| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan.Generic.KDV.182338 (B)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.11.2012, 11:17
| #1 |
 |  Trojan.Generic.KDV.182338 (B) Problem: Diverse Sites ließen sich in Chrome nicht mehr aufrufen. Neustart des T-Online Routers. Keine Besserung. Scan mit Emsisoft Anti-Malware nach manueller Virenlistenaktualisierung am 10.11.2012 – Fund: Trojan.Generic.KDV.182338 (B) Beschreibung wie es dazu kam: Ehemals Win7 Pro System mit div. Programmen auf c: Neuinstallation Win 7 Pro auf F: und update mit Win 8 pro Über Bootmenu wird überlicherweise die Win 8 pro Installation aufgerufen. Chrome und Addons, kein Sandboxie (ich bin dumm und faul). Secunia und FileHippo werden bei Systemstart geladen. Letzte Aktualisierung nach Hinweis durch Secunia, war eine manuelle Installation von Adobe Flash Player, dabei InstallDatei von web-Site manuell geladen und ausgeführt. unternommene Schritte: Defogger -> Disable -> o.k. -> kein Neustart erforderlich. OTL-Download und Ausführung. Code:
ATTFilter OTL logfile created on: 11.11.2012 10:13:56 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\***\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16420) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 6,53 Gb Available Physical Memory | 81,86% Memory free 9,16 Gb Paging File | 6,99 Gb Available in Paging File | 76,25% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files (x86) Drive C: | 111,79 Gb Total Space | 49,87 Gb Free Space | 44,61% Space Free | Partition Type: NTFS Drive D: | 37,43 Gb Total Space | 37,33 Gb Free Space | 99,74% Space Free | Partition Type: NTFS Drive E: | 214,17 Gb Total Space | 201,86 Gb Free Space | 94,25% Space Free | Partition Type: NTFS Drive F: | 214,16 Gb Total Space | 137,80 Gb Free Space | 64,34% Space Free | Partition Type: NTFS Drive Z: | 465,64 Gb Total Space | 375,81 Gb Free Space | 80,71% Space Free | Partition Type: FAT32 Computer Name: WIN8-VERSUCH | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2012.11.11 10:13:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\***\Downloads\OTL.exe PRC - [2012.11.07 20:40:00 | 001,581,592 | ---- | M] (Google Inc.) -- F:\Windows\Temp\CR_4D744.tmp\setup.exe PRC - [2012.10.28 19:29:47 | 000,843,208 | ---- | M] (Samsung) -- F:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012.10.27 20:23:16 | 000,212,432 | ---- | M] (Google Inc.) -- F:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe PRC - [2012.10.17 17:02:24 | 003,364,264 | ---- | M] (Emsisoft GmbH) -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe PRC - [2012.10.06 17:01:48 | 003,084,176 | ---- | M] (Emsisoft GmbH) -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- F:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) -- F:\Program Files (x86)\Secunia\PSI\PSIA.exe PRC - [2012.09.24 13:46:16 | 000,656,480 | ---- | M] (Secunia) -- F:\Program Files (x86)\Secunia\PSI\sua.exe PRC - [2012.09.24 13:46:14 | 000,573,536 | ---- | M] (Secunia) -- F:\Program Files (x86)\Secunia\PSI\psi_tray.exe PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- F:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2012.09.20 10:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2012.09.20 09:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2012.09.20 07:32:59 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2012.09.20 07:32:58 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2012.09.20 07:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2012.09.20 07:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2012.09.20 07:30:38 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2012.08.29 14:22:36 | 000,208,384 | ---- | M] (Atheros Commnucations) [Auto | Running] -- F:\Windows\SysNative\AdminService.exe -- (AtherosSvc) SRV:64bit: - [2012.07.26 04:08:04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2012.07.26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2012.07.26 04:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2012.07.26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2012.07.26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2012.07.26 04:06:36 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2012.07.26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2012.07.26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2012.07.26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2012.07.26 04:06:00 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2012.07.26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2012.07.26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2012.07.26 04:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2012.07.26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2012.07.26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:64bit: - [2012.07.26 04:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV - [2012.11.10 20:40:11 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.10.29 18:45:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- F:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- F:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.10.06 17:01:48 | 003,084,176 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- F:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) [Auto | Running] -- F:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent) SRV - [2012.09.24 13:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Running] -- F:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.09.20 09:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- F:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService) SRV - [2012.07.26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.09.20 09:31:29 | 000,068,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:64bit: - [2012.09.20 08:55:33 | 000,445,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2012.09.20 08:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2012.09.20 08:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2012.09.20 08:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2012.09.20 08:55:30 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2012.09.20 08:55:29 | 000,028,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2012.09.20 08:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2012.09.20 08:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2012.09.20 08:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:64bit: - [2012.09.20 08:03:06 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2012.09.20 08:03:03 | 000,055,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- F:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:64bit: - [2012.09.20 07:09:11 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2012.09.20 07:08:27 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2012.09.13 06:13:42 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2012.08.29 14:22:38 | 000,565,760 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2012.08.22 00:12:20 | 000,055,336 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\AthDfu.sys -- (AthDfu) DRV:64bit: - [2012.07.26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- F:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.07.26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:64bit: - [2012.07.26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2012.07.26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2012.07.26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2012.07.26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2012.07.26 06:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2012.07.26 06:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:64bit: - [2012.07.26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2012.07.26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2012.07.26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2012.07.26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2012.07.26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2012.07.26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2012.07.26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2012.07.26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2012.07.26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:64bit: - [2012.07.26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012.07.26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- F:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012.07.26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:64bit: - [2012.07.26 05:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2012.07.26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:64bit: - [2012.07.26 05:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2012.07.26 05:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2012.07.26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012.07.26 04:17:38 | 000,027,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.07.26 03:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2012.07.26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2012.07.26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2012.07.26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2012.07.26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2012.07.26 03:27:58 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2012.07.26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2012.07.26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2012.07.26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2012.07.26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2012.07.26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2012.07.26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2012.07.26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2012.07.26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2012.07.26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2012.07.26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.07.26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2012.07.26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2012.07.26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.26 03:25:54 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2012.07.26 03:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\Vid.sys -- (Vid) DRV:64bit: - [2012.07.26 03:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp) DRV:64bit: - [2012.07.26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2012.07.26 03:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr) DRV:64bit: - [2012.07.26 03:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp) DRV:64bit: - [2012.07.26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2012.07.26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2012.07.26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- F:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2012.07.25 23:53:22 | 011,926,528 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.06.29 03:00:48 | 000,360,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.06.02 15:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV:64bit: - [2012.06.02 15:31:55 | 001,855,520 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- F:\Windows\SysNative\Drivers\netr28ux.sys -- (netr28ux) DRV:64bit: - [2011.12.16 15:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- F:\Windows\SysNative\Drivers\psi_mf.sys -- (PSI) DRV:64bit: - [2010.10.19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.01.07 02:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- F:\Windows\SysNative\Drivers\RTL8187.sys -- (RTL8187) DRV - [2012.04.30 17:45:28 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- F:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys -- (a2acc) DRV - [2012.04.30 17:45:00 | 000,044,688 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver) DRV - [2011.05.19 13:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA) DRV - [2010.05.05 08:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- F:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = F:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3B C6 B6 72 78 B4 CD 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {4B00392A-C410-4A53-9706-1F56FDED3CEC} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{4B00392A-C410-4A53-9706-1F56FDED3CEC}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: F:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: F:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: F:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: F:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: F:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: F:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: F:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: F:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: F:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: F:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: F:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: F:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 22:01:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: F:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.29 21:32:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: F:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.29 18:45:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: F:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: F:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.29 18:45:34 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: F:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.10.27 22:07:42 | 000,000,000 | ---D | M] (No name found) -- F:\Users\***\AppData\Roaming\mozilla\Extensions [2012.11.03 21:23:38 | 000,000,000 | ---D | M] (No name found) -- F:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ly48x1iy.default\extensions [2012.10.28 19:26:37 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- F:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ly48x1iy.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.11.03 21:23:38 | 000,000,000 | ---D | M] (No name found) -- F:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ly48x1iy.default\extensions\staged [2012.10.31 18:21:57 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files (x86)\mozilla firefox\extensions [2012.10.31 18:21:58 | 000,000,000 | ---D | M] (Skype Click to Call) -- F:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.10.27 22:07:20 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- F:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.06.28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- F:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- F:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = F:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = F:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = F:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = F:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll CHR - plugin: Skype Click to Call (Enabled) = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = F:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: Winamp Application Detector (Enabled) = F:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Microsoft Office 2010 (Enabled) = F:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = F:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = F:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = F:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = F:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = F:\WINDOWS\SysWOW64\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = F:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: VLC Web Plugin (Enabled) = F:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - Extension: Fast Search = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\afnaofjbkflgabdhippkhhinnnnfdopk\1.8_0\ CHR - Extension: Session Manager = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\ CHR - Extension: Funmoods = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\1.0_0\ CHR - Extension: Bulk Download Images(ZIG) = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedbigoemkinkepgmcmgnapjcahnedmn\2.1.5_0\ CHR - Extension: WOT = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.7_0\ CHR - Extension: YouTube = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Firebug Lite for Google Chrome\u2122 = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\ CHR - Extension: Meine IP-Adresse = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf\1.24_0\ CHR - Extension: FlashBlock = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffbjijcie\1.2.11.12_0\ CHR - Extension: Adblock Plus = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\ CHR - Extension: Puk-Puk = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cngkcldnnppckgbmndaccoffaikjbemc\3_0\ CHR - Extension: Image Downloader = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\1.3_0\ CHR - Extension: Google-Suche = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Best Utility Apps = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfkmehkjocihlfmcjkmdiekloihfaog\1.0.0.1_0\ CHR - Extension: Google Earth The Instant Way = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpifhlbldgbpgcgpcmiakanpghoddbme\0.7_0\ CHR - Extension: YouTube 2 Mp3 Converter = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\epkjgmpenmohanjnliedcekhjkbgbinj\1.0_0\ CHR - Extension: Torrent Turbo Search = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\3.5.5.9_0\ CHR - Extension: Ultimate Searcher = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfkkggpdieeljhcpgbdimpnlnpijccic\2.0_0\ CHR - Extension: Eye Dropper = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka\0.2.6_0\ CHR - Extension: MP3 Converter = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggjepemmdkieakihpomccndhdfcljdp\3.0.0.0_0\ CHR - Extension: colorPicker 0.9 = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jegimleidpfmpepbfajjlielaheedkdo\0.9.90_0\ CHR - Extension: Bubble Translate = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhlebbhengjlhmcjebbkambaekglhkf\1.5_0\ CHR - Extension: My IP = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaookbilagohkmkobbhanefacdhlcjdi\1.0_0\ CHR - Extension: FVD Video Downloader = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\1.3.9_0\ CHR - Extension: FVD Video Downloader = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\1.4.0_0\ CHR - Extension: Skype Click to Call = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\ CHR - Extension: DownAll = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljkdhninipglbomdgpakmhfbbggcfmog\0.4.1_0\ CHR - Extension: YouTube Instant = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnajachlebjlnfeglgoecpfcbaiigbja\0.8_0\ CHR - Extension: Google Maps = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\ CHR - Extension: Ghostery = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.0.0_0\ CHR - Extension: NotScripts = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\ CHR - Extension: Google Mail = F:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2012.07.26 06:26:49 | 000,000,824 | ---- | M]) - F:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - F:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - F:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [emsisoft anti-malware] f:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH) O4 - HKLM..