Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojan.Generic.KDV.182338 (B)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.11.2012, 11:17   #1
verrant
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Problem:
Diverse Sites ließen sich in Chrome nicht mehr aufrufen. Neustart des T-Online Routers. Keine Besserung. Scan mit Emsisoft Anti-Malware nach manueller Virenlistenaktualisierung am 10.11.2012 – Fund: Trojan.Generic.KDV.182338 (B)

Beschreibung wie es dazu kam:
Ehemals Win7 Pro System mit div. Programmen auf c:
Neuinstallation Win 7 Pro auf F: und update mit Win 8 pro
Über Bootmenu wird überlicherweise die Win 8 pro Installation aufgerufen.
Chrome und Addons, kein Sandboxie (ich bin dumm und faul). Secunia und FileHippo werden bei Systemstart geladen. Letzte Aktualisierung nach Hinweis durch Secunia, war eine manuelle Installation von Adobe Flash Player, dabei InstallDatei von web-Site manuell geladen und ausgeführt.



unternommene Schritte:


Defogger -> Disable -> o.k. -> kein Neustart erforderlich.

OTL-Download und Ausführung.

Code:
ATTFilter
OTL logfile created on: 11.11.2012 10:13:56 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = F:\Users\***\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16420)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,53 Gb Available Physical Memory | 81,86% Memory free
9,16 Gb Paging File | 6,99 Gb Available in Paging File | 76,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 49,87 Gb Free Space | 44,61% Space Free | Partition Type: NTFS
Drive D: | 37,43 Gb Total Space | 37,33 Gb Free Space | 99,74% Space Free | Partition Type: NTFS
Drive E: | 214,17 Gb Total Space | 201,86 Gb Free Space | 94,25% Space Free | Partition Type: NTFS
Drive F: | 214,16 Gb Total Space | 137,80 Gb Free Space | 64,34% Space Free | Partition Type: NTFS
Drive Z: | 465,64 Gb Total Space | 375,81 Gb Free Space | 80,71% Space Free | Partition Type: FAT32
 
Computer Name: WIN8-VERSUCH | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2012.11.11 10:13:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\***\Downloads\OTL.exe
PRC - [2012.11.07 20:40:00 | 001,581,592 | ---- | M] (Google Inc.) -- F:\Windows\Temp\CR_4D744.tmp\setup.exe
PRC - [2012.10.28 19:29:47 | 000,843,208 | ---- | M] (Samsung) -- F:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.10.27 20:23:16 | 000,212,432 | ---- | M] (Google Inc.) -- F:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.10.17 17:02:24 | 003,364,264 | ---- | M] (Emsisoft GmbH) -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
PRC - [2012.10.06 17:01:48 | 003,084,176 | ---- | M] (Emsisoft GmbH) -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- F:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) -- F:\Program Files (x86)\Secunia\PSI\PSIA.exe
PRC - [2012.09.24 13:46:16 | 000,656,480 | ---- | M] (Secunia) -- F:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2012.09.24 13:46:14 | 000,573,536 | ---- | M] (Secunia) -- F:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- F:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.09.20 10:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 09:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.09.20 07:32:59 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2012.09.20 07:32:58 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012.09.20 07:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.09.20 07:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012.09.20 07:30:38 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012.08.29 14:22:36 | 000,208,384 | ---- | M] (Atheros Commnucations) [Auto | Running] -- F:\Windows\SysNative\AdminService.exe -- (AtherosSvc)
SRV:64bit: - [2012.07.26 04:08:04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012.07.26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 04:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 04:06:36 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2012.07.26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 04:06:00 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.07.26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 04:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012.07.26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 04:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2012.11.10 20:40:11 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.29 18:45:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- F:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- F:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.06 17:01:48 | 003,084,176 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- F:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) [Auto | Running] -- F:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2012.09.24 13:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Running] -- F:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.20 09:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- F:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.07.26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.20 09:31:29 | 000,068,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2012.09.20 08:55:33 | 000,445,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2012.09.20 08:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2012.09.20 08:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012.09.20 08:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 08:55:30 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.09.20 08:55:29 | 000,028,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.09.20 08:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 08:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.09.20 08:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2012.09.20 08:03:06 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2012.09.20 08:03:03 | 000,055,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- F:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.09.20 07:09:11 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2012.09.20 07:08:27 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.09.13 06:13:42 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.08.29 14:22:38 | 000,565,760 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012.08.22 00:12:20 | 000,055,336 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\AthDfu.sys -- (AthDfu)
DRV:64bit: - [2012.07.26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- F:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 06:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012.07.26 06:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012.07.26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 05:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2012.07.26 05:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2012.07.26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:17:38 | 000,027,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.07.26 03:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012.07.26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 03:27:58 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.07.26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 03:25:54 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.07.26 03:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\Vid.sys -- (Vid)
DRV:64bit: - [2012.07.26 03:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2012.07.26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 03:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2012.07.26 03:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2012.07.26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- F:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.25 23:53:22 | 011,926,528 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.06.29 03:00:48 | 000,360,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.06.02 15:31:56 | 000,589,824 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.06.02 15:31:55 | 001,855,520 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2011.12.16 15:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- F:\Windows\SysNative\Drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010.10.19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.01.07 02:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\RTL8187.sys -- (RTL8187)
DRV - [2012.04.30 17:45:28 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- F:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys -- (a2acc)
DRV - [2012.04.30 17:45:00 | 000,044,688 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2011.05.19 13:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2010.05.05 08:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = F:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3B C6 B6 72 78 B4 CD 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {4B00392A-C410-4A53-9706-1F56FDED3CEC}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{4B00392A-C410-4A53-9706-1F56FDED3CEC}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: F:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: F:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: F:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: F:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: F:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: F:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: F:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: F:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: F:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: F:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: F:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: F:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 22:01:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: F:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.29 21:32:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: F:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.29 18:45:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: F:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: F:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.29 18:45:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: F:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.10.27 22:07:42 | 000,000,000 | ---D | M] (No name found) -- F:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.11.03 21:23:38 | 000,000,000 | ---D | M] (No name found) -- F:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ly48x1iy.default\extensions
[2012.10.28 19:26:37 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- F:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ly48x1iy.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.11.03 21:23:38 | 000,000,000 | ---D | M] (No name found) -- F:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ly48x1iy.default\extensions\staged
[2012.10.31 18:21:57 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files (x86)\mozilla firefox\extensions
[2012.10.31 18:21:58 | 000,000,000 | ---D | M] (Skype Click to Call) -- F:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.27 22:07:20 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- F:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- F:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = F:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = F:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = F:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = F:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = F:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Winamp Application Detector (Enabled) = F:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = F:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = F:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = F:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = F:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = F:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = F:\WINDOWS\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = F:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = F:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - Extension: Fast Search = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\afnaofjbkflgabdhippkhhinnnnfdopk\1.8_0\
CHR - Extension: Session Manager = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: Funmoods = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\1.0_0\
CHR - Extension: Bulk Download Images(ZIG) = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedbigoemkinkepgmcmgnapjcahnedmn\2.1.5_0\
CHR - Extension: WOT = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.7_0\
CHR - Extension: YouTube = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Firebug Lite for Google Chrome\u2122 = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\
CHR - Extension: Meine IP-Adresse = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf\1.24_0\
CHR - Extension: FlashBlock = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffbjijcie\1.2.11.12_0\
CHR - Extension: Adblock Plus = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\
CHR - Extension: Puk-Puk = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cngkcldnnppckgbmndaccoffaikjbemc\3_0\
CHR - Extension: Image Downloader = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\1.3_0\
CHR - Extension: Google-Suche = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Best Utility Apps = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfkmehkjocihlfmcjkmdiekloihfaog\1.0.0.1_0\
CHR - Extension: Google Earth The Instant Way = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpifhlbldgbpgcgpcmiakanpghoddbme\0.7_0\
CHR - Extension: YouTube 2 Mp3 Converter = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\epkjgmpenmohanjnliedcekhjkbgbinj\1.0_0\
CHR - Extension: Torrent Turbo Search = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\3.5.5.9_0\
CHR - Extension: Ultimate Searcher = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfkkggpdieeljhcpgbdimpnlnpijccic\2.0_0\
CHR - Extension: Eye Dropper = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka\0.2.6_0\
CHR - Extension: MP3 Converter = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggjepemmdkieakihpomccndhdfcljdp\3.0.0.0_0\
CHR - Extension: colorPicker 0.9 = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jegimleidpfmpepbfajjlielaheedkdo\0.9.90_0\
CHR - Extension: Bubble Translate = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhlebbhengjlhmcjebbkambaekglhkf\1.5_0\
CHR - Extension: My IP = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaookbilagohkmkobbhanefacdhlcjdi\1.0_0\
CHR - Extension: FVD Video Downloader = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\1.3.9_0\
CHR - Extension: FVD Video Downloader = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\1.4.0_0\
CHR - Extension: Skype Click to Call = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: DownAll = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljkdhninipglbomdgpakmhfbbggcfmog\0.4.1_0\
CHR - Extension: YouTube Instant = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnajachlebjlnfeglgoecpfcbaiigbja\0.8_0\
CHR - Extension: Google Maps = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Ghostery = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.0.0_0\
CHR - Extension: NotScripts = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\
CHR - Extension: Google Mail = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012.07.26 06:26:49 | 000,000,824 | ---- | M]) - F:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - F:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - F:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [emsisoft anti-malware] f:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [KiesTrayAgent] F:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [WinampAgent] F:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [] F:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [FileHippo.com] F:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [GoogleDriveSync] F:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [KiesAirMessage] F:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPreload] F:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://F:\WINDOWS\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://F:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://F:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - F:\WINDOWS\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://F:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube Download - F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://F:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2257C3CF-27CC-423A-B5F3-07F564E20BEE}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A732324-48A3-4880-ACA9-9359D7080B96}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - F:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (F:\Windows\system32\userinit.exe) - F:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - F:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - F:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002.10.17 09:56:50 | 000,000,036 | RH-- | M] () - Z:\Autorun.inf.bak -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.04 21:37:56 | 000,000,000 | ---D | C] -- F:\Users\***\Documents\WISO Mein Geld
[2012.11.03 21:23:35 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Funmoods
[2012.11.03 21:23:31 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\IrfanView
[2012.11.03 21:23:31 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
[2012.11.03 21:23:30 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\IrfanView
[2012.11.03 21:20:27 | 001,820,672 | ---- | C] (Irfan Skiljan) -- F:\Users\***\Desktop\iview433g_setup.exe
[2012.11.03 21:20:27 | 001,725,680 | ---- | C] (Setup ©                       ) -- F:\Users\***\Desktop\FunmoodsSetup.exe
[2012.11.03 21:01:10 | 000,000,000 | ---D | C] -- F:\ProgramData\Visan
[2012.11.03 21:01:10 | 000,000,000 | ---D | C] -- F:\ProgramData\HP Photo Creations
[2012.11.03 21:01:10 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\HP Photo Creations
[2012.11.03 21:01:04 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\HpUpdate
[2012.11.03 21:00:59 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012.11.03 21:00:44 | 000,000,000 | ---D | C] -- F:\Program Files\HP
[2012.11.03 21:00:44 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\HP
[2012.11.03 21:00:09 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\HP
[2012.11.02 20:24:21 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.11.02 20:24:04 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Deployment
[2012.11.02 20:24:04 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Apps
[2012.11.02 18:28:15 | 000,000,000 | -HSD | C] -- F:\Config.Msi
[2012.11.02 17:45:09 | 000,000,000 | ---D | C] -- F:\Program Files\Java
[2012.11.02 17:43:23 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\Java
[2012.10.31 18:21:53 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Skype
[2012.10.31 18:21:51 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.10.31 18:21:51 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\Skype
[2012.10.31 18:21:50 | 000,000,000 | R--D | C] -- F:\Program Files (x86)\Skype
[2012.10.31 18:21:46 | 000,000,000 | ---D | C] -- F:\ProgramData\Skype
[2012.10.30 18:40:57 | 000,000,000 | ---D | C] -- F:\WINDOWS\ehome
[2012.10.29 21:33:19 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012.10.29 21:32:49 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
[2012.10.29 21:32:49 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Winamp Detect
[2012.10.29 21:32:43 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\PX Storage Engine
[2012.10.29 21:32:39 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Winamp
[2012.10.29 21:32:39 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Winamp
[2012.10.29 21:00:01 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\vlc
[2012.10.29 20:37:36 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.10.29 20:37:24 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\VideoLAN
[2012.10.29 20:19:05 | 000,000,000 | ---D | C] -- F:\Users\***\Documents\Outlook-Dateien
[2012.10.29 18:45:34 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Mozilla Thunderbird
[2012.10.29 17:45:50 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Identities
[2012.10.28 19:38:27 | 000,000,000 | ---D | C] -- F:\Users\Public\Documents\CrashDump
[2012.10.28 19:35:55 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Adobe
[2012.10.28 19:29:30 | 000,000,000 | ---D | C] -- F:\Users\Public\Documents\NativeFus_Log
[2012.10.28 19:29:27 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Samsung
[2012.10.28 19:29:27 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Samsung
[2012.10.28 19:29:26 | 000,000,000 | ---D | C] -- F:\Users\***\Documents\samsung
[2012.10.28 19:28:07 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Plugins
[2012.10.28 19:26:36 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.28 19:26:35 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.10.28 19:26:33 | 000,405,144 | ---- | C] (Newtonsoft) -- F:\WINDOWS\SysWow64\Newtonsoft.Json.Net20.dll
[2012.10.28 19:26:26 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\DVDVideoSoft
[2012.10.28 19:26:26 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\DVDVideoSoft
[2012.10.28 19:25:35 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\DVDVideoSoft
[2012.10.28 19:23:38 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\GHISLER
[2012.10.28 19:21:24 | 000,000,000 | ---D | C] -- F:\totalcmd
[2012.10.28 19:21:24 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012.10.28 19:20:42 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\GHISLER
[2012.10.28 19:12:17 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2012.10.28 19:12:15 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- F:\WINDOWS\SysWow64\Redemption.dll
[2012.10.28 19:12:10 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- F:\WINDOWS\SysWow64\dgderapi.dll
[2012.10.28 19:12:10 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\MarkAny
[2012.10.28 19:11:46 | 000,000,000 | ---D | C] -- F:\ProgramData\Samsung
[2012.10.28 19:11:46 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Samsung
[2012.10.28 19:11:18 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Downloaded Installations
[2012.10.28 19:09:39 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Macromedia
[2012.10.28 19:09:39 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Macromedia
[2012.10.28 19:00:20 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Opera
[2012.10.28 19:00:20 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Opera
[2012.10.28 19:00:15 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Opera
[2012.10.28 18:58:14 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.10.28 18:58:12 | 000,000,000 | ---D | C] -- F:\Program Files\7-Zip
[2012.10.28 18:55:51 | 000,000,000 | ---D | C] -- F:\ProgramData\HP
[2012.10.28 18:51:23 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012.10.28 18:51:22 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.10.28 18:50:25 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Synchronization Services
[2012.10.28 18:50:24 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\DESIGNER
[2012.10.28 18:50:01 | 000,000,000 | ---D | C] -- F:\WINDOWS\PCHEALTH
[2012.10.28 18:50:01 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Sync Framework
[2012.10.28 18:50:01 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012.10.28 18:47:27 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Visual Studio 8
[2012.10.28 18:46:30 | 000,000,000 | ---D | C] -- F:\Program Files\Microsoft Office
[2012.10.28 18:46:13 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Analysis Services
[2012.10.28 18:45:58 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Microsoft Help
[2012.10.28 18:45:55 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Office
[2012.10.28 18:45:55 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft Help
[2012.10.28 18:45:43 | 000,000,000 | RH-D | C] -- F:\MSOCache
[2012.10.28 16:36:10 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012.10.28 16:21:09 | 000,000,000 | ---D | C] -- F:\ProgramData\McAfee Security Scan
[2012.10.28 16:21:06 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\McAfee Security Scan
[2012.10.28 16:21:06 | 000,000,000 | ---D | C] -- F:\ProgramData\McAfee
[2012.10.28 16:20:47 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\Adobe
[2012.10.28 16:20:47 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Adobe
[2012.10.28 16:20:01 | 000,000,000 | ---D | C] -- F:\ProgramData\Adobe
[2012.10.28 13:47:15 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2012
[2012.10.28 13:46:46 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012.10.28 13:45:58 | 000,000,000 | -H-D | C] -- F:\Program Files (x86)\InstallShield Installation Information
[2012.10.28 13:45:58 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\WISO
[2012.10.28 13:42:49 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Buhl Data Service
[2012.10.28 13:42:44 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Buhl Data Service
[2012.10.28 13:42:43 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Buhl Data Service GmbH
[2012.10.28 13:40:24 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Mein Geld 2013
[2012.10.28 13:40:05 | 000,000,000 | ---D | C] -- F:\ProgramData\Buhl Data Service GmbH
[2012.10.28 13:39:55 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Buhl
[2012.10.28 12:14:48 | 000,000,000 | --SD | C] -- F:\Users\***\Google Drive
[2012.10.28 12:14:07 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012.10.27 22:16:14 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\LibreOffice
[2012.10.27 22:13:33 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.6
[2012.10.27 22:12:08 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\LibreOffice 3.6
[2012.10.27 22:09:26 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Mozilla
[2012.10.27 22:07:42 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Thunderbird
[2012.10.27 22:07:42 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Thunderbird
[2012.10.27 22:07:42 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Mozilla
[2012.10.27 22:07:22 | 000,000,000 | ---D | C] -- F:\ProgramData\Sun
[2012.10.27 22:07:09 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Java
[2012.10.27 22:01:40 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Mozilla Maintenance Service
[2012.10.27 22:01:40 | 000,000,000 | ---D | C] -- F:\ProgramData\Mozilla
[2012.10.27 22:01:30 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Mozilla Firefox
[2012.10.27 21:57:40 | 000,000,000 | ---D | C] -- F:\Users\***\.VirtualBox
[2012.10.27 21:56:54 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2012.10.27 21:56:50 | 000,000,000 | ---D | C] -- F:\WINDOWS\SysNative\DRVSTORE
[2012.10.27 21:56:46 | 000,000,000 | ---D | C] -- F:\Program Files\Oracle
[2012.10.27 21:55:11 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\MSXML 4.0
[2012.10.27 21:52:41 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.10.27 21:52:24 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Silverlight
[2012.10.27 21:50:08 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Secunia PSI
[2012.10.27 21:50:02 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Secunia
[2012.10.27 21:42:27 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\FileHippo.com
[2012.10.27 21:39:47 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Reference Assemblies
[2012.10.27 21:39:47 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\MSBuild
[2012.10.27 21:39:11 | 000,000,000 | ---D | C] -- F:\WINDOWS\SysWow64\XPSViewer
[2012.10.27 21:39:06 | 000,000,000 | ---D | C] -- F:\Program Files\Reference Assemblies
[2012.10.27 21:39:06 | 000,000,000 | ---D | C] -- F:\Program Files\MSBuild
[2012.10.27 21:37:14 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.10.27 21:37:14 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.10.27 21:37:12 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Notepad++
[2012.10.27 21:37:12 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Notepad++
[2012.10.27 21:36:32 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2012.10.27 21:36:27 | 000,000,000 | ---D | C] -- F:\Program Files\K-Lite Codec Pack x64
[2012.10.27 21:30:44 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.10.27 21:30:42 | 000,000,000 | ---D | C] -- F:\Program Files\CCleaner
[2012.10.27 21:22:01 | 000,000,000 | R--D | C] -- F:\WINDOWS\BrowserChoice
[2012.10.27 21:01:39 | 000,000,000 | ---D | C] -- F:\Windows.old
[2012.10.27 20:56:22 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2012.10.27 20:55:53 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Emsisoft Anti-Malware
[2012.10.27 20:55:53 | 000,000,000 | ---D | C] -- F:\Users\***\Documents\Anti-Malware
[2012.10.27 20:43:40 | 000,000,000 | ---D | C] -- F:\Program Files\ATI Technologies
[2012.10.27 20:43:38 | 000,000,000 | ---D | C] -- F:\Program Files\ATI
[2012.10.27 20:43:02 | 000,000,000 | ---D | C] -- F:\AMD
[2012.10.27 20:23:17 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Google
[2012.10.27 20:23:14 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Google
[2012.10.27 20:15:15 | 000,000,000 | R--D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.10.27 20:15:15 | 000,000,000 | R--D | C] -- F:\Users\***\Searches
[2012.10.27 20:15:15 | 000,000,000 | R--D | C] -- F:\Users\***\Contacts
[2012.10.27 20:15:15 | 000,000,000 | R--D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.10.27 20:15:13 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Adobe
[2012.10.27 20:14:45 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\VirtualStore
[2012.10.27 20:14:38 | 000,000,000 | ---D | C] -- F:\ProgramData\PRICache
[2012.10.27 20:14:38 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Packages
[2012.10.27 20:14:10 | 000,000,000 | --SD | C] -- F:\Users\***\AppData\Roaming\Microsoft
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Videos
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Saved Games
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Pictures
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Music
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Links
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Favorites
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Downloads
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Documents
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Desktop
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Vorlagen
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\AppData\Local\Verlauf
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\AppData\Local\Temporary Internet Files
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Startmenü
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\SendTo
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Recent
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Netzwerkumgebung
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Lokale Einstellungen
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Documents\Eigene Videos
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Documents\Eigene Musik
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Eigene Dateien
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Documents\Eigene Bilder
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Druckumgebung
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Cookies
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\AppData\Local\Anwendungsdaten
[2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Anwendungsdaten
[2012.10.27 20:14:10 | 000,000,000 | -H-D | C] -- F:\Users\***\AppData
[2012.10.27 20:14:10 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Temp
[2012.10.27 20:14:10 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Microsoft
[2012.10.27 20:14:10 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.10.27 20:13:32 | 000,000,000 | ---D | C] -- F:\WINDOWS\CSC
[2012.10.27 20:08:26 | 000,000,000 | -HSD | C] -- F:\Program Files\Gemeinsame Dateien
[2012.10.27 20:08:26 | 000,000,000 | -HSD | C] -- F:\Users\Public\Documents\Eigene Videos
[2012.10.27 20:08:26 | 000,000,000 | -HSD | C] -- F:\Users\Public\Documents\Eigene Musik
[2012.10.27 20:08:26 | 000,000,000 | -HSD | C] -- F:\Users\Public\Documents\Eigene Bilder
[2012.10.27 20:08:25 | 000,000,000 | -HSD | C] -- F:\ProgramData\Vorlagen
[2012.10.27 20:08:25 | 000,000,000 | -HSD | C] -- F:\ProgramData\Startmenü
[2012.10.27 20:08:25 | 000,000,000 | -HSD | C] -- F:\ProgramData\Dokumente
[2012.10.27 20:08:25 | 000,000,000 | -HSD | C] -- F:\ProgramData\Anwendungsdaten
[2012.10.27 20:07:36 | 000,000,000 | ---D | C] -- F:\WINDOWS\SoftwareDistribution
[2012.10.27 20:03:44 | 000,000,000 | ---D | C] -- F:\WINDOWS\Prefetch
[2012.10.27 19:49:28 | 000,000,000 | ---D | C] -- F:\WINDOWS\Panther
[2012.10.27 15:54:00 | 000,000,000 | RH-D | C] -- F:\ESD
[2012.10.27 14:21:40 | 000,000,000 | ---D | C] -- F:\Intel
[2012.10.27 13:57:27 | 000,000,000 | -HSD | C] -- F:\Recovery
[2012.10.27 13:57:27 | 000,000,000 | -HSD | C] -- F:\Programme
[2012.10.27 13:57:27 | 000,000,000 | -HSD | C] -- F:\Dokumente und Einstellungen
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.11 10:08:38 | 000,000,000 | ---- | M] () -- F:\Users\***\defogger_reenable
[2012.11.11 09:28:01 | 000,001,130 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.11 09:22:03 | 000,000,884 | ---- | M] () -- F:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.11.11 09:15:27 | 000,067,584 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2012.11.10 21:56:12 | 000,001,972 | ---- | M] () -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart Plus B210 series.lnk
[2012.11.10 21:56:05 | 000,001,126 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.07 21:43:07 | 000,223,477 | ---- | M] () -- F:\Users\***\Documents\Scan0001.pdf
[2012.11.07 21:16:14 | 001,724,222 | ---- | M] () -- F:\Users\***\Documents\***.zip
[2012.11.07 21:03:05 | 268,435,456 | -HS- | M] () -- F:\swapfile.sys
[2012.11.05 20:47:00 | 001,745,416 | ---- | M] () -- F:\WINDOWS\SysNative\PerfStringBackup.INI
[2012.11.05 20:47:00 | 000,751,892 | ---- | M] () -- F:\WINDOWS\SysNative\perfh007.dat
[2012.11.05 20:47:00 | 000,710,046 | ---- | M] () -- F:\WINDOWS\SysNative\perfh009.dat
[2012.11.05 20:47:00 | 000,155,620 | ---- | M] () -- F:\WINDOWS\SysNative\perfc007.dat
[2012.11.05 20:47:00 | 000,132,416 | ---- | M] () -- F:\WINDOWS\SysNative\perfc009.dat
[2012.11.05 20:42:03 | 2557,579,263 | -HS- | M] () -- F:\hiberfil.sys
[2012.11.05 20:00:08 | 000,399,302 | ---- | M] () -- F:\Users\***\Documents\Scan0005.jpg
[2012.11.05 19:59:15 | 000,452,199 | ---- | M] () -- F:\Users\***\Documents\Scan0004.jpg
[2012.11.05 19:58:33 | 000,424,520 | ---- | M] () -- F:\Users\***\Documents\Scan0003.jpg
[2012.11.05 19:56:29 | 000,378,680 | ---- | M] () -- F:\Users\***\Documents\Scan0002.jpg
[2012.11.05 18:14:20 | 000,002,247 | ---- | M] () -- F:\Users\***\Desktop\Google Chrome.lnk
[2012.11.03 21:30:53 | 000,120,535 | ---- | M] () -- F:\Users\***\Documents\Apfel auf grobem Papier - 118.jpg
[2012.11.03 21:27:05 | 000,647,131 | ---- | M] () -- F:\Users\***\Documents\Apfel auf grobem Papier.jpg
[2012.11.03 21:23:37 | 000,031,465 | ---- | M] () -- F:\Users\***\AppData\Local\funmoods.crx
[2012.11.03 21:23:31 | 000,001,890 | ---- | M] () -- F:\Users\Public\Desktop\IrfanView Thumbnails.lnk
[2012.11.03 21:23:31 | 000,001,002 | ---- | M] () -- F:\Users\Public\Desktop\IrfanView.lnk
[2012.11.03 21:22:39 | 001,725,680 | ---- | M] (Setup ©                       ) -- F:\Users\***\Desktop\FunmoodsSetup.exe
[2012.11.03 21:22:35 | 001,820,672 | ---- | M] (Irfan Skiljan) -- F:\Users\***\Desktop\iview433g_setup.exe
[2012.11.03 21:18:04 | 000,000,476 | -H-- | M] () -- F:\Users\***\Documents\.picasa.ini
[2012.11.03 21:11:48 | 000,750,250 | ---- | M] () -- F:\Users\***\Documents\Scan0001-001.jpg
[2012.11.03 21:04:01 | 000,333,125 | ---- | M] () -- F:\Users\***\Documents\Scan0001.jpg
[2012.11.03 21:01:11 | 000,001,991 | ---- | M] () -- F:\Users\Public\Desktop\HP Photo Creations.lnk
[2012.11.03 21:00:59 | 000,002,308 | ---- | M] () -- F:\Users\Public\Desktop\HP Photosmart Plus B210 series.lnk
[2012.11.03 21:00:59 | 000,001,215 | ---- | M] () -- F:\Users\Public\Desktop\Shop für Zubehör - HP Photosmart Plus B210 series.lnk
[2012.11.03 21:00:41 | 000,000,057 | ---- | M] () -- F:\ProgramData\Ament.ini
[2012.10.31 18:27:13 | 000,011,034 | ---- | M] () -- F:\Users\***\Documents\Was du machst.rar
[2012.10.31 18:21:51 | 000,002,517 | ---- | M] () -- F:\Users\Public\Desktop\Skype.lnk
[2012.10.30 18:43:39 | 000,467,184 | ---- | M] () -- F:\WINDOWS\SysNative\FNTCACHE.DAT
[2012.10.29 21:33:20 | 000,000,979 | ---- | M] () -- F:\Users\Public\Desktop\Winamp.lnk
[2012.10.29 20:37:36 | 000,001,066 | ---- | M] () -- F:\Users\Public\Desktop\VLC media player.lnk
[2012.10.28 19:44:28 | 000,001,239 | ---- | M] () -- F:\Users\***\Desktop\DVDVideoSoft Free Studio.lnk
[2012.10.28 19:29:25 | 000,001,992 | ---- | M] () -- F:\Users\Public\Desktop\Samsung Kies.lnk
[2012.10.28 19:26:35 | 000,001,398 | ---- | M] () -- F:\Users\***\Desktop\Free YouTube to MP3 Converter.lnk
[2012.10.28 19:21:25 | 000,000,646 | ---- | M] () -- F:\Users\***\Desktop\Total Commander 64 bit.lnk
[2012.10.28 18:55:54 | 000,000,000 | -H-- | M] () -- F:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2012.10.28 16:36:10 | 000,002,046 | ---- | M] () -- F:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.10.28 16:36:10 | 000,002,046 | ---- | M] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.10.28 16:20:52 | 000,002,019 | ---- | M] () -- F:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.10.28 13:53:07 | 000,002,127 | ---- | M] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
[2012.10.28 13:53:07 | 000,002,095 | ---- | M] () -- F:\Users\Public\Desktop\WISO Steuer-Sparbuch 2012.lnk
[2012.10.28 13:46:50 | 000,001,106 | ---- | M] () -- F:\Users\Public\Desktop\Picasa 3.lnk
[2012.10.28 13:40:25 | 000,001,206 | ---- | M] () -- F:\Users\Public\Desktop\WISO Mein Geld 2013.lnk
[2012.10.28 12:14:48 | 000,001,715 | ---- | M] () -- F:\Users\***\Desktop\Google Drive.lnk
[2012.10.28 11:32:20 | 000,000,000 | -H-- | M] () -- F:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2012.10.27 22:13:33 | 000,001,126 | ---- | M] () -- F:\Users\Public\Desktop\LibreOffice 3.6.lnk
[2012.10.27 22:05:21 | 000,002,086 | ---- | M] () -- F:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.10.27 22:01:41 | 000,001,147 | ---- | M] () -- F:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.10.27 21:56:55 | 000,001,076 | ---- | M] () -- F:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.10.27 21:50:03 | 000,001,106 | ---- | M] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012.10.27 21:43:23 | 000,000,822 | ---- | M] () -- F:\Users\Public\Desktop\CCleaner.lnk
[2012.10.27 21:42:27 | 000,001,969 | ---- | M] () -- F:\Users\***\Desktop\Update Checker.lnk
[2012.10.27 21:07:54 | 000,007,605 | ---- | M] () -- F:\Users\***\AppData\Local\Resmon.ResmonCfg
[2012.10.27 20:58:43 | 000,000,116 | ---- | M] () -- F:\Users\***\Desktop\listen1.asx
[2012.10.27 20:56:22 | 000,001,091 | ---- | M] () -- F:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.10.27 20:04:00 | 000,000,000 | ---- | M] () -- F:\WINDOWS\ativpsrm.bin
[2012.10.27 20:04:00 | 000,000,000 | ---- | M] () -- F:\WINDOWS\SysNative\atiicdxx.dat
 
