:31:47.0406 0928 UxSms - ok
22:31:47.0484 0928 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
22:31:47.0562 0928 vds - ok
22:31:47.0671 0928 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:31:47.0671 0928 vga - ok
22:31:47.0702 0928 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:31:47.0702 0928 VgaSave - ok
22:31:47.0765 0928 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:31:47.0765 0928 viaagp - ok
22:31:47.0796 0928 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:31:47.0796 0928 ViaC7 - ok
22:31:47.0827 0928 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
22:31:47.0827 0928 viaide - ok
22:31:47.0858 0928 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:31:47.0858 0928 volmgr - ok
22:31:47.0952 0928 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:31:47.0968 0928 volmgrx - ok
22:31:47.0983 0928 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:31:47.0983 0928 volsnap - ok
22:31:48.0046 0928 [ 6BE75CFCE25E42E79C0757C60D88FECB ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
22:31:48.0046 0928 Vsdatant - ok
22:31:48.0139 0928 vsdatant7 - ok
22:31:48.0186 0928 vsmon - ok
22:31:48.0217 0928 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:31:48.0217 0928 vsmraid - ok
22:31:48.0264 0928 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
22:31:48.0326 0928 VSS - ok
22:31:48.0342 0928 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
22:31:48.0342 0928 W32Time - ok
22:31:48.0373 0928 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:31:48.0373 0928 WacomPen - ok
22:31:48.0404 0928 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:31:48.0404 0928 Wanarp - ok
22:31:48.0404 0928 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:31:48.0404 0928 Wanarpv6 - ok
22:31:48.0467 0928 [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
22:31:48.0467 0928 WcesComm - ok
22:31:48.0482 0928 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:31:48.0670 0928 wcncsvc - ok
22:31:48.0701 0928 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:31:48.0701 0928 WcsPlugInService - ok
22:31:48.0716 0928 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
22:31:48.0716 0928 Wd - ok
22:31:48.0748 0928 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:31:48.0748 0928 Wdf01000 - ok
22:31:48.0763 0928 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:31:48.0763 0928 WdiServiceHost - ok
22:31:48.0763 0928 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:31:48.0779 0928 WdiSystemHost - ok
22:31:48.0794 0928 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
22:31:48.0794 0928 WebClient - ok
22:31:48.0857 0928 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:31:48.0857 0928 Wecsvc - ok
22:31:48.0888 0928 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:31:48.0888 0928 wercplsupport - ok
22:31:48.0919 0928 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
22:31:48.0919 0928 WerSvc - ok
22:31:49.0060 0928 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:31:49.0075 0928 WinDefend - ok
22:31:49.0075 0928 WinHttpAutoProxySvc - ok
22:31:49.0184 0928 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:31:49.0184 0928 Winmgmt - ok
22:31:49.0309 0928 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:31:49.0403 0928 WinRM - ok
22:31:49.0465 0928 [ 676F4B665BDD8053EAA53AC1695B8074 ] winusb C:\Windows\system32\DRIVERS\winusb.sys
22:31:49.0465 0928 winusb - ok
22:31:49.0574 0928 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:31:49.0637 0928 Wlansvc - ok
22:31:49.0668 0928 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:31:49.0668 0928 WmiAcpi - ok
22:31:49.0699 0928 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:31:49.0699 0928 wmiApSrv - ok
22:31:49.0808 0928 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:31:49.0840 0928 WMPNetworkSvc - ok
22:31:49.0871 0928 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:31:49.0902 0928 WPCSvc - ok
22:31:49.0964 0928 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:31:49.0964 0928 WPDBusEnum - ok
22:31:50.0027 0928 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:31:50.0027 0928 WpdUsb - ok
22:31:50.0557 0928 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:31:50.0666 0928 WPFFontCache_v0400 - ok
22:31:50.0713 0928 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:31:50.0713 0928 ws2ifsl - ok
22:31:50.0744 0928 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
22:31:50.0744 0928 wscsvc - ok
22:31:50.0744 0928 WSearch - ok
22:31:50.0900 0928 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:31:51.0197 0928 wuauserv - ok
22:31:51.0212 0928 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:31:51.0212 0928 WUDFRd - ok
22:31:51.0228 0928 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:31:51.0244 0928 wudfsvc - ok
22:31:51.0290 0928 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
22:31:51.0322 0928 yukonwlh - ok
22:31:51.0400 0928 [ 4D840C6AF3C020ED3A35EFBA9025CF4A ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl
22:31:51.0400 0928 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
22:31:51.0462 0928 ================ Scan global ===============================
22:31:51.0478 0928 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:31:51.0524 0928 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:31:51.0540 0928 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:31:51.0634 0928 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:31:51.0634 0928 [Global] - ok
22:31:51.0634 0928 ================ Scan MBR ==================================
22:31:51.0680 0928 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0
22:31:52.0320 0928 \Device\Harddisk0\DR0 - ok
22:31:52.0648 0928 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk1\DR1
22:31:52.0648 0928 \Device\Harddisk1\DR1 - ok
22:31:52.0663 0928 ================ Scan VBR ==================================
22:31:52.0679 0928 [ 852688C270F1C4BDD3CBA4F72546DA49 ] \Device\Harddisk0\DR0\Partition1
22:31:52.0694 0928 \Device\Harddisk0\DR0\Partition1 - ok
22:31:52.0726 0928 [ 856719FF8728B548306DDFD3F7AE8188 ] \Device\Harddisk0\DR0\Partition2
22:31:52.0726 0928 \Device\Harddisk0\DR0\Partition2 - ok
22:31:52.0726 0928 [ 6599E8079B52BFC8A1BED094B1D60C87 ] \Device\Harddisk1\DR1\Partition1
22:31:52.0741 0928 \Device\Harddisk1\DR1\Partition1 - ok
22:31:52.0772 0928 [ 67175C26A39AEE28EDEBB2BAFA46F08E ] \Device\Harddisk1\DR1\Partition2
22:31:52.0772 0928 \Device\Harddisk1\DR1\Partition2 - ok
22:31:52.0772 0928 ============================================================
22:31:52.0772 0928 Scan finished
22:31:52.0772 0928 ============================================================
22:31:52.0804 6128 Detected object count: 0
22:31:52.0804 6128 Actual detected object count: 0
22:55:19.0426 5676 ============================================================
22:55:19.0426 5676 Scan started
22:55:19.0426 5676 Mode: Manual; SigCheck; TDLFS;
22:55:19.0426 5676 ============================================================
22:55:20.0449 5676 ================ Scan system memory ========================
22:55:20.0449 5676 System memory - ok
22:55:20.0450 5676 ================ Scan services =============================
22:55:20.0524 5676 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:55:20.0737 5676 !SASCORE ( UnsignedFile.Multi.Generic ) - warning
22:55:20.0737 5676 !SASCORE - detected UnsignedFile.Multi.Generic (1)
22:55:20.0912 5676 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
22:55:20.0929 5676 ACPI - ok
22:55:21.0047 5676 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:55:21.0080 5676 AdobeARMservice - ok
22:55:21.0162 5676 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:55:21.0206 5676 adp94xx - ok
22:55:21.0247 5676 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:55:21.0302 5676 adpahci - ok
22:55:21.0361 5676 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:55:21.0381 5676 adpu160m - ok
22:55:21.0394 5676 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:55:21.0410 5676 adpu320 - ok
22:55:21.0464 5676 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:55:21.0550 5676 AeLookupSvc - ok
22:55:21.0628 5676 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
22:55:21.0667 5676 AFD - ok
22:55:21.0700 5676 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
22:55:21.0739 5676 AgereModemAudio - ok
22:55:21.0812 5676 [ 1CFEBA39FC613E45B49D3EDDFBCDA289 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
22:55:21.0893 5676 AgereSoftModem - ok
22:55:21.0956 5676 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:55:22.0000 5676 agp440 - ok
22:55:22.0019 5676 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:55:22.0069 5676 aic78xx - ok
22:55:22.0093 5676 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:55:22.0317 5676 ALG - ok
22:55:22.0367 5676 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
22:55:22.0379 5676 aliide - ok
22:55:22.0395 5676 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:55:22.0437 5676 amdagp - ok
22:55:22.0456 5676 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
22:55:22.0496 5676 amdide - ok
22:55:22.0533 5676 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:55:22.0589 5676 AmdK7 - ok
22:55:22.0608 5676 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:55:22.0643 5676 AmdK8 - ok
22:55:22.0723 5676 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:55:22.0739 5676 AntiVirSchedulerService - ok
22:55:22.0759 5676 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:55:22.0769 5676 AntiVirService - ok
22:55:22.0810 5676 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:55:22.0860 5676 Appinfo - ok
22:55:22.0882 5676 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
22:55:22.0902 5676 arc - ok
22:55:22.0923 5676 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:55:22.0942 5676 arcsas - ok
22:55:23.0008 5676 [ 2EEDA27C19259C2340324EF7180D086B ] ASBroker C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
22:55:23.0074 5676 ASBroker ( UnsignedFile.Multi.Generic ) - warning
22:55:23.0074 5676 ASBroker - detected UnsignedFile.Multi.Generic (1)
22:55:23.0118 5676 [ BB3C0521ECCA4BB17AC55EB640DF0FA5 ] ASChannel C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll
22:55:23.0162 5676 ASChannel ( UnsignedFile.Multi.Generic ) - warning
22:55:23.0162 5676 ASChannel - detected UnsignedFile.Multi.Generic (1)
22:55:23.0232 5676 [ 5A055A4777CBBC8845DD598CB2EEBF69 ] ASLDRService C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
22:55:23.0237 5676 ASLDRService ( UnsignedFile.Multi.Generic ) - warning
22:55:23.0237 5676 ASLDRService - detected UnsignedFile.Multi.Generic (1)
22:55:23.0273 5676 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys
22:55:23.0299 5676 ASMMAP - ok
22:55:23.0347 5676 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:55:23.0393 5676 AsyncMac - ok
22:55:23.0408 5676 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
22:55:23.0420 5676 atapi - ok
22:55:23.0455 5676 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
22:55:23.0472 5676 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
22:55:23.0472 5676 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
22:55:23.0512 5676 [ F70D2392158CB68E775F8C4CD3D12FBB ] ATSWPDRV C:\Windows\system32\DRIVERS\ATSwpDrv.sys
22:55:23.0523 5676 ATSWPDRV - ok
22:55:23.0563 5676 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:55:23.0591 5676 AudioEndpointBuilder - ok
22:55:23.0598 5676 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:55:23.0618 5676 Audiosrv - ok
22:55:23.0664 5676 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:55:23.0675 5676 avgntflt - ok
22:55:23.0698 5676 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:55:23.0709 5676 avipbb - ok
22:55:23.0718 5676 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:55:23.0729 5676 avkmgr - ok
22:55:23.0780 5676 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:55:23.0824 5676 Beep - ok
22:55:23.0873 5676 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
22:55:23.0896 5676 BFE - ok
22:55:24.0030 5676 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
22:55:24.0082 5676 BITS - ok
22:55:24.0135 5676 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:55:24.0198 5676 blbdrive - ok
22:55:24.0226 5676 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:55:24.0267 5676 bowser - ok
22:55:24.0307 5676 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:55:24.0343 5676 BrFiltLo - ok
22:55:24.0360 5676 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:55:24.0401 5676 BrFiltUp - ok
22:55:24.0436 5676 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:55:24.0488 5676 Browser - ok
22:55:24.0524 5676 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:55:24.0679 5676 Brserid - ok
22:55:24.0704 5676 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:55:24.0796 5676 BrSerWdm - ok
22:55:24.0813 5676 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:55:24.0877 5676 BrUsbMdm - ok
22:55:24.0913 5676 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:55:24.0987 5676 BrUsbSer - ok
22:55:25.0051 5676 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
22:55:25.0124 5676 BthEnum - ok
22:55:25.0150 5676 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:55:25.0186 5676 BTHMODEM - ok
22:55:25.0241 5676 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:55:25.0325 5676 BthPan - ok
22:55:25.0490 5676 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
22:55:25.0613 5676 BTHPORT - ok
22:55:25.0733 5676 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
22:55:25.0790 5676 BthServ - ok
22:55:25.0825 5676 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
22:55:25.0869 5676 BTHUSB - ok
22:55:25.0895 5676 [ F2F7342742180D5060285499DEE50F99 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:55:25.0926 5676 btwaudio - ok
22:55:25.0963 5676 [ 32F59F26A30CFC508DA11DB3EA0F8B77 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
22:55:25.0979 5676 btwavdt - ok
22:55:26.0075 5676 [ 09CB316DB9D61ED9FC9A7B07A1A301F6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:55:26.0144 5676 btwdins - ok
22:55:26.0221 5676 [ ECB98391C756A7B9CFBAE89D9D1235E1 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:55:26.0259 5676 btwl2cap - ok
22:55:26.0302 5676 [ 03658734EF7D0F3B3F4636D3E8A38964 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:55:26.0315 5676 btwrchid - ok
22:55:26.0355 5676 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:55:26.0395 5676 cdfs - ok
22:55:26.0438 5676 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:55:26.0466 5676 cdrom - ok
22:55:26.0500 5676 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
22:55:26.0535 5676 CertPropSvc - ok
22:55:26.0559 5676 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:55:26.0593 5676 circlass - ok
22:55:26.0614 5676 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
22:55:26.0629 5676 CLFS - ok
22:55:26.0919 5676 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:55:26.0938 5676 clr_optimization_v2.0.50727_32 - ok
22:55:27.0008 5676 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:55:27.0020 5676 clr_optimization_v4.0.30319_32 - ok
22:55:27.0058 5676 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:55:27.0109 5676 CmBatt - ok
22:55:27.0167 5676 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:55:27.0201 5676 cmdide - ok
22:55:27.0230 5676 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:55:27.0243 5676 Compbatt - ok
22:55:27.0247 5676 COMSysApp - ok
22:55:27.0254 5676 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:55:27.0272 5676 crcdisk - ok
22:55:27.0287 5676 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:55:27.0345 5676 Crusoe - ok
22:55:27.0506 5676 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:55:27.0563 5676 CryptSvc - ok
22:55:27.0592 5676 [ 699CE24FE6B5120AF709A0B91582A02D ] DCamUSBET C:\Windows\system32\DRIVERS\etDevice.sys
22:55:27.0626 5676 DCamUSBET - ok
22:55:27.0715 5676 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:55:27.0773 5676 DcomLaunch - ok
22:55:27.0833 5676 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:55:27.0889 5676 DfsC - ok
22:55:27.0960 5676 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
22:55:28.0240 5676 DFSR - ok
22:55:28.0295 5676 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:55:28.0330 5676 Dhcp - ok
22:55:28.0357 5676 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
22:55:28.0369 5676 disk - ok
22:55:28.0422 5676 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:55:28.0457 5676 Dnscache - ok
22:55:28.0483 5676 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:55:28.0528 5676 dot3svc - ok
22:55:28.0554 5676 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:55:28.0576 5676 DPS - ok
22:55:28.0614 5676 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:55:28.0637 5676 drmkaud - ok
22:55:28.0769 5676 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:55:28.0803 5676 DXGKrnl - ok
22:55:28.0847 5676 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:55:28.0886 5676 E1G60 - ok
22:55:28.0926 5676 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:55:28.0953 5676 EapHost - ok
22:55:28.0990 5676 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:55:29.0004 5676 Ecache - ok
22:55:29.0081 5676 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:55:29.0169 5676 ehRecvr - ok
22:55:29.0191 5676 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
22:55:29.0270 5676 ehSched - ok
22:55:29.0283 5676 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
22:55:29.0321 5676 ehstart - ok
22:55:29.0372 5676 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:55:29.0398 5676 elxstor - ok
22:55:29.0546 5676 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:55:29.0624 5676 EMDMgmt - ok
22:55:29.0638 5676 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:55:29.0670 5676 ErrDev - ok
22:55:29.0713 5676 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
22:55:29.0752 5676 EventSystem - ok
22:55:29.0812 5676 [ E1556AF3FB0284C32896B9AC8494D9C2 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
22:55:29.0871 5676 ewusbnet - ok
22:55:29.0900 5676 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
22:55:29.0960 5676 ew_hwusbdev - ok
22:55:29.0991 5676 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
22:55:30.0061 5676 exfat - ok
22:55:30.0151 5676 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:55:30.0198 5676 fastfat - ok
22:55:30.0239 5676 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:55:30.0267 5676 fdc - ok
22:55:30.0294 5676 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:55:30.0321 5676 fdPHost - ok
22:55:30.0329 5676 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:55:30.0375 5676 FDResPub - ok
22:55:30.0409 5676 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:55:30.0421 5676 FileInfo - ok
22:55:30.0443 5676 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:55:30.0531 5676 Filetrace - ok
22:55:30.0559 5676 [ FD7CB14845A7F91BE11F80635B2CD8A6 ] FiltUSBET C:\Windows\system32\DRIVERS\etFilter.sys
22:55:30.0587 5676 FiltUSBET - ok
22:55:30.0601 5676 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:55:30.0645 5676 flpydisk - ok
22:55:30.0682 5676 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:55:30.0696 5676 FltMgr - ok
22:55:30.0761 5676 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
22:55:30.0834 5676 FontCache - ok
22:55:30.0960 5676 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:55:30.0977 5676 FontCache3.0.0.0 - ok
22:55:31.0012 5676 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:55:31.0058 5676 Fs_Rec - ok
22:55:31.0102 5676 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:55:31.0135 5676 gagp30kx - ok
22:55:31.0196 5676 [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
22:55:31.0206 5676 ghaio - ok
22:55:31.0244 5676 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
22:55:31.0285 5676 gpsvc - ok
22:55:31.0419 5676 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:55:31.0429 5676 gupdate - ok
22:55:31.0447 5676 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:55:31.0458 5676 gupdatem - ok
22:55:31.0501 5676 [ 649F407A844DDE2B97BC086AF97D663B ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:55:31.0536 5676 gusvc - ok
22:55:31.0596 5676 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:55:31.0660 5676 HdAudAddService - ok
22:55:31.0801 5676 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:55:31.0877 5676 HDAudBus - ok