\Run: [KiesTrayAgent] F:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [WinampAgent] F:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [] F:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKCU..\Run: [FileHippo.com] F:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com) O4 - HKCU..\Run: [GoogleDriveSync] F:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) O4 - HKCU..\Run: [KiesAirMessage] F:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) O4 - HKCU..\Run: [KiesPreload] F:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://F:\WINDOWS\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: An OneNote s&enden - res://F:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Free YouTube Download - F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://F:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - F:\WINDOWS\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - res://F:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Free YouTube Download - F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://F:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.9.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2257C3CF-27CC-423A-B5F3-07F564E20BEE}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A732324-48A3-4880-ACA9-9359D7080B96}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - F:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (F:\Windows\system32\userinit.exe) - F:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - F:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - F:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2002.10.17 09:56:50 | 000,000,036 | RH-- | M] () - Z:\Autorun.inf.bak -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.11.04 21:37:56 | 000,000,000 | ---D | C] -- F:\Users\***\Documents\WISO Mein Geld [2012.11.03 21:23:35 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Funmoods [2012.11.03 21:23:31 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\IrfanView [2012.11.03 21:23:31 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView [2012.11.03 21:23:30 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\IrfanView [2012.11.03 21:20:27 | 001,820,672 | ---- | C] (Irfan Skiljan) -- F:\Users\***\Desktop\iview433g_setup.exe [2012.11.03 21:20:27 | 001,725,680 | ---- | C] (Setup © ) -- F:\Users\***\Desktop\FunmoodsSetup.exe [2012.11.03 21:01:10 | 000,000,000 | ---D | C] -- F:\ProgramData\Visan [2012.11.03 21:01:10 | 000,000,000 | ---D | C] -- F:\ProgramData\HP Photo Creations [2012.11.03 21:01:10 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\HP Photo Creations [2012.11.03 21:01:04 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\HpUpdate [2012.11.03 21:00:59 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2012.11.03 21:00:44 | 000,000,000 | ---D | C] -- F:\Program Files\HP [2012.11.03 21:00:44 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\HP [2012.11.03 21:00:09 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\HP [2012.11.02 20:24:21 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.11.02 20:24:04 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Deployment [2012.11.02 20:24:04 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Apps [2012.11.02 18:28:15 | 000,000,000 | -HSD | C] -- F:\Config.Msi [2012.11.02 17:45:09 | 000,000,000 | ---D | C] -- F:\Program Files\Java [2012.11.02 17:43:23 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\Java [2012.10.31 18:21:53 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Skype [2012.10.31 18:21:51 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.10.31 18:21:51 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\Skype [2012.10.31 18:21:50 | 000,000,000 | R--D | C] -- F:\Program Files (x86)\Skype [2012.10.31 18:21:46 | 000,000,000 | ---D | C] -- F:\ProgramData\Skype [2012.10.30 18:40:57 | 000,000,000 | ---D | C] -- F:\WINDOWS\ehome [2012.10.29 21:33:19 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2012.10.29 21:32:49 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in [2012.10.29 21:32:49 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Winamp Detect [2012.10.29 21:32:43 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\PX Storage Engine [2012.10.29 21:32:39 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Winamp [2012.10.29 21:32:39 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Winamp [2012.10.29 21:00:01 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\vlc [2012.10.29 20:37:36 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.10.29 20:37:24 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\VideoLAN [2012.10.29 20:19:05 | 000,000,000 | ---D | C] -- F:\Users\***\Documents\Outlook-Dateien [2012.10.29 18:45:34 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Mozilla Thunderbird [2012.10.29 17:45:50 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Identities [2012.10.28 19:38:27 | 000,000,000 | ---D | C] -- F:\Users\Public\Documents\CrashDump [2012.10.28 19:35:55 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Adobe [2012.10.28 19:29:30 | 000,000,000 | ---D | C] -- F:\Users\Public\Documents\NativeFus_Log [2012.10.28 19:29:27 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Samsung [2012.10.28 19:29:27 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Samsung [2012.10.28 19:29:26 | 000,000,000 | ---D | C] -- F:\Users\***\Documents\samsung [2012.10.28 19:28:07 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Plugins [2012.10.28 19:26:36 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers [2012.10.28 19:26:35 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2012.10.28 19:26:33 | 000,405,144 | ---- | C] (Newtonsoft) -- F:\WINDOWS\SysWow64\Newtonsoft.Json.Net20.dll [2012.10.28 19:26:26 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\DVDVideoSoft [2012.10.28 19:26:26 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\DVDVideoSoft [2012.10.28 19:25:35 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\DVDVideoSoft [2012.10.28 19:23:38 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\GHISLER [2012.10.28 19:21:24 | 000,000,000 | ---D | C] -- F:\totalcmd [2012.10.28 19:21:24 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander [2012.10.28 19:20:42 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\GHISLER [2012.10.28 19:12:17 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [2012.10.28 19:12:15 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- F:\WINDOWS\SysWow64\Redemption.dll [2012.10.28 19:12:10 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- F:\WINDOWS\SysWow64\dgderapi.dll [2012.10.28 19:12:10 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\MarkAny [2012.10.28 19:11:46 | 000,000,000 | ---D | C] -- F:\ProgramData\Samsung [2012.10.28 19:11:46 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Samsung [2012.10.28 19:11:18 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Downloaded Installations [2012.10.28 19:09:39 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Macromedia [2012.10.28 19:09:39 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Macromedia [2012.10.28 19:00:20 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Opera [2012.10.28 19:00:20 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Opera [2012.10.28 19:00:15 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Opera [2012.10.28 18:58:14 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.10.28 18:58:12 | 000,000,000 | ---D | C] -- F:\Program Files\7-Zip [2012.10.28 18:55:51 | 000,000,000 | ---D | C] -- F:\ProgramData\HP [2012.10.28 18:51:23 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2012.10.28 18:51:22 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012.10.28 18:50:25 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Synchronization Services [2012.10.28 18:50:24 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\DESIGNER [2012.10.28 18:50:01 | 000,000,000 | ---D | C] -- F:\WINDOWS\PCHEALTH [2012.10.28 18:50:01 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Sync Framework [2012.10.28 18:50:01 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012.10.28 18:47:27 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Visual Studio 8 [2012.10.28 18:46:30 | 000,000,000 | ---D | C] -- F:\Program Files\Microsoft Office [2012.10.28 18:46:13 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Analysis Services [2012.10.28 18:45:58 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Microsoft Help [2012.10.28 18:45:55 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Office [2012.10.28 18:45:55 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft Help [2012.10.28 18:45:43 | 000,000,000 | RH-D | C] -- F:\MSOCache [2012.10.28 16:36:10 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2012.10.28 16:21:09 | 000,000,000 | ---D | C] -- F:\ProgramData\McAfee Security Scan [2012.10.28 16:21:06 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\McAfee Security Scan [2012.10.28 16:21:06 | 000,000,000 | ---D | C] -- F:\ProgramData\McAfee [2012.10.28 16:20:47 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Common Files\Adobe [2012.10.28 16:20:47 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Adobe [2012.10.28 16:20:01 | 000,000,000 | ---D | C] -- F:\ProgramData\Adobe [2012.10.28 13:47:15 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2012 [2012.10.28 13:46:46 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [2012.10.28 13:45:58 | 000,000,000 | -H-D | C] -- F:\Program Files (x86)\InstallShield Installation Information [2012.10.28 13:45:58 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\WISO [2012.10.28 13:42:49 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Buhl Data Service [2012.10.28 13:42:44 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Buhl Data Service [2012.10.28 13:42:43 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Buhl Data Service GmbH [2012.10.28 13:40:24 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Mein Geld 2013 [2012.10.28 13:40:05 | 000,000,000 | ---D | C] -- F:\ProgramData\Buhl Data Service GmbH [2012.10.28 13:39:55 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Buhl [2012.10.28 12:14:48 | 000,000,000 | --SD | C] -- F:\Users\***\Google Drive [2012.10.28 12:14:07 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive [2012.10.27 22:16:14 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\LibreOffice [2012.10.27 22:13:33 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.6 [2012.10.27 22:12:08 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\LibreOffice 3.6 [2012.10.27 22:09:26 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Mozilla [2012.10.27 22:07:42 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Thunderbird [2012.10.27 22:07:42 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Thunderbird [2012.10.27 22:07:42 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Mozilla [2012.10.27 22:07:22 | 000,000,000 | ---D | C] -- F:\ProgramData\Sun [2012.10.27 22:07:09 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Java [2012.10.27 22:01:40 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Mozilla Maintenance Service [2012.10.27 22:01:40 | 000,000,000 | ---D | C] -- F:\ProgramData\Mozilla [2012.10.27 22:01:30 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Mozilla Firefox [2012.10.27 21:57:40 | 000,000,000 | ---D | C] -- F:\Users\***\.VirtualBox [2012.10.27 21:56:54 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2012.10.27 21:56:50 | 000,000,000 | ---D | C] -- F:\WINDOWS\SysNative\DRVSTORE [2012.10.27 21:56:46 | 000,000,000 | ---D | C] -- F:\Program Files\Oracle [2012.10.27 21:55:11 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\MSXML 4.0 [2012.10.27 21:52:41 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.10.27 21:52:24 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Microsoft Silverlight [2012.10.27 21:50:08 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Secunia PSI [2012.10.27 21:50:02 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Secunia [2012.10.27 21:42:27 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\FileHippo.com [2012.10.27 21:39:47 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Reference Assemblies [2012.10.27 21:39:47 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\MSBuild [2012.10.27 21:39:11 | 000,000,000 | ---D | C] -- F:\WINDOWS\SysWow64\XPSViewer [2012.10.27 21:39:06 | 000,000,000 | ---D | C] -- F:\Program Files\Reference Assemblies [2012.10.27 21:39:06 | 000,000,000 | ---D | C] -- F:\Program Files\MSBuild [2012.10.27 21:37:14 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ [2012.10.27 21:37:14 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [2012.10.27 21:37:12 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Notepad++ [2012.10.27 21:37:12 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Notepad++ [2012.10.27 21:36:32 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64 [2012.10.27 21:36:27 | 000,000,000 | ---D | C] -- F:\Program Files\K-Lite Codec Pack x64 [2012.10.27 21:30:44 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.10.27 21:30:42 | 000,000,000 | ---D | C] -- F:\Program Files\CCleaner [2012.10.27 21:22:01 | 000,000,000 | R--D | C] -- F:\WINDOWS\BrowserChoice [2012.10.27 21:01:39 | 000,000,000 | ---D | C] -- F:\Windows.old [2012.10.27 20:56:22 | 000,000,000 | ---D | C] -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware [2012.10.27 20:55:53 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Emsisoft Anti-Malware [2012.10.27 20:55:53 | 000,000,000 | ---D | C] -- F:\Users\***\Documents\Anti-Malware [2012.10.27 20:43:40 | 000,000,000 | ---D | C] -- F:\Program Files\ATI Technologies [2012.10.27 20:43:38 | 000,000,000 | ---D | C] -- F:\Program Files\ATI [2012.10.27 20:43:02 | 000,000,000 | ---D | C] -- F:\AMD [2012.10.27 20:23:17 | 000,000,000 | ---D | C] -- F:\Program Files (x86)\Google [2012.10.27 20:23:14 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Google [2012.10.27 20:15:15 | 000,000,000 | R--D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.10.27 20:15:15 | 000,000,000 | R--D | C] -- F:\Users\***\Searches [2012.10.27 20:15:15 | 000,000,000 | R--D | C] -- F:\Users\***\Contacts [2012.10.27 20:15:15 | 000,000,000 | R--D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.10.27 20:15:13 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Adobe [2012.10.27 20:14:45 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\VirtualStore [2012.10.27 20:14:38 | 000,000,000 | ---D | C] -- F:\ProgramData\PRICache [2012.10.27 20:14:38 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Packages [2012.10.27 20:14:10 | 000,000,000 | --SD | C] -- F:\Users\***\AppData\Roaming\Microsoft [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Videos [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Saved Games [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Pictures [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Music [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Links [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Favorites [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Downloads [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Documents [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\Desktop [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.10.27 20:14:10 | 000,000,000 | R--D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Vorlagen [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\AppData\Local\Verlauf [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\AppData\Local\Temporary Internet Files [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Startmenü [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\SendTo [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Recent [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Netzwerkumgebung [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Lokale Einstellungen [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Documents\Eigene Videos [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Documents\Eigene Musik [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Eigene Dateien [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Documents\Eigene Bilder [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Druckumgebung [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Cookies [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\AppData\Local\Anwendungsdaten [2012.10.27 20:14:10 | 000,000,000 | -HSD | C] -- F:\Users\***\Anwendungsdaten [2012.10.27 20:14:10 | 000,000,000 | -H-D | C] -- F:\Users\***\AppData [2012.10.27 20:14:10 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Temp [2012.10.27 20:14:10 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Local\Microsoft [2012.10.27 20:14:10 | 000,000,000 | ---D | C] -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.10.27 20:13:32 | 000,000,000 | ---D | C] -- F:\WINDOWS\CSC [2012.10.27 20:08:26 | 000,000,000 | -HSD | C] -- F:\Program