========== Files Created - No Company Name ==========
 
[2012.11.11 10:08:38 | 000,000,000 | ---- | C] () -- F:\Users\***\defogger_reenable
[2012.11.07 21:43:07 | 000,223,477 | ---- | C] () -- F:\Users\***\Documents\Scan0001.pdf
[2012.11.07 21:16:11 | 001,724,222 | ---- | C] () -- F:\Users\***\Documents\***.zip
[2012.11.05 20:00:07 | 000,399,302 | ---- | C] () -- F:\Users\***\Documents\Scan0005.jpg
[2012.11.05 19:59:15 | 000,452,199 | ---- | C] () -- F:\Users\***\Documents\Scan0004.jpg
[2012.11.05 19:58:33 | 000,424,520 | ---- | C] () -- F:\Users\***\Documents\Scan0003.jpg
[2012.11.05 19:56:29 | 000,378,680 | ---- | C] () -- F:\Users\***\Documents\Scan0002.jpg
[2012.11.03 21:30:53 | 000,120,535 | ---- | C] () -- F:\Users\***\Documents\Apfel auf grobem Papier - 118.jpg
[2012.11.03 21:27:05 | 000,647,131 | ---- | C] () -- F:\Users\***\Documents\Apfel auf grobem Papier.jpg
[2012.11.03 21:23:38 | 000,031,465 | ---- | C] () -- F:\Users\***\AppData\Local\funmoods.crx
[2012.11.03 21:23:31 | 000,001,890 | ---- | C] () -- F:\Users\Public\Desktop\IrfanView Thumbnails.lnk
[2012.11.03 21:23:31 | 000,001,002 | ---- | C] () -- F:\Users\Public\Desktop\IrfanView.lnk
[2012.11.03 21:11:48 | 000,750,250 | ---- | C] () -- F:\Users\***\Documents\Scan0001-001.jpg
[2012.11.03 21:05:06 | 000,000,476 | -H-- | C] () -- F:\Users\***\Documents\.picasa.ini
[2012.11.03 21:04:01 | 000,333,125 | ---- | C] () -- F:\Users\***\Documents\Scan0001.jpg
[2012.11.03 21:01:51 | 000,001,972 | ---- | C] () -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart Plus B210 series.lnk
[2012.11.03 21:01:11 | 000,001,991 | ---- | C] () -- F:\Users\Public\Desktop\HP Photo Creations.lnk
[2012.11.03 21:01:06 | 000,000,968 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
[2012.11.03 21:00:59 | 000,002,308 | ---- | C] () -- F:\Users\Public\Desktop\HP Photosmart Plus B210 series.lnk
[2012.11.03 21:00:59 | 000,001,215 | ---- | C] () -- F:\Users\Public\Desktop\Shop für Zubehör - HP Photosmart Plus B210 series.lnk
[2012.11.03 21:00:41 | 000,000,057 | ---- | C] () -- F:\ProgramData\Ament.ini
[2012.11.02 20:24:22 | 000,002,247 | ---- | C] () -- F:\Users\***\Desktop\Google Chrome.lnk
[2012.10.31 18:27:12 | 000,011,034 | ---- | C] () -- F:\Users\***\Documents\Was du machst.rar
[2012.10.31 18:21:51 | 000,002,517 | ---- | C] () -- F:\Users\Public\Desktop\Skype.lnk
[2012.10.30 18:38:42 | 000,031,841 | ---- | C] () -- F:\WINDOWS\ProfessionalWMC.xml
[2012.10.29 21:33:20 | 000,000,979 | ---- | C] () -- F:\Users\Public\Desktop\Winamp.lnk
[2012.10.29 20:37:36 | 000,001,066 | ---- | C] () -- F:\Users\Public\Desktop\VLC media player.lnk
[2012.10.28 19:29:25 | 000,001,992 | ---- | C] () -- F:\Users\Public\Desktop\Samsung Kies.lnk
[2012.10.28 19:26:35 | 000,001,398 | ---- | C] () -- F:\Users\***\Desktop\Free YouTube to MP3 Converter.lnk
[2012.10.28 19:26:35 | 000,001,239 | ---- | C] () -- F:\Users\***\Desktop\DVDVideoSoft Free Studio.lnk
[2012.10.28 19:21:25 | 000,000,646 | ---- | C] () -- F:\Users\***\Desktop\Total Commander 64 bit.lnk
[2012.10.28 19:00:19 | 000,001,841 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012.10.28 18:55:54 | 000,000,000 | -H-- | C] () -- F:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2012.10.28 16:36:41 | 000,000,884 | ---- | C] () -- F:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.10.28 16:21:06 | 000,002,046 | ---- | C] () -- F:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.10.28 16:21:06 | 000,002,046 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.10.28 16:20:52 | 000,002,019 | ---- | C] () -- F:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.10.28 16:20:51 | 000,002,441 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.10.28 14:35:33 | 000,467,184 | ---- | C] () -- F:\WINDOWS\SysNative\FNTCACHE.DAT
[2012.10.28 13:53:07 | 000,002,127 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
[2012.10.28 13:53:07 | 000,002,095 | ---- | C] () -- F:\Users\Public\Desktop\WISO Steuer-Sparbuch 2012.lnk
[2012.10.28 13:46:50 | 000,001,106 | ---- | C] () -- F:\Users\Public\Desktop\Picasa 3.lnk
[2012.10.28 13:40:25 | 000,001,206 | ---- | C] () -- F:\Users\Public\Desktop\WISO Mein Geld 2013.lnk
[2012.10.28 12:14:48 | 000,001,715 | ---- | C] () -- F:\Users\***\Desktop\Google Drive.lnk
[2012.10.28 11:32:20 | 000,000,000 | -H-- | C] () -- F:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2012.10.27 22:13:33 | 000,001,126 | ---- | C] () -- F:\Users\Public\Desktop\LibreOffice 3.6.lnk
[2012.10.27 22:05:21 | 000,002,098 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012.10.27 22:05:21 | 000,002,086 | ---- | C] () -- F:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.10.27 22:01:41 | 000,001,159 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.10.27 22:01:41 | 000,001,147 | ---- | C] () -- F:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.10.27 21:56:55 | 000,001,076 | ---- | C] () -- F:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.10.27 21:50:03 | 000,001,106 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012.10.27 21:50:03 | 000,001,069 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012.10.27 21:42:27 | 000,001,999 | ---- | C] () -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2012.10.27 21:42:27 | 000,001,969 | ---- | C] () -- F:\Users\***\Desktop\Update Checker.lnk
[2012.10.27 21:36:32 | 000,148,992 | ---- | C] ( ) -- F:\WINDOWS\SysNative\lagarith.dll
[2012.10.27 21:36:31 | 000,206,336 | ---- | C] () -- F:\WINDOWS\SysNative\unrar.dll
[2012.10.27 21:36:29 | 000,092,160 | ---- | C] () -- F:\WINDOWS\SysNative\ff_vfw.dll
[2012.10.27 21:30:44 | 000,000,822 | ---- | C] () -- F:\Users\Public\Desktop\CCleaner.lnk
[2012.10.27 21:07:54 | 000,007,605 | ---- | C] () -- F:\Users\***\AppData\Local\Resmon.ResmonCfg
[2012.10.27 21:02:00 | 000,000,116 | ---- | C] () -- F:\Users\***\Desktop\listen1.asx
[2012.10.27 20:56:22 | 000,001,091 | ---- | C] () -- F:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.10.27 20:37:32 | 000,361,934 | ---- | C] () -- F:\WINDOWS\SysNative\ApnDatabase.xml
[2012.10.27 20:37:21 | 000,110,592 | ---- | C] () -- F:\WINDOWS\SysNative\OEMLicense.dll
[2012.10.27 20:37:21 | 000,083,968 | ---- | C] () -- F:\WINDOWS\SysWow64\OEMLicense.dll
[2012.10.27 20:23:18 | 000,001,130 | ---- | C] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.27 20:23:17 | 000,001,126 | ---- | C] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.27 20:15:13 | 000,001,438 | ---- | C] () -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.10.27 20:04:00 | 000,000,000 | ---- | C] () -- F:\WINDOWS\ativpsrm.bin
[2012.10.27 20:04:00 | 000,000,000 | ---- | C] () -- F:\WINDOWS\SysNative\atiicdxx.dat
[2012.10.27 20:02:58 | 268,435,456 | -HS- | C] () -- F:\swapfile.sys
[2012.10.27 14:04:38 | 000,007,233 | ---- | C] () -- F:\pdiports.cat
[2012.10.27 14:04:38 | 000,002,853 | ---- | C] () -- F:\pdiports64.inf
[2012.10.27 13:43:24 | 2557,579,263 | -HS- | C] () -- F:\hiberfil.sys
[2012.09.26 20:57:16 | 000,030,568 | ---- | C] () -- F:\WINDOWS\MusiccityDownload.exe
[2012.09.26 20:57:14 | 000,974,848 | ---- | C] () -- F:\WINDOWS\SysWow64\cis-2.4.dll
[2012.09.26 20:57:14 | 000,081,920 | ---- | C] () -- F:\WINDOWS\SysWow64\issacapi_bs-2.3.dll
[2012.09.26 20:57:14 | 000,065,536 | ---- | C] () -- F:\WINDOWS\SysWow64\issacapi_pe-2.3.dll
[2012.09.26 20:57:14 | 000,057,344 | ---- | C] () -- F:\WINDOWS\SysWow64\issacapi_se-2.3.dll
[2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- F:\WINDOWS\SysWow64\dssec.dat
[2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- F:\WINDOWS\SysWow64\NOISE.DAT
[2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- F:\WINDOWS\bootstat.dat
[2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- F:\WINDOWS\SysWow64\BWContextHandler.dll
[2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- F:\WINDOWS\mib.bin
[2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- F:\WINDOWS\SysWow64\msjetoledb40.dll
[2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- F:\WINDOWS\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2012.11.02 20:24:08 | 000,000,227 | RHS- | M] () -- F:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = F:\Windows\SysNative\shell32.dll -- [2012.10.11 06:45:39 | 019,789,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.10.11 06:07:29 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = F:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = F:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.10.28 13:42:49 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Buhl Data Service
[2012.10.30 20:24:53 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Buhl Data Service GmbH
[2012.10.28 19:45:23 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\DVDVideoSoft
[2012.10.28 19:44:29 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.28 19:20:42 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\GHISLER
[2012.11.03 21:23:31 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\IrfanView
[2012.10.27 22:16:14 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\LibreOffice
[2012.10.28 18:52:20 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Notepad++
[2012.10.28 19:00:20 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Opera
[2012.10.28 19:29:27 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Samsung
[2012.10.27 22:07:42 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Thunderbird
 
========== Purity Check ==========
 
 

< End of report >
         
ScanErgenis Emsisoft:

Code:
ATTFilter
Emsisoft Anti-Malware - Version 7.0
Letztes Update: 10.11.2012 20:46:20

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, E:\, F:\, Z:\

Riskware-Erkennung: Aus
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:	10.11.2012 22:32:47

C:\Users\Ghost\Desktop\2011file.exe.dat 	gefunden: Trojan.Generic.KDV.182338 (B)

Gescannt	874317
Gefunden	1

Scan Ende:	11.11.2012 10:00:15
Scan Zeit:	11:27:28

C:\Users\Ghost\Desktop\2011file.exe.dat	Quarantäne Trojan.Generic.KDV.182338 (B)

Quarantäne	1
         



Nun bitte ich um Hilfe bei der weiteren Vorgehensweise. Den Rechner nutze ich auch fürs OnlineBanking. Das Internet läuft heute Vormittag schnell und problemlos wie gewohnt.

Grüsse
verrant

Edith: asvMBR.exe versucht. AVAST-VirenlistenDownload erlaubt. Sowohl Scan als auch QuickScan brechen mit einer Windows-Fehlermeldung ab (*... funktioniert nicht mehr.) . War ein Versuch, es gab keinen bestimmten Anlass. Info als Info dazu gestellt. /Edith aus.

Geändert von verrant (11.11.2012 um 11:36 Uhr)

Alt 12.11.2012, 14:51   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Hallo,

Zitat:
C:\Users\Ghost\Desktop\2011file.exe.dat
Was für eine Datei soll das sein? Quelle?
Die liegt auf deinem Desktop, du musst du selbst da abgelegt haben!
__________________

__________________

Alt 12.11.2012, 16:22   #3
verrant
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Moin Moin.

Hab den Rechner mit Win 7 gestartet. Dort liegt auf dem Desktop keine solche Datei.

Ich habe auch versucht die Datei aus www.virusttotal.com untersuchen zu lassen. Dazu Datei wiederhergestellt und manuell erneut in Quarantäne genommen. Weder über die Dateibrowser-Funktion der Site noch durch Ziehen der Datei, war es möglich diese dort "einzuladen". Die Datei tauchte gar nicht erst in dem Fenster der Site auf.

Ich kann mich an die Datei nicht erinnern.

Der Dateiexplorer unter Win7 zeigt diese Datei nicht an. Ebenfalls fehlt diese Datei in der Anzeige des TotalCommander 64 bit.

Als Einzige *.dat Datei auf dem Desktop hab ich diese SAMSUNG_USB_Driver_for_Mobile_Phones.exe.dat
gefunden. Aber die Dateigröße passt nicht.

Falscher Ergeiz, um die Frage der Eigenen Datei beantworten zu können:

Datei wiederhergestellt um zu sehen, was auf dem Desktop dazu kommt. Nix.
Auch manuell nicht im alten Pfad wiedergefunden. Über Neuscan Datei wiedergefunden und erneut in Quarantäne genommen.

Code:
ATTFilter
Emsisoft Anti-Malware - Version 7.0
quarantine log

Datum	Ursprung	Vorgang	Verhalten/Infektion
12.11.2012 16:01:44	C:\Users\***\AppData\Local\Temp\Rar$EXa0.861\2011file.exe	In Quarantäne gestellt	Trojan.Generic.KDV.182338 (B)
12.11.2012 15:45:30	C:\Users\***\AppData\Local\Temp\Rar$EXa0.861\2011file.exe	Wiederhergestellt	Gen.Variant.Zbot!E2
14.09.2012 12:04:22	Value: hkey_classes_root\clsid\{ae07101b-46d4-4a98-af68-0333ea26e113} --> helptext	Infektion gelöscht	Trace.Registry.seo toolbar!E1
02.09.2012 11:58:13	C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Wiederhergestellt	Trojan-Clicker.Win32.NSIS!E1
02.09.2012 11:58:12	C:\Program Files (x86)\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Wiederhergestellt	Trojan-Clicker.Win32.NSIS!E1
02.09.2012 11:58:12	C:\Program Files (x86)\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Wiederhergestellt	Trojan-Clicker.Win32.NSIS!E1
02.09.2012 11:58:12	C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Wiederhergestellt	Trojan-Clicker.Win32.NSIS!E1
01.09.2012 16:57:47	C:\Program Files (x86)\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Wiederhergestellt	Trojan-Clicker.Win32.NSIS!E1
01.09.2012 16:57:39	C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Wiederhergestellt	Trojan-Clicker.Win32.NSIS!E1
01.09.2012 16:57:32	C:\Users\***\AppData\Local\Temp\Rar$EXa0.861\2011file.exe	Wiederhergestellt	Gen.Variant.Zbot!E2
01.09.2012 15:57:38	C:\Program Files (x86)\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	In Quarantäne gestellt	Trojan-Clicker.Win32.NSIS!E1
01.09.2012 15:57:36	C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	In Quarantäne gestellt	Trojan-Clicker.Win32.NSIS!E1
01.09.2012 15:55:10	C:\Program Files (x86)\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	In Quarantäne gestellt	Trojan-Clicker.Win32.NSIS!E1
01.09.2012 15:55:08	C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	In Quarantäne gestellt	Trojan-Clicker.Win32.NSIS!E1
28.01.2012 22:47:02	C:\Users\***\AppData\Local\Temp\Rar$EXa0.861\2011file.exe	In Quarantäne gestellt	Gen.Variant.Zbot!E2
27.01.2012 16:23:53	C:\Sandbox\***\DefaultBox\drive\E\Downloads\SoftonicDownloader_fuer_sisoft-sandra.exe	Wiederhergestellt	Riskware.Win32.SoftonicDownloader.AMN!E1
26.12.2011 17:02:38	C:\Users\***\AppData\Local\Temp\DX6174.tmp\infinst.exe	Wiederhergestellt	Behavior.HiddenInstallation
24.12.2011 22:27:00	C:\Users\***\AppData\Local\Temp\DX6174.tmp\infinst.exe	In Quarantäne gestellt	Behavior.HiddenInstallation
24.12.2011 22:19:03	C:\Sandbox\***\DefaultBox\drive\E\Downloads\SoftonicDownloader_fuer_sisoft-sandra.exe	In Quarantäne gestellt	Riskware.Win32.SoftonicDownloader.AMN!E1
20.12.2011 14:05:53	C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe	Wiederhergestellt	Behavior.Spyware
20.12.2011 00:35:43	C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe	In Quarantäne gestellt	Behavior.Spyware
         
Edith: Java in den Einstellungen erlaubt. Damit ist die folgende Info gegenstandslos: /Edith aus

Den Befehl für das "Textfenster" konnte ich nicht über die Menuleiste aktivieren. Manuell eingegeben. Auch in einem anderen Forum, sind auf diesem Rechner die Menu-Button funktionslos.

Grüsse
verrant
__________________

Alt 12.11.2012, 18:10   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Zitat:
Hab den Rechner mit Win 7 gestartet. Dort liegt auf dem Desktop keine solche Datei.
Oh welch Wunder
Natürlich bezieht sich der Fund auf dem Desktop auf dem Windows, mit dem du auch gescannt hast, ist doch wohl naheliegend oder
Kannst du dich bitte entscheiden, welches Windows hier untersucht werden soll? Logs von zwei verschiedenen Betriebssystemen machen einfach keinen Sinn und enden im Chaos
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.11.2012, 12:39   #5
verrant
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



o.k.

Win 8 also. Wohnt auf f:
Hatte im Desktop keinerlei solche Datei. Kann mich auch hier nicht erinnern das ich eine solche erstellt oder bewusst Gespeichert habe.


Code:
ATTFilter
Emsisoft Anti-Malware - Version 7.0
quarantine log

Datum	Ursprung	Vorgang	Verhalten/Infektion
12.11.2012 14:21:16	C:\Users\Ghost\Desktop\2011file.exe.dat	In Quarantäne gestellt	Trojan.Generic.KDV.182338 (B)
12.11.2012 14:20:03	C:\Users\Ghost\Desktop\2011file.exe.dat	Wiederhergestellt	Trojan.Generic.KDV.182338 (B)
11.11.2012 10:01:14	C:\Users\Ghost\Desktop\2011file.exe.dat	In Quarantäne gestellt	Trojan.Generic.KDV.182338 (B)
         
Grüsse
verrant


Alt 13.11.2012, 16:14   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Code:
ATTFilter
C:\Users\Ghost\Desktop\2011file.exe.dat	In Quarantäne gestellt
         
Was in die Q verschoben wurde, kann ja auch nicht mehr am Ursprungsort sein

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
--> Trojan.Generic.KDV.182338 (B)

Alt 14.11.2012, 10:18   #7
verrant
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Zitat:
Zitat von cosinus Beitrag anzeigen

1. aswMBR
runtergeladen. Mit und ohne Virenscaner laufen lassen. Dabei jeweils mit und ohne Option im PulldownMenu. Mit und ohne Haken bei "Trace disk IO calls"
Jedesmal Windows Fehlermeldung.