22:55:31.0934 5676 [ FCB3F4BE408F72C1BD81BCABA87FC22F ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:55:31.0969 5676 HidBth - ok
22:55:32.0000 5676 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:55:32.0051 5676 HidIr - ok
22:55:32.0085 5676 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
22:55:32.0173 5676 hidserv - ok
22:55:32.0232 5676 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:55:32.0289 5676 HidUsb - ok
22:55:32.0337 5676 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:55:32.0380 5676 hkmsvc - ok
22:55:32.0434 5676 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:55:32.0452 5676 HpCISSs - ok
22:55:32.0524 5676 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:55:32.0607 5676 HTTP - ok
22:55:32.0646 5676 [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
22:55:32.0710 5676 huawei_enumerator - ok
22:55:32.0781 5676 [ A89423D0132C8AB69BA621B6CE191714 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:55:32.0831 5676 hwdatacard - ok
22:55:32.0895 5676 HWDeviceService.exe - ok
22:55:32.0961 5676 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:55:32.0978 5676 i2omp - ok
22:55:33.0026 5676 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:55:33.0058 5676 i8042prt - ok
22:55:33.0152 5676 [ 80C633722DA72E97F3F5B3B11325696D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:55:33.0165 5676 iaStor - ok
22:55:33.0196 5676 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:55:33.0233 5676 iaStorV - ok
22:55:33.0468 5676 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:55:33.0622 5676 idsvc - ok
22:55:33.0669 5676 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:55:33.0686 5676 iirsp - ok
22:55:33.0728 5676 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
22:55:33.0816 5676 IKEEXT - ok
22:55:33.0926 5676 [ 58072F5FD95ECE78F9FA7BDA1210A9E7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:55:34.0245 5676 IntcAzAudAddService - ok
22:55:34.0378 5676 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:55:34.0463 5676 intelide - ok
22:55:34.0484 5676 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:55:34.0536 5676 intelppm - ok
22:55:34.0565 5676 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:55:34.0603 5676 IPBusEnum - ok
|
|
05.07.2013, 22:03
| #8 |
| | 'PHP/WebShell.A.80' TDSSKiller - Log Teil 2 Code:
ATTFilter 22:55:34.0621 5676 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:55:34.0668 5676 IpFilterDriver - ok
22:55:34.0728 5676 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:55:34.0780 5676 iphlpsvc - ok
22:55:34.0785 5676 IpInIp - ok
22:55:34.0807 5676 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:55:34.0857 5676 IPMIDRV - ok
22:55:34.0873 5676 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:55:34.0917 5676 IPNAT - ok
22:55:34.0933 5676 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:55:34.0983 5676 IRENUM - ok
22:55:35.0014 5676 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:55:35.0035 5676 isapnp - ok
22:55:35.0097 5676 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:55:35.0112 5676 iScsiPrt - ok
22:55:35.0175 5676 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:55:35.0210 5676 iteatapi - ok
22:55:35.0240 5676 [ 8BCD857C7932AD005D5F9C89329DA2E1 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
22:55:35.0281 5676 itecir - ok
22:55:35.0306 5676 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:55:35.0318 5676 iteraid - ok
22:55:35.0352 5676 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:55:35.0365 5676 kbdclass - ok
22:55:35.0402 5676 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:55:35.0450 5676 kbdhid - ok
22:55:35.0485 5676 [ 27BD4AC228EF6C0D490617C32E86A672 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
22:55:35.0522 5676 kbfiltr - ok
22:55:35.0563 5676 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
22:55:35.0618 5676 KeyIso - ok
22:55:35.0814 5676 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:55:35.0833 5676 KSecDD - ok
22:55:35.0927 5676 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:55:36.0001 5676 KtmRm - ok
22:55:36.0059 5676 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
22:55:36.0148 5676 LanmanServer - ok
22:55:36.0172 5676 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:55:36.0209 5676 LanmanWorkstation - ok
22:55:36.0305 5676 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:55:36.0353 5676 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
22:55:36.0353 5676 LightScribeService - detected UnsignedFile.Multi.Generic (1)
22:55:36.0378 5676 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:55:36.0415 5676 lltdio - ok
22:55:36.0467 5676 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:55:36.0516 5676 lltdsvc - ok
22:55:36.0532 5676 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:55:36.0572 5676 lmhosts - ok
22:55:36.0598 5676 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:55:36.0611 5676 LSI_FC - ok
22:55:36.0642 5676 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:55:36.0656 5676 LSI_SAS - ok
22:55:36.0684 5676 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:55:36.0696 5676 LSI_SCSI - ok
22:55:36.0718 5676 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:55:36.0795 5676 luafv - ok
22:55:36.0835 5676 [ 8039F480C192DD99FED4EBC71FFBF795 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
22:55:36.0844 5676 lullaby - ok
22:55:36.0902 5676 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:55:36.0939 5676 Mcx2Svc - ok
22:55:36.0977 5676 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
22:55:36.0989 5676 megasas - ok
22:55:37.0032 5676 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:55:37.0080 5676 MegaSR - ok
22:55:37.0172 5676 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:55:37.0208 5676 MMCSS - ok
22:55:37.0443 5676 [ 38106C7BD34EAE89D2769AC0BA2E846B ] Mobile Partner. RunOuc C:\Program Files\Huawai Intenet Stick O2 Sparhandy\UpdateDog\ouc.exe
22:55:37.0500 5676 Mobile Partner. RunOuc ( UnsignedFile.Multi.Generic ) - warning
22:55:37.0500 5676 Mobile Partner. RunOuc - detected UnsignedFile.Multi.Generic (1)
22:55:37.0517 5676 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:55:37.0551 5676 Modem - ok
22:55:37.0578 5676 [ CBB59C41F19EFEA1A000793E08070A62 ] MODEMCSA C:\Windows\system32\drivers\MODEMCSA.sys
22:55:37.0600 5676 MODEMCSA - ok
22:55:37.0631 5676 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:55:37.0654 5676 monitor - ok
22:55:37.0660 5676 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:55:37.0672 5676 mouclass - ok
22:55:37.0694 5676 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:55:37.0759 5676 mouhid - ok
22:55:37.0774 5676 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:55:37.0787 5676 MountMgr - ok
22:55:37.0920 5676 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:55:37.0932 5676 MozillaMaintenance - ok
22:55:37.0989 5676 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
22:55:38.0002 5676 mpio - ok
22:55:38.0018 5676 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:55:38.0057 5676 mpsdrv - ok
22:55:38.0222 5676 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
22:55:38.0277 5676 MpsSvc - ok
22:55:38.0295 5676 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:55:38.0368 5676 Mraid35x - ok
22:55:38.0397 5676 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:55:38.0427 5676 MRxDAV - ok
22:55:38.0468 5676 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:55:38.0489 5676 mrxsmb - ok
22:55:38.0527 5676 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:55:38.0550 5676 mrxsmb10 - ok
22:55:38.0582 5676 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:55:38.0623 5676 mrxsmb20 - ok
22:55:38.0658 5676 [ DE77526BDE93142BDC90CFA9F5CEAD36 ] msahci C:\Windows\system32\drivers\msahci.sys
22:55:38.0669 5676 msahci - ok
22:55:38.0689 5676 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:55:38.0703 5676 msdsm - ok
22:55:38.0734 5676 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:55:38.0786 5676 MSDTC - ok
22:55:38.0798 5676 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:55:38.0820 5676 Msfs - ok
22:55:38.0826 5676 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:55:38.0837 5676 msisadrv - ok
22:55:38.0893 5676 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:55:38.0916 5676 MSiSCSI - ok
22:55:38.0922 5676 msiserver - ok
22:55:38.0958 5676 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:55:38.0986 5676 MSKSSRV - ok
22:55:39.0001 5676 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:55:39.0023 5676 MSPCLOCK - ok
22:55:39.0052 5676 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:55:39.0074 5676 MSPQM - ok
22:55:39.0119 5676 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:55:39.0133 5676 MsRPC - ok
22:55:39.0189 5676 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:55:39.0200 5676 mssmbios - ok
22:55:39.0235 5676 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:55:39.0257 5676 MSTEE - ok
22:55:39.0305 5676 [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys
22:55:39.0372 5676 MTsensor - ok
22:55:39.0392 5676 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
22:55:39.0405 5676 Mup - ok
22:55:39.0565 5676 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
22:55:39.0619 5676 napagent - ok
22:55:39.0664 5676 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:55:39.0711 5676 NativeWifiP - ok
22:55:39.0747 5676 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:55:39.0768 5676 NDIS - ok
22:55:39.0825 5676 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:55:39.0889 5676 NdisTapi - ok
22:55:39.0968 5676 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:55:40.0014 5676 Ndisuio - ok
22:55:40.0042 5676 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:55:40.0072 5676 NdisWan - ok
22:55:40.0094 5676 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:55:40.0111 5676 NDProxy - ok
22:55:40.0193 5676 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:55:40.0230 5676 NetBIOS - ok
22:55:40.0264 5676 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:55:40.0292 5676 netbt - ok
22:55:40.0304 5676 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