Files\Gemeinsame Dateien [2012.10.27 20:08:26 | 000,000,000 | -HSD | C] -- F:\Users\Public\Documents\Eigene Videos [2012.10.27 20:08:26 | 000,000,000 | -HSD | C] -- F:\Users\Public\Documents\Eigene Musik [2012.10.27 20:08:26 | 000,000,000 | -HSD | C] -- F:\Users\Public\Documents\Eigene Bilder [2012.10.27 20:08:25 | 000,000,000 | -HSD | C] -- F:\ProgramData\Vorlagen [2012.10.27 20:08:25 | 000,000,000 | -HSD | C] -- F:\ProgramData\Startmenü [2012.10.27 20:08:25 | 000,000,000 | -HSD | C] -- F:\ProgramData\Dokumente [2012.10.27 20:08:25 | 000,000,000 | -HSD | C] -- F:\ProgramData\Anwendungsdaten [2012.10.27 20:07:36 | 000,000,000 | ---D | C] -- F:\WINDOWS\SoftwareDistribution [2012.10.27 20:03:44 | 000,000,000 | ---D | C] -- F:\WINDOWS\Prefetch [2012.10.27 19:49:28 | 000,000,000 | ---D | C] -- F:\WINDOWS\Panther [2012.10.27 15:54:00 | 000,000,000 | RH-D | C] -- F:\ESD [2012.10.27 14:21:40 | 000,000,000 | ---D | C] -- F:\Intel [2012.10.27 13:57:27 | 000,000,000 | -HSD | C] -- F:\Recovery [2012.10.27 13:57:27 | 000,000,000 | -HSD | C] -- F:\Programme [2012.10.27 13:57:27 | 000,000,000 | -HSD | C] -- F:\Dokumente und Einstellungen ========== Files - Modified Within 30 Days ========== [2012.11.11 10:08:38 | 000,000,000 | ---- | M] () -- F:\Users\***\defogger_reenable [2012.11.11 09:28:01 | 000,001,130 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.11.11 09:22:03 | 000,000,884 | ---- | M] () -- F:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.11.11 09:15:27 | 000,067,584 | --S- | M] () -- F:\WINDOWS\bootstat.dat [2012.11.10 21:56:12 | 000,001,972 | ---- | M] () -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart Plus B210 series.lnk [2012.11.10 21:56:05 | 000,001,126 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.11.07 21:43:07 | 000,223,477 | ---- | M] () -- F:\Users\***\Documents\Scan0001.pdf [2012.11.07 21:16:14 | 001,724,222 | ---- | M] () -- F:\Users\***\Documents\***.zip [2012.11.07 21:03:05 | 268,435,456 | -HS- | M] () -- F:\swapfile.sys [2012.11.05 20:47:00 | 001,745,416 | ---- | M] () -- F:\WINDOWS\SysNative\PerfStringBackup.INI [2012.11.05 20:47:00 | 000,751,892 | ---- | M] () -- F:\WINDOWS\SysNative\perfh007.dat [2012.11.05 20:47:00 | 000,710,046 | ---- | M] () -- F:\WINDOWS\SysNative\perfh009.dat [2012.11.05 20:47:00 | 000,155,620 | ---- | M] () -- F:\WINDOWS\SysNative\perfc007.dat [2012.11.05 20:47:00 | 000,132,416 | ---- | M] () -- F:\WINDOWS\SysNative\perfc009.dat [2012.11.05 20:42:03 | 2557,579,263 | -HS- | M] () -- F:\hiberfil.sys [2012.11.05 20:00:08 | 000,399,302 | ---- | M] () -- F:\Users\***\Documents\Scan0005.jpg [2012.11.05 19:59:15 | 000,452,199 | ---- | M] () -- F:\Users\***\Documents\Scan0004.jpg [2012.11.05 19:58:33 | 000,424,520 | ---- | M] () -- F:\Users\***\Documents\Scan0003.jpg [2012.11.05 19:56:29 | 000,378,680 | ---- | M] () -- F:\Users\***\Documents\Scan0002.jpg [2012.11.05 18:14:20 | 000,002,247 | ---- | M] () -- F:\Users\***\Desktop\Google Chrome.lnk [2012.11.03 21:30:53 | 000,120,535 | ---- | M] () -- F:\Users\***\Documents\Apfel auf grobem Papier - 118.jpg [2012.11.03 21:27:05 | 000,647,131 | ---- | M] () -- F:\Users\***\Documents\Apfel auf grobem Papier.jpg [2012.11.03 21:23:37 | 000,031,465 | ---- | M] () -- F:\Users\***\AppData\Local\funmoods.crx [2012.11.03 21:23:31 | 000,001,890 | ---- | M] () -- F:\Users\Public\Desktop\IrfanView Thumbnails.lnk [2012.11.03 21:23:31 | 000,001,002 | ---- | M] () -- F:\Users\Public\Desktop\IrfanView.lnk [2012.11.03 21:22:39 | 001,725,680 | ---- | M] (Setup © ) -- F:\Users\***\Desktop\FunmoodsSetup.exe [2012.11.03 21:22:35 | 001,820,672 | ---- | M] (Irfan Skiljan) -- F:\Users\***\Desktop\iview433g_setup.exe [2012.11.03 21:18:04 | 000,000,476 | -H-- | M] () -- F:\Users\***\Documents\.picasa.ini [2012.11.03 21:11:48 | 000,750,250 | ---- | M] () -- F:\Users\***\Documents\Scan0001-001.jpg [2012.11.03 21:04:01 | 000,333,125 | ---- | M] () -- F:\Users\***\Documents\Scan0001.jpg [2012.11.03 21:01:11 | 000,001,991 | ---- | M] () -- F:\Users\Public\Desktop\HP Photo Creations.lnk [2012.11.03 21:00:59 | 000,002,308 | ---- | M] () -- F:\Users\Public\Desktop\HP Photosmart Plus B210 series.lnk [2012.11.03 21:00:59 | 000,001,215 | ---- | M] () -- F:\Users\Public\Desktop\Shop für Zubehör - HP Photosmart Plus B210 series.lnk [2012.11.03 21:00:41 | 000,000,057 | ---- | M] () -- F:\ProgramData\Ament.ini [2012.10.31 18:27:13 | 000,011,034 | ---- | M] () -- F:\Users\***\Documents\Was du machst.rar [2012.10.31 18:21:51 | 000,002,517 | ---- | M] () -- F:\Users\Public\Desktop\Skype.lnk [2012.10.30 18:43:39 | 000,467,184 | ---- | M] () -- F:\WINDOWS\SysNative\FNTCACHE.DAT [2012.10.29 21:33:20 | 000,000,979 | ---- | M] () -- F:\Users\Public\Desktop\Winamp.lnk [2012.10.29 20:37:36 | 000,001,066 | ---- | M] () -- F:\Users\Public\Desktop\VLC media player.lnk [2012.10.28 19:44:28 | 000,001,239 | ---- | M] () -- F:\Users\***\Desktop\DVDVideoSoft Free Studio.lnk [2012.10.28 19:29:25 | 000,001,992 | ---- | M] () -- F:\Users\Public\Desktop\Samsung Kies.lnk [2012.10.28 19:26:35 | 000,001,398 | ---- | M] () -- F:\Users\***\Desktop\Free YouTube to MP3 Converter.lnk [2012.10.28 19:21:25 | 000,000,646 | ---- | M] () -- F:\Users\***\Desktop\Total Commander 64 bit.lnk [2012.10.28 18:55:54 | 000,000,000 | -H-- | M] () -- F:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2012.10.28 16:36:10 | 000,002,046 | ---- | M] () -- F:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.10.28 16:36:10 | 000,002,046 | ---- | M] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.10.28 16:20:52 | 000,002,019 | ---- | M] () -- F:\Users\Public\Desktop\Adobe Reader XI.lnk [2012.10.28 13:53:07 | 000,002,127 | ---- | M] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2012.10.28 13:53:07 | 000,002,095 | ---- | M] () -- F:\Users\Public\Desktop\WISO Steuer-Sparbuch 2012.lnk [2012.10.28 13:46:50 | 000,001,106 | ---- | M] () -- F:\Users\Public\Desktop\Picasa 3.lnk [2012.10.28 13:40:25 | 000,001,206 | ---- | M] () -- F:\Users\Public\Desktop\WISO Mein Geld 2013.lnk [2012.10.28 12:14:48 | 000,001,715 | ---- | M] () -- F:\Users\***\Desktop\Google Drive.lnk [2012.10.28 11:32:20 | 000,000,000 | -H-- | M] () -- F:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf [2012.10.27 22:13:33 | 000,001,126 | ---- | M] () -- F:\Users\Public\Desktop\LibreOffice 3.6.lnk [2012.10.27 22:05:21 | 000,002,086 | ---- | M] () -- F:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012.10.27 22:01:41 | 000,001,147 | ---- | M] () -- F:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.10.27 21:56:55 | 000,001,076 | ---- | M] () -- F:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2012.10.27 21:50:03 | 000,001,106 | ---- | M] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012.10.27 21:43:23 | 000,000,822 | ---- | M] () -- F:\Users\Public\Desktop\CCleaner.lnk [2012.10.27 21:42:27 | 000,001,969 | ---- | M] () -- F:\Users\***\Desktop\Update Checker.lnk [2012.10.27 21:07:54 | 000,007,605 | ---- | M] () -- F:\Users\***\AppData\Local\Resmon.ResmonCfg [2012.10.27 20:58:43 | 000,000,116 | ---- | M] () -- F:\Users\***\Desktop\listen1.asx [2012.10.27 20:56:22 | 000,001,091 | ---- | M] () -- F:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2012.10.27 20:04:00 | 000,000,000 | ---- | M] () -- F:\WINDOWS\ativpsrm.bin [2012.10.27 20:04:00 | 000,000,000 | ---- | M] () -- F:\WINDOWS\SysNative\atiicdxx.dat ========== Files Created - No Company Name ========== [2012.11.11 10:08:38 | 000,000,000 | ---- | C] () -- F:\Users\***\defogger_reenable [2012.11.07 21:43:07 | 000,223,477 | ---- | C] () -- F:\Users\***\Documents\Scan0001.pdf [2012.11.07 21:16:11 | 001,724,222 | ---- | C] () -- F:\Users\***\Documents\***.zip [2012.11.05 20:00:07 | 000,399,302 | ---- | C] () -- F:\Users\***\Documents\Scan0005.jpg [2012.11.05 19:59:15 | 000,452,199 | ---- | C] () -- F:\Users\***\Documents\Scan0004.jpg [2012.11.05 19:58:33 | 000,424,520 | ---- | C] () -- F:\Users\***\Documents\Scan0003.jpg [2012.11.05 19:56:29 | 000,378,680 | ---- | C] () -- F:\Users\***\Documents\Scan0002.jpg [2012.11.03 21:30:53 | 000,120,535 | ---- | C] () -- F:\Users\***\Documents\Apfel auf grobem Papier - 118.jpg [2012.11.03 21:27:05 | 000,647,131 | ---- | C] () -- F:\Users\***\Documents\Apfel auf grobem Papier.jpg [2012.11.03 21:23:38 | 000,031,465 | ---- | C] () -- F:\Users\***\AppData\Local\funmoods.crx [2012.11.03 21:23:31 | 000,001,890 | ---- | C] () -- F:\Users\Public\Desktop\IrfanView Thumbnails.lnk [2012.11.03 21:23:31 | 000,001,002 | ---- | C] () -- F:\Users\Public\Desktop\IrfanView.lnk [2012.11.03 21:11:48 | 000,750,250 | ---- | C] () -- F:\Users\***\Documents\Scan0001-001.jpg [2012.11.03 21:05:06 | 000,000,476 | -H-- | C] () -- F:\Users\***\Documents\.picasa.ini [2012.11.03 21:04:01 | 000,333,125 | ---- | C] () -- F:\Users\***\Documents\Scan0001.jpg [2012.11.03 21:01:51 | 000,001,972 | ---- | C] () -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart Plus B210 series.lnk [2012.11.03 21:01:11 | 000,001,991 | ---- | C] () -- F:\Users\Public\Desktop\HP Photo Creations.lnk [2012.11.03 21:01:06 | 000,000,968 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk [2012.11.03 21:00:59 | 000,002,308 | ---- | C] () -- F:\Users\Public\Desktop\HP Photosmart Plus B210 series.lnk [2012.11.03 21:00:59 | 000,001,215 | ---- | C] () -- F:\Users\Public\Desktop\Shop für Zubehör - HP Photosmart Plus B210 series.lnk [2012.11.03 21:00:41 | 000,000,057 | ---- | C] () -- F:\ProgramData\Ament.ini [2012.11.02 20:24:22 | 000,002,247 | ---- | C] () -- F:\Users\***\Desktop\Google Chrome.lnk [2012.10.31 18:27:12 | 000,011,034 | ---- | C] () -- F:\Users\***\Documents\Was du machst.rar [2012.10.31 18:21:51 | 000,002,517 | ---- | C] () -- F:\Users\Public\Desktop\Skype.lnk [2012.10.30 18:38:42 | 000,031,841 | ---- | C] () -- F:\WINDOWS\ProfessionalWMC.xml [2012.10.29 21:33:20 | 000,000,979 | ---- | C] () -- F:\Users\Public\Desktop\Winamp.lnk [2012.10.29 20:37:36 | 000,001,066 | ---- | C] () -- F:\Users\Public\Desktop\VLC media player.lnk [2012.10.28 19:29:25 | 000,001,992 | ---- | C] () -- F:\Users\Public\Desktop\Samsung Kies.lnk [2012.10.28 19:26:35 | 000,001,398 | ---- | C] () -- F:\Users\***\Desktop\Free YouTube to MP3 Converter.lnk [2012.10.28 19:26:35 | 000,001,239 | ---- | C] () -- F:\Users\***\Desktop\DVDVideoSoft Free Studio.lnk [2012.10.28 19:21:25 | 000,000,646 | ---- | C] () -- F:\Users\***\Desktop\Total Commander 64 bit.lnk [2012.10.28 19:00:19 | 000,001,841 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012.10.28 18:55:54 | 000,000,000 | -H-- | C] () -- F:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2012.10.28 16:36:41 | 000,000,884 | ---- | C] () -- F:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.10.28 16:21:06 | 000,002,046 | ---- | C] () -- F:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.10.28 16:21:06 | 000,002,046 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.10.28 16:20:52 | 000,002,019 | ---- | C] () -- F:\Users\Public\Desktop\Adobe Reader XI.lnk [2012.10.28 16:20:51 | 000,002,441 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2012.10.28 14:35:33 | 000,467,184 | ---- | C] () -- F:\WINDOWS\SysNative\FNTCACHE.DAT [2012.10.28 13:53:07 | 000,002,127 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2012.10.28 13:53:07 | 000,002,095 | ---- | C] () -- F:\Users\Public\Desktop\WISO Steuer-Sparbuch 2012.lnk [2012.10.28 13:46:50 | 000,001,106 | ---- | C] () -- F:\Users\Public\Desktop\Picasa 3.lnk [2012.10.28 13:40:25 | 000,001,206 | ---- | C] () -- F:\Users\Public\Desktop\WISO Mein Geld 2013.lnk [2012.10.28 12:14:48 | 000,001,715 | ---- | C] () -- F:\Users\***\Desktop\Google Drive.lnk [2012.10.28 11:32:20 | 000,000,000 | -H-- | C] () -- F:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf [2012.10.27 22:13:33 | 000,001,126 | ---- | C] () -- F:\Users\Public\Desktop\LibreOffice 3.6.lnk [2012.10.27 22:05:21 | 000,002,098 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012.10.27 22:05:21 | 000,002,086 | ---- | C] () -- F:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012.10.27 22:01:41 | 000,001,159 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.10.27 22:01:41 | 000,001,147 | ---- | C] () -- F:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.10.27 21:56:55 | 000,001,076 | ---- | C] () -- F:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2012.10.27 21:50:03 | 000,001,106 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012.10.27 21:50:03 | 000,001,069 | ---- | C] () -- F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk [2012.10.27 21:42:27 | 000,001,999 | ---- | C] () -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk [2012.10.27 21:42:27 | 000,001,969 | ---- | C] () -- F:\Users\***\Desktop\Update Checker.lnk [2012.10.27 21:36:32 | 000,148,992 | ---- | C] ( ) -- F:\WINDOWS\SysNative\lagarith.dll [2012.10.27 21:36:31 | 000,206,336 | ---- | C] () -- F:\WINDOWS\SysNative\unrar.dll [2012.10.27 21:36:29 | 000,092,160 | ---- | C] () -- F:\WINDOWS\SysNative\ff_vfw.dll [2012.10.27 21:30:44 | 000,000,822 | ---- | C] () -- F:\Users\Public\Desktop\CCleaner.lnk [2012.10.27 21:07:54 | 000,007,605 | ---- | C] () -- F:\Users\***\AppData\Local\Resmon.ResmonCfg [2012.10.27 21:02:00 | 000,000,116 | ---- | C] () -- F:\Users\***\Desktop\listen1.asx [2012.10.27 20:56:22 | 000,001,091 | ---- | C] () -- F:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2012.10.27 20:37:32 | 000,361,934 | ---- | C] () -- F:\WINDOWS\SysNative\ApnDatabase.xml [2012.10.27 20:37:21 | 000,110,592 | ---- | C] () -- F:\WINDOWS\SysNative\OEMLicense.dll [2012.10.27 20:37:21 | 000,083,968 | ---- | C] () -- F:\WINDOWS\SysWow64\OEMLicense.dll [2012.10.27 20:23:18 | 000,001,130 | ---- | C] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.10.27 20:23:17 | 000,001,126 | ---- | C] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.10.27 20:15:13 | 000,001,438 | ---- | C] () -- F:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.10.27 20:04:00 | 000,000,000 | ---- | C] () -- F:\WINDOWS\ativpsrm.bin [2012.10.27 20:04:00 | 000,000,000 | ---- | C] () -- F:\WINDOWS\SysNative\atiicdxx.dat [2012.10.27 20:02:58 | 268,435,456 | -HS- | C] () -- F:\swapfile.sys [2012.10.27 14:04:38 | 000,007,233 | ---- | C] () -- F:\pdiports.cat [2012.10.27 14:04:38 | 000,002,853 | ---- | C] () -- F:\pdiports64.inf [2012.10.27 13:43:24 | 2557,579,263 | -HS- | C] () -- F:\hiberfil.sys [2012.09.26 20:57:16 | 000,030,568 | ---- | C] () -- F:\WINDOWS\MusiccityDownload.exe [2012.09.26 20:57:14 | 000,974,848 | ---- | C] () -- F:\WINDOWS\SysWow64\cis-2.4.dll [2012.09.26 20:57:14 | 000,081,920 | ---- | C] () -- F:\WINDOWS\SysWow64\issacapi_bs-2.3.dll [2012.09.26 20:57:14 | 000,065,536 | ---- | C] () -- F:\WINDOWS\SysWow64\issacapi_pe-2.3.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | C] () -- F:\WINDOWS\SysWow64\issacapi_se-2.3.dll [2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- F:\WINDOWS\SysWow64\dssec.dat [2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- F:\WINDOWS\SysWow64\NOISE.DAT [2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- F:\WINDOWS\bootstat.dat [2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- F:\WINDOWS\SysWow64\BWContextHandler.dll [2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- F:\WINDOWS\mib.bin [2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- F:\WINDOWS\SysWow64\msjetoledb40.dll [2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- F:\WINDOWS\SysWow64\mlang.dat ========== ZeroAccess Check ========== [2012.11.02 20:24:08 | 000,000,227 | RHS- | M] () -- F:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = F:\Windows\SysNative\shell32.dll -- [2012.10.11 06:45:39 | 019,789,824 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.10.11 06:07:29 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = F:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = F:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.10.28 13:42:49 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Buhl Data Service [2012.10.30 20:24:53 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Buhl Data Service GmbH [2012.10.28 19:45:23 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\DVDVideoSoft [2012.10.28 19:44:29 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers [2012.10.28 19:20:42 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\GHISLER [2012.11.03 21:23:31 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\IrfanView [2012.10.27 22:16:14 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\LibreOffice [2012.10.28 18:52:20 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Notepad++ [2012.10.28 19:00:20 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Opera [2012.10.28 19:29:27 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Samsung [2012.10.27 22:07:42 | 000,000,000 | ---D | M] -- F:\Users\***\AppData\Roaming\Thunderbird ========== Purity Check ========== < End of report > Code:
ATTFilter Emsisoft Anti-Malware - Version 7.0
Letztes Update: 10.11.2012 20:46:20
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, E:\, F:\, Z:\
Riskware-Erkennung: Aus
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan Beginn: 10.11.2012 22:32:47
C:\Users\Ghost\Desktop\2011file.exe.dat gefunden: Trojan.Generic.KDV.182338 (B)
Gescannt 874317
Gefunden 1
Scan Ende: 11.11.2012 10:00:15
Scan Zeit: 11:27:28
C:\Users\Ghost\Desktop\2011file.exe.dat Quarantäne Trojan.Generic.KDV.182338 (B)
Quarantäne 1
Nun bitte ich um Hilfe bei der weiteren Vorgehensweise. Den Rechner nutze ich auch fürs OnlineBanking. Das Internet läuft heute Vormittag schnell und problemlos wie gewohnt. Grüsse verrant Edith: asvMBR.exe versucht. AVAST-VirenlistenDownload erlaubt. Sowohl Scan als auch QuickScan brechen mit einer Windows-Fehlermeldung ab (*... funktioniert nicht mehr.) . War ein Versuch, es gab keinen bestimmten Anlass. Info als Info dazu gestellt. /Edith aus. Geändert von verrant (11.11.2012 um 11:36 Uhr) |
|
12.11.2012, 14:51
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojan.Generic.KDV.182338 (B) Hallo,
__________________Zitat:
Die liegt auf deinem Desktop, du musst du selbst da abgelegt haben!
__________________ |
|
12.11.2012, 16:22
| #3 |
| | Trojan.Generic.KDV.182338 (B) Moin Moin.