Zitat:
Zitat von cosinus Beitrag anzeigen

2. TDSS-Killer
Tool geladen, Tool Einstellungen vorgenommen, ausgeführt: Keine Funde.

gruss
verrant

Alt 14.11.2012, 13:47   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Zitat:
Jedesmal Windows Fehlermeldung.
aswMBR bitte im abgesicherten Modus nochmal probieren
Und die Logs sind immer zu posten, auch wenn keine Funde dabei sind
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.11.2012, 21:27   #9
verrant
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



abgesicherter Modus:

Programm aufgerufen, wg. Fehlermeldung erneut gestartet. Dann Möglichkeit für Log-File.txt speichern gefunden. Ergebnis:

Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-14 21:18:05
-----------------------------
21:18:05.937    OS Version: Windows x64 6.2.9200 
21:18:05.937    Number of processors: 4 586 0x2A07
21:18:05.937    ComputerName: ***  UserName: ***
21:18:07.390    Initialze error C000010E - driver not loaded
21:18:07.390    write error "aswCmnB.dll". Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
21:18:07.437    AVAST engine defs: 12111301
21:18:22.640    The log file has been saved successfully to "F:\Users\Kay\Desktop\aswMBR1.txt"
         
Gruß
verrant

Alt 14.11.2012, 21:52   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Du hast Windows8? Entweder liegt es daran oder an fehlenden Rechten. Hast du aswMBR per Rechtsklick als Admin gestartet?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.11.2012, 12:51   #11
verrant
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Zitat:
Zitat von cosinus Beitrag anzeigen
Du hast Windows8?
Zitat:
Zitat von verrant Beitrag anzeigen
o.k.
Win 8 also. Wohnt auf f:
Zitat:
Zitat von cosinus Beitrag anzeigen
Entweder liegt es daran oder an fehlenden Rechten. Hast du aswMBR per Rechtsklick als Admin gestartet?
Nochmal den Rechner im abgesicherten Modus gestartet und aswMBR per Rechtsklick als Admin gestartet. Mit Quickscan und none. Jeweils Abbruch.

Beim erneuten Starten von Win8 im normal-Modus zeigte Emsisoft eine Datei namens Taskhost.exe im Pfad F:\windows\sysnative\taskhost.exe an. In den Details habe ich dann ausgewählt, das spywareähnliches Verhalten blockiert werden soll.

Nun braucht chrome relativ lange um die 7 voreingestellten Sites zu laden.

Grüsse
verrant.

Alt 15.11.2012, 17:49   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Kann an Windows8 liegen.
Was ist denn jetzt mit dem Log vom TDSS-Killer?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.11.2012, 13:53   #13
verrant
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Zitat:
Zitat von cosinus Beitrag anzeigen
Was ist denn jetzt mit dem Log vom TDSS-Killer?
Sorry. Jetzt erst die richtige Funktion gefunden.

Code:
ATTFilter
13:50:58.0610 3744  WPCSvc - ok
13:50:58.0641 3744  [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum      F:\WINDOWS\system32\wpdbusenum.dll
13:50:58.0641 3744  WPDBusEnum - ok
13:50:58.0672 3744  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       F:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:50:58.0688 3744  WpdUpFltr - ok
13:50:58.0719 3744  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         F:\WINDOWS\system32\drivers\ws2ifsl.sys
13:50:58.0719 3744  ws2ifsl - ok
13:50:58.0735 3744  [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc          F:\WINDOWS\System32\wscsvc.dll
13:50:58.0750 3744  wscsvc - ok
13:50:58.0782 3744  [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice  F:\WINDOWS\System32\drivers\WSDPrint.sys
13:50:58.0782 3744  WSDPrintDevice - ok
13:50:58.0782 3744  WSearch - ok
13:50:58.0829 3744  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       F:\WINDOWS\System32\WSService.dll
13:50:58.0875 3744  WSService - ok
13:50:58.0954 3744  [ 270282F9357AB356300AD9DB9F0FD665 ] wuauserv        F:\WINDOWS\system32\wuaueng.dll
13:50:58.0985 3744  wuauserv - ok
13:50:59.0032 3744  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          F:\WINDOWS\system32\drivers\WudfPf.sys
13:50:59.0032 3744  WudfPf - ok
13:50:59.0047 3744  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          F:\WINDOWS\System32\drivers\WUDFRd.sys
13:50:59.0063 3744  WUDFRd - ok
13:50:59.0063 3744  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    F:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:50:59.0079 3744  WUDFSensorLP - ok
13:50:59.0079 3744  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         F:\WINDOWS\System32\WUDFSvc.dll
13:50:59.0094 3744  wudfsvc - ok
13:50:59.0110 3744  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       F:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:50:59.0110 3744  WUDFWpdFs - ok
13:50:59.0157 3744  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         F:\WINDOWS\System32\wwansvc.dll
13:50:59.0157 3744  WwanSvc - ok
13:50:59.0172 3744  ================ Scan global ===============================
13:50:59.0204 3744  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] F:\WINDOWS\system32\basesrv.dll
13:50:59.0219 3744  [ E9343076AE704D20BB0D01F3AF3EFFEF ] F:\WINDOWS\system32\winsrv.dll
13:50:59.0250 3744  [ BD7C6949984D19AAA609896B675E7357 ] F:\WINDOWS\system32\sxssrv.dll
13:50:59.0282 3744  [ 8F226143046435C75C033B0C52E90FFE ] F:\WINDOWS\system32\services.exe
13:50:59.0282 3744  [Global] - ok
13:50:59.0282 3744  ================ Scan MBR ==================================
13:50:59.0282 3744  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:50:59.0375 3744  \Device\Harddisk0\DR0 - ok
13:50:59.0391 3744  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:50:59.0454 3744  \Device\Harddisk1\DR1 - ok
13:50:59.0454 3744  [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk2\DR2
13:50:59.0938 3744  \Device\Harddisk2\DR2 - ok
13:50:59.0938 3744  ================ Scan VBR ==================================
13:50:59.0954 3744  [ 90298CC57228C48DF6C46E55C602D0C9 ] \Device\Harddisk0\DR0\Partition1
13:50:59.0954 3744  \Device\Harddisk0\DR0\Partition1 - ok
13:50:59.0954 3744  [ B034843D71A736263BF981CC3DEB83B6 ] \Device\Harddisk1\DR1\Partition1
13:50:59.0954 3744  \Device\Harddisk1\DR1\Partition1 - ok
13:50:59.0969 3744  [ D9953AEA769EE7F9294A50892A6C5BD4 ] \Device\Harddisk1\DR1\Partition2
13:50:59.0969 3744  \Device\Harddisk1\DR1\Partition2 - ok
13:50:59.0985 3744  [ EBE581039189E5071C4749366745D64B ] \Device\Harddisk1\DR1\Partition3
13:50:59.0985 3744  \Device\Harddisk1\DR1\Partition3 - ok
13:50:59.0985 3744  [ AE1E664A38C416479860F795135F3437 ] \Device\Harddisk2\DR2\Partition1
13:50:59.0985 3744  \Device\Harddisk2\DR2\Partition1 - ok
13:50:59.0985 3744  ============================================================
13:50:59.0985 3744  Scan finished
13:50:59.0985 3744  ============================================================
13:50:59.0985 4340  Detected object count: 0
13:50:59.0985 4340  Actual detected object count: 0
         
Gruß
verrant

Alt 16.11.2012, 14:15   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Warum postest du unvollständige Logs?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.11.2012, 17:46   #15
verrant
 
Trojan.Generic.KDV.182338 (B) - Standard

Trojan.Generic.KDV.182338 (B)



Neuer Scan mit entsprechenden Häkchen bei den Optionen.

Unter Report die Liste aufgerufen. Mit Strg-A alles markiert und hier eingestellt:

