| |
| |||||||
Log-Analyse und Auswertung: WPuxEjVtXoFKKAE.exe und "delayed write failed"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.03.2012, 15:54
| #1 |
| |  WPuxEjVtXoFKKAE.exe und "delayed write failed" Guten Tag während ich surfte meldete Avira "Malware gefunden" nach dem ich auf löschen klickte wurde alle programme geschlossen es tauchte ca. 15 mal die wohl bekannte fehlermeldung "delayed write failed" auf kurz darauf wurde auch der abgang der ATI software und RAM probleme gemeldet. auch von beschädigten HDD clustern wurde berichtet. Nun die glaube ich üblichen symptome Desktop leer, Startleiste leer, Taskmanager nicht über Strg+Alt+Enf zu erreichen etc. auch unter anderen Benutzern. Alle unnötigen HDDs hab kurz nach auftreten des Problems, bis jetzt vom Pc getrennt, noch angeschlossen 60GB SSD mit einer Partition C: Fortschritt bisher: über cmd >taskkill einige Prozesse beendet u.a. WpuxEjVtXoFKKAE.exe über msconfig>Systemstart das Häkchen bei "WpuxEjVtXoFKKAE.exe" entfernt über "ordneroptionen ausgeblendete Dataien,Laufwerke anzeigen" mein Pc soweit gebracht nun weitere schritte vorzunehmen. nun die Logs (AntiVir war nur während des Scans Deaktiviert) DDS: .DDS Logfile: Code:
ATTFilter DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by admin at 15:13:33 on 2012-03-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4079.2920 [GMT 1:00]
.
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\program files (x86)\avira\antivir desktop\avscan.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\Dwm.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer bereitgestellt von ARLT Computer
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [OpAgent] "OpAgent.exe" /agent
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [<NO NAME>]
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-system: DisableTaskMgr = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: DisableTaskMgr = 1 (0x1)
IE: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{3386AF45-0C3B-47CB-84AA-EAD4E2818EF8} : DhcpNameServer = 192.168.2.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{AE7CD045-E861-484f-8273-0445EE161910}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{F4971EE7-DAA0-4053-9964-665D8EE6A077}
{47833539-D0C5-4125-9FA8-0819E2EAAC93}
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [(Standard)]
mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRunOnce-x64: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jgcos2hm.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: F:\Programme\Mozilla Firefox\extensions\inspector@mozilla.org\components\inspector.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_xata;amd_xata;C:\Windows\system32\drivers\amd_xata.sys --> C:\Windows\system32\drivers\amd_xata.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AntiVirSchedulerService;Avira AntiVir Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-3-24 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-3-24 269480]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-21 13336]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S1 acedrv06;acedrv06;\??\C:\Windows\system32\drivers\acedrv06.sys --> C:\Windows\system32\drivers\acedrv06.sys [?]
S2 Realtek11nSU;Realtek11nSU;C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [2011-3-23 40960]
S3 adp3132;adp3132;C:\Windows\system32\drivers\adp3132.sys --> C:\Windows\system32\drivers\adp3132.sys [?]
S3 ahcix64s;ahcix64s;C:\Windows\system32\drivers\ahcix64s.sys --> C:\Windows\system32\drivers\ahcix64s.sys [?]
S3 amd_sata;amd_sata;C:\Windows\system32\drivers\amd_sata.sys --> C:\Windows\system32\drivers\amd_sata.sys [?]
S3 amdide64;amdide64;C:\Windows\system32\drivers\amdide64.sys --> C:\Windows\system32\drivers\amdide64.sys [?]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\drivers\asmthub3.sys --> C:\Windows\system32\drivers\asmthub3.sys [?]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\drivers\asmtxhci.sys --> C:\Windows\system32\drivers\asmtxhci.sys [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-3-27 1038088]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\system32\drivers\FLxHCIc.sys --> C:\Windows\system32\drivers\FLxHCIc.sys [?]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\system32\drivers\FLxHCIh.sys --> C:\Windows\system32\drivers\FLxHCIh.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 ISASerial;PCIe-ISA Communication Port;C:\Windows\system32\drivers\ISASerial.sys --> C:\Windows\system32\drivers\ISASerial.sys [?]
S3 MtsHID;TechniSat Mantis BDA HID Driver;C:\Windows\system32\drivers\MtsHID.sys --> C:\Windows\system32\drivers\MtsHID.sys [?]
S3 mv91cons;mv91cons;C:\Windows\system32\drivers\mv91cons.sys --> C:\Windows\system32\drivers\mv91cons.sys [?]
S3 mv91xx;mv91xx;C:\Windows\system32\drivers\mv91xx.sys --> C:\Windows\system32\drivers\mv91xx.sys [?]
S3 nvamacpi;nvamacpi;C:\Windows\system32\drivers\NVAMACPI.sys --> C:\Windows\system32\drivers\NVAMACPI.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 OxPCIeSer;OxPCIeSer;C:\Windows\system32\drivers\OxPCIeSer.sys --> C:\Windows\system32\drivers\OxPCIeSer.sys [?]
S3 PciIsaSerial;PCI-ISA Communication Port;C:\Windows\system32\drivers\PciIsaSerial.sys --> C:\Windows\system32\drivers\PciIsaSerial.sys [?]
S3 PciPPorts;PCI ECP Parallel Port;C:\Windows\system32\drivers\PciPPorts.sys --> C:\Windows\system32\drivers\PciPPorts.sys [?]
S3 PciSPorts;High-Speed PCI Serial Port;C:\Windows\system32\drivers\PciSPorts.sys --> C:\Windows\system32\drivers\PciSPorts.sys [?]
S3 PPorts;PCIe ECP Parallel Port;C:\Windows\system32\drivers\PPorts.sys --> C:\Windows\system32\drivers\PPorts.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?]
S3 Si3124r5;Si3124r5;C:\Windows\system32\drivers\Si3124r5.sys --> C:\Windows\system32\drivers\Si3124r5.sys [?]
S3 SPorts;High-Speed PCIe Serial Port;C:\Windows\system32\drivers\SPorts.sys --> C:\Windows\system32\drivers\SPorts.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-03-04 13:32:32 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-04 13:32:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-04 13:28:08 -------- d-----w- C:\Users\admin\AppData\Roaming\Malwarebytes
2012-03-04 13:28:08 -------- d-----w- C:\ProgramData\Malwarebytes
2012-03-03 16:12:05 429568 ---ha-w- C:\ProgramData\WPuxEjVtXoFKKAE.exe
2012-02-27 07:45:24 -------- d--h--w- C:\Users\admin\AppData\Roaming\Zeon
2012-02-17 11:39:02 -------- d--h--w- C:\Program Files (x86)\MSXML 4.0
2012-02-17 11:39:00 -------- d--h--w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2012-02-17 11:33:38 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-17 11:33:35 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-17 11:33:35 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-17 11:33:35 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-13 11:40:45 -------- d--h--w- C:\Program Files (x86)\ScanSoft
2012-02-08 21:59:41 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-02-08 21:59:41 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-02-08 21:59:40 77312 ----a-w- C:\Windows\System32\packager.dll
2012-02-08 21:59:40 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-02-08 21:59:40 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-02-08 21:59:40 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-02-08 21:59:40 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-02-08 21:59:40 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
.
==================== Find3M ====================
.
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-12-09 02:31:33 81920 ---ha-w- C:\Windows\SysWow64\acedrv06.dll
2011-12-09 02:31:33 147456 ----a-w- C:\Windows\System32\drivers\acedrv06.sys
.