__________________Hab den Rechner mit Win 7 gestartet. Dort liegt auf dem Desktop keine solche Datei. Ich habe auch versucht die Datei aus www.virusttotal.com untersuchen zu lassen. Dazu Datei wiederhergestellt und manuell erneut in Quarantäne genommen. Weder über die Dateibrowser-Funktion der Site noch durch Ziehen der Datei, war es möglich diese dort "einzuladen". Die Datei tauchte gar nicht erst in dem Fenster der Site auf. Ich kann mich an die Datei nicht erinnern. Der Dateiexplorer unter Win7 zeigt diese Datei nicht an. Ebenfalls fehlt diese Datei in der Anzeige des TotalCommander 64 bit. Als Einzige *.dat Datei auf dem Desktop hab ich diese SAMSUNG_USB_Driver_for_Mobile_Phones.exe.dat gefunden. Aber die Dateigröße passt nicht. Falscher Ergeiz, um die Frage der Eigenen Datei beantworten zu können: Datei wiederhergestellt um zu sehen, was auf dem Desktop dazu kommt. Nix. Auch manuell nicht im alten Pfad wiedergefunden. Über Neuscan Datei wiedergefunden und erneut in Quarantäne genommen. Code:
ATTFilter Emsisoft Anti-Malware - Version 7.0
quarantine log
Datum Ursprung Vorgang Verhalten/Infektion
12.11.2012 16:01:44 C:\Users\***\AppData\Local\Temp\Rar$EXa0.861\2011file.exe In Quarantäne gestellt Trojan.Generic.KDV.182338 (B)
12.11.2012 15:45:30 C:\Users\***\AppData\Local\Temp\Rar$EXa0.861\2011file.exe Wiederhergestellt Gen.Variant.Zbot!E2
14.09.2012 12:04:22 Value: hkey_classes_root\clsid\{ae07101b-46d4-4a98-af68-0333ea26e113} --> helptext Infektion gelöscht Trace.Registry.seo toolbar!E1
02.09.2012 11:58:13 C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe Wiederhergestellt Trojan-Clicker.Win32.NSIS!E1
02.09.2012 11:58:12 C:\Program Files (x86)\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe Wiederhergestellt Trojan-Clicker.Win32.NSIS!E1
02.09.2012 11:58:12 C:\Program Files (x86)\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe Wiederhergestellt Trojan-Clicker.Win32.NSIS!E1
02.09.2012 11:58:12 C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe Wiederhergestellt Trojan-Clicker.Win32.NSIS!E1
01.09.2012 16:57:47 C:\Program Files (x86)\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe Wiederhergestellt Trojan-Clicker.Win32.NSIS!E1
01.09.2012 16:57:39 C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe Wiederhergestellt Trojan-Clicker.Win32.NSIS!E1
01.09.2012 16:57:32 C:\Users\***\AppData\Local\Temp\Rar$EXa0.861\2011file.exe Wiederhergestellt Gen.Variant.Zbot!E2
01.09.2012 15:57:38 C:\Program Files (x86)\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe In Quarantäne gestellt Trojan-Clicker.Win32.NSIS!E1
01.09.2012 15:57:36 C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe In Quarantäne gestellt Trojan-Clicker.Win32.NSIS!E1
01.09.2012 15:55:10 C:\Program Files (x86)\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe In Quarantäne gestellt Trojan-Clicker.Win32.NSIS!E1
01.09.2012 15:55:08 C:\Users\***\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe In Quarantäne gestellt Trojan-Clicker.Win32.NSIS!E1
28.01.2012 22:47:02 C:\Users\***\AppData\Local\Temp\Rar$EXa0.861\2011file.exe In Quarantäne gestellt Gen.Variant.Zbot!E2
27.01.2012 16:23:53 C:\Sandbox\***\DefaultBox\drive\E\Downloads\SoftonicDownloader_fuer_sisoft-sandra.exe Wiederhergestellt Riskware.Win32.SoftonicDownloader.AMN!E1
26.12.2011 17:02:38 C:\Users\***\AppData\Local\Temp\DX6174.tmp\infinst.exe Wiederhergestellt Behavior.HiddenInstallation
24.12.2011 22:27:00 C:\Users\***\AppData\Local\Temp\DX6174.tmp\infinst.exe In Quarantäne gestellt Behavior.HiddenInstallation
24.12.2011 22:19:03 C:\Sandbox\***\DefaultBox\drive\E\Downloads\SoftonicDownloader_fuer_sisoft-sandra.exe In Quarantäne gestellt Riskware.Win32.SoftonicDownloader.AMN!E1
20.12.2011 14:05:53 C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe Wiederhergestellt Behavior.Spyware
20.12.2011 00:35:43 C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe In Quarantäne gestellt Behavior.Spyware
Den Befehl für das "Textfenster" konnte ich nicht über die Menuleiste aktivieren. Manuell eingegeben. Auch in einem anderen Forum, sind auf diesem Rechner die Menu-Button funktionslos. Grüsse verrant |
|
12.11.2012, 18:10
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Generic.KDV.182338 (B)Zitat:
 Natürlich bezieht sich der Fund auf dem Desktop auf dem Windows, mit dem du auch gescannt hast, ist doch wohl naheliegend oder Kannst du dich bitte entscheiden, welches Windows hier untersucht werden soll? Logs von zwei verschiedenen Betriebssystemen machen einfach keinen Sinn und enden im Chaos 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
13.11.2012, 12:39
| #5 |
| | Trojan.Generic.KDV.182338 (B) o.k. Win 8 also. Wohnt auf f: Hatte im Desktop keinerlei solche Datei. Kann mich auch hier nicht erinnern das ich eine solche erstellt oder bewusst Gespeichert habe. Code:
ATTFilter Emsisoft Anti-Malware - Version 7.0
quarantine log
Datum Ursprung Vorgang Verhalten/Infektion
12.11.2012 14:21:16 C:\Users\Ghost\Desktop\2011file.exe.dat In Quarantäne gestellt Trojan.Generic.KDV.182338 (B)
12.11.2012 14:20:03 C:\Users\Ghost\Desktop\2011file.exe.dat Wiederhergestellt Trojan.Generic.KDV.182338 (B)
11.11.2012 10:01:14 C:\Users\Ghost\Desktop\2011file.exe.dat In Quarantäne gestellt Trojan.Generic.KDV.182338 (B)
verrant |
|
13.11.2012, 16:14
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Generic.KDV.182338 (B)Code:
ATTFilter C:\Users\Ghost\Desktop\2011file.exe.dat In Quarantäne gestellt
 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ --> Trojan.Generic.KDV.182338 (B) |
|
14.11.2012, 10:18
| #7 | ||
| | Trojan.Generic.KDV.182338 (B)Zitat:
Jedesmal Windows Fehlermeldung. Zitat:
gruss verrant |
|
14.11.2012, 13:47
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Generic.KDV.182338 (B)Zitat:
Und die Logs sind immer zu posten, auch wenn keine Funde dabei sind
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.11.2012, 21:27
| #9 |
| | Trojan.Generic.KDV.182338 (B) abgesicherter Modus: Programm aufgerufen, wg. Fehlermeldung erneut gestartet. Dann Möglichkeit für Log-File.txt speichern gefunden. Ergebnis: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-14 21:18:05
-----------------------------
21:18:05.937 OS Version: Windows x64 6.2.9200
21:18:05.937 Number of processors: 4 586 0x2A07
21:18:05.937 ComputerName: *** UserName: ***
21:18:07.390 Initialze error C000010E - driver not loaded
21:18:07.390 write error "aswCmnB.dll". Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
21:18:07.437 AVAST engine defs: 12111301
21:18:22.640 The log file has been saved successfully to "F:\Users\Kay\Desktop\aswMBR1.txt"
verrant |
|
14.11.2012, 21:52
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Generic.KDV.182338 (B) Du hast Windows8? Entweder liegt es daran oder an fehlenden Rechten. Hast du aswMBR per Rechtsklick als Admin gestartet?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.11.2012, 12:51
| #11 | |||
| | Trojan.Generic.KDV.182338 (B)Zitat:
Zitat:
Zitat:
Beim erneuten Starten von Win8 im normal-Modus zeigte Emsisoft eine Datei namens Taskhost.exe im Pfad F:\windows\sysnative\taskhost.exe an. In den Details habe ich dann ausgewählt, das spywareähnliches Verhalten blockiert werden soll. Nun braucht chrome relativ lange um die 7 voreingestellten Sites zu laden. Grüsse verrant. |
|
15.11.2012, 17:49
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Generic.KDV.182338 (B) Kann an Windows8 liegen. Was ist denn jetzt mit dem Log vom TDSS-Killer?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.11.2012, 13:53
| #13 | |
| | Trojan.Generic.KDV.182338 (B)Zitat:
Code:
ATTFilter 13:50:58.0610 3744 WPCSvc - ok
13:50:58.0641 3744 [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum F:\WINDOWS\system32\wpdbusenum.dll
13:50:58.0641 3744 WPDBusEnum - ok
13:50:58.0672 3744 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr F:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:50:58.0688 3744 WpdUpFltr - ok
13:50:58.0719 3744 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl F:\WINDOWS\system32\drivers\ws2ifsl.sys
13:50:58.0719 3744 ws2ifsl - ok
13:50:58.0735 3744 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc F:\WINDOWS\System32\wscsvc.dll
13:50:58.0750 3744 wscsvc - ok
13:50:58.0782 3744 [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice F:\WINDOWS\System32\drivers\WSDPrint.sys
13:50:58.0782 3744 WSDPrintDevice - ok
13:50:58.0782 3744 WSearch - ok
13:50:58.0829 3744 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService F:\WINDOWS\System32\WSService.dll
13:50:58.0875 3744 WSService - ok
13:50:58.0954 3744 [ 270282F9357AB356300AD9DB9F0FD665 ] wuauserv F:\WINDOWS\system32\wuaueng.dll
13:50:58.0985 3744 wuauserv - ok
13:50:59.0032 3744 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf F:\WINDOWS\system32\drivers\WudfPf.sys
13:50:59.0032 3744 WudfPf - ok
13:50:59.0047 3744 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd F:\WINDOWS\System32\drivers\WUDFRd.sys
13:50:59.0063 3744 WUDFRd - ok
13:50:59.0063 3744 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP F:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:50:59.0079 3744 WUDFSensorLP - ok
13:50:59.0079 3744 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc F:\WINDOWS\System32\WUDFSvc.dll
13:50:59.0094 3744 wudfsvc - ok
13:50:59.0110 3744 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs F:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:50:59.0110 3744 WUDFWpdFs - ok
13:50:59.0157 3744 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc F:\WINDOWS\System32\wwansvc.dll
13:50:59.0157 3744 WwanSvc - ok
13:50:59.0172 3744 ================ Scan global ===============================
13:50:59.0204 3744 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] F:\WINDOWS\system32\basesrv.dll
13:50:59.0219 3744 [ E9343076AE704D20BB0D01F3AF3EFFEF ] F:\WINDOWS\system32\winsrv.dll
13:50:59.0250 3744 [ BD7C6949984D19AAA609896B675E7357 ] F:\WINDOWS\system32\sxssrv.dll
13:50:59.0282 3744 [ 8F226143046435C75C033B0C52E90FFE ] F:\WINDOWS\system32\services.exe
13:50:59.0282 3744 [Global] - ok
13:50:59.0282 3744 ================ Scan MBR ==================================
13:50:59.0282 3744 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:50:59.0375 3744 \Device\Harddisk0\DR0 - ok
13:50:59.0391 3744 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:50:59.0454 3744 \Device\Harddisk1\DR1 - ok
13:50:59.0454 3744 [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk2\DR2
13:50:59.0938 3744 \Device\Harddisk2\DR2 - ok
13:50:59.0938 3744 ================ Scan VBR ==================================
13:50:59.0954 3744 [ 90298CC57228C48DF6C46E55C602D0C9 ] \Device\Harddisk0\DR0\Partition1
13:50:59.0954 3744 \Device\Harddisk0\DR0\Partition1 - ok
13:50:59.0954 3744 [ B034843D71A736263BF981CC3DEB83B6 ] \Device\Harddisk1\DR1\Partition1
13:50:59.0954 3744 \Device\Harddisk1\DR1\Partition1 - ok
13:50:59.0969 3744 [ D9953AEA769EE7F9294A50892A6C5BD4 ] \Device\Harddisk1\DR1\Partition2
13:50:59.0969 3744 \Device\Harddisk1\DR1\Partition2 - ok
13:50:59.0985 3744 [ EBE581039189E5071C4749366745D64B ] \Device\Harddisk1\DR1\Partition3
13:50:59.0985 3744 \Device\Harddisk1\DR1\Partition3 - ok
13:50:59.0985 3744 [ AE1E664A38C416479860F795135F3437 ] \Device\Harddisk2\DR2\Partition1
13:50:59.0985 3744 \Device\Harddisk2\DR2\Partition1 - ok
13:50:59.0985 3744 ============================================================
13:50:59.0985 3744 Scan finished
13:50:59.0985 3744 ============================================================
13:50:59.0985 4340 Detected object count: 0
13:50:59.0985 4340 Actual detected object count: 0
verrant |
|
16.11.2012, 14:15
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Generic.KDV.182338 (B) Warum postest du unvollständige Logs?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.11.2012, 17:46
| #15 |
| | Trojan.Generic.KDV.182338 (B) Neuer Scan mit entsprechenden Häkchen bei den Optionen. Unter Report die Liste aufgerufen. Mit Strg-A alles markiert und hier eingestellt: Code:
ATTFilter 17:41:19.0018 2056 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:41:19.0180 2056 ============================================================
17:41:19.0180 2056 Current date / time: 2012/11/16 17:41:19.0180
17:41:19.0180 2056 SystemInfo:
17:41:19.0180 2056
17:41:19.0180 2056 OS Version: 6.2.9200 ServicePack: 0.0
17:41:19.0180 2056 Product type: Workstation
17:41:19.0180 2056 ComputerName: WIN8-VERSUCH
17:41:19.0180 2056 UserName: Kay
17:41:19.0180 2056 Windows directory: F:\WINDOWS
17:41:19.0180 2056 System windows directory: F:\WINDOWS
17:41:19.0180 2056 Running under WOW64
17:41:19.0180 2056 Processor architecture: Intel x64
17:41:19.0180 2056 Number of processors: 4
17:41:19.0180 2056 Page size: 0x1000
17:41:19.0180 2056 Boot type: Normal boot
17:41:19.0180 2056 ============================================================
17:41:19.0977 2056 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:20.0008 2056 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:25.0368 2056 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:41:25.0369 2056 ============================================================
17:41:25.0369 2056 \Device\Harddisk0\DR0:
17:41:25.0371 2056 MBR partitions:
17:41:25.0371 2056 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
17:41:25.0371 2056 \Device\Harddisk1\DR1:
17:41:25.0371 2056 MBR partitions:
17:41:25.0371 2056 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4ADB757
17:41:25.0371 2056 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x4ADB796, BlocksNum 0x1AC569B6
17:41:25.0371 2056 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x1F73214C, BlocksNum 0x1AC52AF5
17:41:25.0371 2056 \Device\Harddisk2\DR2:
17:41:25.0372 2056 MBR partitions:
17:41:25.0372 2056 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A380D41
17:41:25.0372 2056 ============================================================
17:41:25.0373 2056 C: <-> \Device\Harddisk0\DR0\Partition1
17:41:25.0389 2056 D: <-> \Device\Harddisk1\DR1\Partition1
17:41:25.0407 2056 E: <-> \Device\Harddisk1\DR1\Partition2
17:41:25.0408 2056 F: <-> \Device\Harddisk1\DR1\Partition3
17:41:25.0409 2056 Z: <-> \Device\Harddisk2\DR2\Partition1
17:41:25.0409 2056 ============================================================
17:41:25.0409 2056 Initialize success
17:41:25.0409 2056 ============================================================
17:43:07.0825 2676 ============================================================
17:43:07.0825 2676 Scan started
17:43:07.0825 2676 Mode: Manual; SigCheck; TDLFS;
17:43:07.0825 2676 ============================================================
17:43:08.0295 2676 ================ Scan system memory ========================
17:43:08.0295 2676 System memory - ok
17:43:08.0295 2676 ================ Scan services =============================
17:43:08.0399 2676 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci F:\WINDOWS\System32\drivers\1394ohci.sys
17:43:08.0431 2676 1394ohci - ok
17:43:08.0447 2676 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware F:\WINDOWS\system32\drivers\3ware.sys
17:43:08.0455 2676 3ware - ok
17:43:08.0526 2676 [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc F:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
17:43:08.0548 2676 a2acc - ok
17:43:08.0609 2676 [ E327C0DE1D7013BE360881801C0AB0FA ] a2AntiMalware F:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
17:43:08.0644 2676 a2AntiMalware - ok
17:43:08.0656 2676 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA F:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
17:43:08.0660 2676 A2DDA - ok
17:43:08.0668 2676 [ 3D55CE53128C81E06CD6B024C3B9FAC3 ] a2injectiondriver F:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
17:43:08.0673 2676 a2injectiondriver - ok
17:43:08.0681 2676 [ E41D79682A209F72F4F578CFD4A53952 ] a2util F:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
17:43:08.0685 2676 a2util - ok
17:43:08.0718 2676 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI F:\WINDOWS\system32\drivers\ACPI.sys
17:43:08.0730 2676 ACPI - ok
17:43:08.0752 2676 [ DC968C37822117E576B933F34A2D130C ] acpiex F:\WINDOWS\system32\Drivers\acpiex.sys
17:43:08.0758 2676 acpiex - ok
17:43:08.0781 2676 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr F:\WINDOWS\System32\drivers\acpipagr.sys
17:43:08.0788 2676 acpipagr - ok
17:43:08.0806 2676 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi F:\WINDOWS\System32\drivers\acpipmi.sys
17:43:08.0822 2676 AcpiPmi - ok