22:55:40.0317 5676 Netlogon - ok
22:55:40.0343 5676 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:55:40.0389 5676 Netman - ok
22:55:40.0413 5676 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:55:40.0440 5676 netprofm - ok
22:55:40.0497 5676 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:55:40.0508 5676 NetTcpPortSharing - ok
22:55:40.0896 5676 [ F0C42E0CDCE558D658FA53A222B4CCB1 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
22:55:41.0199 5676 NETw5v32 - ok
22:55:41.0234 5676 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:55:41.0246 5676 nfrd960 - ok
22:55:41.0376 5676 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:55:41.0444 5676 NlaSvc - ok
22:55:41.0541 5676 [ 25D6B2EB0A1FC4AB413AFE7EC4793EC1 ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
22:55:41.0585 5676 nosGetPlusHelper - ok
22:55:41.0616 5676 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:55:41.0684 5676 Npfs - ok
22:55:41.0707 5676 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:55:41.0730 5676 nsi - ok
22:55:41.0753 5676 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:55:41.0779 5676 nsiproxy - ok
22:55:41.0821 5676 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:55:41.0853 5676 Ntfs - ok
22:55:41.0899 5676 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:55:41.0945 5676 ntrigdigi - ok
22:55:41.0967 5676 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:55:41.0988 5676 Null - ok
22:55:42.0014 5676 [ 11BE4B269549173CFF542591E4BE2C08 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
22:55:42.0045 5676 NVHDA - ok
22:55:42.0299 5676 [ 7DB332F85AB7894C69DFB934EEE23EB9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:55:42.0657 5676 nvlddmkm - ok
22:55:42.0679 5676 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:55:42.0691 5676 nvraid - ok
22:55:42.0724 5676 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:55:42.0736 5676 nvstor - ok
22:55:42.0765 5676 [ 16DAEB9301135432916D1DAE3FED0B88 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:55:42.0797 5676 nvsvc - ok
22:55:42.0817 5676 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:55:42.0829 5676 nv_agp - ok
22:55:42.0834 5676 NwlnkFlt - ok
22:55:42.0838 5676 NwlnkFwd - ok
22:55:42.0903 5676 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:55:42.0920 5676 odserv - ok
22:55:42.0984 5676 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:55:43.0010 5676 ohci1394 - ok
22:55:43.0400 5676 [ DA345DE3B450E9E1691E7B9956D8FFC3 ] OMSI download service G:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
22:55:43.0422 5676 OMSI download service ( UnsignedFile.Multi.Generic ) - warning
22:55:43.0422 5676 OMSI download service - detected UnsignedFile.Multi.Generic (1)
22:55:43.0471 5676 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:55:43.0482 5676 ose - ok
22:55:43.0662 5676 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:55:43.0826 5676 p2pimsvc - ok
22:55:43.0895 5676 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
22:55:43.0918 5676 p2psvc - ok
22:55:43.0942 5676 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:55:43.0993 5676 Parport - ok
22:55:44.0035 5676 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:55:44.0048 5676 partmgr - ok
22:55:44.0075 5676 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:55:44.0147 5676 Parvdm - ok
22:55:44.0196 5676 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:55:44.0248 5676 PcaSvc - ok
22:55:44.0277 5676 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
22:55:44.0291 5676 pci - ok
22:55:44.0313 5676 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
22:55:44.0325 5676 pciide - ok
22:55:44.0367 5676 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:55:44.0380 5676 pcmcia - ok
22:55:44.0443 5676 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:55:44.0558 5676 PEAUTH - ok
22:55:44.0889 5676 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:55:44.0958 5676 pla - ok
22:55:45.0016 5676 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:55:45.0052 5676 PlugPlay - ok
22:55:45.0083 5676 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:55:45.0108 5676 PNRPAutoReg - ok
22:55:45.0294 5676 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:55:45.0316 5676 PNRPsvc - ok
22:55:45.0492 5676 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:55:45.0571 5676 PolicyAgent - ok
22:55:45.0624 5676 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:55:45.0682 5676 PptpMiniport - ok
22:55:45.0701 5676 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
22:55:45.0723 5676 Processor - ok
22:55:45.0764 5676 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
22:55:45.0785 5676 ProfSvc - ok
22:55:45.0823 5676 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:55:45.0836 5676 ProtectedStorage - ok
22:55:45.0878 5676 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:55:45.0933 5676 PSched - ok
22:55:45.0959 5676 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
22:55:45.0969 5676 PxHelp20 - ok
22:55:46.0079 5676 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:55:46.0307 5676 ql2300 - ok
22:55:46.0343 5676 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:55:46.0432 5676 ql40xx - ok
22:55:46.0474 5676 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:55:46.0524 5676 QWAVE - ok
22:55:46.0543 5676 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:55:46.0570 5676 QWAVEdrv - ok
22:55:46.0652 5676 [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
22:55:46.0705 5676 RapiMgr - ok
22:55:46.0724 5676 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:55:46.0746 5676 RasAcd - ok
22:55:46.0819 5676 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:55:46.0878 5676 RasAuto - ok
22:55:46.0910 5676 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:55:46.0934 5676 Rasl2tp - ok
22:55:46.0963 5676 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
22:55:46.0999 5676 RasMan - ok
22:55:47.0033 5676 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:55:47.0052 5676 RasPppoe - ok
22:55:47.0078 5676 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:55:47.0092 5676 RasSstp - ok
22:55:47.0205 5676 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:55:47.0224 5676 rdbss - ok
22:55:47.0275 5676 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:55:47.0337 5676 RDPCDD - ok
22:55:47.0361 5676 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:55:47.0386 5676 rdpdr - ok
22:55:47.0391 5676 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:55:47.0427 5676 RDPENCDD - ok
22:55:47.0462 5676 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:55:47.0512 5676 RDPWD - ok
22:55:47.0550 5676 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:55:47.0575 5676 RemoteAccess - ok
22:55:47.0594 5676 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:55:47.0629 5676 RemoteRegistry - ok
22:55:47.0661 5676 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:55:47.0720 5676 RFCOMM - ok
22:55:47.0763 5676 [ A5B12A4B3B774432DB9B9FA221190E59 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
22:55:47.0798 5676 rimmptsk - ok
22:55:47.0815 5676 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
22:55:47.0852 5676 rimsptsk - ok
22:55:47.0857 5676 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
22:55:47.0899 5676 rismxdp - ok
22:55:47.0932 5676 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:55:47.0982 5676 RpcLocator - ok
22:55:48.0080 5676 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
22:55:48.0107 5676 RpcSs - ok
22:55:48.0188 5676 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:55:48.0226 5676 rspndr - ok
22:55:48.0276 5676 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
22:55:48.0309 5676 RTL8169 - ok
22:55:48.0369 5676 [ 1C5C2CB892553D2CF3F45A4BB323FCD6 ] s1018bus C:\Windows\system32\DRIVERS\s1018bus.sys
22:55:48.0380 5676 s1018bus - ok
22:55:48.0417 5676 [ 38F5EA219593F19B6B3A1B9C169E3B61 ] s1018mdfl C:\Windows\system32\DRIVERS\s1018mdfl.sys
22:55:48.0427 5676 s1018mdfl - ok
22:55:48.0455 5676 [ 666AF6B64FC7DF92D3CA4819EA91631D ] s1018mdm C:\Windows\system32\DRIVERS\s1018mdm.sys
22:55:48.0466 5676 s1018mdm - ok
22:55:48.0518 5676 [ F4CEDA6E2DDFF2AF8BD745615A7CA9C0 ] s1018mgmt C:\Windows\system32\DRIVERS\s1018mgmt.sys
22:55:48.0576 5676 s1018mgmt - ok
22:55:48.0624 5676 [ 3622D9FF2253DCBE885B10736609A4CA ] s1018nd5 C:\Windows\system32\DRIVERS\s1018nd5.sys
22:55:48.0633 5676 s1018nd5 - ok
22:55:48.0669 5676 [ 49431EFDA842B474531C29FFAE9F5D09 ] s1018obex C:\Windows\system32\DRIVERS\s1018obex.sys
22:55:48.0679 5676 s1018obex - ok
22:55:48.0724 5676 [ AC6B514CB4474F4C867D7CDC9CD54F05 ] s1018unic C:\Windows\system32\DRIVERS\s1018unic.sys
22:55:48.0734 5676 s1018unic - ok
22:55:48.0768 5676 [ 69013A123A00B3042C260B0056DF0152 ] s1029bus C:\Windows\system32\DRIVERS\s1029bus.sys
22:55:48.0778 5676 s1029bus - ok
22:55:48.0792 5676 [ 1565FC31F872963FE8AF471123D8424C ] s1029mdfl C:\Windows\system32\DRIVERS\s1029mdfl.sys
22:55:48.0802 5676 s1029mdfl - ok
22:55:48.0826 5676 [ D67A8042ECF6C983AC0E308B36603677 ] s1029mdm C:\Windows\system32\DRIVERS\s1029mdm.sys
22:55:48.0837 5676 s1029mdm - ok
22:55:48.0897 5676 [ 6FC093ABA554E45755DC2F3896B6C8D7 ] s1029obex C:\Windows\system32\DRIVERS\s1029obex.sys
22:55:48.0907 5676 s1029obex - ok
22:55:48.0932 5676 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
22:55:48.0945 5676 SamSs - ok
22:55:49.0014 5676 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:55:49.0023 5676 SASDIFSV - ok
22:55:49.0056 5676 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:55:49.0066 5676 SASKUTIL - ok
22:55:49.0108 5676 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:55:49.0120 5676 sbp2port - ok
22:55:49.0177 5676 [ 2393ED056AE02F5DBB3A7D6E40A5FDC2 ] ScanUSBET C:\Windows\system32\DRIVERS\etScan.sys
22:55:49.0225 5676 ScanUSBET - ok
22:55:49.0264 5676 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:55:49.0284 5676 SCardSvr - ok
22:55:49.0400 5676 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
22:55:49.0450 5676 Schedule - ok
22:55:49.0507 5676 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:55:49.0525 5676 SCPolicySvc - ok
22:55:49.0563 5676 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:55:49.0591 5676 sdbus - ok