============= FINISH: 15:13:42,76 ===============
meine frage nun kann ich einfach die in Malwarebytes die fehler behen oder sollte besser anders vorgegangen werden? bei ähnlichen problemen habe ich hier im forum von einer längeren "Reperatur" gelesen u.a. ComboFix Unhide etc. vielen Dank! Grüße Sodamixer Geändert von sodamixer (04.03.2012 um 16:33 Uhr) |
|
04.03.2012, 22:10
| #2 |
  | WPuxEjVtXoFKKAE.exe und "delayed write failed" Hi,
__________________MAM alles löschen lassen, dann ein OTL-Log posten... Wichtig:Du musst mit dem verseuchten Konto booten! OTL Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
chris
__________________ |
|
05.03.2012, 09:44
| #3 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" erstmal vielen Dank für die schnelle Antwort sogar Sonntag Abend :-)
__________________Avira und MAM war während OTL Scan aktiv kein Problem oder? Zum Thema "in verseuchtem Konto booten": Hab den Pc seit den Taskkills und den anderen in meinem ersten Beitrag geschilderten aktionen immer nur im "Energie sparen". Ergänzung zu den, von mir sichtbar gemachten icons/Ordnern, diese sind nur transparent, dazu nutze ich später unhide richtig? Mein catalyst control center von ATI brint in windows immernoch Fehler mit der einzigen Otion das programm zu schließen? die Logs: Code:
ATTFilter OTL logfile created on: 05.03.2012 09:14:12 - Run 1 OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\admin\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,98 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 59,91% Memory free 7,96 Gb Paging File | 6,07 Gb Available in Paging File | 76,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 55,90 Gb Total Space | 15,51 Gb Free Space | 27,75% Space Free | Partition Type: NTFS Computer Name: ARLT | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\admin\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe (Realtek Semiconductor Corp.) PRC - C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe (Realtek) PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe (Adobe Systems Incorporated) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\bc264c7dba2096c2c88080090bf42600\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6aef03034d33721bfbd588d9d7fffe60\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (Realtek11nSU) -- C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe (Realtek) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (acedrv06) -- C:\Windows\SysNative\drivers\acedrv06.sys () DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (mv91xx) -- C:\Windows\SysNative\drivers\mv91xx.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (mv91cons) -- C:\Windows\SysNative\drivers\mv91cons.sys (Marvell Semiconductor Inc.) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (FLxHCIc) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic) DRV:64bit: - (FLxHCIh) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic) DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\drivers\SiWinAcc.sys (Silicon Image, Inc.) DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\drivers\SiRemFil.sys (Silicon Image, Inc.) DRV:64bit: - (Si3124r5) -- C:\Windows\SysNative\drivers\Si3124r5.sys (Silicon Image, Inc) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (adp3132) -- C:\Windows\SysNative\drivers\adp3132.sys (Adaptec, Inc.) DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.) DRV:64bit: - (nvamacpi) -- C:\Windows\SysNative\drivers\nvamacpi.sys (NVIDIA Corporation) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (MtsHID) -- C:\Windows\SysNative\drivers\MtsHID.sys (TechniSat Provide) DRV:64bit: - (ahcix64s) -- C:\Windows\SysNative\drivers\ahcix64s.sys (Advanced Micro Devices, Inc) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (PciIsaSerial) -- C:\Windows\SysNative\drivers\PciIsaSerial.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (PciPPorts) -- C:\Windows\SysNative\drivers\PciPPorts.sys () DRV:64bit: - (PciSPorts) -- C:\Windows\SysNative\drivers\PciSPorts.sys () DRV:64bit: - (OxPCIeSer) -- C:\Windows\SysNative\drivers\OxPCIeSer.sys (OEM) DRV:64bit: - (SPorts) -- C:\Windows\SysNative\drivers\SPorts.sys () DRV:64bit: - (PPorts) -- C:\Windows\SysNative\drivers\PPorts.sys () DRV:64bit: - (ISASerial) -- C:\Windows\SysNative\drivers\ISASerial.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (amdide64) -- C:\Windows\SysNative\drivers\amdide64.sys (Advanced Micro Devices) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 63 FF 73 4F B8 CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.02 16:19:31 | 000,000,000 | -H-D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.08.15 17:13:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Extensions [2012.02.28 11:52:17 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\jgcos2hm.default\extensions [2011.08.22 20:33:38 | 000,000,000 | -H-D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\jgcos2hm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.08.15 17:13:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions () (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JGCOS2HM.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI () (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JGCOS2HM.DEFAULT\EXTENSIONS\LIEFERHELD@EXTENSIONS.PARTNERADDONS.DE.XPI [2012.01.02 16:19:31 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.01.02 16:19:30 | 000,001,392 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.02 16:19:30 | 000,002,252 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.01.02 16:19:30 | 000,001,153 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.01.02 16:19:30 | 000,006,805 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.02 16:19:30 | 000,001,178 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.02 16:19:30 | 000,001,105 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.03.27 17:29:51 | 000,001,300 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [OpAgent] "OpAgent.exe" /agent File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3386AF45-0C3B-47CB-84AA-EAD4E2818EF8}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{b5170bf1-b3b7-11e0-bb0e-a4ada291f63e}\Shell - "" = AutoRun O33 - MountPoints2\{b5170bf1-b3b7-11e0-bb0e-a4ada291f63e}\Shell\AutoRun\command - "" = H:\start.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.03.05 08:55:18 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe [2012.03.04 15:06:33 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\admin\Desktop\dds.com [2012.03.04 14:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.03.04 14:32:32 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.03.04 14:32:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.03.04 14:29:19 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\Neuer Ordner [2012.03.04 14:28:08 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Malwarebytes [2012.03.04 14:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.03.02 21:58:07 | 000,000,000 | -H-D | C] -- C:\Users\admin\Desktop\canditose [2012.02.27 08:45:24 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Roaming\Zeon [2012.02.24 08:23:13 | 000,000,000 | -H-D | C] -- C:\Users\admin\Desktop\icc profile [2012.02.17 12:39:02 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012.02.17 12:39:00 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 [2012.02.17 12:37:30 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.02.17 12:37:30 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.02.17 12:37:29 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.02.17 12:37:29 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.02.17 12:37:29 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.02.17 12:37:29 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.02.17 12:37:29 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.02.17 12:37:29 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.02.17 12:37:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.02.17 12:37:28 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.02.17 12:37:28 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.02.17 12:33:35 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012.02.13 12:41:01 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Roaming\ScanSoft [2012.02.13 12:40:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\ScanSoft [2012.02.13 12:40:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage 16 [2012.02.13 12:40:45 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\ScanSoft [2012.02.09 15:04:13 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.02.09 15:04:13 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.02.09 15:04:13 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.02.09 15:04:13 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.02.09 15:04:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.02.09 15:04:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.02.08 22:59:41 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.02.08 22:59:40 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.02.08 22:59:40 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012.02.08 22:59:40 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.02.08 22:59:40 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.02.08 22:59:40 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.02.08 22:59:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll ========== Files - Modified Within 30 Days ========== [2012.03.05 09:10:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.03.05 09:10:33 | 3207,561,216 | -HS- | M] () -- C:\hiberfil.sys [2012.03.05 09:09:39 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.03.05 09:09:39 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.03.05 09:01:09 | 001,473,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.03.05 09:01:09 | 000,644,072 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.03.05 09:01:09 | 000,607,436 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.03.05 09:01:09 | 000,126,374 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.03.05 09:01:09 | 000,103,556 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.03.05 08:55:18 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe [2012.03.04 15:10:27 | 000,000,168 | ---- | M] () -- C:\Users\admin\defogger_reenable [2012.03.04 15:06:33 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\admin\Desktop\dds.com [2012.03.04 15:04:34 | 000,050,477 | ---- | M] () -- C:\Users\admin\Desktop\Defogger.exe [2012.03.04 14:32:33 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.03.03 15:24:36 | 000,000,095 | -H-- | M] () -- C:\Windows\winamp.ini [2012.02.29 17:32:32 | 000,237,876 | -H-- | M] () -- C:\Users\admin\Desktop\anmeldung.xps [2012.02.28 20:10:22 | 007,354,707 | -H-- | M] () -- C:\Users\admin\Desktop\DSC_0052.JPG [2012.02.27 21:52:13 | 002,952,105 | -H-- | M] () -- C:\Users\admin\Desktop\DSC_0664.jpg [2012.02.27 11:49:03 | 001,855,586 | -H-- | M] () -- C:\Users\admin\Desktop\DatenblattSlimLumiFlex(4).pdf [2012.02.27 11:44:09 | 001,855,586 | -H-- | M] () -- C:\Users\admin\Desktop\DatenblattSlimLumiFlex(6).pdf [2012.02.21 12:32:11 | 000,075,836 | -H-- | M] () -- C:\Users\admin\Desktop\registrierungsurkunde-wendelin.pdf [2012.02.20 14:04:40 | 000,561,113 | -H-- | M] () -- C:\Users\admin\Desktop\JOBBÖRSE - Stellenangebot.mht [2012.02.17 14:58:06 | 002,883,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.02.17 12:38:58 | 001,499,556 | -H-- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.02.13 12:40:56 | 000,000,407 | -H-- | M] () -- C:\Windows\MAXLINK.INI [2012.02.13 08:40:43 | 000,920,761 | -H-- | M] () -- C:\Users\admin\Desktop\40955_1_ADOTECHII_Kurzanleitung.pdf [2012.02.13 08:39:37 | 000,025,463 | -H-- | M] () -- C:\Users\admin\Desktop\adox-cms-20-rollfilm-120.html ========== Files Created - No Company Name ========== [2012.03.04 15:10:27 | 000,000,168 | ---- | C] () -- C:\Users\admin\defogger_reenable [2012.03.04 15:04:34 | 000,050,477 | ---- | C] () -- C:\Users\admin\Desktop\Defogger.exe [2012.03.04 14:32:33 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.02.29 17:32:32 | 000,237,876 | -H-- | C] () -- C:\Users\admin\Desktop\anmeldung.xps [2012.02.28 20:10:20 | 007,354,707 | -H-- | C] () -- C:\Users\admin\Desktop\DSC_0052.JPG [2012.02.27 21:52:11 | 002,952,105 | -H-- | C] () -- C:\Users\admin\Desktop\DSC_0664.jpg [2012.02.27 11:49:00 | 001,855,586 | -H-- | C] () -- C:\Users\admin\Desktop\DatenblattSlimLumiFlex(4).pdf [2012.02.27 11:44:04 | 001,855,586 | -H-- | C] () -- C:\Users\admin\Desktop\DatenblattSlimLumiFlex(6).pdf [2012.02.21 12:32:11 | 000,075,836 | -H-- | C] () -- C:\Users\admin\Desktop\registrierungsurkunde-wendelin.pdf [2012.02.20 14:04:40 | 000,561,113 | -H-- | C] () -- C:\Users\admin\Desktop\JOBBÖRSE - Stellenangebot.mht [2012.02.13 12:40:56 | 000,000,407 | -H-- | C] () -- C:\Windows\MAXLINK.INI [2012.02.13 08:40:41 | 000,920,761 | -H-- | C] () -- C:\Users\admin\Desktop\40955_1_ADOTECHII_Kurzanleitung.pdf [2012.02.13 08:39:37 | 000,025,463 | -H-- | C] () -- C:\Users\admin\Desktop\adox-cms-20-rollfilm-120.html [2011.12.09 03:31:33 | 000,081,920 | -H-- | C] () -- C:\Windows\SysWow64\acedrv06.dll [2011.12.09 03:31:29 | 000,000,000 | -H-- | C] () -- C:\Windows\stduser.ini [2011.07.24 23:04:30 | 000,000,017 | -H-- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2011.07.24 16:54:35 | 001,499,556 | -H-- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.04.13 19:08:30 | 000,018,944 | -H-- | C] () -- C:\Windows\eraser.exe [2011.03.23 21:50:42 | 000,007,605 | -H-- | C] () -- C:\Users\admin\AppData\Local\Resmon.ResmonCfg [2011.03.23 20:58:34 | 000,000,095 | -H-- | C] () -- C:\Windows\winamp.ini [2011.03.23 15:31:08 | 000,451,072 | -H-- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2011.03.21 12:44:24 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin [2011.03.09 09:48:22 | 000,003,113 | -H-- | C] () -- C:\Windows\SysWow64\atipblag.dat < End of report > Code:
ATTFilter OTL Extras logfile created on: 05.03.2012 09:14:12 - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,98 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 59,91% Memory free
7,96 Gb Paging File | 6,07 Gb Available in Paging File | 76,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,90 Gb Total Space | 15,51 Gb Free Space | 27,75% Space Free | Partition Type: NTFS
Computer Name: ARLT | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5E2BDF97-E0C7-75AE-29E1-5EA9DA262F2F}" = WMV9/VC-1 Video Playback
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6A9B5F9E-CAF3-2264-9DA0-E374F9A34279}" = AMD Drag and Drop Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EA6D29C-9D85-49A1-A1D7-1CFC32F294B2}" = Adobe Photoshop Lightroom 2.4 64-bit
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE57C044-8912-A181-A0E4-BC2DAB3A092A}" = ATI Catalyst Install Manager
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E0F50F89-193E-E9F7-F8CD-7243DB1DFF04}" = ccc-utility64
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1367FA2F-2B3D-430F-872F-588B93420BFC}" = TimeShift
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = REALTEK Wireless LAN Driver and Utility
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{BACEBABA-2BA2-05BC-A5DC-CF495F155A24}" = Catalyst Control Center Localization All
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC29B835-95A5-3CD9-087B-F94D7B9ECC9B}" = Catalyst Control Center InstallProxy
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDECEFE0-5669-4AC2-9EFC-DADE420556F5}" = ScanSoft OmniPage 16
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E497FF62-960D-D750-D14F-C5E25C7AA14F}" = ccc-core-static
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2898333-ED2F-EC49-5617-A23F2636A05A}" = Catalyst Control Center Graphics Previews Common
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FFA48C9D-8B43-772C-BECE-EA29587D8DDB}" = CCC Help German
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5445c5ddd9a5c69582d3c1e2bba18f7" = Adobe Creative Suite 4 Master Collection
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.815
"jetCast - Winamp DSP plugin" = jetCast - Winamp DSP plugin
"LeechFTP" = LeechFTP
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OpenAL" = OpenAL
"Opera 11.61.1250" = Opera 11.61
"PhotomatixPro3_is1" = Photomatix Pro version 3.0
"PTGui" = PTGui Trial 9.0.4
"VLC media player" = VLC media player 1.1.10
"Winamp" = Winamp (nur entfernen)
"WinLiveSuite" = Windows Live Essentials
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Grüße Sodamixer |
|
05.03.2012, 10:39
| #4 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" Hi, Fix für OTL:
 Code:
ATTFilter
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
:Commands
[emptytemp]
[Reboot]
Unhide Lade Dir unhide von folgender Adresse runter und dann per Doppelklick als Admin ausführen: http://filepony.de/download-unhide/ Es werden alle versteckten Dateien sichtbar gemacht, ggf. welche die versteckt sein sollten wieder unsichtbar machen (Auswählen im Explorer->Eigenschaften->versteckt) TDSS-Killer Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft? Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)! Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe. Stelle den Killer wir folgt ein:  Dann den Scan starten durch (Start Scan). Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten... chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
05.03.2012, 11:42
| #5 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" ich hoff von dem otl fix hab ich das richtige unten gepostet, hab da nichts was explizit als "ergebnis" benannt war gefunden. catalyt control center scheint wieder zu gehen und auch intel rapid store technologie macht bis auf weiteres keine aussetzer. undhide hat auch prima funktioniert. nebenbei: das ich momentan nur c: also nur eine von drei hdds am pc ist schon ok während den scans? TDSS: da sind jetzt 2 scans dokumentiert, sorry der erste war mit offenem opera habs deshalb zur sicherheit nochmal gemacht. Code:
ATTFilter 11:23:25.0298 4712 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07
11:23:25.0333 4712 ============================================================
11:23:25.0333 4712 Current date / time: 2012/03/05 11:23:25.0333
11:23:25.0333 4712 SystemInfo:
11:23:25.0333 4712
11:23:25.0333 4712 OS Version: 6.1.7601 ServicePack: 1.0
11:23:25.0333 4712 Product type: Workstation
11:23:25.0333 4712 ComputerName: ARLT
11:23:25.0333 4712 UserName: admin
11:23:25.0333 4712 Windows directory: C:\Windows
11:23:25.0333 4712 System windows directory: C:\Windows
11:23:25.0333 4712 Running under WOW64
11:23:25.0333 4712 Processor architecture: Intel x64
11:23:25.0333 4712 Number of processors: 4
11:23:25.0333 4712 Page size: 0x1000
11:23:25.0333 4712 Boot type: Normal boot
11:23:25.0333 4712 ============================================================
11:23:25.0486 4712 Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:23:25.0489 4712 \Device\Harddisk0\DR0:
11:23:25.0489 4712 MBR used
11:23:25.0489 4712 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6FCB800
11:23:25.0491 4712 Initialize success