17:43:08.0848 2676 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime F:\WINDOWS\System32\drivers\acpitime.sys
17:43:08.0855 2676 acpitime - ok
17:43:08.0891 2676 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:43:08.0896 2676 AdobeARMservice - ok
17:43:08.0979 2676 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc F:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:43:08.0986 2676 AdobeFlashPlayerUpdateSvc - ok
17:43:09.0004 2676 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx F:\WINDOWS\system32\drivers\adp94xx.sys
17:43:09.0016 2676 adp94xx - ok
17:43:09.0031 2676 [ D27763E0247292654E7F7D16444C7C72 ] adpahci F:\WINDOWS\system32\drivers\adpahci.sys
17:43:09.0041 2676 adpahci - ok
17:43:09.0066 2676 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 F:\WINDOWS\system32\drivers\adpu320.sys
17:43:09.0074 2676 adpu320 - ok
17:43:09.0097 2676 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc F:\WINDOWS\System32\aelupsvc.dll
17:43:09.0114 2676 AeLookupSvc - ok
17:43:09.0146 2676 [ 9E975BDC89C83900B2C534C4E1B018F8 ] AFD F:\WINDOWS\system32\drivers\afd.sys
17:43:09.0167 2676 AFD - ok
17:43:09.0184 2676 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 F:\WINDOWS\system32\drivers\agp440.sys
17:43:09.0190 2676 agp440 - ok
17:43:09.0218 2676 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG F:\WINDOWS\System32\alg.exe
17:43:09.0238 2676 ALG - ok
17:43:09.0263 2676 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent F:\WINDOWS\system32\AUInstallAgent.dll
17:43:09.0284 2676 AllUserInstallAgent - ok
17:43:09.0292 2676 [ FB88D16B55F788EEB7590584FE2D8F1A ] AmdK8 F:\WINDOWS\System32\drivers\amdk8.sys
17:43:09.0305 2676 AmdK8 - ok
17:43:09.0486 2676 [ 8DC532B5BF820E48194C6AFC8862FCBC ] amdkmdag F:\WINDOWS\system32\DRIVERS\atikmdag.sys
17:43:09.0751 2676 amdkmdag - ok
17:43:09.0757 2676 [ AA48FEABA50C2DED9C485DFDBA044E40 ] amdkmdap F:\WINDOWS\system32\DRIVERS\atikmpag.sys
17:43:09.0773 2676 amdkmdap - ok
17:43:09.0802 2676 [ 81402FF3373CE4DF77D5C874E369A985 ] AmdPPM F:\WINDOWS\System32\drivers\amdppm.sys
17:43:09.0809 2676 AmdPPM - ok
17:43:09.0821 2676 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata F:\WINDOWS\system32\drivers\amdsata.sys
17:43:09.0828 2676 amdsata - ok
17:43:09.0854 2676 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs F:\WINDOWS\system32\drivers\amdsbs.sys
17:43:09.0863 2676 amdsbs - ok
17:43:09.0878 2676 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata F:\WINDOWS\system32\drivers\amdxata.sys
17:43:09.0883 2676 amdxata - ok
17:43:09.0906 2676 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID F:\WINDOWS\system32\drivers\appid.sys
17:43:09.0929 2676 AppID - ok
17:43:09.0950 2676 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc F:\WINDOWS\System32\appidsvc.dll
17:43:09.0958 2676 AppIDSvc - ok
17:43:09.0984 2676 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo F:\WINDOWS\System32\appinfo.dll
17:43:09.0993 2676 Appinfo - ok
17:43:10.0015 2676 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt F:\WINDOWS\System32\appmgmts.dll
17:43:10.0042 2676 AppMgmt - ok
17:43:10.0055 2676 [ E933401B392387F4BE34DE8BAF1722A7 ] arc F:\WINDOWS\system32\drivers\arc.sys
17:43:10.0061 2676 arc - ok
17:43:10.0081 2676 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas F:\WINDOWS\system32\drivers\arcsas.sys
17:43:10.0087 2676 arcsas - ok
17:43:10.0090 2676 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac F:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:43:10.0098 2676 AsyncMac - ok
17:43:10.0106 2676 [ A721FF570C2387E383BDDEA9632863C9 ] atapi F:\WINDOWS\system32\drivers\atapi.sys
17:43:10.0112 2676 atapi - ok
17:43:10.0136 2676 [ 4ECC791539F23982411864037D1AC8FC ] AthDfu F:\WINDOWS\System32\Drivers\AthDfu.sys
17:43:10.0140 2676 AthDfu - ok
17:43:10.0170 2676 [ 51B7849747A0582096A41A366454E88E ] AtherosSvc F:\WINDOWS\system32\AdminService.exe
17:43:10.0183 2676 AtherosSvc - ok
17:43:10.0208 2676 [ 832DAE6F2C29CBA8573D99B9746FB2AD ] AudioEndpointBuilder F:\WINDOWS\System32\AudioEndpointBuilder.dll
17:43:10.0225 2676 AudioEndpointBuilder - ok
17:43:10.0244 2676 [ 14497E7A0F6E2BF952E20ACA64F7FB78 ] Audiosrv F:\WINDOWS\System32\Audiosrv.dll
17:43:10.0257 2676 Audiosrv - ok
17:43:10.0281 2676 [ 89491EF71D5EA011127832C588002853 ] AxInstSV F:\WINDOWS\System32\AxInstSV.dll
17:43:10.0296 2676 AxInstSV - ok
17:43:10.0326 2676 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv F:\WINDOWS\system32\drivers\bxvbda.sys
17:43:10.0340 2676 b06bdrv - ok
17:43:10.0365 2676 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay F:\WINDOWS\System32\drivers\BasicDisplay.sys
17:43:10.0382 2676 BasicDisplay - ok
17:43:10.0408 2676 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender F:\WINDOWS\System32\drivers\BasicRender.sys
17:43:10.0414 2676 BasicRender - ok
17:43:10.0446 2676 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC F:\WINDOWS\System32\bdesvc.dll
17:43:10.0461 2676 BDESVC - ok
17:43:10.0482 2676 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep F:\WINDOWS\system32\drivers\Beep.sys
17:43:10.0498 2676 Beep - ok
17:43:10.0531 2676 [ 407F85D5387EDBB665A7969DF4D4712B ] BFE F:\WINDOWS\System32\bfe.dll
17:43:10.0545 2676 BFE - ok
17:43:10.0585 2676 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS F:\WINDOWS\System32\qmgr.dll
17:43:10.0608 2676 BITS - ok
17:43:10.0611 2676 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser F:\WINDOWS\system32\DRIVERS\bowser.sys
17:43:10.0634 2676 bowser - ok
17:43:10.0665 2676 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure F:\WINDOWS\System32\bisrv.dll
17:43:10.0677 2676 BrokerInfrastructure - ok
17:43:10.0708 2676 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser F:\WINDOWS\System32\browser.dll
17:43:10.0724 2676 Browser - ok
17:43:10.0752 2676 [ 8C816EBE14B24CD9CFBE94254D92A89A ] BtFilter F:\WINDOWS\system32\DRIVERS\btfilter.sys
17:43:10.0764 2676 BtFilter - ok
17:43:10.0788 2676 [ FC79BE6D8FBC8699E9980F657D281BE9 ] BthAvrcpTg F:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:43:10.0807 2676 BthAvrcpTg - ok
17:43:10.0837 2676 [ D05CC97509A983E5E47FE7CA05A93490 ] BthEnum F:\WINDOWS\System32\drivers\BthEnum.sys
17:43:10.0859 2676 BthEnum - ok
17:43:10.0879 2676 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum F:\WINDOWS\System32\drivers\bthhfenum.sys
17:43:10.0893 2676 BthHFEnum - ok
17:43:10.0918 2676 [ 6F7368071FCDDB96C0527A6E5D7C1906 ] bthhfhid F:\WINDOWS\System32\drivers\BthHFHid.sys
17:43:10.0924 2676 bthhfhid - ok
17:43:10.0946 2676 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM F:\WINDOWS\System32\drivers\bthmodem.sys
17:43:10.0960 2676 BTHMODEM - ok
17:43:10.0986 2676 [ 091BB978E9504D0AD14586929431A957 ] BthPan F:\WINDOWS\system32\DRIVERS\bthpan.sys
17:43:11.0001 2676 BthPan - ok
17:43:11.0036 2676 [ 0F8817323F2CAC52165793105123D728 ] BTHPORT F:\WINDOWS\System32\Drivers\BTHport.sys
17:43:11.0060 2676 BTHPORT - ok
17:43:11.0080 2676 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv F:\WINDOWS\system32\bthserv.dll
17:43:11.0087 2676 bthserv - ok
17:43:11.0101 2676 [ 58B24291C6E5BEE116ABD8CB6B2C3D9F ] BTHUSB F:\WINDOWS\System32\Drivers\BTHUSB.sys
17:43:11.0107 2676 BTHUSB - ok
17:43:11.0135 2676 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs F:\WINDOWS\system32\DRIVERS\cdfs.sys
17:43:11.0147 2676 cdfs - ok
17:43:11.0155 2676 [ 339BFF85D788268752DA8C9644B188EE ] cdrom F:\WINDOWS\System32\drivers\cdrom.sys
17:43:11.0162 2676 cdrom - ok
17:43:11.0187 2676 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc F:\WINDOWS\System32\certprop.dll
17:43:11.0197 2676 CertPropSvc - ok
17:43:11.0227 2676 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass F:\WINDOWS\System32\drivers\circlass.sys
17:43:11.0241 2676 circlass - ok
17:43:11.0258 2676 [ 9905168708DB68849B879B5548F68AB3 ] CLFS F:\WINDOWS\system32\drivers\CLFS.sys
17:43:11.0268 2676 CLFS - ok
17:43:11.0302 2676 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt F:\WINDOWS\System32\drivers\CmBatt.sys
17:43:11.0320 2676 CmBatt - ok
17:43:11.0352 2676 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG F:\WINDOWS\system32\Drivers\cng.sys
17:43:11.0367 2676 CNG - ok
17:43:11.0381 2676 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus F:\WINDOWS\System32\drivers\CompositeBus.sys
17:43:11.0395 2676 CompositeBus - ok
17:43:11.0397 2676 COMSysApp - ok
17:43:11.0412 2676 [ D9CB0782AF819548072AA45B70F8B22D ] condrv F:\WINDOWS\system32\drivers\condrv.sys
17:43:11.0423 2676 condrv - ok
17:43:11.0446 2676 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc F:\WINDOWS\system32\cryptsvc.dll
17:43:11.0453 2676 CryptSvc - ok
17:43:11.0481 2676 [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC F:\WINDOWS\system32\drivers\csc.sys
17:43:11.0508 2676 CSC - ok
17:43:11.0544 2676 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService F:\WINDOWS\System32\cscsvc.dll
17:43:11.0558 2676 CscService - ok
17:43:11.0582 2676 [ C4D01BD86D6B207275FC143EEA951D75 ] dam F:\WINDOWS\system32\drivers\dam.sys
17:43:11.0588 2676 dam - ok
17:43:11.0623 2676 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch F:\WINDOWS\system32\rpcss.dll
17:43:11.0647 2676 DcomLaunch - ok
17:43:11.0677 2676 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc F:\WINDOWS\System32\defragsvc.dll
17:43:11.0713 2676 defragsvc - ok
17:43:11.0738 2676 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService F:\WINDOWS\system32\das.dll
17:43:11.0751 2676 DeviceAssociationService - ok
17:43:11.0780 2676 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall F:\WINDOWS\system32\umpnpmgr.dll
17:43:11.0788 2676 DeviceInstall - ok
17:43:11.0813 2676 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc F:\WINDOWS\system32\Drivers\dfsc.sys
17:43:11.0820 2676 Dfsc - ok
17:43:11.0858 2676 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp F:\WINDOWS\system32\dhcpcore.dll
17:43:11.0873 2676 Dhcp - ok
17:43:11.0903 2676 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache F:\WINDOWS\system32\drivers\discache.sys
17:43:11.0913 2676 discache - ok
17:43:11.0944 2676 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk F:\WINDOWS\system32\drivers\disk.sys
17:43:11.0950 2676 disk - ok
17:43:11.0975 2676 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc F:\WINDOWS\System32\drivers\dmvsc.sys
17:43:11.0993 2676 dmvsc - ok
17:43:12.0017 2676 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache F:\WINDOWS\System32\dnsrslvr.dll
17:43:12.0029 2676 Dnscache - ok
17:43:12.0062 2676 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc F:\WINDOWS\System32\dot3svc.dll
17:43:12.0072 2676 dot3svc - ok
17:43:12.0101 2676 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS F:\WINDOWS\system32\dps.dll
17:43:12.0113 2676 DPS - ok
17:43:12.0139 2676 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud F:\WINDOWS\system32\drivers\drmkaud.sys
17:43:12.0145 2676 drmkaud - ok
17:43:12.0174 2676 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc F:\WINDOWS\System32\DeviceSetupManager.dll
17:43:12.0187 2676 DsmSvc - ok
17:43:12.0236 2676 [ 898BF1647BBF012B38EF45C7F9F7A67E ] DXGKrnl F:\WINDOWS\System32\drivers\dxgkrnl.sys
17:43:12.0275 2676 DXGKrnl - ok
17:43:12.0296 2676 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost F:\WINDOWS\System32\eapsvc.dll
17:43:12.0305 2676 Eaphost - ok
17:43:12.0366 2676 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv F:\WINDOWS\system32\drivers\evbda.sys
17:43:12.0453 2676 ebdrv - ok
17:43:12.0478 2676 [ F702AB6181513303AB0FC8D59E52708B ] EFS F:\WINDOWS\System32\lsass.exe
17:43:12.0493 2676 EFS - ok
17:43:12.0554 2676 [ 4B84E647C934EDFF7F28C4B91A5C0864 ] ehRecvr F:\WINDOWS\ehome\ehRecvr.exe
17:43:12.0574 2676 ehRecvr - ok
17:43:12.0601 2676 [ 72781EC7A97E44B9651550D7A83D1B96 ] ehSched F:\WINDOWS\ehome\ehsched.exe
17:43:12.0608 2676 ehSched - ok
17:43:12.0632 2676 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass F:\WINDOWS\system32\drivers\EhStorClass.sys
17:43:12.0638 2676 EhStorClass - ok
17:43:12.0659 2676 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv F:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:43:12.0666 2676 EhStorTcgDrv - ok
17:43:12.0680 2676 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev F:\WINDOWS\System32\drivers\errdev.sys
17:43:12.0686 2676 ErrDev - ok
17:43:12.0733 2676 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem F:\WINDOWS\system32\es.dll
17:43:12.0754 2676 EventSystem - ok
17:43:12.0826 2676 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat F:\WINDOWS\system32\drivers\exfat.sys
17:43:12.0838 2676 exfat - ok
17:43:12.0841 2676 [ 60996602A7111FD2D086E803F33E4282 ] fastfat F:\WINDOWS\system32\drivers\fastfat.sys
17:43:12.0850 2676 fastfat - ok
17:43:12.0889 2676 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax F:\WINDOWS\system32\fxssvc.exe
17:43:12.0911 2676 Fax - ok
17:43:12.0925 2676 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc F:\WINDOWS\System32\drivers\fdc.sys
17:43:12.0932 2676 fdc - ok
17:43:12.0956 2676 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost F:\WINDOWS\system32\fdPHost.dll
17:43:12.0967 2676 fdPHost - ok
17:43:12.0985 2676 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub F:\WINDOWS\system32\fdrespub.dll
17:43:12.0996 2676 FDResPub - ok
17:43:13.0028 2676 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc F:\WINDOWS\system32\fhsvc.dll
17:43:13.0040 2676 fhsvc - ok
17:43:13.0068 2676 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo F:\WINDOWS\system32\drivers\fileinfo.sys
17:43:13.0075 2676 FileInfo - ok
17:43:13.0102 2676 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace F:\WINDOWS\system32\drivers\filetrace.sys
17:43:13.0112 2676 Filetrace - ok
17:43:13.0135 2676 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk F:\WINDOWS\System32\drivers\flpydisk.sys
17:43:13.0142 2676 flpydisk - ok
17:43:13.0165 2676 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr F:\WINDOWS\system32\drivers\fltmgr.sys
17:43:13.0177 2676 FltMgr - ok
17:43:13.0223 2676 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache F:\WINDOWS\system32\FntCache.dll
17:43:13.0247 2676 FontCache - ok
17:43:13.0342 2676 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 F:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:43:13.0348 2676 FontCache3.0.0.0 - ok
17:43:13.0351 2676 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends F:\WINDOWS\system32\drivers\FsDepends.sys
17:43:13.0357 2676 FsDepends - ok
17:43:13.0384 2676 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec F:\WINDOWS\system32\drivers\Fs_Rec.sys
17:43:13.0390 2676 Fs_Rec - ok
17:43:13.0418 2676 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol F:\WINDOWS\system32\DRIVERS\fvevol.sys
17:43:13.0429 2676 fvevol - ok
17:43:13.0446 2676 [ 3EF3FCCC0E70EEC5C2AD996F32BBA642 ] FxPPM F:\WINDOWS\System32\drivers\fxppm.sys
17:43:13.0452 2676 FxPPM - ok
17:43:13.0461 2676 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx F:\WINDOWS\system32\drivers\gagp30kx.sys
17:43:13.0467 2676 gagp30kx - ok
17:43:13.0494 2676 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter F:\WINDOWS\System32\drivers\vmgencounter.sys
17:43:13.0500 2676 gencounter - ok
17:43:13.0509 2676 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 F:\WINDOWS\system32\Drivers\msgpioclx.sys
17:43:13.0516 2676 GPIOClx0101 - ok
17:43:13.0545 2676 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc F:\WINDOWS\System32\gpsvc.dll
17:43:13.0563 2676 gpsvc - ok
17:43:13.0622 2676 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate F:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:43:13.0626 2676 gupdate - ok
17:43:13.0628 2676 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem F:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:43:13.0633 2676 gupdatem - ok
17:43:13.0661 2676 [ C1B577B2169900F4CF7190C39F085794 ] gusvc F:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:43:13.0667 2676 gusvc - ok
17:43:13.0698 2676 [ 9FC1F11D4D19F61DFE5CC878B4557D3A ] HdAudAddService F:\WINDOWS\system32\drivers\HdAudio.sys
17:43:13.0715 2676 HdAudAddService - ok
17:43:13.0742 2676 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus F:\WINDOWS\System32\drivers\HDAudBus.sys
17:43:13.0759 2676 HDAudBus - ok
17:43:13.0785 2676 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt F:\WINDOWS\System32\drivers\HidBatt.sys
17:43:13.0791 2676 HidBatt - ok
17:43:13.0816 2676 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth F:\WINDOWS\System32\drivers\hidbth.sys
17:43:13.0830 2676 HidBth - ok