22:55:49.0618 5676 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:55:49.0643 5676 SDRSVC - ok
22:55:49.0666 5676 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:55:49.0705 5676 secdrv - ok
22:55:49.0727 5676 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:55:49.0752 5676 seclogon - ok
22:55:49.0816 5676 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\Windows\system32\DRIVERS\seehcri.sys
22:55:49.0856 5676 seehcri - ok
22:55:49.0884 5676 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
22:55:49.0908 5676 SENS - ok
22:55:49.0971 5676 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:55:50.0051 5676 Serenum - ok
22:55:50.0090 5676 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:55:50.0130 5676 Serial - ok
22:55:50.0152 5676 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:55:50.0174 5676 sermouse - ok
22:55:50.0209 5676 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:55:50.0261 5676 SessionEnv - ok
22:55:50.0288 5676 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
22:55:50.0312 5676 sffdisk - ok
22:55:50.0325 5676 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:55:50.0372 5676 sffp_mmc - ok
22:55:50.0398 5676 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
22:55:50.0415 5676 sffp_sd - ok
22:55:50.0429 5676 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:55:50.0470 5676 sfloppy - ok
22:55:50.0495 5676 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:55:50.0529 5676 SharedAccess - ok
22:55:50.0581 5676 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:55:50.0618 5676 ShellHWDetection - ok
22:55:50.0663 5676 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:55:50.0675 5676 sisagp - ok
22:55:50.0712 5676 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:55:50.0724 5676 SiSRaid2 - ok
22:55:50.0744 5676 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:55:50.0763 5676 SiSRaid4 - ok
22:55:50.0969 5676 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
22:55:51.0167 5676 slsvc - ok
22:55:51.0255 5676 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:55:51.0292 5676 SLUINotify - ok
22:55:51.0319 5676 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:55:51.0341 5676 Smb - ok
22:55:51.0402 5676 [ C8A58FC905C9184FA70E37F71060C64D ] smserial C:\Windows\system32\DRIVERS\smserial.sys
22:55:51.0495 5676 smserial - ok
22:55:51.0538 5676 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:55:51.0551 5676 SNMPTRAP - ok
22:55:51.0569 5676 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:55:51.0581 5676 spldr - ok
22:55:51.0617 5676 [ 739DB668DBD812285ECC553E64A5E212 ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
22:55:51.0627 5676 spmgr - ok
22:55:51.0666 5676 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
22:55:51.0702 5676 Spooler - ok
22:55:51.0729 5676 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:55:51.0765 5676 srv - ok
22:55:51.0835 5676 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:55:51.0877 5676 srv2 - ok
22:55:51.0934 5676 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:55:51.0992 5676 srvnet - ok
22:55:52.0029 5676 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:55:52.0067 5676 SSDPSRV - ok
22:55:52.0086 5676 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
22:55:52.0097 5676 ssmdrv - ok
22:55:52.0162 5676 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:55:52.0191 5676 SstpSvc - ok
22:55:52.0234 5676 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
22:55:52.0321 5676 stisvc - ok
22:55:52.0343 5676 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:55:52.0362 5676 swenum - ok
22:55:52.0396 5676 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
22:55:52.0434 5676 swprv - ok
22:55:52.0455 5676 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:55:52.0467 5676 Symc8xx - ok
22:55:52.0491 5676 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:55:52.0503 5676 Sym_hi - ok
22:55:52.0526 5676 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:55:52.0537 5676 Sym_u3 - ok
22:55:52.0560 5676 [ BE78198C69135EF1FA157E08FD5C90FF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:55:52.0598 5676 SynTP - ok
22:55:52.0637 5676 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
22:55:52.0667 5676 SysMain - ok
22:55:52.0766 5676 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:55:52.0809 5676 TabletInputService - ok
22:55:52.0869 5676 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:55:52.0924 5676 TapiSrv - ok
22:55:52.0962 5676 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:55:52.0986 5676 TBS - ok
22:55:53.0045 5676 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:55:53.0125 5676 Tcpip - ok
22:55:53.0267 5676 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:55:53.0298 5676 Tcpip6 - ok
22:55:53.0406 5676 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:55:53.0437 5676 tcpipreg - ok
22:55:53.0505 5676 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:55:53.0544 5676 TDPIPE - ok
22:55:53.0566 5676 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:55:53.0601 5676 TDTCP - ok
22:55:53.0623 5676 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:55:53.0642 5676 tdx - ok
22:55:53.0684 5676 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:55:53.0724 5676 TermDD - ok
22:55:53.0792 5676 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
22:55:53.0822 5676 TermService - ok
22:55:53.0868 5676 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
22:55:53.0884 5676 Themes - ok
22:55:53.0894 5676 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:55:53.0917 5676 THREADORDER - ok
22:55:53.0961 5676 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:55:54.0004 5676 TrkWks - ok
22:55:54.0052 5676 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:55:54.0083 5676 TrustedInstaller - ok
22:55:54.0158 5676 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:55:54.0214 5676 tssecsrv - ok
22:55:54.0244 5676 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:55:54.0280 5676 tunmp - ok
22:55:54.0316 5676 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:55:54.0365 5676 tunnel - ok
22:55:54.0396 5676 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:55:54.0408 5676 uagp35 - ok
22:55:54.0433 5676 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:55:54.0453 5676 udfs - ok
22:55:54.0483 5676 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:55:54.0529 5676 UI0Detect - ok
22:55:54.0555 5676 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:55:54.0568 5676 uliagpkx - ok
22:55:54.0633 5676 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:55:54.0648 5676 uliahci - ok
22:55:54.0671 5676 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:55:54.0683 5676 UlSata - ok
22:55:54.0710 5676 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:55:54.0722 5676 ulsata2 - ok
22:55:54.0743 5676 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:55:54.0767 5676 umbus - ok
22:55:54.0834 5676 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:55:54.0881 5676 upnphost - ok
22:55:54.0924 5676 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:55:54.0958 5676 usbccgp - ok
22:55:54.0991 5676 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:55:55.0049 5676 usbcir - ok
22:55:55.0109 5676 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:55:55.0162 5676 usbehci - ok
22:55:55.0200 5676 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:55:55.0222 5676 usbhub - ok
22:55:55.0252 5676 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:55:55.0291 5676 usbohci - ok
22:55:55.0313 5676 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:55:55.0351 5676 usbprint - ok
22:55:55.0378 5676 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:55:55.0431 5676 USBSTOR - ok
22:55:55.0470 5676 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:55:55.0526 5676 usbuhci - ok
22:55:55.0690 5676 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:55:55.0713 5676 usbvideo - ok
22:55:55.0745 5676 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
22:55:55.0786 5676 UxSms - ok
22:55:55.0869 5676 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
22:55:55.0986 5676 vds - ok
22:55:56.0129 5676 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:55:56.0213 5676 vga - ok
22:55:56.0271 5676 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:55:56.0294 5676 VgaSave - ok
22:55:56.0319 5676 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:55:56.0331 5676 viaagp - ok
22:55:56.0367 5676 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:55:56.0389 5676 ViaC7 - ok
22:55:56.0401 5676 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
22:55:56.0413 5676 viaide - ok
22:55:56.0433 5676 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:55:56.0446 5676 volmgr - ok
22:55:56.0550 5676 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:55:56.0565 5676 volmgrx - ok
22:55:56.0596 5676 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:55:56.0611 5676 volsnap - ok
22:55:56.0650 5676 [ 6BE75CFCE25E42E79C0757C60D88FECB ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
22:55:56.0669 5676 Vsdatant - ok
22:55:56.0687 5676 vsdatant7 - ok
22:55:56.0757 5676 vsmon - ok
22:55:56.0787 5676 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:55:56.0800 5676 vsmraid - ok
22:55:57.0002 5676 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
22:55:57.0048 5676 VSS - ok
22:55:57.0184 5676 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
22:55:57.0214 5676 W32Time - ok
22:55:57.0285 5676 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:55:57.0363 5676 WacomPen - ok
22:55:57.0385 5676 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:55:57.0432 5676 Wanarp - ok
22:55:57.0437 5676 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:55:57.0466 5676 Wanarpv6 - ok
22:55:57.0571 5676 [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
22:55:57.0597 5676 WcesComm - ok
22:55:57.0666 5676 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:55:57.0787 5676 wcncsvc - ok
22:55:57.0853 5676 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:55:57.0912 5676 WcsPlugInService - ok
22:55:57.0962 5676 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