11:23:25.0491 4712 ============================================================
11:24:07.0152 4560 ============================================================
11:24:07.0152 4560 Scan started
11:24:07.0152 4560 Mode: Manual; SigCheck; TDLFS;
11:24:07.0152 4560 ============================================================
11:24:07.0339 4560 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
11:24:07.0399 4560 1394ohci - ok
11:24:07.0419 4560 acedrv06 (c8030d922511a926d0aa06b78c4b87a9) C:\Windows\system32\drivers\acedrv06.sys
11:24:07.0424 4560 acedrv06 ( UnsignedFile.Multi.Generic ) - warning
11:24:07.0424 4560 acedrv06 - detected UnsignedFile.Multi.Generic (1)
11:24:07.0442 4560 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:24:07.0454 4560 ACPI - ok
11:24:07.0469 4560 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:24:07.0489 4560 AcpiPmi - ok
11:24:07.0507 4560 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
11:24:07.0557 4560 adfs - ok
11:24:07.0579 4560 adp3132 (132190688d8e51d61f88a150d7df9fb4) C:\Windows\system32\drivers\adp3132.sys
11:24:07.0592 4560 adp3132 - ok
11:24:07.0612 4560 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:24:07.0627 4560 adp94xx - ok
11:24:07.0644 4560 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:24:07.0657 4560 adpahci - ok
11:24:07.0672 4560 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:24:07.0682 4560 adpu320 - ok
11:24:07.0704 4560 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:24:07.0719 4560 AFD - ok
11:24:07.0734 4560 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:24:07.0742 4560 agp440 - ok
11:24:07.0759 4560 ahcix64s (af53917d9741a84627fa689ea622558a) C:\Windows\system32\drivers\ahcix64s.sys
11:24:07.0767 4560 ahcix64s - ok
11:24:07.0782 4560 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:24:07.0789 4560 aliide - ok
11:24:07.0804 4560 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:24:07.0812 4560 amdide - ok
11:24:07.0824 4560 amdide64 (d52a2e98c5eeff88ced28793b6b04d84) C:\Windows\system32\drivers\amdide64.sys
11:24:07.0829 4560 amdide64 - ok
11:24:07.0844 4560 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:24:07.0854 4560 AmdK8 - ok
11:24:07.0987 4560 amdkmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
11:24:08.0132 4560 amdkmdag - ok
11:24:08.0149 4560 amdkmdap (7fe67d107329dc2cf89136a8e19bceb7) C:\Windows\system32\DRIVERS\atikmpag.sys
11:24:08.0159 4560 amdkmdap - ok
11:24:08.0177 4560 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:24:08.0184 4560 AmdPPM - ok
11:24:08.0199 4560 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
11:24:08.0207 4560 amdsata - ok
11:24:08.0222 4560 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:24:08.0229 4560 amdsbs - ok
11:24:08.0244 4560 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
11:24:08.0249 4560 amdxata - ok
11:24:08.0264 4560 amd_sata (80a508d0c7a21bc13c01d4c671541203) C:\Windows\system32\drivers\amd_sata.sys
11:24:08.0269 4560 amd_sata - ok
11:24:08.0287 4560 amd_xata (2be940f3a632a1a301b22b096bf221f1) C:\Windows\system32\drivers\amd_xata.sys
11:24:08.0292 4560 amd_xata - ok
11:24:08.0309 4560 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:24:08.0392 4560 AppID - ok
11:24:08.0412 4560 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:24:08.0424 4560 arc - ok
11:24:08.0439 4560 arcsas (46e8c3eb03224a1e55c6f0c100a9d2cc) C:\Windows\system32\drivers\arcsas.sys
11:24:08.0449 4560 arcsas - ok
11:24:08.0464 4560 asmthub3 (e3b9c89d2ed4a538ab2fc6ec76fa2b17) C:\Windows\system32\drivers\asmthub3.sys
11:24:08.0474 4560 asmthub3 - ok
11:24:08.0492 4560 asmtxhci (88ce83be5176020be39194a6369af2c2) C:\Windows\system32\drivers\asmtxhci.sys
11:24:08.0507 4560 asmtxhci - ok
11:24:08.0519 4560 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:24:08.0552 4560 AsyncMac - ok
11:24:08.0567 4560 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:24:08.0572 4560 atapi - ok
11:24:08.0589 4560 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
11:24:08.0594 4560 avgntflt - ok
11:24:08.0609 4560 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
11:24:08.0614 4560 avipbb - ok
11:24:08.0632 4560 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:24:08.0644 4560 b06bdrv - ok
11:24:08.0659 4560 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:24:08.0669 4560 b57nd60a - ok
11:24:08.0682 4560 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:24:08.0702 4560 Beep - ok
11:24:08.0719 4560 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:24:08.0727 4560 blbdrive - ok
11:24:08.0744 4560 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:24:08.0752 4560 bowser - ok
11:24:08.0767 4560 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:24:08.0774 4560 BrFiltLo - ok
11:24:08.0789 4560 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:24:08.0797 4560 BrFiltUp - ok
11:24:08.0814 4560 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:24:08.0824 4560 Brserid - ok
11:24:08.0837 4560 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:24:08.0847 4560 BrSerWdm - ok
11:24:08.0862 4560 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:24:08.0869 4560 BrUsbMdm - ok
11:24:08.0887 4560 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:24:08.0894 4560 BrUsbSer - ok
11:24:08.0909 4560 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:24:08.0919 4560 BTHMODEM - ok
11:24:08.0937 4560 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:24:08.0957 4560 cdfs - ok
11:24:08.0974 4560 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:24:08.0984 4560 cdrom - ok
11:24:08.0999 4560 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:24:09.0009 4560 circlass - ok
11:24:09.0024 4560 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:24:09.0034 4560 CLFS - ok
11:24:09.0052 4560 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:24:09.0059 4560 CmBatt - ok
11:24:09.0074 4560 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:24:09.0079 4560 cmdide - ok
11:24:09.0099 4560 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:24:09.0114 4560 CNG - ok
11:24:09.0127 4560 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:24:09.0132 4560 Compbatt - ok
11:24:09.0147 4560 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:24:09.0154 4560 CompositeBus - ok
11:24:09.0172 4560 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:24:09.0177 4560 crcdisk - ok
11:24:09.0197 4560 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:24:09.0217 4560 DfsC - ok
11:24:09.0232 4560 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:24:09.0252 4560 discache - ok
11:24:09.0267 4560 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:24:09.0274 4560 Disk - ok
11:24:09.0292 4560 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:24:09.0299 4560 drmkaud - ok
11:24:09.0319 4560 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:24:09.0327 4560 dtsoftbus01 - ok
11:24:09.0349 4560 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:24:09.0364 4560 DXGKrnl - ok
11:24:09.0377 4560 EagleX64 - ok
11:24:09.0434 4560 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:24:09.0479 4560 ebdrv - ok
11:24:09.0502 4560 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:24:09.0514 4560 elxstor - ok
11:24:09.0529 4560 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:24:09.0537 4560 ErrDev - ok
11:24:09.0557 4560 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:24:09.0579 4560 exfat - ok
11:24:09.0597 4560 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:24:09.0619 4560 fastfat - ok
11:24:09.0637 4560 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:24:09.0644 4560 fdc - ok
11:24:09.0659 4560 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:24:09.0667 4560 FileInfo - ok
11:24:09.0679 4560 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:24:09.0699 4560 Filetrace - ok
11:24:09.0717 4560 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:24:09.0724 4560 flpydisk - ok
11:24:09.0742 4560 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:24:09.0752 4560 FltMgr - ok
11:24:09.0764 4560 FLxHCIc (e35f19855192d025da41e8dfa318206a) C:\Windows\system32\drivers\FLxHCIc.sys
11:24:09.0772 4560 FLxHCIc - ok
11:24:09.0787 4560 FLxHCIh (bbbd5d42d8cb3ad0f43f7bc4db92eb5e) C:\Windows\system32\drivers\FLxHCIh.sys
11:24:09.0792 4560 FLxHCIh - ok
11:24:09.0809 4560 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:24:09.0814 4560 FsDepends - ok
11:24:09.0832 4560 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
11:24:09.0837 4560 fssfltr - ok
11:24:09.0852 4560 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:24:09.0857 4560 Fs_Rec - ok
11:24:09.0874 4560 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:24:09.0884 4560 fvevol - ok
11:24:09.0897 4560 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:24:09.0902 4560 gagp30kx - ok
11:24:09.0919 4560 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:24:09.0927 4560 hcw85cir - ok
11:24:09.0947 4560 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:24:09.0959 4560 HdAudAddService - ok
11:24:09.0977 4560 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:24:09.0984 4560 HDAudBus - ok
11:24:09.0999 4560 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:24:10.0007 4560 HidBatt - ok
11:24:10.0024 4560 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:24:10.0032 4560 HidBth - ok
11:24:10.0047 4560 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:24:10.0057 4560 HidIr - ok
11:24:10.0072 4560 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:24:10.0079 4560 HidUsb - ok