17:43:13.0840 2676 [ AC0526C4E3A7954F750B8F8D95EFB340 ] hidi2c F:\WINDOWS\System32\drivers\hidi2c.sys
17:43:13.0854 2676 hidi2c - ok
17:43:13.0856 2676 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr F:\WINDOWS\System32\drivers\hidir.sys
17:43:13.0870 2676 HidIr - ok
17:43:13.0897 2676 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv F:\WINDOWS\system32\hidserv.dll
17:43:13.0903 2676 hidserv - ok
17:43:13.0933 2676 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb F:\WINDOWS\System32\drivers\hidusb.sys
17:43:13.0940 2676 HidUsb - ok
17:43:13.0970 2676 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc F:\WINDOWS\system32\kmsvc.dll
17:43:13.0979 2676 hkmsvc - ok
17:43:13.0999 2676 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener F:\WINDOWS\system32\ListSvc.dll
17:43:14.0023 2676 HomeGroupListener - ok
17:43:14.0063 2676 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider F:\WINDOWS\system32\provsvc.dll
17:43:14.0104 2676 HomeGroupProvider - ok
17:43:14.0128 2676 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD F:\WINDOWS\system32\drivers\HpSAMD.sys
17:43:14.0135 2676 HpSAMD - ok
17:43:14.0168 2676 [ 47DBBF38E00C3F7404B71F6509241EF1 ] HTTP F:\WINDOWS\system32\drivers\HTTP.sys
17:43:14.0195 2676 HTTP - ok
17:43:14.0220 2676 [ 2A98301068801700906C06649860FE94 ] hwpolicy F:\WINDOWS\system32\drivers\hwpolicy.sys
17:43:14.0226 2676 hwpolicy - ok
17:43:14.0243 2676 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd F:\WINDOWS\System32\drivers\hyperkbd.sys
17:43:14.0249 2676 hyperkbd - ok
17:43:14.0277 2676 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo F:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:43:14.0283 2676 HyperVideo - ok
17:43:14.0301 2676 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt F:\WINDOWS\System32\drivers\i8042prt.sys
17:43:14.0309 2676 i8042prt - ok
17:43:14.0337 2676 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV F:\WINDOWS\system32\drivers\iaStorV.sys
17:43:14.0348 2676 iaStorV - ok
17:43:14.0370 2676 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp F:\WINDOWS\system32\drivers\iirsp.sys
17:43:14.0376 2676 iirsp - ok
17:43:14.0406 2676 [ 45EACE8D94B9CEC746A85154892C4FDC ] IKEEXT F:\WINDOWS\System32\ikeext.dll
17:43:14.0425 2676 IKEEXT - ok
17:43:14.0439 2676 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide F:\WINDOWS\system32\drivers\intelide.sys
17:43:14.0445 2676 intelide - ok
17:43:14.0464 2676 [ F9E126AA767E2E6E3128434A43C9F713 ] intelppm F:\WINDOWS\System32\drivers\intelppm.sys
17:43:14.0470 2676 intelppm - ok
17:43:14.0493 2676 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver F:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:43:14.0502 2676 IpFilterDriver - ok
17:43:14.0538 2676 [ CAC5202757EF68C4849B0DFFA75F6D3C ] iphlpsvc F:\WINDOWS\System32\iphlpsvc.dll
17:43:14.0553 2676 iphlpsvc - ok
17:43:14.0568 2676 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV F:\WINDOWS\System32\drivers\IPMIDrv.sys
17:43:14.0587 2676 IPMIDRV - ok
17:43:14.0613 2676 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT F:\WINDOWS\system32\drivers\ipnat.sys
17:43:14.0622 2676 IPNAT - ok
17:43:14.0644 2676 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM F:\WINDOWS\system32\drivers\irenum.sys
17:43:14.0666 2676 IRENUM - ok
17:43:14.0687 2676 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp F:\WINDOWS\system32\drivers\isapnp.sys
17:43:14.0693 2676 isapnp - ok
17:43:14.0715 2676 [ F5F0DE1B7F256997501EECECE9648108 ] iScsiPrt F:\WINDOWS\System32\drivers\msiscsi.sys
17:43:14.0724 2676 iScsiPrt - ok
17:43:14.0746 2676 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass F:\WINDOWS\System32\drivers\kbdclass.sys
17:43:14.0752 2676 kbdclass - ok
17:43:14.0776 2676 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid F:\WINDOWS\System32\drivers\kbdhid.sys
17:43:14.0782 2676 kbdhid - ok
17:43:14.0809 2676 [ FB6C185092E18011EF49989425C2AA87 ] kdnic F:\WINDOWS\system32\DRIVERS\kdnic.sys
17:43:14.0827 2676 kdnic - ok
17:43:14.0844 2676 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso F:\WINDOWS\system32\lsass.exe
17:43:14.0852 2676 KeyIso - ok
17:43:14.0883 2676 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD F:\WINDOWS\system32\Drivers\ksecdd.sys
17:43:14.0890 2676 KSecDD - ok
17:43:14.0918 2676 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg F:\WINDOWS\system32\Drivers\ksecpkg.sys
17:43:14.0926 2676 KSecPkg - ok
17:43:14.0941 2676 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk F:\WINDOWS\system32\drivers\ksthunk.sys
17:43:14.0948 2676 ksthunk - ok
17:43:14.0976 2676 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm F:\WINDOWS\system32\msdtckrm.dll
17:43:14.0986 2676 KtmRm - ok
17:43:15.0008 2676 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer F:\WINDOWS\system32\srvsvc.dll
17:43:15.0017 2676 LanmanServer - ok
17:43:15.0027 2676 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation F:\WINDOWS\System32\wkssvc.dll
17:43:15.0036 2676 LanmanWorkstation - ok
17:43:15.0047 2676 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio F:\WINDOWS\system32\DRIVERS\lltdio.sys
17:43:15.0056 2676 lltdio - ok
17:43:15.0071 2676 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc F:\WINDOWS\System32\lltdsvc.dll
17:43:15.0082 2676 lltdsvc - ok
17:43:15.0099 2676 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts F:\WINDOWS\System32\lmhsvc.dll
17:43:15.0105 2676 lmhosts - ok
17:43:15.0135 2676 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS F:\WINDOWS\system32\drivers\lsi_sas.sys
17:43:15.0142 2676 LSI_SAS - ok
17:43:15.0163 2676 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 F:\WINDOWS\system32\drivers\lsi_sas2.sys
17:43:15.0170 2676 LSI_SAS2 - ok
17:43:15.0184 2676 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI F:\WINDOWS\system32\drivers\lsi_scsi.sys
17:43:15.0191 2676 LSI_SCSI - ok
17:43:15.0199 2676 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS F:\WINDOWS\system32\drivers\lsi_sss.sys
17:43:15.0206 2676 LSI_SSS - ok
17:43:15.0233 2676 [ 8FEFDCEE40B75FD23B4BC60DA6576113 ] LSM F:\WINDOWS\System32\lsm.dll
17:43:15.0243 2676 LSM - ok
17:43:15.0270 2676 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv F:\WINDOWS\system32\drivers\luafv.sys
17:43:15.0281 2676 luafv - ok
17:43:15.0333 2676 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService F:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
17:43:15.0339 2676 McComponentHostService - ok
17:43:15.0361 2676 [ 4448CCEA974F0B15A00EA33FCEDFC062 ] Mcx2Svc F:\WINDOWS\system32\Mcx2Svc.dll
17:43:15.0368 2676 Mcx2Svc - ok
17:43:15.0370 2676 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas F:\WINDOWS\system32\drivers\megasas.sys
17:43:15.0376 2676 megasas - ok
17:43:15.0403 2676 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR F:\WINDOWS\system32\drivers\MegaSR.sys
17:43:15.0413 2676 MegaSR - ok
17:43:15.0440 2676 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 F:\WINDOWS\System32\drivers\HECIx64.sys
17:43:15.0444 2676 MEIx64 - ok
17:43:15.0487 2676 Microsoft SharePoint Workspace Audit Service - ok
17:43:15.0506 2676 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS F:\WINDOWS\system32\mmcss.dll
17:43:15.0523 2676 MMCSS - ok
17:43:15.0536 2676 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem F:\WINDOWS\system32\drivers\modem.sys
17:43:15.0544 2676 Modem - ok
17:43:15.0570 2676 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor F:\WINDOWS\system32\DRIVERS\monitor.sys
17:43:15.0591 2676 monitor - ok
17:43:15.0614 2676 [ 618446B98C79776654340CE27C73485E ] mouclass F:\WINDOWS\System32\drivers\mouclass.sys
17:43:15.0620 2676 mouclass - ok
17:43:15.0644 2676 [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid F:\WINDOWS\System32\drivers\mouhid.sys
17:43:15.0650 2676 mouhid - ok
17:43:15.0656 2676 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr F:\WINDOWS\system32\drivers\mountmgr.sys
17:43:15.0663 2676 mountmgr - ok
17:43:15.0704 2676 [ DAE3C509F33059BC4D48A8925F476FB4 ] MozillaMaintenance F:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:43:15.0709 2676 MozillaMaintenance - ok
17:43:15.0735 2676 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv F:\WINDOWS\system32\drivers\mpsdrv.sys
17:43:15.0753 2676 mpsdrv - ok
17:43:15.0790 2676 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc F:\WINDOWS\system32\mpssvc.dll
17:43:15.0804 2676 MpsSvc - ok
17:43:15.0835 2676 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV F:\WINDOWS\system32\drivers\mrxdav.sys
17:43:15.0843 2676 MRxDAV - ok
17:43:15.0868 2676 [ 75C633892ADA5D48DAEAF0315E08AAFF ] mrxsmb F:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:43:15.0890 2676 mrxsmb - ok
17:43:15.0912 2676 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 F:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:43:15.0920 2676 mrxsmb10 - ok
17:43:15.0945 2676 [ E9C47B374DB1E9752F525F59FB6B73B3 ] mrxsmb20 F:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:43:15.0952 2676 mrxsmb20 - ok
17:43:15.0985 2676 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge F:\WINDOWS\system32\DRIVERS\bridge.sys
17:43:15.0994 2676 MsBridge - ok
17:43:16.0024 2676 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC F:\WINDOWS\System32\msdtc.exe
17:43:16.0033 2676 MSDTC - ok
17:43:16.0057 2676 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs F:\WINDOWS\system32\drivers\Msfs.sys
17:43:16.0063 2676 Msfs - ok
17:43:16.0087 2676 [ C9BFB0353099B071E70299549C18C8AE ] msgpiowin32 F:\WINDOWS\System32\drivers\msgpiowin32.sys
17:43:16.0092 2676 msgpiowin32 - ok
17:43:16.0115 2676 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf F:\WINDOWS\System32\drivers\mshidkmdf.sys
17:43:16.0121 2676 mshidkmdf - ok
17:43:16.0127 2676 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf F:\WINDOWS\System32\drivers\mshidumdf.sys
17:43:16.0133 2676 mshidumdf - ok
17:43:16.0143 2676 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv F:\WINDOWS\system32\drivers\msisadrv.sys
17:43:16.0149 2676 msisadrv - ok
17:43:16.0173 2676 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI F:\WINDOWS\system32\iscsiexe.dll
17:43:16.0180 2676 MSiSCSI - ok
17:43:16.0182 2676 msiserver - ok
17:43:16.0191 2676 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV F:\WINDOWS\system32\drivers\MSKSSRV.sys
17:43:16.0197 2676 MSKSSRV - ok
17:43:16.0214 2676 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp F:\WINDOWS\system32\DRIVERS\mslldp.sys
17:43:16.0221 2676 MsLldp - ok
17:43:16.0233 2676 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK F:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:43:16.0240 2676 MSPCLOCK - ok
17:43:16.0261 2676 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM F:\WINDOWS\system32\drivers\MSPQM.sys
17:43:16.0267 2676 MSPQM - ok
17:43:16.0288 2676 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC F:\WINDOWS\system32\drivers\MsRPC.sys
17:43:16.0300 2676 MsRPC - ok
17:43:16.0313 2676 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios F:\WINDOWS\System32\drivers\mssmbios.sys
17:43:16.0319 2676 mssmbios - ok
17:43:16.0331 2676 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE F:\WINDOWS\system32\drivers\MSTEE.sys
17:43:16.0338 2676 MSTEE - ok
17:43:16.0348 2676 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig F:\WINDOWS\System32\drivers\MTConfig.sys
17:43:16.0354 2676 MTConfig - ok
17:43:16.0366 2676 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup F:\WINDOWS\system32\Drivers\mup.sys
17:43:16.0372 2676 Mup - ok
17:43:16.0385 2676 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis F:\WINDOWS\system32\drivers\mvumis.sys
17:43:16.0391 2676 mvumis - ok
17:43:16.0415 2676 [ 4B18840511D720BA118D3017E8165875 ] napagent F:\WINDOWS\system32\qagentRT.dll
17:43:16.0427 2676 napagent - ok
17:43:16.0468 2676 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP F:\WINDOWS\system32\DRIVERS\nwifi.sys
17:43:16.0477 2676 NativeWifiP - ok
17:43:16.0488 2676 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc F:\WINDOWS\System32\ncasvc.dll
17:43:16.0496 2676 NcaSvc - ok
17:43:16.0515 2676 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup F:\WINDOWS\System32\NcdAutoSetup.dll
17:43:16.0544 2676 NcdAutoSetup - ok
17:43:16.0582 2676 [ 0F89AE618DBA5D8AB7A2DFCC375F4159 ] NDIS F:\WINDOWS\system32\drivers\ndis.sys
17:43:16.0603 2676 NDIS - ok
17:43:16.0628 2676 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap F:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:43:16.0636 2676 NdisCap - ok
17:43:16.0660 2676 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform F:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:43:16.0669 2676 NdisImPlatform - ok
17:43:16.0690 2676 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi F:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:43:16.0696 2676 NdisTapi - ok
17:43:16.0703 2676 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio F:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:43:16.0709 2676 Ndisuio - ok
17:43:16.0734 2676 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan F:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:43:16.0744 2676 NdisWan - ok
17:43:16.0746 2676 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY F:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:43:16.0755 2676 NDISWANLEGACY - ok
17:43:16.0762 2676 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy F:\WINDOWS\system32\drivers\NDProxy.sys
17:43:16.0769 2676 NDProxy - ok
17:43:16.0794 2676 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu F:\WINDOWS\system32\drivers\Ndu.sys
17:43:16.0801 2676 Ndu - ok
17:43:16.0813 2676 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS F:\WINDOWS\system32\DRIVERS\netbios.sys
17:43:16.0821 2676 NetBIOS - ok
17:43:16.0826 2676 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT F:\WINDOWS\system32\DRIVERS\netbt.sys
17:43:16.0834 2676 NetBT - ok
17:43:16.0845 2676 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon F:\WINDOWS\system32\lsass.exe
17:43:16.0852 2676 Netlogon - ok
17:43:16.0879 2676 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman F:\WINDOWS\System32\netman.dll
17:43:16.0889 2676 Netman - ok
17:43:16.0905 2676 [ 20F6FD63E6D456114BC8056D62792786 ] netprofm F:\WINDOWS\System32\netprofmsvc.dll
17:43:16.0917 2676 netprofm - ok
17:43:16.0966 2676 [ 9F929E74A8FB21B2B44B41C115F10B39 ] netr28ux F:\WINDOWS\system32\DRIVERS\netr28ux.sys
17:43:17.0002 2676 netr28ux - ok
17:43:17.0040 2676 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing F:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:43:17.0047 2676 NetTcpPortSharing - ok
17:43:17.0068 2676 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 F:\WINDOWS\system32\drivers\nfrd960.sys
17:43:17.0074 2676 nfrd960 - ok
17:43:17.0103 2676 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc F:\WINDOWS\System32\nlasvc.dll
17:43:17.0118 2676 NlaSvc - ok
17:43:17.0124 2676 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs F:\WINDOWS\system32\drivers\Npfs.sys
17:43:17.0131 2676 Npfs - ok
17:43:17.0163 2676 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig F:\WINDOWS\System32\drivers\npsvctrig.sys
17:43:17.0173 2676 npsvctrig - ok
17:43:17.0193 2676 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi F:\WINDOWS\system32\nsisvc.dll
17:43:17.0200 2676 nsi - ok
17:43:17.0223 2676 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy F:\WINDOWS\system32\drivers\nsiproxy.sys
17:43:17.0230 2676 nsiproxy - ok
17:43:17.0274 2676 [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD ] Ntfs F:\WINDOWS\system32\drivers\Ntfs.sys
17:43:17.0321 2676 Ntfs - ok
17:43:17.0346 2676 [ 4163ADE07DB51843AE31F65B94F5398D ] Null F:\WINDOWS\system32\drivers\Null.sys
17:43:17.0353 2676 Null - ok
17:43:17.0380 2676 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid F:\WINDOWS\system32\drivers\nvraid.sys
17:43:17.0387 2676 nvraid - ok
17:43:17.0407 2676 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor F:\WINDOWS\system32\drivers\nvstor.sys
17:43:17.0415 2676 nvstor - ok
17:43:17.0429 2676 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp F:\WINDOWS\system32\drivers\nv_agp.sys
17:43:17.0436 2676 nv_agp - ok
17:43:17.0480 2676 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose F:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:43:17.0486 2676 ose - ok
17:43:17.0613 2676 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc F:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:43:17.0716 2676 osppsvc - ok
17:43:17.0762 2676 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc F:\WINDOWS\system32\pnrpsvc.dll