22:55:57.0974 5676 Wd - ok
22:55:58.0046 5676 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:55:58.0113 5676 Wdf01000 - ok
22:55:58.0161 5676 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:55:58.0217 5676 WdiServiceHost - ok
22:55:58.0226 5676 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:55:58.0254 5676 WdiSystemHost - ok
22:55:58.0351 5676 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
22:55:58.0375 5676 WebClient - ok
22:55:58.0436 5676 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:55:58.0510 5676 Wecsvc - ok
22:55:58.0551 5676 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:55:58.0575 5676 wercplsupport - ok
22:55:58.0604 5676 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
22:55:58.0625 5676 WerSvc - ok
22:55:58.0702 5676 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:55:58.0719 5676 WinDefend - ok
22:55:58.0727 5676 WinHttpAutoProxySvc - ok
22:55:58.0787 5676 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:55:58.0807 5676 Winmgmt - ok
22:55:59.0009 5676 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:55:59.0090 5676 WinRM - ok
22:55:59.0181 5676 [ 676F4B665BDD8053EAA53AC1695B8074 ] winusb C:\Windows\system32\DRIVERS\winusb.sys
22:55:59.0221 5676 winusb - ok
22:55:59.0297 5676 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:55:59.0366 5676 Wlansvc - ok
22:55:59.0411 5676 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:55:59.0431 5676 WmiAcpi - ok
22:55:59.0511 5676 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:55:59.0549 5676 wmiApSrv - ok
22:55:59.0699 5676 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:55:59.0745 5676 WMPNetworkSvc - ok
22:55:59.0818 5676 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:55:59.0870 5676 WPCSvc - ok
22:55:59.0923 5676 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:55:59.0956 5676 WPDBusEnum - ok
22:55:59.0997 5676 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:56:00.0010 5676 WpdUsb - ok
22:56:00.0183 5676 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:56:00.0207 5676 WPFFontCache_v0400 - ok
22:56:00.0257 5676 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:56:00.0280 5676 ws2ifsl - ok
22:56:00.0341 5676 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
22:56:00.0357 5676 wscsvc - ok
22:56:00.0364 5676 WSearch - ok
22:56:00.0490 5676 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:56:00.0617 5676 wuauserv - ok
22:56:00.0653 5676 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:56:00.0687 5676 WUDFRd - ok
22:56:00.0765 5676 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:56:00.0881 5676 wudfsvc - ok
22:56:00.0984 5676 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
22:56:01.0055 5676 yukonwlh - ok
22:56:01.0161 5676 [ 4D840C6AF3C020ED3A35EFBA9025CF4A ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl
22:56:01.0171 5676 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
22:56:01.0233 5676 ================ Scan global ===============================
22:56:01.0294 5676 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:56:01.0452 5676 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:56:01.0465 5676 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:56:01.0514 5676 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:56:01.0519 5676 [Global] - ok
22:56:01.0521 5676 ================ Scan MBR ==================================
22:56:01.0535 5676 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0
22:56:02.0447 5676 \Device\Harddisk0\DR0 - ok
22:56:02.0774 5676 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk1\DR1
22:56:02.0884 5676 \Device\Harddisk1\DR1 - ok
22:56:02.0899 5676 ================ Scan VBR ==================================
22:56:02.0915 5676 [ 852688C270F1C4BDD3CBA4F72546DA49 ] \Device\Harddisk0\DR0\Partition1
22:56:02.0915 5676 \Device\Harddisk0\DR0\Partition1 - ok
22:56:02.0946 5676 [ 856719FF8728B548306DDFD3F7AE8188 ] \Device\Harddisk0\DR0\Partition2
22:56:02.0946 5676 \Device\Harddisk0\DR0\Partition2 - ok
22:56:03.0008 5676 [ 6599E8079B52BFC8A1BED094B1D60C87 ] \Device\Harddisk1\DR1\Partition1
22:56:03.0008 5676 \Device\Harddisk1\DR1\Partition1 - ok
22:56:03.0040 5676 [ 67175C26A39AEE28EDEBB2BAFA46F08E ] \Device\Harddisk1\DR1\Partition2
22:56:03.0040 5676 \Device\Harddisk1\DR1\Partition2 - ok
22:56:03.0055 5676 ============================================================
22:56:03.0055 5676 Scan finished
22:56:03.0055 5676 ============================================================
22:56:03.0055 5460 Detected object count: 8
22:56:03.0055 5460 Actual detected object count: 8
22:57:32.0337 5460 !SASCORE ( UnsignedFile.Multi.Generic ) - skipped by user
22:57:32.0337 5460 !SASCORE ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:57:32.0341 5460 ASBroker ( UnsignedFile.Multi.Generic ) - skipped by user
22:57:32.0341 5460 ASBroker ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:57:32.0343 5460 ASChannel ( UnsignedFile.Multi.Generic ) - skipped by user
22:57:32.0343 5460 ASChannel ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:57:32.0343 5460 ASLDRService ( UnsignedFile.Multi.Generic ) - skipped by user
22:57:32.0344 5460 ASLDRService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:57:32.0346 5460 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:57:32.0346 5460 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:57:32.0346 5460 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
22:57:32.0346 5460 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:57:32.0348 5460 Mobile Partner. RunOuc ( UnsignedFile.Multi.Generic ) - skipped by user
22:57:32.0348 5460 Mobile Partner. RunOuc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:57:32.0349 5460 OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user
22:57:32.0350 5460 OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
05.07.2013, 22:04
| #9 |
| /// Malware-holic | 'PHP/WebShell.A.80' Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
05.07.2013, 22:51
| #10 |
| | 'PHP/WebShell.A.80' Ich weiß nicht ob ich zu ungeduldig bin oder einfach was falsch gemacht habe.. ich hab Internetverbindung gekappt, AntiVir und ZoneAlarm beendet, ich starte combofix, es erscheint das blaue Fenster, wo ein Systemwiederherstellungspunkt gesetzt wird, dann kommt der Hinweis, wie lange es dauern kann, dann kam Syntaxfehler. Dann ist nichts weiter passiert, habe zur Sicherheit, weil ich dachte, läuft vielleicht doch 25 min. gewartet, passierte aber nichts? EDIT: Habs auch mit Neustart probiert, da kam die Meldung, das Windows Defender (den hatte ich nicht auf dem Schirm und auch nicht in der Leiste) nicht gestartet werden konnte. Wieder die andren beiden deaktiviert, nochmals probiert, weiter Syntaxfehler. |
|
05.07.2013, 23:44
| #11 |
| /// Malware-holic | 'PHP/WebShell.A.80' lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
06.07.2013, 00:18
| #12 |
| | 'PHP/WebShell.A.80'Code:
ATTFilter 2007 Microsoft Office system Microsoft Corporation 04.12.2008 0,99GB 12.0.4518.1014 nötig Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 04.12.2008 13,5MB unbekannt Adobe Download Manager NOS Microsystems Ltd. 17.04.2011 452KB 1.6.2.99 Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 20.03.2011 10.2.152.32 nötig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 15.06.2013 11.7.700.224 nötig? Adobe Reader X (10.1.7) - Deutsch Adobe Systems Incorporated 18.05.2013 121MB 10.1.7 nötig Adobe Shockwave Player 11.6 Adobe Systems, Inc. 20.09.2012 8,37MB 11.6.7.637 nötig Agere Systems HDA Modem Agere Systems 04.12.2008 vermutlich nötig? AI TouchMedia CyberLink Corp. 03.12.2008 82,1MB 6.0.1811 unbekannt Amazon Kindle Amazon 31.12.2012 58,1MB nötig Amazon MP3-Downloader 1.0.17 Amazon Services LLC 18.12.2012 2,55MB 1.0.17 nötig Any Video Converter 3.3.2 Any-Video-Converter.com 25.12.2011 92,8MB nötig Apple Application Support Apple Inc. 11.11.2012 64,9MB 2.3 unbekannt Apple Software Update Apple Inc. 16.08.2011 2,38MB 2.1.3.127 unbekannt ASUS CopyProtect ASUS 03.12.2008 3,17MB 1.0.0007 unbekannt ASUS LifeFrame3 ASUS 03.12.2008 30,6MB 3.0.9 nötig glaub ich? ASUS Live Update ASUS 04.12.2008 472KB 2.5.6 unbekannt ASUS Power4Gear eXtreme ASUS 03.12.2008 7,14MB 1.0.19 unbekannt ASUS Security Protect Manager ASUSTeK Computer Inc. 03.12.2008 19,3MB 2.1.0.880.20 unbekannt ASUS SmartLogon ASUS 03.12.2008 10,7MB 1.0.0005 nötig? ASUS Splendid Video Enhancement Technology ASUS 03.12.2008 25,0MB 1.02.0021 unbekannt ASUS Virtual Camera ASUS 03.12.2008 2,70MB 1.0.11 nötig? Asus_Camera_ScreenSaver ASUS 04.12.2008 2.0.0008 unbekannt ATK Generic Function Service ATK 03.12.2008 460KB 1.00.0008 unbekannt ATK Hotkey ASUS 03.12.2008 6,01MB 1.0.0038 unbekannt ATK Media ASUS 03.12.2008 185KB 2.0.0000 unbekannt ATKOSD2 ASUS 03.12.2008 7,27MB 7.0.0001 unbekannt Audiograbber 1.83 SE Audiograbber Deutschland 25.04.2011 1.83 SE nötig Audiograbber Lame-MP3-Plugin AG 10.11.2009 5,83MB 1.0 nötig Avira Free Antivirus Avira 09.02.2013 64,8MB 12.1.9.1236 nötig? Big Fish Games: Game Manager 07.03.2013 15,4MB 3.0.1.60 nötig Big Kahuna Reef 2 - Chain Reaction 07.05.2011 38,4MB unnötig Bigpoint Games DE Toolbar Bigpoint Games DE 28.02.2012 4,81MB 6.8.5.1 unnötig Cake Mania 01.11.2009 18,8MB nötig Cake Mania Main Street 12.10.2009 102MB nötig CCleaner Piriform 19.06.2013 5,64MB 4.03 nötig CDBurnerXP CDBurnerXP 22.06.2013 14,3MB 4.5.1.4003 nötig ChkMail ChkMail 03.12.2008 728KB 2.0.0.16 unnötig CyberLink LabelPrint CyberLink Corp. 27.07.2011 86,3MB 2.0.2908 unbekannt CyberLink Power2Go CyberLink Corp. 27.07.2011 122MB 6.0.1924 unnötig D-Fend Reloaded 1.1.0 (deinstallieren) Alexander Herzog 09.05.2011 34,1MB 1.1.0 unbekannt Die Sims 2 23.06.2009 2,74GB nötig Die Sims 2: Nightlife 23.06.2009 1,25GB nötig Die Sims 2: Open For Business 23.06.2009 697MB nötig Die Sims 2: Wilde Campus-Jahre 23.06.2009 925MB nötig Die Sims™ 2 Apartment-Leben Electronic Arts 23.06.2009 1,21GB nötig Die Sims™ 2 Freizeit-Spaß Electronic Arts 23.06.2009 1,16GB nötig Die Sims™ 2 Gute Reise Electronic Arts 23.06.2009 946MB nötig Die Sims™ 2 Haustiere 23.06.2009 801MB nötig Die Sims™ 2 Vier Jahreszeiten 23.06.2009 869MB nötig Digital Image Recovery 1.47 Alexander Grau 05.09.2011 840KB unbekannt Dolby Control Center Dolby 03.12.2008 47,0MB 1.1.0503 nötig? Dolphin Dice 9.03 JohanNorberg.se 17.03.2012 5,79MB 9.03 unnötig DSL-Speedtest COMPUTER BILD 09.11.2011 336KB 1.00.0000 unnötig Express Gate devicevm 03.12.2008 246MB 0.8.0.3 unbekannt Farm Frenzy 31.10.2009 20,7MB nötig Farm Frenzy 2 13.11.2009 40,9MB nötig Farm Frenzy 3 03.10.2009 97,9MB nötig Farm Frenzy 3 American Pie 17.01.2010 76,5MB nötig Farm Frenzy 3 Ice Age 13.03.2010 91,9MB nötig Farm Frenzy 3 Russian Roulette 29.05.2010 70,8MB nötig Farm Frenzy 3: American Pie 16.01.2010 77,7MB nötig Farm Frenzy 3: American Pie Alawar Entertainment Inc. 25.04.2011 nötig Farm Frenzy 3: Madagascar Alawar Entertainment Inc. 31.08.2010 76,9MB nötig Farm Frenzy Pizza Party 16.11.2009 55,6MB nötig Farm Frenzy: Ancient Rome Alawar Entertainment Inc. 11.02.2011 87,5MB nötig Farm Frenzy: Gone Fishing Alawar Entertainment Inc. 05.11.2010 91,7MB nötig Farm Frenzy: Viking Heroes Alawar Entertainment Inc. 04.09.2011 269MB nötig Fashion Solitaire Shockwave.com 22.05.2011 58,2MB 32.0.0.0nötig FlashGet 2.0 hxxp://www.FlashGet.com 26.06.2009 2.11.0.1188 unnötig fotokasten comfort 27.02.2011 22,9MB unnötig fotokasten comfort 4.4 28.02.2012 22,9MB nötig Free Audio CD Burner version 1.4 DVDVideoSoft Limited. 