Code:
ATTFilter
17:41:19.0018 2056  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:41:19.0180 2056  ============================================================
17:41:19.0180 2056  Current date / time: 2012/11/16 17:41:19.0180
17:41:19.0180 2056  SystemInfo:
17:41:19.0180 2056  
17:41:19.0180 2056  OS Version: 6.2.9200 ServicePack: 0.0
17:41:19.0180 2056  Product type: Workstation
17:41:19.0180 2056  ComputerName: WIN8-VERSUCH
17:41:19.0180 2056  UserName: Kay
17:41:19.0180 2056  Windows directory: F:\WINDOWS
17:41:19.0180 2056  System windows directory: F:\WINDOWS
17:41:19.0180 2056  Running under WOW64
17:41:19.0180 2056  Processor architecture: Intel x64
17:41:19.0180 2056  Number of processors: 4
17:41:19.0180 2056  Page size: 0x1000
17:41:19.0180 2056  Boot type: Normal boot
17:41:19.0180 2056  ============================================================
17:41:19.0977 2056  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:20.0008 2056  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:25.0368 2056  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:41:25.0369 2056  ============================================================
17:41:25.0369 2056  \Device\Harddisk0\DR0:
17:41:25.0371 2056  MBR partitions:
17:41:25.0371 2056  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
17:41:25.0371 2056  \Device\Harddisk1\DR1:
17:41:25.0371 2056  MBR partitions:
17:41:25.0371 2056  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4ADB757
17:41:25.0371 2056  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x4ADB796, BlocksNum 0x1AC569B6
17:41:25.0371 2056  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x1F73214C, BlocksNum 0x1AC52AF5
17:41:25.0371 2056  \Device\Harddisk2\DR2:
17:41:25.0372 2056  MBR partitions:
17:41:25.0372 2056  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A380D41
17:41:25.0372 2056  ============================================================
17:41:25.0373 2056  C: <-> \Device\Harddisk0\DR0\Partition1
17:41:25.0389 2056  D: <-> \Device\Harddisk1\DR1\Partition1
17:41:25.0407 2056  E: <-> \Device\Harddisk1\DR1\Partition2
17:41:25.0408 2056  F: <-> \Device\Harddisk1\DR1\Partition3
17:41:25.0409 2056  Z: <-> \Device\Harddisk2\DR2\Partition1
17:41:25.0409 2056  ============================================================
17:41:25.0409 2056  Initialize success
17:41:25.0409 2056  ============================================================
17:43:07.0825 2676  ============================================================
17:43:07.0825 2676  Scan started
17:43:07.0825 2676  Mode: Manual; SigCheck; TDLFS; 
17:43:07.0825 2676  ============================================================
17:43:08.0295 2676  ================ Scan system memory ========================
17:43:08.0295 2676  System memory - ok
17:43:08.0295 2676  ================ Scan services =============================
17:43:08.0399 2676  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        F:\WINDOWS\System32\drivers\1394ohci.sys
17:43:08.0431 2676  1394ohci - ok
17:43:08.0447 2676  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           F:\WINDOWS\system32\drivers\3ware.sys
17:43:08.0455 2676  3ware - ok
17:43:08.0526 2676  [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc           F:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
17:43:08.0548 2676  a2acc - ok
17:43:08.0609 2676  [ E327C0DE1D7013BE360881801C0AB0FA ] a2AntiMalware   F:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
17:43:08.0644 2676  a2AntiMalware - ok
17:43:08.0656 2676  [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA           F:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
17:43:08.0660 2676  A2DDA - ok
17:43:08.0668 2676  [ 3D55CE53128C81E06CD6B024C3B9FAC3 ] a2injectiondriver F:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
17:43:08.0673 2676  a2injectiondriver - ok
17:43:08.0681 2676  [ E41D79682A209F72F4F578CFD4A53952 ] a2util          F:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
17:43:08.0685 2676  a2util - ok
17:43:08.0718 2676  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            F:\WINDOWS\system32\drivers\ACPI.sys
17:43:08.0730 2676  ACPI - ok
17:43:08.0752 2676  [ DC968C37822117E576B933F34A2D130C ] acpiex          F:\WINDOWS\system32\Drivers\acpiex.sys
17:43:08.0758 2676  acpiex - ok
17:43:08.0781 2676  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        F:\WINDOWS\System32\drivers\acpipagr.sys
17:43:08.0788 2676  acpipagr - ok
17:43:08.0806 2676  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         F:\WINDOWS\System32\drivers\acpipmi.sys
17:43:08.0822 2676  AcpiPmi - ok
17:43:08.0848 2676  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        F:\WINDOWS\System32\drivers\acpitime.sys
17:43:08.0855 2676  acpitime - ok
17:43:08.0891 2676  [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:43:08.0896 2676  AdobeARMservice - ok
17:43:08.0979 2676  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc F:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:43:08.0986 2676  AdobeFlashPlayerUpdateSvc - ok
17:43:09.0004 2676  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         F:\WINDOWS\system32\drivers\adp94xx.sys
17:43:09.0016 2676  adp94xx - ok
17:43:09.0031 2676  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         F:\WINDOWS\system32\drivers\adpahci.sys
17:43:09.0041 2676  adpahci - ok
17:43:09.0066 2676  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         F:\WINDOWS\system32\drivers\adpu320.sys
17:43:09.0074 2676  adpu320 - ok
17:43:09.0097 2676  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     F:\WINDOWS\System32\aelupsvc.dll
17:43:09.0114 2676  AeLookupSvc - ok
17:43:09.0146 2676  [ 9E975BDC89C83900B2C534C4E1B018F8 ] AFD             F:\WINDOWS\system32\drivers\afd.sys
17:43:09.0167 2676  AFD - ok
17:43:09.0184 2676  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          F:\WINDOWS\system32\drivers\agp440.sys
17:43:09.0190 2676  agp440 - ok
17:43:09.0218 2676  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             F:\WINDOWS\System32\alg.exe
17:43:09.0238 2676  ALG - ok
17:43:09.0263 2676  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent F:\WINDOWS\system32\AUInstallAgent.dll
17:43:09.0284 2676  AllUserInstallAgent - ok
17:43:09.0292 2676  [ FB88D16B55F788EEB7590584FE2D8F1A ] AmdK8           F:\WINDOWS\System32\drivers\amdk8.sys
17:43:09.0305 2676  AmdK8 - ok
17:43:09.0486 2676  [ 8DC532B5BF820E48194C6AFC8862FCBC ] amdkmdag        F:\WINDOWS\system32\DRIVERS\atikmdag.sys
17:43:09.0751 2676  amdkmdag - ok
17:43:09.0757 2676  [ AA48FEABA50C2DED9C485DFDBA044E40 ] amdkmdap        F:\WINDOWS\system32\DRIVERS\atikmpag.sys
17:43:09.0773 2676  amdkmdap - ok
17:43:09.0802 2676  [ 81402FF3373CE4DF77D5C874E369A985 ] AmdPPM          F:\WINDOWS\System32\drivers\amdppm.sys
17:43:09.0809 2676  AmdPPM - ok
17:43:09.0821 2676  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         F:\WINDOWS\system32\drivers\amdsata.sys
17:43:09.0828 2676  amdsata - ok
17:43:09.0854 2676  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          F:\WINDOWS\system32\drivers\amdsbs.sys
17:43:09.0863 2676  amdsbs - ok
17:43:09.0878 2676  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         F:\WINDOWS\system32\drivers\amdxata.sys
17:43:09.0883 2676  amdxata - ok
17:43:09.0906 2676  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           F:\WINDOWS\system32\drivers\appid.sys
17:43:09.0929 2676  AppID - ok
17:43:09.0950 2676  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        F:\WINDOWS\System32\appidsvc.dll
17:43:09.0958 2676  AppIDSvc - ok
17:43:09.0984 2676  [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo         F:\WINDOWS\System32\appinfo.dll
17:43:09.0993 2676  Appinfo - ok
17:43:10.0015 2676  [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt         F:\WINDOWS\System32\appmgmts.dll
17:43:10.0042 2676  AppMgmt - ok
17:43:10.0055 2676  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             F:\WINDOWS\system32\drivers\arc.sys
17:43:10.0061 2676  arc - ok
17:43:10.0081 2676  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          F:\WINDOWS\system32\drivers\arcsas.sys
17:43:10.0087 2676  arcsas - ok
17:43:10.0090 2676  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        F:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:43:10.0098 2676  AsyncMac - ok
17:43:10.0106 2676  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           F:\WINDOWS\system32\drivers\atapi.sys
17:43:10.0112 2676  atapi - ok
17:43:10.0136 2676  [ 4ECC791539F23982411864037D1AC8FC ] AthDfu          F:\WINDOWS\System32\Drivers\AthDfu.sys
17:43:10.0140 2676  AthDfu - ok
17:43:10.0170 2676  [ 51B7849747A0582096A41A366454E88E ] AtherosSvc      F:\WINDOWS\system32\AdminService.exe
17:43:10.0183 2676  AtherosSvc - ok
17:43:10.0208 2676  [ 832DAE6F2C29CBA8573D99B9746FB2AD ] AudioEndpointBuilder F:\WINDOWS\System32\AudioEndpointBuilder.dll
17:43:10.0225 2676  AudioEndpointBuilder - ok
17:43:10.0244 2676  [ 14497E7A0F6E2BF952E20ACA64F7FB78 ] Audiosrv        F:\WINDOWS\System32\Audiosrv.dll
17:43:10.0257 2676  Audiosrv - ok
17:43:10.0281 2676  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        F:\WINDOWS\System32\AxInstSV.dll
17:43:10.0296 2676  AxInstSV - ok
17:43:10.0326 2676  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         F:\WINDOWS\system32\drivers\bxvbda.sys
17:43:10.0340 2676  b06bdrv - ok
17:43:10.0365 2676  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    F:\WINDOWS\System32\drivers\BasicDisplay.sys
17:43:10.0382 2676  BasicDisplay - ok
17:43:10.0408 2676  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     F:\WINDOWS\System32\drivers\BasicRender.sys
17:43:10.0414 2676  BasicRender - ok
17:43:10.0446 2676  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          F:\WINDOWS\System32\bdesvc.dll
17:43:10.0461 2676  BDESVC - ok
17:43:10.0482 2676  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            F:\WINDOWS\system32\drivers\Beep.sys
17:43:10.0498 2676  Beep - ok
17:43:10.0531 2676  [ 407F85D5387EDBB665A7969DF4D4712B ] BFE             F:\WINDOWS\System32\bfe.dll
17:43:10.0545 2676  BFE - ok
17:43:10.0585 2676  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            F:\WINDOWS\System32\qmgr.dll
17:43:10.0608 2676  BITS - ok
17:43:10.0611 2676  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          F:\WINDOWS\system32\DRIVERS\bowser.sys
17:43:10.0634 2676  bowser - ok
17:43:10.0665 2676  [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure F:\WINDOWS\System32\bisrv.dll
17:43:10.0677 2676  BrokerInfrastructure - ok
17:43:10.0708 2676  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         F:\WINDOWS\System32\browser.dll
17:43:10.0724 2676  Browser - ok
17:43:10.0752 2676  [ 8C816EBE14B24CD9CFBE94254D92A89A ] BtFilter        F:\WINDOWS\system32\DRIVERS\btfilter.sys
17:43:10.0764 2676  BtFilter - ok
17:43:10.0788 2676  [ FC79BE6D8FBC8699E9980F657D281BE9 ] BthAvrcpTg      F:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:43:10.0807 2676  BthAvrcpTg - ok
17:43:10.0837 2676  [ D05CC97509A983E5E47FE7CA05A93490 ] BthEnum         F:\WINDOWS\System32\drivers\BthEnum.sys
17:43:10.0859 2676  BthEnum - ok
17:43:10.0879 2676  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       F:\WINDOWS\System32\drivers\bthhfenum.sys
17:43:10.0893 2676  BthHFEnum - ok
17:43:10.0918 2676  [ 6F7368071FCDDB96C0527A6E5D7C1906 ] bthhfhid        F:\WINDOWS\System32\drivers\BthHFHid.sys
17:43:10.0924 2676  bthhfhid - ok
17:43:10.0946 2676  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        F:\WINDOWS\System32\drivers\bthmodem.sys
17:43:10.0960 2676  BTHMODEM - ok
17:43:10.0986 2676  [ 091BB978E9504D0AD14586929431A957 ] BthPan          F:\WINDOWS\system32\DRIVERS\bthpan.sys
17:43:11.0001 2676  BthPan - ok
17:43:11.0036 2676  [ 0F8817323F2CAC52165793105123D728 ] BTHPORT         F:\WINDOWS\System32\Drivers\BTHport.sys
17:43:11.0060 2676  BTHPORT - ok
17:43:11.0080 2676  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         F:\WINDOWS\system32\bthserv.dll
17:43:11.0087 2676  bthserv - ok
17:43:11.0101 2676  [ 58B24291C6E5BEE116ABD8CB6B2C3D9F ] BTHUSB          F:\WINDOWS\System32\Drivers\BTHUSB.sys
17:43:11.0107 2676  BTHUSB - ok
17:43:11.0135 2676  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            F:\WINDOWS\system32\DRIVERS\cdfs.sys
17:43:11.0147 2676  cdfs - ok
17:43:11.0155 2676  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           F:\WINDOWS\System32\drivers\cdrom.sys
17:43:11.0162 2676  cdrom - ok
17:43:11.0187 2676  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     F:\WINDOWS\System32\certprop.dll
17:43:11.0197 2676  CertPropSvc - ok
17:43:11.0227 2676  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        F:\WINDOWS\System32\drivers\circlass.sys
17:43:11.0241 2676  circlass - ok
17:43:11.0258 2676  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            F:\WINDOWS\system32\drivers\CLFS.sys
17:43:11.0268 2676  CLFS - ok
17:43:11.0302 2676  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          F:\WINDOWS\System32\drivers\CmBatt.sys
17:43:11.0320 2676  CmBatt - ok
17:43:11.0352 2676  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             F:\WINDOWS\system32\Drivers\cng.sys
17:43:11.0367 2676  CNG - ok
17:43:11.0381 2676  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    F:\WINDOWS\System32\drivers\CompositeBus.sys
17:43:11.0395 2676  CompositeBus - ok
17:43:11.0397 2676  COMSysApp - ok
17:43:11.0412 2676  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          F:\WINDOWS\system32\drivers\condrv.sys
17:43:11.0423 2676  condrv - ok
17:43:11.0446 2676  [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc        F:\WINDOWS\system32\cryptsvc.dll
17:43:11.0453 2676  CryptSvc - ok
17:43:11.0481 2676  [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC             F:\WINDOWS\system32\drivers\csc.sys
17:43:11.0508 2676  CSC - ok
17:43:11.0544 2676  [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService      F:\WINDOWS\System32\cscsvc.dll
17:43:11.0558 2676  CscService - ok
17:43:11.0582 2676  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             F:\WINDOWS\system32\drivers\dam.sys
17:43:11.0588 2676  dam - ok
17:43:11.0623 2676  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      F:\WINDOWS\system32\rpcss.dll
17:43:11.0647 2676  DcomLaunch - ok
17:43:11.0677 2676  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       F:\WINDOWS\System32\defragsvc.dll
17:43:11.0713 2676  defragsvc - ok
17:43:11.0738 2676  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService F:\WINDOWS\system32\das.dll
17:43:11.0751 2676  DeviceAssociationService - ok
17:43:11.0780 2676  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   F:\WINDOWS\system32\umpnpmgr.dll
17:43:11.0788 2676  DeviceInstall - ok
17:43:11.0813 2676  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            F:\WINDOWS\system32\Drivers\dfsc.sys
17:43:11.0820 2676  Dfsc - ok
17:43:11.0858 2676  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            F:\WINDOWS\system32\dhcpcore.dll
17:43:11.0873 2676  Dhcp - ok
17:43:11.0903 2676  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        F:\WINDOWS\system32\drivers\discache.sys
17:43:11.0913 2676  discache - ok
17:43:11.0944 2676  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            F:\WINDOWS\system32\drivers\disk.sys
17:43:11.0950 2676  disk - ok
17:43:11.0975 2676  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           F:\WINDOWS\System32\drivers\dmvsc.sys
17:43:11.0993 2676  dmvsc - ok
17:43:12.0017 2676  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        F:\WINDOWS\System32\dnsrslvr.dll
17:43:12.0029 2676  Dnscache - ok
17:43:12.0062 2676  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         F:\WINDOWS\System32\dot3svc.dll
17:43:12.0072 2676  dot3svc - ok
17:43:12.0101 2676  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             F:\WINDOWS\system32\dps.dll
17:43:12.0113 2676  DPS - ok
17:43:12.0139 2676  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         F:\WINDOWS\system32\drivers\drmkaud.sys
17:43:12.0145 2676  drmkaud - ok
17:43:12.0174 2676  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          F:\WINDOWS\System32\DeviceSetupManager.dll
17:43:12.0187 2676  DsmSvc - ok
17:43:12.0236 2676  [ 898BF1647BBF012B38EF45C7F9F7A67E ] DXGKrnl         F:\WINDOWS\System32\drivers\dxgkrnl.sys
17:43:12.0275 2676  DXGKrnl - ok
17:43:12.0296 2676  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         F:\WINDOWS\System32\eapsvc.dll
17:43:12.0305 2676  Eaphost - ok
17:43:12.0366 2676  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           F:\WINDOWS\system32\drivers\evbda.sys
17:43:12.0453 2676  ebdrv - ok
17:43:12.0478 2676  [ F702AB6181513303AB0FC8D59E52708B ] EFS             F:\WINDOWS\System32\lsass.exe
17:43:12.0493 2676  EFS - ok
17:43:12.0554 2676  [ 4B84E647C934EDFF7F28C4B91A5C0864 ] ehRecvr         F:\WINDOWS\ehome\ehRecvr.exe
17:43:12.0574 2676  ehRecvr - ok
17:43:12.0601 2676  [ 72781EC7A97E44B9651550D7A83D1B96 ] ehSched         F:\WINDOWS\ehome\ehsched.exe
17:43:12.0608 2676  ehSched - ok
17:43:12.0632 2676  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     F:\WINDOWS\system32\drivers\EhStorClass.sys
17:43:12.0638 2676  EhStorClass - ok
17:43:12.0659 2676  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    F:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:43:12.0666 2676  EhStorTcgDrv - ok
17:43:12.0680 2676  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          F:\WINDOWS\System32\drivers\errdev.sys
17:43:12.0686 2676  ErrDev - ok
17:43:12.0733 2676  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     F:\WINDOWS\system32\es.dll
17:43:12.0754 2676  EventSystem - ok
17:43:12.0826 2676  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           F:\WINDOWS\system32\drivers\exfat.sys
17:43:12.0838 2676  exfat - ok
17:43:12.0841 2676  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         F:\WINDOWS\system32\drivers\fastfat.sys
17:43:12.0850 2676  fastfat - ok
17:43:12.0889 2676  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             F:\WINDOWS\system32\fxssvc.exe
17:43:12.0911 2676  Fax - ok
17:43:12.0925 2676  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             F:\WINDOWS\System32\drivers\fdc.sys
17:43:12.0932 2676  fdc - ok
17:43:12.0956 2676  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         F:\WINDOWS\system32\fdPHost.dll