17:43:17.0778 2676 p2pimsvc - ok
17:43:17.0794 2676 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc F:\WINDOWS\system32\p2psvc.dll
17:43:17.0804 2676 p2psvc - ok
17:43:17.0837 2676 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport F:\WINDOWS\System32\drivers\parport.sys
17:43:17.0844 2676 Parport - ok
17:43:17.0866 2676 [ C1D7BA7F0DE487DFEEB51BF8D3EC5562 ] partmgr F:\WINDOWS\system32\drivers\partmgr.sys
17:43:17.0872 2676 partmgr - ok
17:43:17.0889 2676 [ 19E41F140A6ADBD38943710DA7FF0E38 ] PcaSvc F:\WINDOWS\System32\pcasvc.dll
17:43:17.0900 2676 PcaSvc - ok
17:43:17.0925 2676 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci F:\WINDOWS\system32\drivers\pci.sys
17:43:17.0933 2676 pci - ok
17:43:17.0947 2676 [ F9908D274D458220F91E89B54D78D837 ] pciide F:\WINDOWS\system32\drivers\pciide.sys
17:43:17.0953 2676 pciide - ok
17:43:17.0965 2676 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia F:\WINDOWS\system32\drivers\pcmcia.sys
17:43:17.0974 2676 pcmcia - ok
17:43:17.0991 2676 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw F:\WINDOWS\system32\drivers\pcw.sys
17:43:17.0997 2676 pcw - ok
17:43:18.0022 2676 [ 668168D499F7A16ABD0AD7ADA6563577 ] pdc F:\WINDOWS\system32\drivers\pdc.sys
17:43:18.0028 2676 pdc - ok
17:43:18.0057 2676 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH F:\WINDOWS\system32\drivers\peauth.sys
17:43:18.0072 2676 PEAUTH - ok
17:43:18.0128 2676 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc F:\WINDOWS\system32\peerdistsvc.dll
17:43:18.0189 2676 PeerDistSvc - ok
17:43:18.0257 2676 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost F:\WINDOWS\SysWow64\perfhost.exe
17:43:18.0264 2676 PerfHost - ok
17:43:18.0309 2676 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla F:\WINDOWS\system32\pla.dll
17:43:18.0342 2676 pla - ok
17:43:18.0372 2676 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay F:\WINDOWS\system32\umpnpmgr.dll
17:43:18.0380 2676 PlugPlay - ok
17:43:18.0411 2676 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg F:\WINDOWS\system32\pnrpauto.dll
17:43:18.0418 2676 PNRPAutoReg - ok
17:43:18.0437 2676 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc F:\WINDOWS\system32\pnrpsvc.dll
17:43:18.0445 2676 PNRPsvc - ok
17:43:18.0478 2676 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent F:\WINDOWS\System32\ipsecsvc.dll
17:43:18.0490 2676 PolicyAgent - ok
17:43:18.0517 2676 [ F1E067F56373F11EA4B785CAE823740A ] Power F:\WINDOWS\system32\umpo.dll
17:43:18.0537 2676 Power - ok
17:43:18.0564 2676 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport F:\WINDOWS\system32\DRIVERS\raspptp.sys
17:43:18.0573 2676 PptpMiniport - ok
17:43:18.0666 2676 [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE ] PrintNotify F:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
17:43:18.0734 2676 PrintNotify - ok
17:43:18.0750 2676 [ 8DA167F8967AB35A2487095CB1B879A0 ] Processor F:\WINDOWS\System32\drivers\processr.sys
17:43:18.0756 2676 Processor - ok
17:43:18.0774 2676 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc F:\WINDOWS\system32\profsvc.dll
17:43:18.0783 2676 ProfSvc - ok
17:43:18.0809 2676 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched F:\WINDOWS\system32\DRIVERS\pacer.sys
17:43:18.0818 2676 Psched - ok
17:43:18.0844 2676 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI F:\WINDOWS\system32\DRIVERS\psi_mf.sys
17:43:18.0848 2676 PSI - ok
17:43:18.0875 2676 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE F:\WINDOWS\system32\qwave.dll
17:43:18.0884 2676 QWAVE - ok
17:43:18.0902 2676 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv F:\WINDOWS\system32\drivers\qwavedrv.sys
17:43:18.0909 2676 QWAVEdrv - ok
17:43:18.0941 2676 [ 873C60F8178100557740A832FCE10B5F ] RasAcd F:\WINDOWS\system32\DRIVERS\rasacd.sys
17:43:18.0972 2676 RasAcd - ok
17:43:19.0008 2676 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn F:\WINDOWS\system32\DRIVERS\AgileVpn.sys
17:43:19.0017 2676 RasAgileVpn - ok
17:43:19.0046 2676 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto F:\WINDOWS\System32\rasauto.dll
17:43:19.0055 2676 RasAuto - ok
17:43:19.0062 2676 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp F:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:43:19.0071 2676 Rasl2tp - ok
17:43:19.0101 2676 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan F:\WINDOWS\System32\rasmans.dll
17:43:19.0112 2676 RasMan - ok
17:43:19.0120 2676 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe F:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:43:19.0128 2676 RasPppoe - ok
17:43:19.0131 2676 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp F:\WINDOWS\system32\DRIVERS\rassstp.sys
17:43:19.0140 2676 RasSstp - ok
17:43:19.0162 2676 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss F:\WINDOWS\system32\DRIVERS\rdbss.sys
17:43:19.0171 2676 rdbss - ok
17:43:19.0181 2676 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus F:\WINDOWS\System32\drivers\rdpbus.sys
17:43:19.0198 2676 rdpbus - ok
17:43:19.0214 2676 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR F:\WINDOWS\system32\drivers\rdpdr.sys
17:43:19.0235 2676 RDPDR - ok
17:43:19.0264 2676 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport F:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:43:19.0270 2676 RdpVideoMiniport - ok
17:43:19.0303 2676 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD F:\WINDOWS\system32\drivers\RDPWD.sys
17:43:19.0310 2676 RDPWD - ok
17:43:19.0313 2676 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost F:\WINDOWS\system32\drivers\rdyboost.sys
17:43:19.0322 2676 rdyboost - ok
17:43:19.0372 2676 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess F:\WINDOWS\System32\mprdim.dll
17:43:19.0381 2676 RemoteAccess - ok
17:43:19.0399 2676 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry F:\WINDOWS\system32\regsvc.dll
17:43:19.0411 2676 RemoteRegistry - ok
17:43:19.0434 2676 [ 17EF582CBC4809F96B9E6D0543480763 ] RFCOMM F:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:43:19.0449 2676 RFCOMM - ok
17:43:19.0474 2676 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper F:\WINDOWS\System32\RpcEpMap.dll
17:43:19.0481 2676 RpcEptMapper - ok
17:43:19.0509 2676 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator F:\WINDOWS\system32\locator.exe
17:43:19.0516 2676 RpcLocator - ok
17:43:19.0556 2676 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs F:\WINDOWS\system32\rpcss.dll
17:43:19.0568 2676 RpcSs - ok
17:43:19.0574 2676 [ E04E770DD198B9399640717145E79EBF ] rspndr F:\WINDOWS\system32\DRIVERS\rspndr.sys
17:43:19.0583 2676 rspndr - ok
17:43:19.0620 2676 [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168 F:\WINDOWS\system32\DRIVERS\Rt630x64.sys
17:43:19.0632 2676 RTL8168 - ok
17:43:19.0670 2676 [ 333224D4D25F9BCCA488E08345083E1C ] RTL8187 F:\WINDOWS\system32\DRIVERS\rtl8187.sys
17:43:19.0688 2676 RTL8187 - ok
17:43:19.0698 2676 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap F:\WINDOWS\System32\drivers\vms3cap.sys
17:43:19.0704 2676 s3cap - ok
17:43:19.0719 2676 [ F702AB6181513303AB0FC8D59E52708B ] SamSs F:\WINDOWS\system32\lsass.exe
17:43:19.0726 2676 SamSs - ok
17:43:19.0753 2676 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port F:\WINDOWS\system32\drivers\sbp2port.sys
17:43:19.0760 2676 sbp2port - ok
17:43:19.0792 2676 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr F:\WINDOWS\System32\SCardSvr.dll
17:43:19.0802 2676 SCardSvr - ok
17:43:19.0823 2676 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter F:\WINDOWS\system32\DRIVERS\scfilter.sys
17:43:19.0831 2676 scfilter - ok
17:43:19.0871 2676 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule F:\WINDOWS\system32\schedsvc.dll
17:43:19.0896 2676 Schedule - ok
17:43:19.0937 2676 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc F:\WINDOWS\System32\certprop.dll
17:43:19.0946 2676 SCPolicySvc - ok
17:43:19.0977 2676 [ 008E4F21A9F5B8847E166C7119799754 ] sdbus F:\WINDOWS\System32\drivers\sdbus.sys
17:43:19.0985 2676 sdbus - ok
17:43:20.0004 2676 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC F:\WINDOWS\System32\SDRSVC.dll
17:43:20.0028 2676 SDRSVC - ok
17:43:20.0041 2676 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor F:\WINDOWS\System32\drivers\sdstor.sys
17:43:20.0047 2676 sdstor - ok
17:43:20.0061 2676 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv F:\WINDOWS\system32\drivers\secdrv.sys
17:43:20.0067 2676 secdrv - ok
17:43:20.0095 2676 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon F:\WINDOWS\system32\seclogon.dll
17:43:20.0105 2676 seclogon - ok
17:43:20.0159 2676 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent F:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:43:20.0175 2676 Secunia PSI Agent - ok
17:43:20.0205 2676 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent F:\Program Files (x86)\Secunia\PSI\sua.exe
17:43:20.0214 2676 Secunia Update Agent - ok
17:43:20.0237 2676 [ 9C51620998F0763039DFA6BF68E475ED ] SENS F:\WINDOWS\System32\sens.dll
17:43:20.0249 2676 SENS - ok
17:43:20.0257 2676 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc F:\WINDOWS\system32\sensrsvc.dll
17:43:20.0265 2676 SensrSvc - ok
17:43:20.0277 2676 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx F:\WINDOWS\system32\drivers\SerCx.sys
17:43:20.0284 2676 SerCx - ok
17:43:20.0305 2676 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum F:\WINDOWS\System32\drivers\serenum.sys
17:43:20.0312 2676 Serenum - ok
17:43:20.0344 2676 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial F:\WINDOWS\System32\drivers\serial.sys
17:43:20.0351 2676 Serial - ok
17:43:20.0372 2676 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse F:\WINDOWS\System32\drivers\sermouse.sys
17:43:20.0379 2676 sermouse - ok
17:43:20.0405 2676 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv F:\WINDOWS\system32\sessenv.dll
17:43:20.0413 2676 SessionEnv - ok
17:43:20.0432 2676 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy F:\WINDOWS\System32\drivers\sfloppy.sys
17:43:20.0438 2676 sfloppy - ok
17:43:20.0493 2676 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess F:\WINDOWS\System32\ipnathlp.dll
17:43:20.0505 2676 SharedAccess - ok
17:43:20.0547 2676 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection F:\WINDOWS\System32\shsvcs.dll
17:43:20.0577 2676 ShellHWDetection - ok
17:43:20.0602 2676 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 F:\WINDOWS\system32\drivers\SiSRaid2.sys
17:43:20.0608 2676 SiSRaid2 - ok
17:43:20.0621 2676 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 F:\WINDOWS\system32\drivers\sisraid4.sys
17:43:20.0628 2676 SiSRaid4 - ok
17:43:20.0721 2676 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service F:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:43:20.0760 2676 Skype C2C Service - ok
17:43:20.0778 2676 [ B866E8C5ED1DCBEA72285BA4107892C2 ] SkypeUpdate F:\Program Files (x86)\Skype\Updater\Updater.exe
17:43:20.0783 2676 SkypeUpdate - ok
17:43:20.0812 2676 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP F:\WINDOWS\System32\snmptrap.exe
17:43:20.0821 2676 SNMPTRAP - ok
17:43:20.0856 2676 [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport F:\WINDOWS\system32\drivers\spaceport.sys
17:43:20.0866 2676 spaceport - ok
17:43:20.0878 2676 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx F:\WINDOWS\system32\drivers\SpbCx.sys
17:43:20.0884 2676 SpbCx - ok
17:43:20.0912 2676 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler F:\WINDOWS\System32\spoolsv.exe
17:43:20.0938 2676 Spooler - ok
17:43:21.0028 2676 [ EC84D961501054F87A6878EC5D53388F ] sppsvc F:\WINDOWS\system32\sppsvc.exe
17:43:21.0086 2676 sppsvc - ok
17:43:21.0091 2676 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv F:\WINDOWS\system32\DRIVERS\srv.sys
17:43:21.0100 2676 srv - ok
17:43:21.0127 2676 [ C2106BB710AA34A046126AED7BCA6964 ] srv2 F:\WINDOWS\system32\DRIVERS\srv2.sys
17:43:21.0145 2676 srv2 - ok
17:43:21.0170 2676 [ 9400C71F5A1A380B494B6922F007D485 ] srvnet F:\WINDOWS\system32\DRIVERS\srvnet.sys
17:43:21.0177 2676 srvnet - ok
17:43:21.0208 2676 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV F:\WINDOWS\System32\ssdpsrv.dll
17:43:21.0219 2676 SSDPSRV - ok
17:43:21.0250 2676 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc F:\WINDOWS\system32\sstpsvc.dll
17:43:21.0260 2676 SstpSvc - ok
17:43:21.0282 2676 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor F:\WINDOWS\system32\drivers\stexstor.sys
17:43:21.0288 2676 stexstor - ok
17:43:21.0328 2676 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc F:\WINDOWS\System32\wiaservc.dll
17:43:21.0346 2676 stisvc - ok
17:43:21.0370 2676 [ C588BBD37B432CE3204E5765B459E6B2 ] storahci F:\WINDOWS\system32\drivers\storahci.sys
17:43:21.0377 2676 storahci - ok
17:43:21.0388 2676 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt F:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:43:21.0395 2676 storflt - ok
17:43:21.0407 2676 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc F:\WINDOWS\system32\storsvc.dll
17:43:21.0424 2676 StorSvc - ok
17:43:21.0448 2676 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc F:\WINDOWS\system32\drivers\storvsc.sys
17:43:21.0454 2676 storvsc - ok
17:43:21.0472 2676 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp F:\WINDOWS\System32\drivers\storvsp.sys
17:43:21.0494 2676 storvsp - ok
17:43:21.0506 2676 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc F:\WINDOWS\system32\svsvc.dll
17:43:21.0517 2676 svsvc - ok
17:43:21.0523 2676 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum F:\WINDOWS\System32\drivers\swenum.sys
17:43:21.0528 2676 swenum - ok
17:43:21.0558 2676 [ 502F9488540051F3E6C39889ECFA76BB ] swprv F:\WINDOWS\System32\swprv.dll
17:43:21.0573 2676 swprv - ok
17:43:21.0616 2676 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain F:\WINDOWS\system32\sysmain.dll
17:43:21.0641 2676 SysMain - ok
17:43:21.0665 2676 [ 079244F281621FEDCC161D3923E858FE ] SystemEventsBroker F:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:43:21.0676 2676 SystemEventsBroker - ok
17:43:21.0698 2676 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService F:\WINDOWS\System32\TabSvc.dll
17:43:21.0713 2676 TabletInputService - ok
17:43:21.0738 2676 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv F:\WINDOWS\System32\tapisrv.dll
17:43:21.0747 2676 TapiSrv - ok
17:43:21.0801 2676 [ 1D644E2D0FC395A055AB1C23C3B43631 ] Tcpip F:\WINDOWS\system32\drivers\tcpip.sys
17:43:21.0860 2676 Tcpip - ok
17:43:21.0887 2676 [ 1D644E2D0FC395A055AB1C23C3B43631 ] TCPIP6 F:\WINDOWS\system32\DRIVERS\tcpip.sys
17:43:21.0921 2676 TCPIP6 - ok
17:43:21.0954 2676 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg F:\WINDOWS\system32\drivers\tcpipreg.sys
17:43:21.0962 2676 tcpipreg - ok
17:43:21.0992 2676 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx F:\WINDOWS\system32\DRIVERS\tdx.sys
17:43:21.0999 2676 tdx - ok
17:43:22.0026 2676 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt F:\WINDOWS\System32\drivers\terminpt.sys
17:43:22.0032 2676 terminpt - ok
17:43:22.0052 2676 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService F:\WINDOWS\System32\termsrv.dll
17:43:22.0066 2676 TermService - ok
17:43:22.0092 2676 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes F:\WINDOWS\system32\themeservice.dll
17:43:22.0104 2676 Themes - ok
17:43:22.0131 2676 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER F:\WINDOWS\system32\mmcss.dll
17:43:22.0137 2676 THREADORDER - ok
17:43:22.0169 2676 [ 52066C139CC189468845D5BE557B25EB ] TimeBroker F:\WINDOWS\System32\TimeBrokerServer.dll
17:43:22.0177 2676 TimeBroker - ok
17:43:22.0202 2676 [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM F:\WINDOWS\system32\drivers\tpm.sys
17:43:22.0210 2676 TPM - ok
17:43:22.0236 2676 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks F:\WINDOWS\System32\trkwks.dll
17:43:22.0244 2676 TrkWks - ok
17:43:22.0301 2676 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller F:\WINDOWS\servicing\TrustedInstaller.exe
17:43:22.0316 2676 TrustedInstaller - ok
17:43:22.0330 2676 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt F:\WINDOWS\system32\drivers\tsusbflt.sys
17:43:22.0345 2676 TsUsbFlt - ok
17:43:22.0368 2676 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD F:\WINDOWS\System32\drivers\TsUsbGD.sys
17:43:22.0374 2676 TsUsbGD - ok
17:43:22.0402 2676 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel F:\WINDOWS\system32\DRIVERS\tunnel.sys
17:43:22.0412 2676 tunnel - ok