12.11.2010 2,58MB unnötig Free i-Dressup Toolbar Free i-Dressup 12.03.2011 11,8MB 6.2.7.3 unnötig Free YouTube Download 2.3 DVDVideoSoft Limited. 29.01.2010 2,70MB nötig Free YouTube to MP3 Converter version 3.10.15.1228 DVDVideoSoft Ltd. 10.01.2012 2,20MB nötig Google Chrome Google Inc. 16.11.2012 362MB 27.0.1453.116 nötig Google Earth Plug-in Google 20.03.2013 80,7MB 7.0.3.8542 nötig Governor of Poker 14.12.2009 90,3MB nötig Hex-Editor MX NEXT-Soft 22.04.2011 652KB 6.0 unnötig? HijackThis 2.0.2 TrendMicro 20.12.2009 400KB 2.0.2 nötig? ICQ7.5 ICQ 17.04.2011 53,8MB 7.5 nötig IrfanView (remove only) 14.07.2009 1,85MB nötig Island Realms 09.12.2009 56,0MB nötig Island Tribe 05.05.2013 85,8MB nötig Island Tribe 2 12.05.2013 169MB nötig Island Tribe 3 03.05.2013 167MB nötig Island Tribe 4 02.06.2013 301MB nötig ITECIR ITE 03.12.2008 664KB 1.00.0000 unbekannt Jane's Hotel Mania 09.05.2011 205MB nötig Java 7 Update 25 Oracle 04.03.2013 129MB 7.0.250 nötig? JavaFX 2.1.1 Oracle Corporation 13.06.2012 20,8MB 2.1.1 nötig? Jewel Match 2 14.11.2009 87,7MB nötig Jojos Fashion Show 21.01.2010 41,1MB nötig Jojos Fashion Show 2 31.12.2009 69,7MB nötig Jojos Fashion Show World Tour 29.12.2009 236MB nötig LightScribe System Software 1.14.17.1 LightScribe 03.12.2008 21,0MB 1.14.17.1 nötig Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 05.07.2013 4,07MB 1.75.0.1300 nötig Media Go Sony 31.01.2010 93,4MB 1.3.227 unnötig? Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 23.08.2009 36,9MB unbekannt Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 15.08.2009 36,9MB unbekannt Microsoft .NET Framework 4 Client Profile Microsoft Corporation 23.07.2011 120MB 4.0.30319 unbekannt Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 23.07.2011 24,5MB 4.0.30319 unbekannt Microsoft Office Home and Student 2007 Microsoft Corporation 07.10.2009 1,04GB 12.0.4518.1014 nötig? Microsoft Silverlight Microsoft Corporation 06.12.2012 22,5MB 5.1.10411.0 nötig Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 31.01.2010 342KB 8.0.59193 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 26.06.2009 590KB 9.0.30729 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 31.01.2010 590KB 9.0.30729.4148 unbekannt Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 16.10.2011 11,1MB 10.0.40219 unbekannt Mobile Partner Huawei Technologies Co.,Ltd 23.09.2011 28,0MB 21.005.11.01.858 nötig Move Media Player Move Networks 06.04.2010 unbekannt Mozilla Firefox 16.0.2 (x86 de) Mozilla 27.10.2012 40,6MB 16.0.2 nötig Mozilla Maintenance Service Mozilla 06.06.2013 204KB 21.0 nötig? My Kingdom for the Princess 24.03.2013 98,8MB nötig My Kingdom for the Princess II 28.03.2013 184MB nötig My Kingdom for the Princess III 07.03.2013 207MB nötig NB Probe 04.12.2008 2,75MB unbekannt NimoFilm Mysher 31.03.2012 27,0MB 1.9.21 unbekannt NVIDIA Drivers 12.07.2011 nötig P4P P4P 03.12.2008 772KB 1.0.0.17 unbekannt Pazera Free MOV to AVI Converter 1.4 Jacek Pazera 25.12.2011 6,21MB 1.4 nötig Picasa 2 Google, Inc. 04.12.2008 35,3MB 2.0 unnötig PlayStation(R)Network Downloader Sony Computer Entertainment Inc. 31.01.2010 662KB 2.00.00005 unbekannt PlayStation(R)Store Sony Computer Entertainment Inc. 31.01.2010 3,21MB 2.7.6.06777 unbekannt QuickTime Apple Inc. 27.05.2013 74,6MB 7.74.80.86 nötig Quilting Time 07.03.2010 17,4MB unnötig RAD Video Tools 25.12.2011 1,93MB nötig Ranch Rush 04.09.2009 152MB nötig Realtek 8169 8168 8101E 8102E Ethernet Driver Realtek 03.12.2008 1,53MB 1.00.0000 unbekannt Realtek High Definition Audio Driver Realtek Semiconductor Corp. 03.12.2008 21,9MB 6.0.1.5645 unbekannt RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01 04.12.2008 2,10MB 3.55.01 unbekannt Roads of Rome 02.06.2013 78,0MB nötig Roads of Rome II 02.06.2013 103MB nötig Royal Envoy 13.05.2010 154MB nötig Royal Envoy 2 Alawar Entertainment Inc. 14.03.2012 213MB nötig Sims 2 Wardrobe Wrangler v1.1 07.12.2009 638MB nötig Sims2Pack Clean Installer 25.04.2011 nötig SKIP-BO Castaway Caper(TM) 23.04.2011 21,2MB nötig SKIPBO Castaway Caper 23.04.2011 37,6MB nötig Sony Ericsson PC Suite 6.011.00 Sony Ericsson 31.01.2010 33,3MB 6.011.00 unnötig Sony Ericsson Themes Creator 4.12.2.4 Sony Ericsson Mobile Communications AB 17.02.2010 25,4MB 4.12.2.4 nötig Spiel Des Lebens 10.05.2011 100KB unnötig Spybot - Search & Destroy Safer Networking Limited 21.08.2010 54,3MB 1.6.2 unnötig? SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49 eRightSoft 25.12.2011 40,0MB v2011.build.49 unbekannt SUPERAntiSpyware SUPERAntiSpyware.com 07.02.2012 86,2MB 5.0.1144 nötig? Synaptics Pointing Device Driver Synaptics 04.12.2008 14,6MB 11.1.21.0 unbekannt Uninstall 1.0.0.1 12.11.2010 15,2MB unbekannt Update Service Sony Ericsson Mobile Communications AB 01.02.2010 95,7MB 2.10.2.50 unnötig USB2.0 1.3M UVC WebCam 04.12.2008 nötig? VLC media player 1.0.5 VideoLAN Team 02.05.2010 76,3MB 1.0.5 nötig WEB.DE MailCheck für Internet Explorer 1&1 Mail & Media GmbH 23.03.2013 unnötig 5,33MB 2.1.0.0 WEB.DE Softwareaktualisierung 1&1 Mail & Media GmbH 23.03.2013 1,53MB 3.0.0.1 unnötig Wedding Salon Alawar Entertainment Inc. 02.06.2012 58,0MB nötig WIDCOMM Bluetooth Software Broadcom Corporation 03.12.2008 31,7MB 5.2.0.500 nötig Windows Media Player Firefox Plugin Microsoft Corp 18.04.2010 296KB 1.0.0.8 nötig WinFlash 04.12.2008 1,36MB unbekannt? WinPolis 11.10.2012 3,38MB nötig WinRAR 26.06.2009 3,72MB nötig Wireless Console 2 ATK 03.12.2008 2,11MB 2.0.10 unbekannt XMedia Recode 3.0.6.0 Sebastian Dörfler 25.12.2011 18,3MB 3.0.6.0 nötig? Yahoo! Widgets Yahoo! Inc. 29.01.2012 23,3MB 4.5.2.0 unnötig yWriter5 Spacejock Software 24.06.2011 5,04MB nötig Zero Assumption Digital Image Recovery 1.2 Zero Assumption Recovery Software 03.10.2011 476KB unnötig Zip Motion Block Video codec (Remove Only) DOSBox Team 09.05.2011 nötig ZoneAlarm Check Point, Inc 10.11.2011 10,6MB 9.2.058.000 unnötig? k.a. Zylom Games Player Plugin Zylom Games 24.04.2011 388KB unnötig |
|
06.07.2013, 00:36
| #13 |
| /// Malware-holic | 'PHP/WebShell.A.80' deinstaliere: Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden, instalieren. adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. Sicherheit (erweitert) Erweiterte Sicherheit anhaken und alle Dateien auswählen. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Big Kahuna Bigpoint ChkMail CyberLink : beide Dolphin DSL FlashGet Free : alle für dich unnötigen Hex HijackThis Picasa Quilting Spiel Des Spybot SUPER © SUPERAntiSpyware WEB.DE : beide bzw unnötiges Yahoo Zero ZoneAlarm Zylom Öffne CCleaner, analysieren, starten, pc neustarten Downloade Dir bitte  AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
06.07.2013, 02:14
| #14 |
| | 'PHP/WebShell.A.80' So, geschafft :-) Programme gelöscht, CC-Cleaner gelaufen (juhu, gleich so viel mehr Platz auf der Festplatte ;-) Ich grübel noch wg. ComboFix.. Ist dieser Syntaxfehler ein schlechtes Zeichen? AdwCleaner: Code:
ATTFilter # AdwCleaner v2.304 - Datei am 06/07/2013 um 03:02:53 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : *** - ***
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\kxdclicb.default\foxydeal.sqlite
Datei Gelöscht : C:\Windows\system32\conduitEngine.tmp
Datei Gelöscht : C:\Windows\Uninstall.exe
Ordner Gelöscht : C:\Program Files\Babylon
Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\ZoneAlarm-Sicherheit
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\Users\***\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\ZoneAlarm-Sicherheit
Ordner Gelöscht : C:\Users\***\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\***\AppData\Roaming\iWin
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\kxdclicb.default\Conduit
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\kxdclicb.default\ConduitCommon
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\kxdclicb.default\jetpack
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ZoneAlarm-Sicherheit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A29413B9-7926-423A-9D8E-ADEEA0C91CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2474641
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2613550
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2843456
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77F58715-19BC-44FB-ACFE-7C69F5AE9757}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F86C87F-A05B-4D24-9359-76E38DFD5F19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A29413B9-7926-423A-9D8E-ADEEA0C91CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\10888a5b8643982a1f8e7de8c303ccbd
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Schlüssel Gelöscht : HKLM\Software\ZoneAlarm-Sicherheit
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16450
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v16.0.2 (de)
Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\kxdclicb.default\prefs.js
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\kxdclicb.default\user.js ... Gelöscht !