17:43:12.0967 2676  fdPHost - ok
17:43:12.0985 2676  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        F:\WINDOWS\system32\fdrespub.dll
17:43:12.0996 2676  FDResPub - ok
17:43:13.0028 2676  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           F:\WINDOWS\system32\fhsvc.dll
17:43:13.0040 2676  fhsvc - ok
17:43:13.0068 2676  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        F:\WINDOWS\system32\drivers\fileinfo.sys
17:43:13.0075 2676  FileInfo - ok
17:43:13.0102 2676  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       F:\WINDOWS\system32\drivers\filetrace.sys
17:43:13.0112 2676  Filetrace - ok
17:43:13.0135 2676  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        F:\WINDOWS\System32\drivers\flpydisk.sys
17:43:13.0142 2676  flpydisk - ok
17:43:13.0165 2676  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          F:\WINDOWS\system32\drivers\fltmgr.sys
17:43:13.0177 2676  FltMgr - ok
17:43:13.0223 2676  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       F:\WINDOWS\system32\FntCache.dll
17:43:13.0247 2676  FontCache - ok
17:43:13.0342 2676  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 F:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:43:13.0348 2676  FontCache3.0.0.0 - ok
17:43:13.0351 2676  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       F:\WINDOWS\system32\drivers\FsDepends.sys
17:43:13.0357 2676  FsDepends - ok
17:43:13.0384 2676  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          F:\WINDOWS\system32\drivers\Fs_Rec.sys
17:43:13.0390 2676  Fs_Rec - ok
17:43:13.0418 2676  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          F:\WINDOWS\system32\DRIVERS\fvevol.sys
17:43:13.0429 2676  fvevol - ok
17:43:13.0446 2676  [ 3EF3FCCC0E70EEC5C2AD996F32BBA642 ] FxPPM           F:\WINDOWS\System32\drivers\fxppm.sys
17:43:13.0452 2676  FxPPM - ok
17:43:13.0461 2676  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        F:\WINDOWS\system32\drivers\gagp30kx.sys
17:43:13.0467 2676  gagp30kx - ok
17:43:13.0494 2676  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      F:\WINDOWS\System32\drivers\vmgencounter.sys
17:43:13.0500 2676  gencounter - ok
17:43:13.0509 2676  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     F:\WINDOWS\system32\Drivers\msgpioclx.sys
17:43:13.0516 2676  GPIOClx0101 - ok
17:43:13.0545 2676  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           F:\WINDOWS\System32\gpsvc.dll
17:43:13.0563 2676  gpsvc - ok
17:43:13.0622 2676  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         F:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:43:13.0626 2676  gupdate - ok
17:43:13.0628 2676  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        F:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:43:13.0633 2676  gupdatem - ok
17:43:13.0661 2676  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           F:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:43:13.0667 2676  gusvc - ok
17:43:13.0698 2676  [ 9FC1F11D4D19F61DFE5CC878B4557D3A ] HdAudAddService F:\WINDOWS\system32\drivers\HdAudio.sys
17:43:13.0715 2676  HdAudAddService - ok
17:43:13.0742 2676  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        F:\WINDOWS\System32\drivers\HDAudBus.sys
17:43:13.0759 2676  HDAudBus - ok
17:43:13.0785 2676  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         F:\WINDOWS\System32\drivers\HidBatt.sys
17:43:13.0791 2676  HidBatt - ok
17:43:13.0816 2676  [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth          F:\WINDOWS\System32\drivers\hidbth.sys
17:43:13.0830 2676  HidBth - ok
17:43:13.0840 2676  [ AC0526C4E3A7954F750B8F8D95EFB340 ] hidi2c          F:\WINDOWS\System32\drivers\hidi2c.sys
17:43:13.0854 2676  hidi2c - ok
17:43:13.0856 2676  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           F:\WINDOWS\System32\drivers\hidir.sys
17:43:13.0870 2676  HidIr - ok
17:43:13.0897 2676  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         F:\WINDOWS\system32\hidserv.dll
17:43:13.0903 2676  hidserv - ok
17:43:13.0933 2676  [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb          F:\WINDOWS\System32\drivers\hidusb.sys
17:43:13.0940 2676  HidUsb - ok
17:43:13.0970 2676  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          F:\WINDOWS\system32\kmsvc.dll
17:43:13.0979 2676  hkmsvc - ok
17:43:13.0999 2676  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener F:\WINDOWS\system32\ListSvc.dll
17:43:14.0023 2676  HomeGroupListener - ok
17:43:14.0063 2676  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider F:\WINDOWS\system32\provsvc.dll
17:43:14.0104 2676  HomeGroupProvider - ok
17:43:14.0128 2676  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          F:\WINDOWS\system32\drivers\HpSAMD.sys
17:43:14.0135 2676  HpSAMD - ok
17:43:14.0168 2676  [ 47DBBF38E00C3F7404B71F6509241EF1 ] HTTP            F:\WINDOWS\system32\drivers\HTTP.sys
17:43:14.0195 2676  HTTP - ok
17:43:14.0220 2676  [ 2A98301068801700906C06649860FE94 ] hwpolicy        F:\WINDOWS\system32\drivers\hwpolicy.sys
17:43:14.0226 2676  hwpolicy - ok
17:43:14.0243 2676  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        F:\WINDOWS\System32\drivers\hyperkbd.sys
17:43:14.0249 2676  hyperkbd - ok
17:43:14.0277 2676  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      F:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:43:14.0283 2676  HyperVideo - ok
17:43:14.0301 2676  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        F:\WINDOWS\System32\drivers\i8042prt.sys
17:43:14.0309 2676  i8042prt - ok
17:43:14.0337 2676  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         F:\WINDOWS\system32\drivers\iaStorV.sys
17:43:14.0348 2676  iaStorV - ok
17:43:14.0370 2676  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           F:\WINDOWS\system32\drivers\iirsp.sys
17:43:14.0376 2676  iirsp - ok
17:43:14.0406 2676  [ 45EACE8D94B9CEC746A85154892C4FDC ] IKEEXT          F:\WINDOWS\System32\ikeext.dll
17:43:14.0425 2676  IKEEXT - ok
17:43:14.0439 2676  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        F:\WINDOWS\system32\drivers\intelide.sys
17:43:14.0445 2676  intelide - ok
17:43:14.0464 2676  [ F9E126AA767E2E6E3128434A43C9F713 ] intelppm        F:\WINDOWS\System32\drivers\intelppm.sys
17:43:14.0470 2676  intelppm - ok
17:43:14.0493 2676  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  F:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:43:14.0502 2676  IpFilterDriver - ok
17:43:14.0538 2676  [ CAC5202757EF68C4849B0DFFA75F6D3C ] iphlpsvc        F:\WINDOWS\System32\iphlpsvc.dll
17:43:14.0553 2676  iphlpsvc - ok
17:43:14.0568 2676  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         F:\WINDOWS\System32\drivers\IPMIDrv.sys
17:43:14.0587 2676  IPMIDRV - ok
17:43:14.0613 2676  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           F:\WINDOWS\system32\drivers\ipnat.sys
17:43:14.0622 2676  IPNAT - ok
17:43:14.0644 2676  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          F:\WINDOWS\system32\drivers\irenum.sys
17:43:14.0666 2676  IRENUM - ok
17:43:14.0687 2676  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          F:\WINDOWS\system32\drivers\isapnp.sys
17:43:14.0693 2676  isapnp - ok
17:43:14.0715 2676  [ F5F0DE1B7F256997501EECECE9648108 ] iScsiPrt        F:\WINDOWS\System32\drivers\msiscsi.sys
17:43:14.0724 2676  iScsiPrt - ok
17:43:14.0746 2676  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        F:\WINDOWS\System32\drivers\kbdclass.sys
17:43:14.0752 2676  kbdclass - ok
17:43:14.0776 2676  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          F:\WINDOWS\System32\drivers\kbdhid.sys
17:43:14.0782 2676  kbdhid - ok
17:43:14.0809 2676  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           F:\WINDOWS\system32\DRIVERS\kdnic.sys
17:43:14.0827 2676  kdnic - ok
17:43:14.0844 2676  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          F:\WINDOWS\system32\lsass.exe
17:43:14.0852 2676  KeyIso - ok
17:43:14.0883 2676  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          F:\WINDOWS\system32\Drivers\ksecdd.sys
17:43:14.0890 2676  KSecDD - ok
17:43:14.0918 2676  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         F:\WINDOWS\system32\Drivers\ksecpkg.sys
17:43:14.0926 2676  KSecPkg - ok
17:43:14.0941 2676  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         F:\WINDOWS\system32\drivers\ksthunk.sys
17:43:14.0948 2676  ksthunk - ok
17:43:14.0976 2676  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           F:\WINDOWS\system32\msdtckrm.dll
17:43:14.0986 2676  KtmRm - ok
17:43:15.0008 2676  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    F:\WINDOWS\system32\srvsvc.dll
17:43:15.0017 2676  LanmanServer - ok
17:43:15.0027 2676  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation F:\WINDOWS\System32\wkssvc.dll
17:43:15.0036 2676  LanmanWorkstation - ok
17:43:15.0047 2676  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          F:\WINDOWS\system32\DRIVERS\lltdio.sys
17:43:15.0056 2676  lltdio - ok
17:43:15.0071 2676  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         F:\WINDOWS\System32\lltdsvc.dll
17:43:15.0082 2676  lltdsvc - ok
17:43:15.0099 2676  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         F:\WINDOWS\System32\lmhsvc.dll
17:43:15.0105 2676  lmhosts - ok
17:43:15.0135 2676  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         F:\WINDOWS\system32\drivers\lsi_sas.sys
17:43:15.0142 2676  LSI_SAS - ok
17:43:15.0163 2676  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        F:\WINDOWS\system32\drivers\lsi_sas2.sys
17:43:15.0170 2676  LSI_SAS2 - ok
17:43:15.0184 2676  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        F:\WINDOWS\system32\drivers\lsi_scsi.sys
17:43:15.0191 2676  LSI_SCSI - ok
17:43:15.0199 2676  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         F:\WINDOWS\system32\drivers\lsi_sss.sys
17:43:15.0206 2676  LSI_SSS - ok
17:43:15.0233 2676  [ 8FEFDCEE40B75FD23B4BC60DA6576113 ] LSM             F:\WINDOWS\System32\lsm.dll
17:43:15.0243 2676  LSM - ok
17:43:15.0270 2676  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           F:\WINDOWS\system32\drivers\luafv.sys
17:43:15.0281 2676  luafv - ok
17:43:15.0333 2676  [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService F:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
17:43:15.0339 2676  McComponentHostService - ok
17:43:15.0361 2676  [ 4448CCEA974F0B15A00EA33FCEDFC062 ] Mcx2Svc         F:\WINDOWS\system32\Mcx2Svc.dll
17:43:15.0368 2676  Mcx2Svc - ok
17:43:15.0370 2676  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         F:\WINDOWS\system32\drivers\megasas.sys
17:43:15.0376 2676  megasas - ok
17:43:15.0403 2676  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          F:\WINDOWS\system32\drivers\MegaSR.sys
17:43:15.0413 2676  MegaSR - ok
17:43:15.0440 2676  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          F:\WINDOWS\System32\drivers\HECIx64.sys
17:43:15.0444 2676  MEIx64 - ok
17:43:15.0487 2676  Microsoft SharePoint Workspace Audit Service - ok
17:43:15.0506 2676  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           F:\WINDOWS\system32\mmcss.dll
17:43:15.0523 2676  MMCSS - ok
17:43:15.0536 2676  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           F:\WINDOWS\system32\drivers\modem.sys
17:43:15.0544 2676  Modem - ok
17:43:15.0570 2676  [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor         F:\WINDOWS\system32\DRIVERS\monitor.sys
17:43:15.0591 2676  monitor - ok
17:43:15.0614 2676  [ 618446B98C79776654340CE27C73485E ] mouclass        F:\WINDOWS\System32\drivers\mouclass.sys
17:43:15.0620 2676  mouclass - ok
17:43:15.0644 2676  [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid          F:\WINDOWS\System32\drivers\mouhid.sys
17:43:15.0650 2676  mouhid - ok
17:43:15.0656 2676  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        F:\WINDOWS\system32\drivers\mountmgr.sys
17:43:15.0663 2676  mountmgr - ok
17:43:15.0704 2676  [ DAE3C509F33059BC4D48A8925F476FB4 ] MozillaMaintenance F:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:43:15.0709 2676  MozillaMaintenance - ok
17:43:15.0735 2676  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          F:\WINDOWS\system32\drivers\mpsdrv.sys
17:43:15.0753 2676  mpsdrv - ok
17:43:15.0790 2676  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          F:\WINDOWS\system32\mpssvc.dll
17:43:15.0804 2676  MpsSvc - ok
17:43:15.0835 2676  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          F:\WINDOWS\system32\drivers\mrxdav.sys
17:43:15.0843 2676  MRxDAV - ok
17:43:15.0868 2676  [ 75C633892ADA5D48DAEAF0315E08AAFF ] mrxsmb          F:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:43:15.0890 2676  mrxsmb - ok
17:43:15.0912 2676  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        F:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:43:15.0920 2676  mrxsmb10 - ok
17:43:15.0945 2676  [ E9C47B374DB1E9752F525F59FB6B73B3 ] mrxsmb20        F:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:43:15.0952 2676  mrxsmb20 - ok
17:43:15.0985 2676  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        F:\WINDOWS\system32\DRIVERS\bridge.sys
17:43:15.0994 2676  MsBridge - ok
17:43:16.0024 2676  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           F:\WINDOWS\System32\msdtc.exe
17:43:16.0033 2676  MSDTC - ok
17:43:16.0057 2676  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            F:\WINDOWS\system32\drivers\Msfs.sys
17:43:16.0063 2676  Msfs - ok
17:43:16.0087 2676  [ C9BFB0353099B071E70299549C18C8AE ] msgpiowin32     F:\WINDOWS\System32\drivers\msgpiowin32.sys
17:43:16.0092 2676  msgpiowin32 - ok
17:43:16.0115 2676  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       F:\WINDOWS\System32\drivers\mshidkmdf.sys
17:43:16.0121 2676  mshidkmdf - ok
17:43:16.0127 2676  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       F:\WINDOWS\System32\drivers\mshidumdf.sys
17:43:16.0133 2676  mshidumdf - ok
17:43:16.0143 2676  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        F:\WINDOWS\system32\drivers\msisadrv.sys
17:43:16.0149 2676  msisadrv - ok
17:43:16.0173 2676  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         F:\WINDOWS\system32\iscsiexe.dll
17:43:16.0180 2676  MSiSCSI - ok
17:43:16.0182 2676  msiserver - ok
17:43:16.0191 2676  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         F:\WINDOWS\system32\drivers\MSKSSRV.sys
17:43:16.0197 2676  MSKSSRV - ok
17:43:16.0214 2676  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          F:\WINDOWS\system32\DRIVERS\mslldp.sys
17:43:16.0221 2676  MsLldp - ok
17:43:16.0233 2676  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        F:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:43:16.0240 2676  MSPCLOCK - ok
17:43:16.0261 2676  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           F:\WINDOWS\system32\drivers\MSPQM.sys
17:43:16.0267 2676  MSPQM - ok
17:43:16.0288 2676  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           F:\WINDOWS\system32\drivers\MsRPC.sys
17:43:16.0300 2676  MsRPC - ok
17:43:16.0313 2676  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        F:\WINDOWS\System32\drivers\mssmbios.sys
17:43:16.0319 2676  mssmbios - ok
17:43:16.0331 2676  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           F:\WINDOWS\system32\drivers\MSTEE.sys
17:43:16.0338 2676  MSTEE - ok
17:43:16.0348 2676  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        F:\WINDOWS\System32\drivers\MTConfig.sys
17:43:16.0354 2676  MTConfig - ok
17:43:16.0366 2676  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             F:\WINDOWS\system32\Drivers\mup.sys
17:43:16.0372 2676  Mup - ok
17:43:16.0385 2676  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          F:\WINDOWS\system32\drivers\mvumis.sys
17:43:16.0391 2676  mvumis - ok
17:43:16.0415 2676  [ 4B18840511D720BA118D3017E8165875 ] napagent        F:\WINDOWS\system32\qagentRT.dll
17:43:16.0427 2676  napagent - ok
17:43:16.0468 2676  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     F:\WINDOWS\system32\DRIVERS\nwifi.sys
17:43:16.0477 2676  NativeWifiP - ok
17:43:16.0488 2676  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          F:\WINDOWS\System32\ncasvc.dll
17:43:16.0496 2676  NcaSvc - ok
17:43:16.0515 2676  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    F:\WINDOWS\System32\NcdAutoSetup.dll
17:43:16.0544 2676  NcdAutoSetup - ok
17:43:16.0582 2676  [ 0F89AE618DBA5D8AB7A2DFCC375F4159 ] NDIS            F:\WINDOWS\system32\drivers\ndis.sys
17:43:16.0603 2676  NDIS - ok
17:43:16.0628 2676  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         F:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:43:16.0636 2676  NdisCap - ok
17:43:16.0660 2676  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  F:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:43:16.0669 2676  NdisImPlatform - ok
17:43:16.0690 2676  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        F:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:43:16.0696 2676  NdisTapi - ok
17:43:16.0703 2676  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         F:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:43:16.0709 2676  Ndisuio - ok
17:43:16.0734 2676  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         F:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:43:16.0744 2676  NdisWan - ok
17:43:16.0746 2676  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   F:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:43:16.0755 2676  NDISWANLEGACY - ok
17:43:16.0762 2676  [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy         F:\WINDOWS\system32\drivers\NDProxy.sys
17:43:16.0769 2676  NDProxy - ok
17:43:16.0794 2676  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             F:\WINDOWS\system32\drivers\Ndu.sys
17:43:16.0801 2676  Ndu - ok
17:43:16.0813 2676  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         F:\WINDOWS\system32\DRIVERS\netbios.sys
17:43:16.0821 2676  NetBIOS - ok
17:43:16.0826 2676  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           F:\WINDOWS\system32\DRIVERS\netbt.sys
17:43:16.0834 2676  NetBT - ok
17:43:16.0845 2676  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        F:\WINDOWS\system32\lsass.exe
17:43:16.0852 2676  Netlogon - ok