17:43:22.0430 2676 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 F:\WINDOWS\system32\drivers\uagp35.sys
17:43:22.0436 2676 uagp35 - ok
17:43:22.0444 2676 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor F:\WINDOWS\System32\drivers\uaspstor.sys
17:43:22.0451 2676 UASPStor - ok
17:43:22.0469 2676 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 F:\WINDOWS\System32\drivers\ucx01000.sys
17:43:22.0477 2676 UCX01000 - ok
17:43:22.0506 2676 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs F:\WINDOWS\system32\DRIVERS\udfs.sys
17:43:22.0518 2676 udfs - ok
17:43:22.0548 2676 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect F:\WINDOWS\system32\UI0Detect.exe
17:43:22.0557 2676 UI0Detect - ok
17:43:22.0586 2676 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx F:\WINDOWS\system32\drivers\uliagpkx.sys
17:43:22.0593 2676 uliagpkx - ok
17:43:22.0611 2676 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus F:\WINDOWS\System32\drivers\umbus.sys
17:43:22.0618 2676 umbus - ok
17:43:22.0632 2676 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass F:\WINDOWS\System32\drivers\umpass.sys
17:43:22.0638 2676 UmPass - ok
17:43:22.0671 2676 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService F:\WINDOWS\System32\umrdp.dll
17:43:22.0680 2676 UmRdpService - ok
17:43:22.0708 2676 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost F:\WINDOWS\System32\upnphost.dll
17:43:22.0720 2676 upnphost - ok
17:43:22.0746 2676 [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio F:\WINDOWS\system32\drivers\usbaudio.sys
17:43:22.0760 2676 usbaudio - ok
17:43:22.0781 2676 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp F:\WINDOWS\System32\drivers\usbccgp.sys
17:43:22.0788 2676 usbccgp - ok
17:43:22.0822 2676 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir F:\WINDOWS\System32\drivers\usbcir.sys
17:43:22.0836 2676 usbcir - ok
17:43:22.0862 2676 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci F:\WINDOWS\System32\drivers\usbehci.sys
17:43:22.0869 2676 usbehci - ok
17:43:22.0884 2676 [ FBB6794E3BBAD92D66D59D206C1F849F ] usbhub F:\WINDOWS\System32\drivers\usbhub.sys
17:43:22.0896 2676 usbhub - ok
17:43:22.0912 2676 [ 7B886003CEEBF3C8E4FDF3586DCB3787 ] USBHUB3 F:\WINDOWS\System32\drivers\UsbHub3.sys
17:43:22.0924 2676 USBHUB3 - ok
17:43:22.0940 2676 [ EC1303E3DBF312B846377A84C0D15F27 ] usbohci F:\WINDOWS\System32\drivers\usbohci.sys
17:43:22.0958 2676 usbohci - ok
17:43:22.0972 2676 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint F:\WINDOWS\System32\drivers\usbprint.sys
17:43:22.0989 2676 usbprint - ok
17:43:23.0017 2676 [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan F:\WINDOWS\System32\drivers\usbscan.sys
17:43:23.0039 2676 usbscan - ok
17:43:23.0058 2676 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR F:\WINDOWS\System32\drivers\USBSTOR.SYS
17:43:23.0065 2676 USBSTOR - ok
17:43:23.0080 2676 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci F:\WINDOWS\System32\drivers\usbuhci.sys
17:43:23.0086 2676 usbuhci - ok
17:43:23.0101 2676 [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI F:\WINDOWS\System32\drivers\USBXHCI.SYS
17:43:23.0111 2676 USBXHCI - ok
17:43:23.0119 2676 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc F:\WINDOWS\system32\lsass.exe
17:43:23.0126 2676 VaultSvc - ok
17:43:23.0154 2676 [ 70BF30C45553F4A6DBB5D86053F8FBF1 ] VBoxDrv F:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
17:43:23.0161 2676 VBoxDrv - ok
17:43:23.0186 2676 [ A4739B2242C29D23BB9CD6472320C42B ] VBoxNetAdp F:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
17:43:23.0191 2676 VBoxNetAdp - ok
17:43:23.0198 2676 [ C72D8E0AE95D025BA7ECD82919CB139F ] VBoxNetFlt F:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
17:43:23.0204 2676 VBoxNetFlt - ok
17:43:23.0229 2676 [ F5EB0B5663D56D6F68EF84DD19333F73 ] VBoxUSBMon F:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
17:43:23.0234 2676 VBoxUSBMon - ok
17:43:23.0261 2676 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot F:\WINDOWS\system32\drivers\vdrvroot.sys
17:43:23.0267 2676 vdrvroot - ok
17:43:23.0285 2676 [ 00FBA165A1167738802DA5D0EE78EF10 ] vds F:\WINDOWS\System32\vds.exe
17:43:23.0300 2676 vds - ok
17:43:23.0314 2676 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt F:\WINDOWS\system32\drivers\VerifierExt.sys
17:43:23.0322 2676 VerifierExt - ok
17:43:23.0341 2676 [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp F:\WINDOWS\System32\drivers\vhdmp.sys
17:43:23.0353 2676 vhdmp - ok
17:43:23.0371 2676 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide F:\WINDOWS\system32\drivers\viaide.sys
17:43:23.0377 2676 viaide - ok
17:43:23.0396 2676 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid F:\WINDOWS\System32\drivers\Vid.sys
17:43:23.0404 2676 Vid - ok
17:43:23.0417 2676 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus F:\WINDOWS\system32\drivers\vmbus.sys
17:43:23.0423 2676 vmbus - ok
17:43:23.0442 2676 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID F:\WINDOWS\System32\drivers\VMBusHID.sys
17:43:23.0448 2676 VMBusHID - ok
17:43:23.0475 2676 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr F:\WINDOWS\System32\drivers\vmbusr.sys
17:43:23.0482 2676 vmbusr - ok
17:43:23.0504 2676 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat F:\WINDOWS\System32\ICSvc.dll
17:43:23.0513 2676 vmicheartbeat - ok
17:43:23.0516 2676 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange F:\WINDOWS\System32\ICSvc.dll
17:43:23.0525 2676 vmickvpexchange - ok
17:43:23.0538 2676 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv F:\WINDOWS\System32\ICSvc.dll
17:43:23.0546 2676 vmicrdv - ok
17:43:23.0549 2676 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown F:\WINDOWS\System32\ICSvc.dll
17:43:23.0558 2676 vmicshutdown - ok
17:43:23.0561 2676 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync F:\WINDOWS\System32\ICSvc.dll
17:43:23.0569 2676 vmictimesync - ok
17:43:23.0573 2676 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss F:\WINDOWS\System32\ICSvc.dll
17:43:23.0581 2676 vmicvss - ok
17:43:23.0600 2676 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr F:\WINDOWS\system32\drivers\volmgr.sys
17:43:23.0607 2676 volmgr - ok
17:43:23.0623 2676 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx F:\WINDOWS\system32\drivers\volmgrx.sys
17:43:23.0633 2676 volmgrx - ok
17:43:23.0647 2676 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap F:\WINDOWS\system32\drivers\volsnap.sys
17:43:23.0658 2676 volsnap - ok
17:43:23.0674 2676 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci F:\WINDOWS\System32\drivers\vpci.sys
17:43:23.0681 2676 vpci - ok
17:43:23.0687 2676 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp F:\WINDOWS\System32\drivers\vpcivsp.sys
17:43:23.0693 2676 vpcivsp - ok
17:43:23.0706 2676 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid F:\WINDOWS\system32\drivers\vsmraid.sys
17:43:23.0714 2676 vsmraid - ok
17:43:23.0759 2676 [ EA658570314042C914964FC72AB50E6B ] VSS F:\WINDOWS\system32\vssvc.exe
17:43:23.0794 2676 VSS - ok
17:43:23.0825 2676 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID F:\WINDOWS\system32\drivers\vstxraid.sys
17:43:23.0835 2676 VSTXRAID - ok
17:43:23.0855 2676 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus F:\WINDOWS\System32\drivers\vwifibus.sys
17:43:23.0861 2676 vwifibus - ok
17:43:23.0864 2676 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt F:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:43:23.0871 2676 vwififlt - ok
17:43:23.0891 2676 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp F:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:43:23.0898 2676 vwifimp - ok
17:43:23.0925 2676 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time F:\WINDOWS\system32\w32time.dll
17:43:23.0937 2676 W32Time - ok
17:43:23.0947 2676 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen F:\WINDOWS\System32\drivers\wacompen.sys
17:43:23.0954 2676 WacomPen - ok
17:43:23.0975 2676 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp F:\WINDOWS\system32\DRIVERS\wanarp.sys
17:43:23.0981 2676 Wanarp - ok
17:43:23.0997 2676 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 F:\WINDOWS\system32\DRIVERS\wanarp.sys
17:43:24.0003 2676 Wanarpv6 - ok
17:43:24.0033 2676 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine F:\WINDOWS\system32\wbengine.exe
17:43:24.0061 2676 wbengine - ok
17:43:24.0075 2676 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc F:\WINDOWS\System32\wbiosrvc.dll
17:43:24.0084 2676 WbioSrvc - ok
17:43:24.0107 2676 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc F:\WINDOWS\System32\wcmsvc.dll
17:43:24.0117 2676 Wcmsvc - ok
17:43:24.0146 2676 [ 4507D89FA9E4283100948C91E867D130 ] wcncsvc F:\WINDOWS\System32\wcncsvc.dll
17:43:24.0160 2676 wcncsvc - ok
17:43:24.0171 2676 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService F:\WINDOWS\System32\WcsPlugInService.dll
17:43:24.0190 2676 WcsPlugInService - ok
17:43:24.0214 2676 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd F:\WINDOWS\system32\drivers\wd.sys
17:43:24.0220 2676 Wd - ok
17:43:24.0246 2676 [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot F:\WINDOWS\system32\drivers\WdBoot.sys
17:43:24.0252 2676 WdBoot - ok
17:43:24.0286 2676 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 F:\WINDOWS\system32\drivers\Wdf01000.sys
17:43:24.0301 2676 Wdf01000 - ok
17:43:24.0329 2676 [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter F:\WINDOWS\system32\drivers\WdFilter.sys
17:43:24.0339 2676 WdFilter - ok
17:43:24.0370 2676 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost F:\WINDOWS\system32\wdi.dll
17:43:24.0383 2676 WdiServiceHost - ok
17:43:24.0385 2676 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost F:\WINDOWS\system32\wdi.dll
17:43:24.0396 2676 WdiSystemHost - ok
17:43:24.0415 2676 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient F:\WINDOWS\System32\webclnt.dll
17:43:24.0425 2676 WebClient - ok
17:43:24.0445 2676 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc F:\WINDOWS\system32\wecsvc.dll
17:43:24.0454 2676 Wecsvc - ok
17:43:24.0482 2676 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport F:\WINDOWS\System32\wercplsupport.dll
17:43:24.0537 2676 wercplsupport - ok
17:43:24.0549 2676 [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc F:\WINDOWS\System32\WerSvc.dll
17:43:24.0563 2676 WerSvc - ok
17:43:24.0572 2676 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS F:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:43:24.0579 2676 WFPLWFS - ok
17:43:24.0604 2676 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc F:\WINDOWS\System32\wiarpc.dll
17:43:24.0612 2676 WiaRpc - ok
17:43:24.0626 2676 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount F:\WINDOWS\system32\drivers\wimmount.sys
17:43:24.0632 2676 WIMMount - ok
17:43:24.0643 2676 WinDefend - ok
17:43:24.0675 2676 [ 1369928779943B5C7AABA263E6E2BBC1 ] WinHttpAutoProxySvc F:\WINDOWS\system32\winhttp.dll
17:43:24.0686 2676 WinHttpAutoProxySvc - ok
17:43:24.0743 2676 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt F:\WINDOWS\system32\wbem\WMIsvc.dll
17:43:24.0752 2676 Winmgmt - ok
17:43:24.0814 2676 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM F:\WINDOWS\system32\WsmSvc.dll
17:43:24.0870 2676 WinRM - ok
17:43:24.0928 2676 [ EE83FBF4B9802983A3F980862CDA46BE ] WlanSvc F:\WINDOWS\System32\wlansvc.dll
17:43:24.0961 2676 WlanSvc - ok
17:43:25.0000 2676 [ 08EFA13A2234C8C3B8A99E4B88BE7E9B ] wlidsvc F:\WINDOWS\system32\wlidsvc.dll
17:43:25.0021 2676 wlidsvc - ok
17:43:25.0049 2676 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi F:\WINDOWS\System32\drivers\wmiacpi.sys
17:43:25.0056 2676 WmiAcpi - ok
17:43:25.0085 2676 [ D113499052C5E541906B727779F0F959 ] wmiApSrv F:\WINDOWS\system32\wbem\WmiApSrv.exe
17:43:25.0094 2676 wmiApSrv - ok
17:43:25.0112 2676 WMPNetworkSvc - ok
17:43:25.0126 2676 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr F:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:43:25.0149 2676 wpcfltr - ok
17:43:25.0173 2676 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc F:\WINDOWS\System32\wpcsvc.dll
17:43:25.0180 2676 WPCSvc - ok
17:43:25.0202 2676 [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum F:\WINDOWS\system32\wpdbusenum.dll
17:43:25.0217 2676 WPDBusEnum - ok
17:43:25.0229 2676 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr F:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:43:25.0236 2676 WpdUpFltr - ok
17:43:25.0264 2676 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl F:\WINDOWS\system32\drivers\ws2ifsl.sys
17:43:25.0271 2676 ws2ifsl - ok
17:43:25.0280 2676 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc F:\WINDOWS\System32\wscsvc.dll
17:43:25.0307 2676 wscsvc - ok
17:43:25.0335 2676 [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice F:\WINDOWS\System32\drivers\WSDPrint.sys
17:43:25.0341 2676 WSDPrintDevice - ok
17:43:25.0343 2676 WSearch - ok
17:43:25.0393 2676 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService F:\WINDOWS\System32\WSService.dll
17:43:25.0432 2676 WSService - ok
17:43:25.0500 2676 [ 270282F9357AB356300AD9DB9F0FD665 ] wuauserv F:\WINDOWS\system32\wuaueng.dll
17:43:25.0543 2676 wuauserv - ok
17:43:25.0579 2676 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf F:\WINDOWS\system32\drivers\WudfPf.sys
17:43:25.0586 2676 WudfPf - ok
17:43:25.0600 2676 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd F:\WINDOWS\System32\drivers\WUDFRd.sys
17:43:25.0608 2676 WUDFRd - ok
17:43:25.0611 2676 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP F:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:43:25.0618 2676 WUDFSensorLP - ok
17:43:25.0628 2676 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc F:\WINDOWS\System32\WUDFSvc.dll
17:43:25.0636 2676 wudfsvc - ok
17:43:25.0650 2676 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs F:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:43:25.0657 2676 WUDFWpdFs - ok
17:43:25.0694 2676 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc F:\WINDOWS\System32\wwansvc.dll
17:43:25.0715 2676 WwanSvc - ok
17:43:25.0723 2676 ================ Scan global ===============================
17:43:25.0755 2676 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] F:\WINDOWS\system32\basesrv.dll
17:43:25.0778 2676 [ E9343076AE704D20BB0D01F3AF3EFFEF ] F:\WINDOWS\system32\winsrv.dll
17:43:25.0798 2676 [ BD7C6949984D19AAA609896B675E7357 ] F:\WINDOWS\system32\sxssrv.dll
17:43:25.0831 2676 [ 8F226143046435C75C033B0C52E90FFE ] F:\WINDOWS\system32\services.exe
17:43:25.0833 2676 [Global] - ok
17:43:25.0834 2676 ================ Scan MBR ==================================
17:43:25.0837 2676 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:43:25.0913 2676 \Device\Harddisk0\DR0 - ok
17:43:25.0931 2676 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:43:25.0989 2676 \Device\Harddisk1\DR1 - ok
17:43:25.0992 2676 [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk2\DR2
17:43:26.0473 2676 \Device\Harddisk2\DR2 - ok
17:43:26.0473 2676 ================ Scan VBR ==================================
17:43:26.0475 2676 [ 90298CC57228C48DF6C46E55C602D0C9 ] \Device\Harddisk0\DR0\Partition1
17:43:26.0475 2676 \Device\Harddisk0\DR0\Partition1 - ok
17:43:26.0477 2676 [ B034843D71A736263BF981CC3DEB83B6 ] \Device\Harddisk1\DR1\Partition1
17:43:26.0478 2676 \Device\Harddisk1\DR1\Partition1 - ok
17:43:26.0493 2676 [ D9953AEA769EE7F9294A50892A6C5BD4 ] \Device\Harddisk1\DR1\Partition2
17:43:26.0494 2676 \Device\Harddisk1\DR1\Partition2 - ok
17:43:26.0510 2676 [ EBE581039189E5071C4749366745D64B ] \Device\Harddisk1\DR1\Partition3
17:43:26.0511 2676 \Device\Harddisk1\DR1\Partition3 - ok
17:43:26.0513 2676 [ AE1E664A38C416479860F795135F3437 ] \Device\Harddisk2\DR2\Partition1
17:43:26.0513 2676 \Device\Harddisk2\DR2\Partition1 - ok
17:43:26.0514 2676 ============================================================
17:43:26.0514 2676 Scan finished
17:43:26.0514 2676 ============================================================
17:43:26.0519 4544 Detected object count: 0
17:43:26.0519 4544 Actual detected object count: 0
Gruß verrant |
|
| Themen zu Trojan.Generic.KDV.182338 (B) |
| adblock, aufrufe, bho, converter, desktop, document, downloader, emsisoft, error, festplatte, firefox, flash player, google, helper, homepage, logfile, mozilla, mp3, object, plug-in, problem, realtek, registry, scan, secunia psi, security, senden, system, traces, visual studio, win 8, windows, wiso |
Linear-Darstellung