11:24:10.0097 4560 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:24:10.0104 4560 HpSAMD - ok
11:24:10.0127 4560 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:24:10.0154 4560 HTTP - ok
11:24:10.0169 4560 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:24:10.0174 4560 hwpolicy - ok
11:24:10.0189 4560 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:24:10.0197 4560 i8042prt - ok
11:24:10.0217 4560 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
11:24:10.0224 4560 iaStor - ok
11:24:10.0244 4560 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
11:24:10.0254 4560 iaStorV - ok
11:24:10.0272 4560 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:24:10.0277 4560 iirsp - ok
11:24:10.0294 4560 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
11:24:10.0302 4560 Impcd - ok
11:24:10.0342 4560 IntcAzAudAddService (9297bc7fb61f58670ee176dd18f4dd92) C:\Windows\system32\drivers\RTKVHD64.sys
11:24:10.0369 4560 IntcAzAudAddService - ok
11:24:10.0384 4560 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:24:10.0392 4560 intelide - ok
11:24:10.0407 4560 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:24:10.0414 4560 intelppm - ok
11:24:10.0432 4560 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:24:10.0452 4560 IpFilterDriver - ok
11:24:10.0467 4560 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:24:10.0474 4560 IPMIDRV - ok
11:24:10.0492 4560 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:24:10.0512 4560 IPNAT - ok
11:24:10.0529 4560 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:24:10.0539 4560 IRENUM - ok
11:24:10.0554 4560 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:24:10.0559 4560 isapnp - ok
11:24:10.0574 4560 ISASerial (ac45d94185cf67267d06bf2f45e9e31e) C:\Windows\system32\drivers\ISASerial.sys
11:24:10.0582 4560 ISASerial - ok
11:24:10.0599 4560 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:24:10.0607 4560 iScsiPrt - ok
11:24:10.0622 4560 JRAID (50de7dd7edb1b512b13666588aefbf6f) C:\Windows\system32\drivers\jraid.sys
11:24:10.0629 4560 JRAID - ok
11:24:10.0644 4560 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:24:10.0649 4560 kbdclass - ok
11:24:10.0664 4560 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:24:10.0672 4560 kbdhid - ok
11:24:10.0689 4560 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:24:10.0694 4560 KSecDD - ok
11:24:10.0709 4560 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:24:10.0717 4560 KSecPkg - ok
11:24:10.0732 4560 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:24:10.0752 4560 ksthunk - ok
11:24:10.0772 4560 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:24:10.0792 4560 lltdio - ok
11:24:10.0812 4560 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:24:10.0817 4560 LSI_FC - ok
11:24:10.0834 4560 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:24:10.0839 4560 LSI_SAS - ok
11:24:10.0857 4560 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:24:10.0862 4560 LSI_SAS2 - ok
11:24:10.0877 4560 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:24:10.0884 4560 LSI_SCSI - ok
11:24:10.0899 4560 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:24:10.0919 4560 luafv - ok
11:24:10.0937 4560 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
11:24:10.0942 4560 MBAMProtector - ok
11:24:10.0957 4560 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
11:24:10.0962 4560 MBfilt - ok
11:24:10.0977 4560 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:24:10.0982 4560 megasas - ok
11:24:10.0999 4560 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:24:11.0009 4560 MegaSR - ok
11:24:11.0024 4560 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:24:11.0044 4560 Modem - ok
11:24:11.0059 4560 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:24:11.0069 4560 monitor - ok
11:24:11.0084 4560 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:24:11.0089 4560 mouclass - ok
11:24:11.0104 4560 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:24:11.0112 4560 mouhid - ok
11:24:11.0129 4560 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:24:11.0134 4560 mountmgr - ok
11:24:11.0152 4560 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:24:11.0159 4560 mpio - ok
11:24:11.0172 4560 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:24:11.0192 4560 mpsdrv - ok
11:24:11.0209 4560 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:24:11.0222 4560 MRxDAV - ok
11:24:11.0237 4560 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:24:11.0247 4560 mrxsmb - ok
11:24:11.0264 4560 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:24:11.0274 4560 mrxsmb10 - ok
11:24:11.0289 4560 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:24:11.0297 4560 mrxsmb20 - ok
11:24:11.0312 4560 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:24:11.0317 4560 msahci - ok
11:24:11.0334 4560 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:24:11.0339 4560 msdsm - ok
11:24:11.0357 4560 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:24:11.0377 4560 Msfs - ok
11:24:11.0389 4560 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:24:11.0409 4560 mshidkmdf - ok
11:24:11.0424 4560 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:24:11.0429 4560 msisadrv - ok
11:24:11.0444 4560 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:24:11.0464 4560 MSKSSRV - ok
11:24:11.0482 4560 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:24:11.0502 4560 MSPCLOCK - ok
11:24:11.0514 4560 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:24:11.0534 4560 MSPQM - ok
11:24:11.0552 4560 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:24:11.0562 4560 MsRPC - ok
11:24:11.0577 4560 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:24:11.0582 4560 mssmbios - ok
11:24:11.0597 4560 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:24:11.0617 4560 MSTEE - ok
11:24:11.0632 4560 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:24:11.0639 4560 MTConfig - ok
11:24:11.0654 4560 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\drivers\ASACPI.sys
11:24:11.0659 4560 MTsensor - ok
11:24:11.0674 4560 MtsHID (07ad6825d5c658595cab7f8f5849401c) C:\Windows\system32\drivers\MtsHID.sys
11:24:11.0679 4560 MtsHID - ok
11:24:11.0694 4560 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:24:11.0699 4560 Mup - ok
11:24:11.0714 4560 mv91cons (049f1ed7f1b5dbb9d6c8767e7de02741) C:\Windows\system32\drivers\mv91cons.sys
11:24:11.0719 4560 mv91cons - ok
11:24:11.0737 4560 mv91xx (4fad606c7aeb336e5aa4a005de09ca80) C:\Windows\system32\drivers\mv91xx.sys
11:24:11.0747 4560 mv91xx - ok
11:24:11.0767 4560 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:24:11.0779 4560 NativeWifiP - ok
11:24:11.0804 4560 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:24:11.0822 4560 NDIS - ok
11:24:11.0837 4560 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:24:11.0857 4560 NdisCap - ok
11:24:11.0872 4560 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:24:11.0892 4560 NdisTapi - ok
11:24:11.0907 4560 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:24:11.0927 4560 Ndisuio - ok
11:24:11.0962 4560 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:24:11.0999 4560 NdisWan - ok
11:24:12.0022 4560 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:24:12.0044 4560 NDProxy - ok
11:24:12.0067 4560 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:24:12.0087 4560 NetBIOS - ok
11:24:12.0117 4560 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:24:12.0152 4560 NetBT - ok
11:24:12.0172 4560 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:24:12.0177 4560 nfrd960 - ok
11:24:12.0192 4560 NmPar - ok
11:24:12.0204 4560 nmserial - ok
11:24:12.0222 4560 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:24:12.0242 4560 Npfs - ok
11:24:12.0257 4560 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:24:12.0277 4560 nsiproxy - ok
11:24:12.0314 4560 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
11:24:12.0342 4560 Ntfs - ok
11:24:12.0359 4560 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:24:12.0379 4560 Null - ok
11:24:12.0394 4560 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
11:24:12.0402 4560 nusb3hub - ok
11:24:12.0419 4560 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:24:12.0427 4560 nusb3xhc - ok
11:24:12.0439 4560 nvamacpi (7fd5c060cb907489a5702f628226f54a) C:\Windows\system32\drivers\NVAMACPI.sys
11:24:12.0444 4560 nvamacpi - ok
11:24:12.0462 4560 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
11:24:12.0467 4560 nvraid - ok
11:24:12.0484 4560 nvrd64 (694f5e9d9d624d47f432f5b2e66a0528) C:\Windows\system32\drivers\nvrd64.sys
11:24:12.0489 4560 nvrd64 - ok
11:24:12.0504 4560 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\drivers\nvsmu.sys
11:24:12.0509 4560 nvsmu - ok
11:24:12.0527 4560 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
11:24:12.0534 4560 nvstor - ok
11:24:12.0549 4560 nvstor64 (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\drivers\nvstor64.sys
11:24:12.0557 4560 nvstor64 - ok
11:24:12.0574 4560 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:24:12.0579 4560 nv_agp - ok
11:24:12.0597 4560 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:24:12.0604 4560 ohci1394 - ok
11:24:12.0622 4560 OxPCIeSer (607a26e10ae99558c80c4b097ae57b48) C:\Windows\system32\drivers\OxPCIeSer.sys
11:24:12.0627 4560 OxPCIeSer - ok
11:24:12.0644 4560 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:24:12.0652 4560 Parport - ok
11:24:12.0669 4560 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:24:12.0674 4560 partmgr - ok
11:24:12.0689 4560 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:24:12.0697 4560 pci - ok