17:43:16.0879 2676  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          F:\WINDOWS\System32\netman.dll
17:43:16.0889 2676  Netman - ok
17:43:16.0905 2676  [ 20F6FD63E6D456114BC8056D62792786 ] netprofm        F:\WINDOWS\System32\netprofmsvc.dll
17:43:16.0917 2676  netprofm - ok
17:43:16.0966 2676  [ 9F929E74A8FB21B2B44B41C115F10B39 ] netr28ux        F:\WINDOWS\system32\DRIVERS\netr28ux.sys
17:43:17.0002 2676  netr28ux - ok
17:43:17.0040 2676  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing F:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:43:17.0047 2676  NetTcpPortSharing - ok
17:43:17.0068 2676  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         F:\WINDOWS\system32\drivers\nfrd960.sys
17:43:17.0074 2676  nfrd960 - ok
17:43:17.0103 2676  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          F:\WINDOWS\System32\nlasvc.dll
17:43:17.0118 2676  NlaSvc - ok
17:43:17.0124 2676  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            F:\WINDOWS\system32\drivers\Npfs.sys
17:43:17.0131 2676  Npfs - ok
17:43:17.0163 2676  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       F:\WINDOWS\System32\drivers\npsvctrig.sys
17:43:17.0173 2676  npsvctrig - ok
17:43:17.0193 2676  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             F:\WINDOWS\system32\nsisvc.dll
17:43:17.0200 2676  nsi - ok
17:43:17.0223 2676  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        F:\WINDOWS\system32\drivers\nsiproxy.sys
17:43:17.0230 2676  nsiproxy - ok
17:43:17.0274 2676  [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD ] Ntfs            F:\WINDOWS\system32\drivers\Ntfs.sys
17:43:17.0321 2676  Ntfs - ok
17:43:17.0346 2676  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            F:\WINDOWS\system32\drivers\Null.sys
17:43:17.0353 2676  Null - ok
17:43:17.0380 2676  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          F:\WINDOWS\system32\drivers\nvraid.sys
17:43:17.0387 2676  nvraid - ok
17:43:17.0407 2676  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          F:\WINDOWS\system32\drivers\nvstor.sys
17:43:17.0415 2676  nvstor - ok
17:43:17.0429 2676  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          F:\WINDOWS\system32\drivers\nv_agp.sys
17:43:17.0436 2676  nv_agp - ok
17:43:17.0480 2676  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             F:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:43:17.0486 2676  ose - ok
17:43:17.0613 2676  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         F:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:43:17.0716 2676  osppsvc - ok
17:43:17.0762 2676  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        F:\WINDOWS\system32\pnrpsvc.dll
17:43:17.0778 2676  p2pimsvc - ok
17:43:17.0794 2676  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          F:\WINDOWS\system32\p2psvc.dll
17:43:17.0804 2676  p2psvc - ok
17:43:17.0837 2676  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         F:\WINDOWS\System32\drivers\parport.sys
17:43:17.0844 2676  Parport - ok
17:43:17.0866 2676  [ C1D7BA7F0DE487DFEEB51BF8D3EC5562 ] partmgr         F:\WINDOWS\system32\drivers\partmgr.sys
17:43:17.0872 2676  partmgr - ok
17:43:17.0889 2676  [ 19E41F140A6ADBD38943710DA7FF0E38 ] PcaSvc          F:\WINDOWS\System32\pcasvc.dll
17:43:17.0900 2676  PcaSvc - ok
17:43:17.0925 2676  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             F:\WINDOWS\system32\drivers\pci.sys
17:43:17.0933 2676  pci - ok
17:43:17.0947 2676  [ F9908D274D458220F91E89B54D78D837 ] pciide          F:\WINDOWS\system32\drivers\pciide.sys
17:43:17.0953 2676  pciide - ok
17:43:17.0965 2676  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          F:\WINDOWS\system32\drivers\pcmcia.sys
17:43:17.0974 2676  pcmcia - ok
17:43:17.0991 2676  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             F:\WINDOWS\system32\drivers\pcw.sys
17:43:17.0997 2676  pcw - ok
17:43:18.0022 2676  [ 668168D499F7A16ABD0AD7ADA6563577 ] pdc             F:\WINDOWS\system32\drivers\pdc.sys
17:43:18.0028 2676  pdc - ok
17:43:18.0057 2676  [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH          F:\WINDOWS\system32\drivers\peauth.sys
17:43:18.0072 2676  PEAUTH - ok
17:43:18.0128 2676  [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc     F:\WINDOWS\system32\peerdistsvc.dll
17:43:18.0189 2676  PeerDistSvc - ok
17:43:18.0257 2676  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        F:\WINDOWS\SysWow64\perfhost.exe
17:43:18.0264 2676  PerfHost - ok
17:43:18.0309 2676  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             F:\WINDOWS\system32\pla.dll
17:43:18.0342 2676  pla - ok
17:43:18.0372 2676  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        F:\WINDOWS\system32\umpnpmgr.dll
17:43:18.0380 2676  PlugPlay - ok
17:43:18.0411 2676  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     F:\WINDOWS\system32\pnrpauto.dll
17:43:18.0418 2676  PNRPAutoReg - ok
17:43:18.0437 2676  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         F:\WINDOWS\system32\pnrpsvc.dll
17:43:18.0445 2676  PNRPsvc - ok
17:43:18.0478 2676  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     F:\WINDOWS\System32\ipsecsvc.dll
17:43:18.0490 2676  PolicyAgent - ok
17:43:18.0517 2676  [ F1E067F56373F11EA4B785CAE823740A ] Power           F:\WINDOWS\system32\umpo.dll
17:43:18.0537 2676  Power - ok
17:43:18.0564 2676  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    F:\WINDOWS\system32\DRIVERS\raspptp.sys
17:43:18.0573 2676  PptpMiniport - ok
17:43:18.0666 2676  [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE ] PrintNotify     F:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
17:43:18.0734 2676  PrintNotify - ok
17:43:18.0750 2676  [ 8DA167F8967AB35A2487095CB1B879A0 ] Processor       F:\WINDOWS\System32\drivers\processr.sys
17:43:18.0756 2676  Processor - ok
17:43:18.0774 2676  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         F:\WINDOWS\system32\profsvc.dll
17:43:18.0783 2676  ProfSvc - ok
17:43:18.0809 2676  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          F:\WINDOWS\system32\DRIVERS\pacer.sys
17:43:18.0818 2676  Psched - ok
17:43:18.0844 2676  [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI             F:\WINDOWS\system32\DRIVERS\psi_mf.sys
17:43:18.0848 2676  PSI - ok
17:43:18.0875 2676  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           F:\WINDOWS\system32\qwave.dll
17:43:18.0884 2676  QWAVE - ok
17:43:18.0902 2676  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        F:\WINDOWS\system32\drivers\qwavedrv.sys
17:43:18.0909 2676  QWAVEdrv - ok
17:43:18.0941 2676  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          F:\WINDOWS\system32\DRIVERS\rasacd.sys
17:43:18.0972 2676  RasAcd - ok
17:43:19.0008 2676  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     F:\WINDOWS\system32\DRIVERS\AgileVpn.sys
17:43:19.0017 2676  RasAgileVpn - ok
17:43:19.0046 2676  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         F:\WINDOWS\System32\rasauto.dll
17:43:19.0055 2676  RasAuto - ok
17:43:19.0062 2676  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         F:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:43:19.0071 2676  Rasl2tp - ok
17:43:19.0101 2676  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          F:\WINDOWS\System32\rasmans.dll
17:43:19.0112 2676  RasMan - ok
17:43:19.0120 2676  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        F:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:43:19.0128 2676  RasPppoe - ok
17:43:19.0131 2676  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         F:\WINDOWS\system32\DRIVERS\rassstp.sys
17:43:19.0140 2676  RasSstp - ok
17:43:19.0162 2676  [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss           F:\WINDOWS\system32\DRIVERS\rdbss.sys
17:43:19.0171 2676  rdbss - ok
17:43:19.0181 2676  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          F:\WINDOWS\System32\drivers\rdpbus.sys
17:43:19.0198 2676  rdpbus - ok
17:43:19.0214 2676  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           F:\WINDOWS\system32\drivers\rdpdr.sys
17:43:19.0235 2676  RDPDR - ok
17:43:19.0264 2676  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport F:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:43:19.0270 2676  RdpVideoMiniport - ok
17:43:19.0303 2676  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           F:\WINDOWS\system32\drivers\RDPWD.sys
17:43:19.0310 2676  RDPWD - ok
17:43:19.0313 2676  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        F:\WINDOWS\system32\drivers\rdyboost.sys
17:43:19.0322 2676  rdyboost - ok
17:43:19.0372 2676  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    F:\WINDOWS\System32\mprdim.dll
17:43:19.0381 2676  RemoteAccess - ok
17:43:19.0399 2676  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  F:\WINDOWS\system32\regsvc.dll
17:43:19.0411 2676  RemoteRegistry - ok
17:43:19.0434 2676  [ 17EF582CBC4809F96B9E6D0543480763 ] RFCOMM          F:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:43:19.0449 2676  RFCOMM - ok
17:43:19.0474 2676  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    F:\WINDOWS\System32\RpcEpMap.dll
17:43:19.0481 2676  RpcEptMapper - ok
17:43:19.0509 2676  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      F:\WINDOWS\system32\locator.exe
17:43:19.0516 2676  RpcLocator - ok
17:43:19.0556 2676  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           F:\WINDOWS\system32\rpcss.dll
17:43:19.0568 2676  RpcSs - ok
17:43:19.0574 2676  [ E04E770DD198B9399640717145E79EBF ] rspndr          F:\WINDOWS\system32\DRIVERS\rspndr.sys
17:43:19.0583 2676  rspndr - ok
17:43:19.0620 2676  [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168         F:\WINDOWS\system32\DRIVERS\Rt630x64.sys
17:43:19.0632 2676  RTL8168 - ok
17:43:19.0670 2676  [ 333224D4D25F9BCCA488E08345083E1C ] RTL8187         F:\WINDOWS\system32\DRIVERS\rtl8187.sys
17:43:19.0688 2676  RTL8187 - ok
17:43:19.0698 2676  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           F:\WINDOWS\System32\drivers\vms3cap.sys
17:43:19.0704 2676  s3cap - ok
17:43:19.0719 2676  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           F:\WINDOWS\system32\lsass.exe
17:43:19.0726 2676  SamSs - ok
17:43:19.0753 2676  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        F:\WINDOWS\system32\drivers\sbp2port.sys
17:43:19.0760 2676  sbp2port - ok
17:43:19.0792 2676  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        F:\WINDOWS\System32\SCardSvr.dll
17:43:19.0802 2676  SCardSvr - ok
17:43:19.0823 2676  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        F:\WINDOWS\system32\DRIVERS\scfilter.sys
17:43:19.0831 2676  scfilter - ok
17:43:19.0871 2676  [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule        F:\WINDOWS\system32\schedsvc.dll
17:43:19.0896 2676  Schedule - ok
17:43:19.0937 2676  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     F:\WINDOWS\System32\certprop.dll
17:43:19.0946 2676  SCPolicySvc - ok
17:43:19.0977 2676  [ 008E4F21A9F5B8847E166C7119799754 ] sdbus           F:\WINDOWS\System32\drivers\sdbus.sys
17:43:19.0985 2676  sdbus - ok
17:43:20.0004 2676  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          F:\WINDOWS\System32\SDRSVC.dll
17:43:20.0028 2676  SDRSVC - ok
17:43:20.0041 2676  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          F:\WINDOWS\System32\drivers\sdstor.sys
17:43:20.0047 2676  sdstor - ok
17:43:20.0061 2676  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          F:\WINDOWS\system32\drivers\secdrv.sys
17:43:20.0067 2676  secdrv - ok
17:43:20.0095 2676  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        F:\WINDOWS\system32\seclogon.dll
17:43:20.0105 2676  seclogon - ok
17:43:20.0159 2676  [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent F:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:43:20.0175 2676  Secunia PSI Agent - ok
17:43:20.0205 2676  [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent F:\Program Files (x86)\Secunia\PSI\sua.exe
17:43:20.0214 2676  Secunia Update Agent - ok
17:43:20.0237 2676  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            F:\WINDOWS\System32\sens.dll
17:43:20.0249 2676  SENS - ok
17:43:20.0257 2676  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        F:\WINDOWS\system32\sensrsvc.dll
17:43:20.0265 2676  SensrSvc - ok
17:43:20.0277 2676  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           F:\WINDOWS\system32\drivers\SerCx.sys
17:43:20.0284 2676  SerCx - ok
17:43:20.0305 2676  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         F:\WINDOWS\System32\drivers\serenum.sys
17:43:20.0312 2676  Serenum - ok
17:43:20.0344 2676  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          F:\WINDOWS\System32\drivers\serial.sys
17:43:20.0351 2676  Serial - ok
17:43:20.0372 2676  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        F:\WINDOWS\System32\drivers\sermouse.sys
17:43:20.0379 2676  sermouse - ok
17:43:20.0405 2676  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      F:\WINDOWS\system32\sessenv.dll
17:43:20.0413 2676  SessionEnv - ok
17:43:20.0432 2676  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         F:\WINDOWS\System32\drivers\sfloppy.sys
17:43:20.0438 2676  sfloppy - ok
17:43:20.0493 2676  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    F:\WINDOWS\System32\ipnathlp.dll
17:43:20.0505 2676  SharedAccess - ok
17:43:20.0547 2676  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection F:\WINDOWS\System32\shsvcs.dll
17:43:20.0577 2676  ShellHWDetection - ok
17:43:20.0602 2676  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        F:\WINDOWS\system32\drivers\SiSRaid2.sys
17:43:20.0608 2676  SiSRaid2 - ok
17:43:20.0621 2676  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        F:\WINDOWS\system32\drivers\sisraid4.sys
17:43:20.0628 2676  SiSRaid4 - ok
17:43:20.0721 2676  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service F:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:43:20.0760 2676  Skype C2C Service - ok
17:43:20.0778 2676  [ B866E8C5ED1DCBEA72285BA4107892C2 ] SkypeUpdate     F:\Program Files (x86)\Skype\Updater\Updater.exe
17:43:20.0783 2676  SkypeUpdate - ok
17:43:20.0812 2676  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        F:\WINDOWS\System32\snmptrap.exe
17:43:20.0821 2676  SNMPTRAP - ok
17:43:20.0856 2676  [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport       F:\WINDOWS\system32\drivers\spaceport.sys
17:43:20.0866 2676  spaceport - ok
17:43:20.0878 2676  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           F:\WINDOWS\system32\drivers\SpbCx.sys
17:43:20.0884 2676  SpbCx - ok
17:43:20.0912 2676  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         F:\WINDOWS\System32\spoolsv.exe
17:43:20.0938 2676  Spooler - ok
17:43:21.0028 2676  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          F:\WINDOWS\system32\sppsvc.exe
17:43:21.0086 2676  sppsvc - ok
17:43:21.0091 2676  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             F:\WINDOWS\system32\DRIVERS\srv.sys
17:43:21.0100 2676  srv - ok
17:43:21.0127 2676  [ C2106BB710AA34A046126AED7BCA6964 ] srv2            F:\WINDOWS\system32\DRIVERS\srv2.sys
17:43:21.0145 2676  srv2 - ok
17:43:21.0170 2676  [ 9400C71F5A1A380B494B6922F007D485 ] srvnet          F:\WINDOWS\system32\DRIVERS\srvnet.sys
17:43:21.0177 2676  srvnet - ok
17:43:21.0208 2676  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         F:\WINDOWS\System32\ssdpsrv.dll
17:43:21.0219 2676  SSDPSRV - ok
17:43:21.0250 2676  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         F:\WINDOWS\system32\sstpsvc.dll
17:43:21.0260 2676  SstpSvc - ok
17:43:21.0282 2676  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        F:\WINDOWS\system32\drivers\stexstor.sys
17:43:21.0288 2676  stexstor - ok
17:43:21.0328 2676  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          F:\WINDOWS\System32\wiaservc.dll
17:43:21.0346 2676  stisvc - ok
17:43:21.0370 2676  [ C588BBD37B432CE3204E5765B459E6B2 ] storahci        F:\WINDOWS\system32\drivers\storahci.sys
17:43:21.0377 2676  storahci - ok
17:43:21.0388 2676  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         F:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:43:21.0395 2676  storflt - ok
17:43:21.0407 2676  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         F:\WINDOWS\system32\storsvc.dll
17:43:21.0424 2676  StorSvc - ok
17:43:21.0448 2676  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         F:\WINDOWS\system32\drivers\storvsc.sys
17:43:21.0454 2676  storvsc - ok
17:43:21.0472 2676  [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp         F:\WINDOWS\System32\drivers\storvsp.sys
17:43:21.0494 2676  storvsp - ok
17:43:21.0506 2676  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           F:\WINDOWS\system32\svsvc.dll
17:43:21.0517 2676  svsvc - ok
17:43:21.0523 2676  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          F:\WINDOWS\System32\drivers\swenum.sys
17:43:21.0528 2676  swenum - ok
17:43:21.0558 2676  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           F:\WINDOWS\System32\swprv.dll
17:43:21.0573 2676  swprv - ok
17:43:21.0616 2676  [ DC21E1F06343773D7E24362DCEF7944B ] SysMain         F:\WINDOWS\system32\sysmain.dll
17:43:21.0641 2676  SysMain - ok
17:43:21.0665 2676  [ 079244F281621FEDCC161D3923E858FE ] SystemEventsBroker F:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:43:21.0676 2676  SystemEventsBroker - ok
17:43:21.0698 2676  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService F:\WINDOWS\System32\TabSvc.dll
17:43:21.0713 2676  TabletInputService - ok
17:43:21.0738 2676  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         F:\WINDOWS\System32\tapisrv.dll
17:43:21.0747 2676  TapiSrv - ok
17:43:21.0801 2676  [ 1D644E2D0FC395A055AB1C23C3B43631 ] Tcpip           F:\WINDOWS\system32\drivers\tcpip.sys
17:43:21.0860 2676  Tcpip - ok
17:43:21.0887 2676  [ 1D644E2D0FC395A055AB1C23C3B43631 ] TCPIP6          F:\WINDOWS\system32\DRIVERS\tcpip.sys
17:43:21.0921 2676  TCPIP6 - ok
17:43:21.0954 2676  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        F:\WINDOWS\system32\drivers\tcpipreg.sys
17:43:21.0962 2676  tcpipreg - ok
17:43:21.0992 2676  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             F:\WINDOWS\system32\DRIVERS\tdx.sys
17:43:21.0999 2676  tdx - ok
17:43:22.0026 2676  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        F:\WINDOWS\System32\drivers\terminpt.sys