Gelöscht : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2269050.CTID", "CT2269050");
Gelöscht : user_pref("CT2269050.CurrentServerDate", "14-6-2010");
Gelöscht : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2269050.EMailNotifierPollDate", "Mon Jun 14 2010 22:10:54 GMT+0200");
Gelöscht : user_pref("CT2269050.FirstServerDate", "14-6-2010");
Gelöscht : user_pref("CT2269050.FirstTime", true);
Gelöscht : user_pref("CT2269050.FirstTimeFF3", true);
Gelöscht : user_pref("CT2269050.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2269050.Initialize", true);
Gelöscht : user_pref("CT2269050.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2269050.InstalledDate", "Mon Jun 14 2010 22:05:49 GMT+0200");
Gelöscht : user_pref("CT2269050.InvalidateCache", false);
Gelöscht : user_pref("CT2269050.IsGrouping", false);
Gelöscht : user_pref("CT2269050.IsMulticommunity", false);
Gelöscht : user_pref("CT2269050.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2269050.IsOpenUninstallPage", false);
Gelöscht : user_pref("CT2269050.LanguagePackLastCheckTime", "Mon Jun 14 2010 22:06:26 GMT+0200");
Gelöscht : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2269050.LastLogin_2.5.8.6", "Mon Jun 14 2010 22:05:52 GMT+0200");
Gelöscht : user_pref("CT2269050.LatestVersion", "2.1.0.18");
Gelöscht : user_pref("CT2269050.Locale", "en");
Gelöscht : user_pref("CT2269050.LoginCache", 4);
Gelöscht : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2269050.RadioIsPodcast", false);
Gelöscht : user_pref("CT2269050.RadioLastCheckTime", "Mon Jun 14 2010 22:05:52 GMT+0200");
Gelöscht : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gelöscht : user_pref("CT2269050.RadioMediaID", "12473383");
Gelöscht : user_pref("CT2269050.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gelöscht : user_pref("CT2269050.RadioShrinked", "shrinked");
Gelöscht : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gelöscht : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gelöscht : user_pref("CT2269050.SHRINK_TOOLBAR", 0);
Gelöscht : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gelöscht : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Mon Jun 14 2010 22:05:52 GMT+0200");
Gelöscht : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Gelöscht : user_pref("CT2269050.SettingsLastCheckTime", "Mon Jun 14 2010 22:05:35 GMT+0200");
Gelöscht : user_pref("CT2269050.SettingsLastUpdate", "1276545051");
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Mon Jun 14 2010 21:54:18 GMT+0200");
Gelöscht : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gelöscht : user_pref("CT2269050.Uninstall", true);
Gelöscht : user_pref("CT2269050.UserID", "UN07172832291008269");
Gelöscht : user_pref("CT2269050.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT2269050.WeatherNetwork", "");
Gelöscht : user_pref("CT2269050.WeatherPollDate", "Mon Jun 14 2010 22:06:28 GMT+0200");
Gelöscht : user_pref("CT2269050.WeatherUnit", "C");
Gelöscht : user_pref("CT2269050.alertChannelId", "666138");
Gelöscht : user_pref("CT2269050.clientLogIsEnabled", false);
Gelöscht : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gelöscht : user_pref("CT2269050.myStuffEnabled", true);
Gelöscht : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gelöscht : user_pref("CT2613550..clientLogIsEnabled", true);
Gelöscht : user_pref("CT2613550..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2613550..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2613550.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2613550.CTID", "ct2613550");
Gelöscht : user_pref("CT2613550.CommunitiesChangesLastCheckTime", "0");
Gelöscht : user_pref("CT2613550.CurrentServerDate", "30-9-2011");
Gelöscht : user_pref("CT2613550.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2613550.DialogsGetterLastCheckTime", "Fri Sep 30 2011 20:49:17 GMT+0200");
Gelöscht : user_pref("CT2613550.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2613550.EMailNotifierPollDate", "Fri Sep 30 2011 20:48:59 GMT+0200");
Gelöscht : user_pref("CT2613550.FirstServerDate", "17-8-2011");
Gelöscht : user_pref("CT2613550.FirstTime", true);
Gelöscht : user_pref("CT2613550.FirstTimeFF3", true);
Gelöscht : user_pref("CT2613550.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2613550.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2613550.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2613550.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2613550.Initialize", true);
Gelöscht : user_pref("CT2613550.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2613550.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2613550.InstallationType", "UnknownIntegration");
Gelöscht : user_pref("CT2613550.InstalledDate", "Wed Aug 17 2011 11:32:49 GMT+0200");
Gelöscht : user_pref("CT2613550.IsAlertDBUpdated", true);
Gelöscht : user_pref("CT2613550.IsGrouping", false);
Gelöscht : user_pref("CT2613550.IsInitSetupIni", true);
Gelöscht : user_pref("CT2613550.IsMulticommunity", false);
Gelöscht : user_pref("CT2613550.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2613550.IsOpenUninstallPage", false);
Gelöscht : user_pref("CT2613550.LanguagePackLastCheckTime", "Wed Aug 17 2011 11:32:52 GMT+0200");
Gelöscht : user_pref("CT2613550.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2613550.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2613550.LastLogin_3.6.0.10", "Wed Sep 28 2011 12:10:18 GMT+0200");
Gelöscht : user_pref("CT2613550.LastLogin_3.7.0.6", "Fri Sep 30 2011 20:49:04 GMT+0200");
Gelöscht : user_pref("CT2613550.LatestVersion", "3.7.0.6");
Gelöscht : user_pref("CT2613550.Locale", "de-de");
Gelöscht : user_pref("CT2613550.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2613550.MCDetectTooltipShow", false);
Gelöscht : user_pref("CT2613550.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2613550.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2613550.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2613550.OriginalFirstVersion", "3.6.0.10");
Gelöscht : user_pref("CT2613550.SHRINK_TOOLBAR", 1);
Gelöscht : user_pref("CT2613550.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2613550.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Gelöscht : user_pref("CT2613550.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2613550.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2613550.SearchInNewTabLastCheckTime", "Wed Aug 17 2011 11:32:50 GMT+0200");
Gelöscht : user_pref("CT2613550.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2613550.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2613550.SearchInNewTabUserEnabled", false);
Gelöscht : user_pref("CT2613550.SearchProtectorToolbarDisabled", true);
Gelöscht : user_pref("CT2613550.ServiceMapLastCheckTime", "Fri Sep 30 2011 20:48:58 GMT+0200");
Gelöscht : user_pref("CT2613550.SettingsLastCheckTime", "Wed Aug 17 2011 11:32:47 GMT+0200");
Gelöscht : user_pref("CT2613550.SettingsLastUpdate", "1313417096");
Gelöscht : user_pref("CT2613550.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2613550.ThirdPartyComponentsLastCheck", "Wed Aug 17 2011 11:32:46 GMT+0200");
Gelöscht : user_pref("CT2613550.ThirdPartyComponentsLastUpdate", "1255344657");
Gelöscht : user_pref("CT2613550.ToolbarDisabled", true);
Gelöscht : user_pref("CT2613550.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2613550.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2613550");
Gelöscht : user_pref("CT2613550.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gelöscht : user_pref("CT2613550.UserID", "UN43273143654849555");
Gelöscht : user_pref("CT2613550.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT2613550.WeatherNetwork", "");
Gelöscht : user_pref("CT2613550.WeatherPollDate", "Fri Sep 30 2011 20:49:00 GMT+0200");
Gelöscht : user_pref("CT2613550.WeatherUnit", "C");
Gelöscht : user_pref("CT2613550.alertChannelId", "1006347");
Gelöscht : user_pref("CT2613550.approveUntrustedApps", false);
Gelöscht : user_pref("CT2613550.components.1000080", true);
Gelöscht : user_pref("CT2613550.components.1000234", true);
Gelöscht : user_pref("CT2613550.components.129171076489169448", false);
Gelöscht : user_pref("CT2613550.ct2613550.AppTrackingLastCheckTime", "Sat Sep 03 2011 14:25:31 GMT+0200");
Gelöscht : user_pref("CT2613550.ct2613550.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2613550.ct2613550.GroupingInvalidateCache", false);
Gelöscht : user_pref("CT2613550.ct2613550.GroupingLastCheckTime", "0");
Gelöscht : user_pref("CT2613550.ct2613550.GroupingLastServerUpdateTime", "0");
Gelöscht : user_pref("CT2613550.ct2613550.InvalidateCache", false);
Gelöscht : user_pref("CT2613550.ct2613550.LanguagePackLastCheckTime", "Thu Sep 29 2011 23:23:54 GMT+0200");
Gelöscht : user_pref("CT2613550.ct2613550.Locale", "de-de");
Gelöscht : user_pref("CT2613550.ct2613550.RadioLastCheckTime", "0");
Gelöscht : user_pref("CT2613550.ct2613550.RadioLastUpdateIPServer", "0");
Gelöscht : user_pref("CT2613550.ct2613550.RadioLastUpdateServer", "0");
Gelöscht : user_pref("CT2613550.ct2613550.SearchInNewTabLastCheckTime", "Fri Sep 30 2011 20:49:00 GMT+0200");
Gelöscht : user_pref("CT2613550.ct2613550.SettingsLastCheckTime", "Fri Sep 30 2011 20:48:59 GMT+0200");
Gelöscht : user_pref("CT2613550.ct2613550.SettingsLastUpdate", "1313417096");
Gelöscht : user_pref("CT2613550.ct2613550.ThirdPartyComponentsLastCheck", "Sat Sep 10 2011 10:43:31 GMT+0200");
Gelöscht : user_pref("CT2613550.ct2613550.ThirdPartyComponentsLastUpdate", "1255344657");
Gelöscht : user_pref("CT2613550.ct2613550.components.1001", true);
Gelöscht : user_pref("CT2613550.ct2613550.components.1003", true);
Gelöscht : user_pref("CT2613550.ct2613550.components.1004", true);
Gelöscht : user_pref("CT2613550.ct2613550.globalFirstTimeInfoLastCheckTime", "Fri Sep 30 2011 20:49:03 GMT+0200[...]
Gelöscht : user_pref("CT2613550.ct2613550.toolbarAppMetaDataLastCheckTime", "Fri Sep 30 2011 20:49:03 GMT+0200"[...]
Gelöscht : user_pref("CT2613550.ct2613550.toolbarContextMenuLastCheckTime", "Fri Sep 30 2011 20:49:03 GMT+0200"[...]
Gelöscht : user_pref("CT2613550.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CT2613550.globalFirstTimeInfoLastCheckTime", "Wed Aug 17 2011 11:32:50 GMT+0200");
Gelöscht : user_pref("CT2613550.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2613550.initDone", true);
Gelöscht : user_pref("CT2613550.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2613550.myStuffEnabled", true);
Gelöscht : user_pref("CT2613550.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2613550.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2613550.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2613550.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2613550.oldAppsList", "129171076488700693,129171076488856944,111,129171076488856945,129[...]
Gelöscht : user_pref("CT2613550.revertSettingsEnabled", true);
Gelöscht : user_pref("CT2613550.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2613550.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2613550.testingCtid", "");
Gelöscht : user_pref("CT2613550.toolbarAppMetaDataLastCheckTime", "Wed Aug 17 2011 11:32:49 GMT+0200");
Gelöscht : user_pref("CT2613550.toolbarContextMenuLastCheckTime", "Wed Aug 17 2011 11:32:52 GMT+0200");
Gelöscht : user_pref("CT2613550.usagesFlag", 2);
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2613550", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2613550", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2613550",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2613550&octid=[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2613550&octid=[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/50/261/CT2613550/Images/6340849712463612[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\***\\AppData\\Roaming\\Mozilla\\[...]
Gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,CT2613550");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050,CT2613550");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList4", "CT2613550");
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jun 14 2010 22:05:50 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jun 14 2010 21:54:19 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.userId", "{6a022e1e-e581-45b0-b30a-330780c8d7eb}");
Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Aug 21 2011 21:26:57 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.globalUserId", "ffd8a6bf-8c6c-4971-9474-30faea074620");
Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Sep 28 2011 12:10:1[...]
Gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Sep 30 2011 20:48:57 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.notifications.userId", "666a7c24-b75c-4a35-be4e-23dd2ddada36");
Datei : C:\Users\Gastzugang\AppData\Roaming\Mozilla\Firefox\Profiles\9tegf66c.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v27.0.1453.116
Datei : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [23671 octets] - [06/07/2013 03:02:53]
########## EOF - C:\AdwCleaner[S1].txt - [23732 octets] ##########
|
|
06.07.2013, 12:59
| #15 |
| /// Malware-holic | 'PHP/WebShell.A.80' Hi, nein, is alles gut. Hitman Pro - Download - Filepony Hitmanpro laden, doppelklicken, Scan klicken. Nichts löschen, auf weiter klicken. Log speichern und posten, bzw als XML exportieren, packen und anhängen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu 'PHP/WebShell.A.80' |
| aktuelle, alarm, anschluss, antivir, appdata, cache, datei, dateien, firefox, freundin, gen, google, laptop, loswerden, namen, neue, neuen, offen, plötzlich, programm, scan, seite, seiten, super, unerwünschtes programm, virus |
WARNUNG an die MITLESER: 
Linear-Darstellung