11:24:12.0712 4560 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:24:12.0717 4560 pciide - ok
11:24:12.0732 4560 PciIsaSerial (d7c203015e2c2a2eac8dacef156d8dc3) C:\Windows\system32\drivers\PciIsaSerial.sys
11:24:12.0739 4560 PciIsaSerial - ok
11:24:12.0754 4560 PciPPorts (088b509b2f35a3cee00ac0e0bc4c5bed) C:\Windows\system32\drivers\PciPPorts.sys
11:24:12.0759 4560 PciPPorts - ok
11:24:12.0777 4560 PciSPorts (7f97cdd5e91fc73da2b01344957aa058) C:\Windows\system32\drivers\PciSPorts.sys
11:24:12.0784 4560 PciSPorts - ok
11:24:12.0799 4560 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:24:12.0809 4560 pcmcia - ok
11:24:12.0824 4560 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:24:12.0829 4560 pcw - ok
11:24:12.0849 4560 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:24:12.0877 4560 PEAUTH - ok
11:24:12.0899 4560 PPorts (14c04684a25c221ebe2105d169b4b6ff) C:\Windows\system32\drivers\PPorts.sys
11:24:12.0907 4560 PPorts - ok
11:24:12.0922 4560 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:24:12.0942 4560 PptpMiniport - ok
11:24:12.0959 4560 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:24:12.0967 4560 Processor - ok
11:24:12.0984 4560 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:24:13.0007 4560 Psched - ok
11:24:13.0037 4560 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:24:13.0059 4560 ql2300 - ok
11:24:13.0077 4560 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:24:13.0084 4560 ql40xx - ok
11:24:13.0099 4560 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:24:13.0109 4560 QWAVEdrv - ok
11:24:13.0124 4560 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:24:13.0144 4560 RasAcd - ok
11:24:13.0159 4560 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:24:13.0182 4560 RasAgileVpn - ok
11:24:13.0197 4560 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:24:13.0219 4560 Rasl2tp - ok
11:24:13.0234 4560 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:24:13.0254 4560 RasPppoe - ok
11:24:13.0272 4560 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:24:13.0292 4560 RasSstp - ok
11:24:13.0312 4560 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:24:13.0334 4560 rdbss - ok
11:24:13.0349 4560 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:24:13.0359 4560 rdpbus - ok
11:24:13.0374 4560 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:24:13.0394 4560 RDPCDD - ok
11:24:13.0409 4560 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:24:13.0429 4560 RDPENCDD - ok
11:24:13.0444 4560 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:24:13.0464 4560 RDPREFMP - ok
11:24:13.0479 4560 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
11:24:13.0499 4560 RDPWD - ok
11:24:13.0517 4560 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:24:13.0524 4560 rdyboost - ok
11:24:13.0544 4560 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:24:13.0564 4560 rspndr - ok
11:24:13.0582 4560 RTHDMIAzAudService (c618475866f6a7129f64a55961c1bb8b) C:\Windows\system32\drivers\RtHDMIVX.sys
11:24:13.0587 4560 RTHDMIAzAudService - ok
11:24:13.0607 4560 RTL8167 (4fe1cef69d36e913738234303986fbb3) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:24:13.0617 4560 RTL8167 - ok
11:24:13.0637 4560 RTL8192su (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
11:24:13.0647 4560 RTL8192su - ok
11:24:13.0664 4560 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:24:13.0669 4560 sbp2port - ok
11:24:13.0687 4560 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:24:13.0707 4560 scfilter - ok
11:24:13.0724 4560 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:24:13.0744 4560 secdrv - ok
11:24:13.0762 4560 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:24:13.0769 4560 Serenum - ok
11:24:13.0787 4560 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:24:13.0794 4560 Serial - ok
11:24:13.0809 4560 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:24:13.0817 4560 sermouse - ok
11:24:13.0834 4560 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:24:13.0844 4560 sffdisk - ok
11:24:13.0859 4560 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:24:13.0869 4560 sffp_mmc - ok
11:24:13.0884 4560 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:24:13.0892 4560 sffp_sd - ok
11:24:13.0907 4560 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:24:13.0914 4560 sfloppy - ok
11:24:13.0937 4560 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:24:13.0947 4560 Sftfs - ok
11:24:13.0964 4560 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:24:13.0972 4560 Sftplay - ok
11:24:13.0987 4560 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:24:13.0989 4560 Sftredir - ok
11:24:14.0004 4560 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:24:14.0009 4560 Sftvol - ok
11:24:14.0029 4560 Si3124r5 (da492c8305434ec6f9bdd60c8b83b10e) C:\Windows\system32\drivers\Si3124r5.sys
11:24:14.0039 4560 Si3124r5 - ok
11:24:14.0054 4560 SiFilter (8d10887a1699cf61e74467694b929b09) C:\Windows\system32\drivers\SiWinAcc.sys
11:24:14.0059 4560 SiFilter - ok
11:24:14.0074 4560 SiRemFil (94e1eda9a0b305a67ee1bbd0a68ce21a) C:\Windows\system32\drivers\SiRemFil.sys
11:24:14.0079 4560 SiRemFil - ok
11:24:14.0094 4560 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:24:14.0099 4560 SiSRaid2 - ok
11:24:14.0114 4560 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:24:14.0122 4560 SiSRaid4 - ok
11:24:14.0134 4560 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:24:14.0159 4560 Smb - ok
11:24:14.0177 4560 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:24:14.0182 4560 spldr - ok
11:24:14.0197 4560 SPorts (739c2571867f351167d1d958990e9d84) C:\Windows\system32\drivers\SPorts.sys
11:24:14.0204 4560 SPorts - ok
11:24:14.0227 4560 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:24:14.0237 4560 srv - ok
11:24:14.0262 4560 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:24:14.0272 4560 srv2 - ok
11:24:14.0289 4560 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:24:14.0297 4560 srvnet - ok
11:24:14.0314 4560 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:24:14.0319 4560 stexstor - ok
11:24:14.0334 4560 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:24:14.0339 4560 swenum - ok
11:24:14.0377 4560 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:24:14.0407 4560 Tcpip - ok
11:24:14.0439 4560 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:24:14.0482 4560 TCPIP6 - ok
11:24:14.0499 4560 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:24:14.0519 4560 tcpipreg - ok
11:24:14.0537 4560 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:24:14.0557 4560 TDPIPE - ok
11:24:14.0572 4560 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:24:14.0592 4560 TDTCP - ok
11:24:14.0609 4560 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:24:14.0629 4560 tdx - ok
11:24:14.0644 4560 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
11:24:14.0649 4560 TermDD - ok
11:24:14.0669 4560 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:24:14.0689 4560 tssecsrv - ok
11:24:14.0704 4560 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:24:14.0709 4560 TsUsbFlt - ok
11:24:14.0724 4560 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:24:14.0732 4560 TsUsbGD - ok
11:24:14.0749 4560 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:24:14.0769 4560 tunnel - ok
11:24:14.0782 4560 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:24:14.0789 4560 uagp35 - ok
11:24:14.0807 4560 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:24:14.0829 4560 udfs - ok
11:24:14.0849 4560 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:24:14.0854 4560 uliagpkx - ok
11:24:14.0869 4560 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:24:14.0877 4560 umbus - ok
11:24:14.0892 4560 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:24:14.0899 4560 UmPass - ok
11:24:14.0914 4560 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
11:24:14.0924 4560 usbccgp - ok
11:24:14.0939 4560 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:24:14.0949 4560 usbcir - ok
11:24:14.0964 4560 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\DRIVERS\usbehci.sys
11:24:14.0972 4560 usbehci - ok
11:24:14.0992 4560 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\DRIVERS\usbhub.sys
11:24:15.0002 4560 usbhub - ok
11:24:15.0019 4560 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
11:24:15.0024 4560 usbohci - ok
11:24:15.0042 4560 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:24:15.0052 4560 usbprint - ok
11:24:15.0067 4560 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:24:15.0074 4560 USBSTOR - ok
11:24:15.0092 4560 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
11:24:15.0099 4560 usbuhci - ok
11:24:15.0117 4560 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:24:15.0122 4560 vdrvroot - ok
11:24:15.0137 4560 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:24:15.0147 4560 vga - ok
11:24:15.0162 4560 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:24:15.0182 4560 VgaSave - ok
11:24:15.0199 4560 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:24:15.0207 4560 vhdmp - ok
11:24:15.0222 4560 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:24:15.0227 4560 viaide - ok
11:24:15.0242 4560 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:24:15.0247 4560 volmgr - ok
11:24:15.0267 4560 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:24:15.0277 4560 volmgrx - ok
11:24:15.0292 4560 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:24:15.0299 4560 volsnap - ok