17:43:22.0032 2676  terminpt - ok
17:43:22.0052 2676  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     F:\WINDOWS\System32\termsrv.dll
17:43:22.0066 2676  TermService - ok
17:43:22.0092 2676  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          F:\WINDOWS\system32\themeservice.dll
17:43:22.0104 2676  Themes - ok
17:43:22.0131 2676  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     F:\WINDOWS\system32\mmcss.dll
17:43:22.0137 2676  THREADORDER - ok
17:43:22.0169 2676  [ 52066C139CC189468845D5BE557B25EB ] TimeBroker      F:\WINDOWS\System32\TimeBrokerServer.dll
17:43:22.0177 2676  TimeBroker - ok
17:43:22.0202 2676  [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM             F:\WINDOWS\system32\drivers\tpm.sys
17:43:22.0210 2676  TPM - ok
17:43:22.0236 2676  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          F:\WINDOWS\System32\trkwks.dll
17:43:22.0244 2676  TrkWks - ok
17:43:22.0301 2676  [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller F:\WINDOWS\servicing\TrustedInstaller.exe
17:43:22.0316 2676  TrustedInstaller - ok
17:43:22.0330 2676  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        F:\WINDOWS\system32\drivers\tsusbflt.sys
17:43:22.0345 2676  TsUsbFlt - ok
17:43:22.0368 2676  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         F:\WINDOWS\System32\drivers\TsUsbGD.sys
17:43:22.0374 2676  TsUsbGD - ok
17:43:22.0402 2676  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          F:\WINDOWS\system32\DRIVERS\tunnel.sys
17:43:22.0412 2676  tunnel - ok
17:43:22.0430 2676  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          F:\WINDOWS\system32\drivers\uagp35.sys
17:43:22.0436 2676  uagp35 - ok
17:43:22.0444 2676  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        F:\WINDOWS\System32\drivers\uaspstor.sys
17:43:22.0451 2676  UASPStor - ok
17:43:22.0469 2676  [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000        F:\WINDOWS\System32\drivers\ucx01000.sys
17:43:22.0477 2676  UCX01000 - ok
17:43:22.0506 2676  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            F:\WINDOWS\system32\DRIVERS\udfs.sys
17:43:22.0518 2676  udfs - ok
17:43:22.0548 2676  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       F:\WINDOWS\system32\UI0Detect.exe
17:43:22.0557 2676  UI0Detect - ok
17:43:22.0586 2676  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        F:\WINDOWS\system32\drivers\uliagpkx.sys
17:43:22.0593 2676  uliagpkx - ok
17:43:22.0611 2676  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           F:\WINDOWS\System32\drivers\umbus.sys
17:43:22.0618 2676  umbus - ok
17:43:22.0632 2676  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          F:\WINDOWS\System32\drivers\umpass.sys
17:43:22.0638 2676  UmPass - ok
17:43:22.0671 2676  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    F:\WINDOWS\System32\umrdp.dll
17:43:22.0680 2676  UmRdpService - ok
17:43:22.0708 2676  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        F:\WINDOWS\System32\upnphost.dll
17:43:22.0720 2676  upnphost - ok
17:43:22.0746 2676  [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio        F:\WINDOWS\system32\drivers\usbaudio.sys
17:43:22.0760 2676  usbaudio - ok
17:43:22.0781 2676  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         F:\WINDOWS\System32\drivers\usbccgp.sys
17:43:22.0788 2676  usbccgp - ok
17:43:22.0822 2676  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          F:\WINDOWS\System32\drivers\usbcir.sys
17:43:22.0836 2676  usbcir - ok
17:43:22.0862 2676  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         F:\WINDOWS\System32\drivers\usbehci.sys
17:43:22.0869 2676  usbehci - ok
17:43:22.0884 2676  [ FBB6794E3BBAD92D66D59D206C1F849F ] usbhub          F:\WINDOWS\System32\drivers\usbhub.sys
17:43:22.0896 2676  usbhub - ok
17:43:22.0912 2676  [ 7B886003CEEBF3C8E4FDF3586DCB3787 ] USBHUB3         F:\WINDOWS\System32\drivers\UsbHub3.sys
17:43:22.0924 2676  USBHUB3 - ok
17:43:22.0940 2676  [ EC1303E3DBF312B846377A84C0D15F27 ] usbohci         F:\WINDOWS\System32\drivers\usbohci.sys
17:43:22.0958 2676  usbohci - ok
17:43:22.0972 2676  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        F:\WINDOWS\System32\drivers\usbprint.sys
17:43:22.0989 2676  usbprint - ok
17:43:23.0017 2676  [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan         F:\WINDOWS\System32\drivers\usbscan.sys
17:43:23.0039 2676  usbscan - ok
17:43:23.0058 2676  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         F:\WINDOWS\System32\drivers\USBSTOR.SYS
17:43:23.0065 2676  USBSTOR - ok
17:43:23.0080 2676  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         F:\WINDOWS\System32\drivers\usbuhci.sys
17:43:23.0086 2676  usbuhci - ok
17:43:23.0101 2676  [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI         F:\WINDOWS\System32\drivers\USBXHCI.SYS
17:43:23.0111 2676  USBXHCI - ok
17:43:23.0119 2676  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        F:\WINDOWS\system32\lsass.exe
17:43:23.0126 2676  VaultSvc - ok
17:43:23.0154 2676  [ 70BF30C45553F4A6DBB5D86053F8FBF1 ] VBoxDrv         F:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
17:43:23.0161 2676  VBoxDrv - ok
17:43:23.0186 2676  [ A4739B2242C29D23BB9CD6472320C42B ] VBoxNetAdp      F:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
17:43:23.0191 2676  VBoxNetAdp - ok
17:43:23.0198 2676  [ C72D8E0AE95D025BA7ECD82919CB139F ] VBoxNetFlt      F:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
17:43:23.0204 2676  VBoxNetFlt - ok
17:43:23.0229 2676  [ F5EB0B5663D56D6F68EF84DD19333F73 ] VBoxUSBMon      F:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
17:43:23.0234 2676  VBoxUSBMon - ok
17:43:23.0261 2676  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        F:\WINDOWS\system32\drivers\vdrvroot.sys
17:43:23.0267 2676  vdrvroot - ok
17:43:23.0285 2676  [ 00FBA165A1167738802DA5D0EE78EF10 ] vds             F:\WINDOWS\System32\vds.exe
17:43:23.0300 2676  vds - ok
17:43:23.0314 2676  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     F:\WINDOWS\system32\drivers\VerifierExt.sys
17:43:23.0322 2676  VerifierExt - ok
17:43:23.0341 2676  [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp           F:\WINDOWS\System32\drivers\vhdmp.sys
17:43:23.0353 2676  vhdmp - ok
17:43:23.0371 2676  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          F:\WINDOWS\system32\drivers\viaide.sys
17:43:23.0377 2676  viaide - ok
17:43:23.0396 2676  [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid             F:\WINDOWS\System32\drivers\Vid.sys
17:43:23.0404 2676  Vid - ok
17:43:23.0417 2676  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           F:\WINDOWS\system32\drivers\vmbus.sys
17:43:23.0423 2676  vmbus - ok
17:43:23.0442 2676  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        F:\WINDOWS\System32\drivers\VMBusHID.sys
17:43:23.0448 2676  VMBusHID - ok
17:43:23.0475 2676  [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr          F:\WINDOWS\System32\drivers\vmbusr.sys
17:43:23.0482 2676  vmbusr - ok
17:43:23.0504 2676  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   F:\WINDOWS\System32\ICSvc.dll
17:43:23.0513 2676  vmicheartbeat - ok
17:43:23.0516 2676  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange F:\WINDOWS\System32\ICSvc.dll
17:43:23.0525 2676  vmickvpexchange - ok
17:43:23.0538 2676  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         F:\WINDOWS\System32\ICSvc.dll
17:43:23.0546 2676  vmicrdv - ok
17:43:23.0549 2676  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    F:\WINDOWS\System32\ICSvc.dll
17:43:23.0558 2676  vmicshutdown - ok
17:43:23.0561 2676  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    F:\WINDOWS\System32\ICSvc.dll
17:43:23.0569 2676  vmictimesync - ok
17:43:23.0573 2676  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         F:\WINDOWS\System32\ICSvc.dll
17:43:23.0581 2676  vmicvss - ok
17:43:23.0600 2676  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          F:\WINDOWS\system32\drivers\volmgr.sys
17:43:23.0607 2676  volmgr - ok
17:43:23.0623 2676  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         F:\WINDOWS\system32\drivers\volmgrx.sys
17:43:23.0633 2676  volmgrx - ok
17:43:23.0647 2676  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         F:\WINDOWS\system32\drivers\volsnap.sys
17:43:23.0658 2676  volsnap - ok
17:43:23.0674 2676  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            F:\WINDOWS\System32\drivers\vpci.sys
17:43:23.0681 2676  vpci - ok
17:43:23.0687 2676  [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp         F:\WINDOWS\System32\drivers\vpcivsp.sys
17:43:23.0693 2676  vpcivsp - ok
17:43:23.0706 2676  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         F:\WINDOWS\system32\drivers\vsmraid.sys
17:43:23.0714 2676  vsmraid - ok
17:43:23.0759 2676  [ EA658570314042C914964FC72AB50E6B ] VSS             F:\WINDOWS\system32\vssvc.exe
17:43:23.0794 2676  VSS - ok
17:43:23.0825 2676  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        F:\WINDOWS\system32\drivers\vstxraid.sys
17:43:23.0835 2676  VSTXRAID - ok
17:43:23.0855 2676  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        F:\WINDOWS\System32\drivers\vwifibus.sys
17:43:23.0861 2676  vwifibus - ok
17:43:23.0864 2676  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        F:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:43:23.0871 2676  vwififlt - ok
17:43:23.0891 2676  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         F:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:43:23.0898 2676  vwifimp - ok
17:43:23.0925 2676  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         F:\WINDOWS\system32\w32time.dll
17:43:23.0937 2676  W32Time - ok
17:43:23.0947 2676  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        F:\WINDOWS\System32\drivers\wacompen.sys
17:43:23.0954 2676  WacomPen - ok
17:43:23.0975 2676  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp          F:\WINDOWS\system32\DRIVERS\wanarp.sys
17:43:23.0981 2676  Wanarp - ok
17:43:23.0997 2676  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6        F:\WINDOWS\system32\DRIVERS\wanarp.sys
17:43:24.0003 2676  Wanarpv6 - ok
17:43:24.0033 2676  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        F:\WINDOWS\system32\wbengine.exe
17:43:24.0061 2676  wbengine - ok
17:43:24.0075 2676  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        F:\WINDOWS\System32\wbiosrvc.dll
17:43:24.0084 2676  WbioSrvc - ok
17:43:24.0107 2676  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          F:\WINDOWS\System32\wcmsvc.dll
17:43:24.0117 2676  Wcmsvc - ok
17:43:24.0146 2676  [ 4507D89FA9E4283100948C91E867D130 ] wcncsvc         F:\WINDOWS\System32\wcncsvc.dll
17:43:24.0160 2676  wcncsvc - ok
17:43:24.0171 2676  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService F:\WINDOWS\System32\WcsPlugInService.dll
17:43:24.0190 2676  WcsPlugInService - ok
17:43:24.0214 2676  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              F:\WINDOWS\system32\drivers\wd.sys
17:43:24.0220 2676  Wd - ok
17:43:24.0246 2676  [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot          F:\WINDOWS\system32\drivers\WdBoot.sys
17:43:24.0252 2676  WdBoot - ok
17:43:24.0286 2676  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        F:\WINDOWS\system32\drivers\Wdf01000.sys
17:43:24.0301 2676  Wdf01000 - ok
17:43:24.0329 2676  [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter        F:\WINDOWS\system32\drivers\WdFilter.sys
17:43:24.0339 2676  WdFilter - ok
17:43:24.0370 2676  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  F:\WINDOWS\system32\wdi.dll
17:43:24.0383 2676  WdiServiceHost - ok
17:43:24.0385 2676  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   F:\WINDOWS\system32\wdi.dll
17:43:24.0396 2676  WdiSystemHost - ok
17:43:24.0415 2676  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       F:\WINDOWS\System32\webclnt.dll
17:43:24.0425 2676  WebClient - ok
17:43:24.0445 2676  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          F:\WINDOWS\system32\wecsvc.dll
17:43:24.0454 2676  Wecsvc - ok
17:43:24.0482 2676  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   F:\WINDOWS\System32\wercplsupport.dll
17:43:24.0537 2676  wercplsupport - ok
17:43:24.0549 2676  [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc          F:\WINDOWS\System32\WerSvc.dll
17:43:24.0563 2676  WerSvc - ok
17:43:24.0572 2676  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         F:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:43:24.0579 2676  WFPLWFS - ok
17:43:24.0604 2676  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          F:\WINDOWS\System32\wiarpc.dll
17:43:24.0612 2676  WiaRpc - ok
17:43:24.0626 2676  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        F:\WINDOWS\system32\drivers\wimmount.sys
17:43:24.0632 2676  WIMMount - ok
17:43:24.0643 2676  WinDefend - ok
17:43:24.0675 2676  [ 1369928779943B5C7AABA263E6E2BBC1 ] WinHttpAutoProxySvc F:\WINDOWS\system32\winhttp.dll
17:43:24.0686 2676  WinHttpAutoProxySvc - ok
17:43:24.0743 2676  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         F:\WINDOWS\system32\wbem\WMIsvc.dll
17:43:24.0752 2676  Winmgmt - ok
17:43:24.0814 2676  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           F:\WINDOWS\system32\WsmSvc.dll
17:43:24.0870 2676  WinRM - ok
17:43:24.0928 2676  [ EE83FBF4B9802983A3F980862CDA46BE ] WlanSvc         F:\WINDOWS\System32\wlansvc.dll
17:43:24.0961 2676  WlanSvc - ok
17:43:25.0000 2676  [ 08EFA13A2234C8C3B8A99E4B88BE7E9B ] wlidsvc         F:\WINDOWS\system32\wlidsvc.dll
17:43:25.0021 2676  wlidsvc - ok
17:43:25.0049 2676  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         F:\WINDOWS\System32\drivers\wmiacpi.sys
17:43:25.0056 2676  WmiAcpi - ok
17:43:25.0085 2676  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        F:\WINDOWS\system32\wbem\WmiApSrv.exe
17:43:25.0094 2676  wmiApSrv - ok
17:43:25.0112 2676  WMPNetworkSvc - ok
17:43:25.0126 2676  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         F:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:43:25.0149 2676  wpcfltr - ok
17:43:25.0173 2676  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          F:\WINDOWS\System32\wpcsvc.dll
17:43:25.0180 2676  WPCSvc - ok
17:43:25.0202 2676  [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum      F:\WINDOWS\system32\wpdbusenum.dll
17:43:25.0217 2676  WPDBusEnum - ok
17:43:25.0229 2676  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       F:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:43:25.0236 2676  WpdUpFltr - ok
17:43:25.0264 2676  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         F:\WINDOWS\system32\drivers\ws2ifsl.sys
17:43:25.0271 2676  ws2ifsl - ok
17:43:25.0280 2676  [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc          F:\WINDOWS\System32\wscsvc.dll
17:43:25.0307 2676  wscsvc - ok
17:43:25.0335 2676  [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice  F:\WINDOWS\System32\drivers\WSDPrint.sys
17:43:25.0341 2676  WSDPrintDevice - ok
17:43:25.0343 2676  WSearch - ok
17:43:25.0393 2676  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       F:\WINDOWS\System32\WSService.dll
17:43:25.0432 2676  WSService - ok
17:43:25.0500 2676  [ 270282F9357AB356300AD9DB9F0FD665 ] wuauserv        F:\WINDOWS\system32\wuaueng.dll
17:43:25.0543 2676  wuauserv - ok
17:43:25.0579 2676  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          F:\WINDOWS\system32\drivers\WudfPf.sys
17:43:25.0586 2676  WudfPf - ok
17:43:25.0600 2676  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          F:\WINDOWS\System32\drivers\WUDFRd.sys
17:43:25.0608 2676  WUDFRd - ok
17:43:25.0611 2676  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    F:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:43:25.0618 2676  WUDFSensorLP - ok
17:43:25.0628 2676  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         F:\WINDOWS\System32\WUDFSvc.dll
17:43:25.0636 2676  wudfsvc - ok
17:43:25.0650 2676  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       F:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:43:25.0657 2676  WUDFWpdFs - ok
17:43:25.0694 2676  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         F:\WINDOWS\System32\wwansvc.dll
17:43:25.0715 2676  WwanSvc - ok
17:43:25.0723 2676  ================ Scan global ===============================
17:43:25.0755 2676  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] F:\WINDOWS\system32\basesrv.dll
17:43:25.0778 2676  [ E9343076AE704D20BB0D01F3AF3EFFEF ] F:\WINDOWS\system32\winsrv.dll
17:43:25.0798 2676  [ BD7C6949984D19AAA609896B675E7357 ] F:\WINDOWS\system32\sxssrv.dll
17:43:25.0831 2676  [ 8F226143046435C75C033B0C52E90FFE ] F:\WINDOWS\system32\services.exe
17:43:25.0833 2676  [Global] - ok
17:43:25.0834 2676  ================ Scan MBR ==================================
17:43:25.0837 2676  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:43:25.0913 2676  \Device\Harddisk0\DR0 - ok
17:43:25.0931 2676  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:43:25.0989 2676  \Device\Harddisk1\DR1 - ok
17:43:25.0992 2676  [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk2\DR2
17:43:26.0473 2676  \Device\Harddisk2\DR2 - ok
17:43:26.0473 2676  ================ Scan VBR ==================================
17:43:26.0475 2676  [ 90298CC57228C48DF6C46E55C602D0C9 ] \Device\Harddisk0\DR0\Partition1
17:43:26.0475 2676  \Device\Harddisk0\DR0\Partition1 - ok
17:43:26.0477 2676  [ B034843D71A736263BF981CC3DEB83B6 ] \Device\Harddisk1\DR1\Partition1
17:43:26.0478 2676  \Device\Harddisk1\DR1\Partition1 - ok
17:43:26.0493 2676  [ D9953AEA769EE7F9294A50892A6C5BD4 ] \Device\Harddisk1\DR1\Partition2
17:43:26.0494 2676  \Device\Harddisk1\DR1\Partition2 - ok
17:43:26.0510 2676  [ EBE581039189E5071C4749366745D64B ] \Device\Harddisk1\DR1\Partition3
17:43:26.0511 2676  \Device\Harddisk1\DR1\Partition3 - ok
17:43:26.0513 2676  [ AE1E664A38C416479860F795135F3437 ] \Device\Harddisk2\DR2\Partition1
17:43:26.0513 2676  \Device\Harddisk2\DR2\Partition1 - ok
17:43:26.0514 2676  ============================================================
17:43:26.0514 2676  Scan finished
17:43:26.0514 2676  ============================================================
17:43:26.0519 4544  Detected object count: 0
17:43:26.0519 4544  Actual detected object count: 0
         
Hab ich sonst noch eine Möglichkeit übersehen, eine Ergebnisliste zu posten?

Gruß
verrant

Antwort

Themen zu Trojan.Generic.KDV.182338 (B)
adblock, aufrufe, bho, converter, desktop, document, downloader, emsisoft, error, festplatte, firefox, flash player, google, helper, homepage, logfile, mozilla, mp3, object, plug-in, problem, realtek, registry, scan, secunia psi, security, senden, system, traces, visual studio, win 8, windows, wiso




Ähnliche Themen: Trojan.Generic.KDV.182338 (B)


  1. Trojan.GenericKD.2269178 (B) + Trojan.Generic.13051484 (B) + Trojan.Generic.12905642 (B)
    Log-Analyse und Auswertung - 10.04.2015 (12)
  2. ZoneArlarm scan ergab u.a. HEUR:Trojan.Win32.Generic , Trojan.Win32.Agent.aeqtk
    Log-Analyse und Auswertung - 11.02.2014 (9)
  3. Desinfizierung durch Kaspersky nicht möglich: Trojan.Win32.Bromngr.k, HEUR:Trojan.Win32.Generic, Trojan-Downloader.Win32.MultiDL.I
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (1)
  4. Windows7:Kapersky findet HEUR:Trojan.Win32.generic und Trojan.Downloader.Win32MultiDL (Arbeitspc!)
    Log-Analyse und Auswertung - 15.11.2013 (9)
  5. Trojan.Sirefef.MC und Trojan.Generic.8253580 lassen sich nicht entfernen!
    Log-Analyse und Auswertung - 23.02.2013 (9)
  6. Trojan.Tdss-7762 und Trojan.Generic.FakeAV.WKA unter Vista
    Plagegeister aller Art und deren Bekämpfung - 19.11.2012 (20)
  7. Trojan Sirefek KD Trojan Generic 7656944
    Plagegeister aller Art und deren Bekämpfung - 07.09.2012 (3)
  8. Virenfund Trojan.Generic.7552386 und Trojan.Sirefef.FY nach GVU-Befall
    Log-Analyse und Auswertung - 03.08.2012 (15)
  9. Virusbefall (Trojan.Generic, Trojan.Sirefef, Win64.Sirefef, Win32.Atraps) bei windows installer & Co
    Plagegeister aller Art und deren Bekämpfung - 23.07.2012 (19)
  10. Trojan.SpyEye.config-251 und Trojan.Generic.KD.227292
    Log-Analyse und Auswertung - 10.06.2011 (5)
  11. Gen: Trojan.Heur.GM.01E0000002 und Trojan.Generic.4033639 von BitDefender Internet Security 2011 gef
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (1)
  12. Mehrere Viren u.a. Trojan-Dropper.Win32.FrauDrop.bdq, Trojan.Win32.Generic
    Log-Analyse und Auswertung - 13.09.2010 (5)
  13. Trojan.Generic.IS.541395 und Trojan.Script.190190
    Plagegeister aller Art und deren Bekämpfung - 29.03.2010 (17)
  14. Trojan.Agent (evtl. Trojan.Generic)
    Plagegeister aller Art und deren Bekämpfung - 09.12.2009 (1)
  15. Trojan.Generic
    Plagegeister aller Art und deren Bekämpfung - 08.12.2009 (12)
  16. Trojan.Generic auf PC
    Plagegeister aller Art und deren Bekämpfung - 02.02.2009 (1)
  17. Generic Trojan - Trojan Patch F
    Log-Analyse und Auswertung - 13.02.2008 (0)

Zum Thema Trojan.Generic.KDV.182338 (B) - Problem: Diverse Sites ließen sich in Chrome nicht mehr aufrufen. Neustart des T-Online Routers. Keine Besserung. Scan mit Emsisoft Anti-Malware nach manueller Virenlistenaktualisierung am 10.11.2012 – Fund: Trojan.Generic.KDV.182338 (B) Beschreibung - Trojan.Generic.KDV.182338 (B)...
Archiv
Du betrachtest: Trojan.Generic.KDV.182338 (B) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.