11:24:15.0317 4560 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:24:15.0324 4560 vsmraid - ok
11:24:15.0339 4560 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:24:15.0347 4560 vwifibus - ok
11:24:15.0364 4560 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:24:15.0374 4560 vwififlt - ok
11:24:15.0392 4560 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:24:15.0399 4560 WacomPen - ok
11:24:15.0414 4560 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:24:15.0437 4560 WANARP - ok
11:24:15.0439 4560 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:24:15.0457 4560 Wanarpv6 - ok
11:24:15.0474 4560 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:24:15.0479 4560 Wd - ok
11:24:15.0502 4560 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:24:15.0514 4560 Wdf01000 - ok
11:24:15.0534 4560 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:24:15.0554 4560 WfpLwf - ok
11:24:15.0569 4560 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:24:15.0574 4560 WIMMount - ok
11:24:15.0597 4560 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:24:15.0607 4560 WinUsb - ok
11:24:15.0627 4560 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:24:15.0632 4560 WmiAcpi - ok
11:24:15.0652 4560 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:24:15.0672 4560 ws2ifsl - ok
11:24:15.0692 4560 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:24:15.0712 4560 WudfPf - ok
11:24:15.0729 4560 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:24:15.0749 4560 WUDFRd - ok
11:24:15.0757 4560 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:24:15.0777 4560 \Device\Harddisk0\DR0 - ok
11:24:15.0779 4560 Boot (0x1200) (d3cc6e42e35cf2123fc3362518571fb2) \Device\Harddisk0\DR0\Partition0
11:24:15.0779 4560 \Device\Harddisk0\DR0\Partition0 - ok
11:24:15.0779 4560 ============================================================
11:24:15.0779 4560 Scan finished
11:24:15.0779 4560 ============================================================
11:24:15.0784 4536 Detected object count: 1
11:24:15.0784 4536 Actual detected object count: 1
11:24:57.0882 4536 acedrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
11:24:57.0882 4536 acedrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:25:35.0000 4684 ============================================================
11:25:35.0000 4684 Scan started
11:25:35.0000 4684 Mode: Manual; SigCheck; TDLFS;
11:25:35.0000 4684 ============================================================
11:25:35.0078 4684 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
11:25:35.0094 4684 1394ohci - ok
11:25:35.0109 4684 acedrv06 (c8030d922511a926d0aa06b78c4b87a9) C:\Windows\system32\drivers\acedrv06.sys
11:25:35.0109 4684 acedrv06 ( UnsignedFile.Multi.Generic ) - warning
11:25:35.0109 4684 acedrv06 - detected UnsignedFile.Multi.Generic (1)
11:25:35.0125 4684 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:25:35.0141 4684 ACPI - ok
11:25:35.0156 4684 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:25:35.0156 4684 AcpiPmi - ok
11:25:35.0172 4684 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
11:25:35.0187 4684 adfs - ok
11:25:35.0203 4684 adp3132 (132190688d8e51d61f88a150d7df9fb4) C:\Windows\system32\drivers\adp3132.sys
11:25:35.0219 4684 adp3132 - ok
11:25:35.0234 4684 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:25:35.0250 4684 adp94xx - ok
11:25:35.0265 4684 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:25:35.0265 4684 adpahci - ok
11:25:35.0281 4684 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:25:35.0297 4684 adpu320 - ok
11:25:35.0312 4684 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:25:35.0328 4684 AFD - ok
11:25:35.0343 4684 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:25:35.0343 4684 agp440 - ok
11:25:35.0375 4684 ahcix64s (af53917d9741a84627fa689ea622558a) C:\Windows\system32\drivers\ahcix64s.sys
11:25:35.0375 4684 ahcix64s - ok
11:25:35.0390 4684 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:25:35.0390 4684 aliide - ok
11:25:35.0406 4684 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:25:35.0421 4684 amdide - ok
11:25:35.0437 4684 amdide64 (d52a2e98c5eeff88ced28793b6b04d84) C:\Windows\system32\drivers\amdide64.sys
11:25:35.0437 4684 amdide64 - ok
11:25:35.0453 4684 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:25:35.0468 4684 AmdK8 - ok
11:25:35.0609 4684 amdkmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
11:25:35.0671 4684 amdkmdag - ok
11:25:35.0687 4684 amdkmdap (7fe67d107329dc2cf89136a8e19bceb7) C:\Windows\system32\DRIVERS\atikmpag.sys
11:25:35.0702 4684 amdkmdap - ok
11:25:35.0718 4684 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:25:35.0718 4684 AmdPPM - ok
11:25:35.0733 4684 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
11:25:35.0733 4684 amdsata - ok
11:25:35.0749 4684 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:25:35.0765 4684 amdsbs - ok
11:25:35.0780 4684 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
11:25:35.0780 4684 amdxata - ok
11:25:35.0796 4684 amd_sata (80a508d0c7a21bc13c01d4c671541203) C:\Windows\system32\drivers\amd_sata.sys
11:25:35.0811 4684 amd_sata - ok
11:25:35.0827 4684 amd_xata (2be940f3a632a1a301b22b096bf221f1) C:\Windows\system32\drivers\amd_xata.sys
11:25:35.0827 4684 amd_xata - ok
11:25:35.0858 4684 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:25:35.0874 4684 AppID - ok
11:25:35.0889 4684 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:25:35.0905 4684 arc - ok
11:25:35.0921 4684 arcsas (46e8c3eb03224a1e55c6f0c100a9d2cc) C:\Windows\system32\drivers\arcsas.sys
11:25:35.0921 4684 arcsas - ok
11:25:35.0936 4684 asmthub3 (e3b9c89d2ed4a538ab2fc6ec76fa2b17) C:\Windows\system32\drivers\asmthub3.sys
11:25:35.0936 4684 asmthub3 - ok
11:25:35.0967 4684 asmtxhci (88ce83be5176020be39194a6369af2c2) C:\Windows\system32\drivers\asmtxhci.sys
11:25:35.0967 4684 asmtxhci - ok
11:25:35.0983 4684 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:25:35.0999 4684 AsyncMac - ok
11:25:36.0014 4684 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:25:36.0014 4684 atapi - ok
11:25:36.0045 4684 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
11:25:36.0045 4684 avgntflt - ok
11:25:36.0061 4684 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
11:25:36.0061 4684 avipbb - ok
11:25:36.0077 4684 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:25:36.0092 4684 b06bdrv - ok
11:25:36.0108 4684 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:25:36.0123 4684 b57nd60a - ok
11:25:36.0139 4684 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:25:36.0155 4684 Beep - ok
11:25:36.0170 4684 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:25:36.0170 4684 blbdrive - ok
11:25:36.0186 4684 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:25:36.0201 4684 bowser - ok
11:25:36.0217 4684 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:25:36.0217 4684 BrFiltLo - ok
11:25:36.0233 4684 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:25:36.0233 4684 BrFiltUp - ok
11:25:36.0264 4684 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:25:36.0264 4684 Brserid - ok
11:25:36.0279 4684 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:25:36.0295 4684 BrSerWdm - ok
11:25:36.0311 4684 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:25:36.0311 4684 BrUsbMdm - ok
11:25:36.0326 4684 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:25:36.0326 4684 BrUsbSer - ok
11:25:36.0342 4684 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:25:36.0357 4684 BTHMODEM - ok
11:25:36.0373 4684 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:25:36.0389 4684 cdfs - ok
11:25:36.0404 4684 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:25:36.0420 4684 cdrom - ok
11:25:36.0435 4684 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:25:36.0435 4684 circlass - ok
11:25:36.0451 4684 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:25:36.0467 4684 CLFS - ok
11:25:36.0482 4684 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:25:36.0482 4684 CmBatt - ok
11:25:36.0498 4684 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:25:36.0498 4684 cmdide - ok
11:25:36.0513 4684 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:25:36.0529 4684 CNG - ok
11:25:36.0545 4684 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:25:36.0545 4684 Compbatt - ok
11:25:36.0560 4684 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:25:36.0576 4684 CompositeBus - ok
11:25:36.0591 4684 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:25:36.0591 4684 crcdisk - ok
11:25:36.0607 4684 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:25:36.0623 4684 DfsC - ok
11:25:36.0638 4684 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:25:36.0685 4684 discache - ok
11:25:36.0701 4684 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:25:36.0701 4684 Disk - ok
11:25:36.0716 4684 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:25:36.0732 4684 drmkaud - ok
11:25:36.0747 4684 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:25:36.0747 4684 dtsoftbus01 - ok
11:25:36.0779 4684 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:25:36.0779 4684 DXGKrnl - ok
11:25:36.0794 4684 EagleX64 - ok
11:25:36.0857 4684 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:25:36.0888 4684 ebdrv - ok
11:25:36.0903 4684 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:25:36.0919 4684 elxstor - ok
11:25:36.0935 4684 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:25:36.0935 4684 ErrDev - ok
11:25:36.0950 4684 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:25:36.0981 4684 exfat - ok
11:25:36.0997 4684 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:25:37.0013 4684 fastfat - ok
11:25:37.0028 4684 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:25:37.0028 4684 fdc - ok
11:25:37.0044 4684 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:25:37.0059 4684 FileInfo - ok
11:25:37.0075 4684 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:25:37.0091 4684 Filetrace - ok
11:25:37.0106 4684 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:25:37.0106 4684 flpydisk - ok
11:25:37.0122 4684 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:25:37.0137 4684 FltMgr - ok
11:25:37.0153 4684 FLxHCIc (e35f19855192d025da41e8dfa318206a) C:\Windows\system32\drivers\FLxHCIc.sys
11:25:37.0153 4684 FLxHCIc - ok
11:25:37.0169 4684 FLxHCIh (bbbd5d42d8cb3ad0f43f7bc4db92eb5e) C:\Windows\system32\drivers\FLxHCIh.sys
11:25:37.0169 4684 FLxHCIh - ok
11:25:37.0200 4684 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:25:37.0200 4684 FsDepends - ok
11:25:37.0215 4684 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
11:25:37.0215 4684 fssfltr - ok
11:25:37.0231 4684 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:25:37.0231 4684 Fs_Rec - ok
11:25:37.0262 4684 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:25:37.0262 4684 fvevol - ok
11:25:37.0278 4684 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:25:37.0278 4684 gagp30kx - ok
11:25:37.0293 4684 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:25:37.0309 4684 hcw85cir - ok
11:25:37.0325 4684 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:25:37.0325 4684 HdAudAddService - ok
11:25:37.0340 4684 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:25:37.0356 4684 HDAudBus - ok
11:25:37.0371 4684 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:25:37.0371 4684 HidBatt - ok
11:25:37.0387 4684 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:25:37.0403 4684 HidBth - ok
11:25:37.0418 4684 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:25:37.0418 4684 HidIr - ok
11:25:37.0434 4684 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:25:37.0449 4684 HidUsb - ok
11:25:37.0465 4684 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:25:37.0465 4684 HpSAMD - ok
11:25:37.0481 4684 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:25:37.0512 4684 HTTP - ok
11:25:37.0527 4684 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:25:37.0527 4684 hwpolicy - ok
11:25:37.0543 4684 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:25:37.0559 4684 i8042prt - ok
11:25:37.0574 4684 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
11:25:37.0574 4684 iaStor - ok
11:25:37.0605 4684 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
11:25:37.0605 4684 iaStorV - ok
11:25:37.0621 4684 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:25:37.0637 4684 iirsp - ok
11:25:37.0652 4684 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
11:25:37.0652 4684 Impcd - ok
11:25:37.0699 4684 IntcAzAudAddService (9297bc7fb61f58670ee176dd18f4dd92) C:\Windows\system32\drivers\RTKVHD64.sys
11:25:37.0715 4684 IntcAzAudAddService - ok
11:25:37.0730 4684 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:25:37.0746 4684 intelide - ok
11:25:37.0761 4684 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:25:37.0761 4684 intelppm - ok
11:25:37.0777 4684 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:25:37.0793 4684 IpFilterDriver - ok
11:25:37.0808 4684 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:25:37.0824 4684 IPMIDRV - ok
11:25:37.0839 4684 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:25:37.0855 4684 IPNAT - ok
11:25:37.0871 4684 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:25:37.0871 4684 IRENUM - ok
11:25:37.0886 4684 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:25:37.0902 4684 isapnp - ok
11:25:37.0917 4684 ISASerial (ac45d94185cf67267d06bf2f45e9e31e) C:\Windows\system32\drivers\ISASerial.sys
11:25:37.0917 4684 ISASerial - ok
11:25:37.0933 4684 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:25:37.0949 4684 iScsiPrt - ok
11:25:37.0964 4684 JRAID (50de7dd7edb1b512b13666588aefbf6f) C:\Windows\system32\drivers\jraid.sys
11:25:37.0964 4684 JRAID - ok
11:25:37.0980 4684 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:25:37.0980 4684 kbdclass - ok
11:25:37.0995 4684 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:25:38.0011 4684 kbdhid - ok
11:25:38.0027 4684 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:25:38.0027 4684 KSecDD - ok
11:25:38.0042 4684 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:25:38.0042 4684 KSecPkg - ok
11:25:38.0058 4684 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:25:38.0089 4684 ksthunk - ok
11:25:38.0105 4684 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:25:38.0120 4684 lltdio - ok
11:25:38.0136 4684 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:25:38.0136 4684 LSI_FC - ok
11:25:38.0151 4684 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:25:38.0167 4684 LSI_SAS - ok
11:25:38.0183 4684 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:25:38.0183 4684 LSI_SAS2 - ok
11:25:38.0198 4684 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:25:38.0198 4684 LSI_SCSI - ok
11:25:38.0214 4684 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:25:38.0245 4684 luafv - ok
11:25:38.0261 4684 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
11:25:38.0261 4684 MBAMProtector - ok
11:25:38.0276 4684 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
11:25:38.0276 4684 MBfilt - ok
11:25:38.0292 4684 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:25:38.0307 4684 megasas - ok
11:25:38.0323 4684 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:25:38.0323 4684 MegaSR - ok
11:25:38.0339 4684 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:25:38.0354 4684 Modem - ok
11:25:38.0370 4684 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:25:38.0385 4684 monitor - ok
11:25:38.0401 4684 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:25:38.0401 4684 mouclass - ok
11:25:38.0417 4684 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:25:38.0417 4684 mouhid - ok
11:25:38.0432 4684 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:25:38.0448 4684 mountmgr - ok
11:25:38.0463 4684 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:25:38.0463 4684 mpio - ok
11:25:38.0479 4684 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:25:38.0495 4684 mpsdrv - ok
11:25:38.0510 4684 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:25:38.0526 4684 MRxDAV - ok
11:25:38.0541 4684 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:25:38.0557 4684 mrxsmb - ok
11:25:38.0573 4684 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:25:38.0573 4684 mrxsmb10 - ok
11:25:38.0588 4684 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:25:38.0604 4684 mrxsmb20 - ok
11:25:38.0619 4684 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:25:38.0619 4684 msahci - ok
11:25:38.0635 4684 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:25:38.0651 4684 msdsm - ok
11:25:38.0666 4684 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:25:38.0682 4684 Msfs - ok
11:25:38.0697 4684 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:25:38.0713 4684 mshidkmdf - ok
11:25:38.0729 4684 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:25:38.0729 4684 msisadrv - ok
11:25:38.0744 4684 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:25:38.0775 4684 MSKSSRV - ok
11:25:38.0791 4684 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:25:38.0807 4684 MSPCLOCK - ok
11:25:38.0822 4684 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:25:38.0838 4684 MSPQM - ok
11:25:38.0853 4684 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:25:38.0869 4684 MsRPC - ok
11:25:38.0885 4684 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:25:38.0885 4684 mssmbios - ok
11:25:38.0900 4684 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:25:38.0916 4684 MSTEE - ok
11:25:38.0931 4684 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:25:38.0947 4684 MTConfig - ok
11:25:38.0963 4684 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\drivers\ASACPI.sys
11:25:38.0963 4684 MTsensor - ok
11:25:38.0978 4684 MtsHID (07ad6825d5c658595cab7f8f5849401c) C:\Windows\system32\drivers\MtsHID.sys
11:25:38.0978 4684 MtsHID - ok
11:25:38.0994 4684 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:25:38.0994 4684 Mup - ok
11:25:39.0009 4684 mv91cons (049f1ed7f1b5dbb9d6c8767e7de02741) C:\Windows\system32\drivers\mv91cons.sys
11:25:39.0025 4684 mv91cons - ok
11:25:39.0041 4684 mv91xx (4fad606c7aeb336e5aa4a005de09ca80) C:\Windows\system32\drivers\mv91xx.sys
11:25:39.0041 4684 mv91xx - ok
11:25:39.0056 4684 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:25:39.0072 4684 NativeWifiP - ok
11:25:39.0103 4684 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:25:39.0103 4684 NDIS - ok
11:25:39.0119 4684 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:25:39.0150 4684 NdisCap - ok
11:25:39.0165 4684 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:25:39.0181 4684 NdisTapi - ok
11:25:39.0197 4684 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:25:39.0212 4684 Ndisuio - ok
11:25:39.0228 4684 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:25:39.0243 4684 NdisWan - ok
11:25:39.0259 4684 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:25:39.0290 4684 NDProxy - ok
11:25:39.0306 4684 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:25:39.0321 4684 NetBIOS - ok
11:25:39.0337 4684 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:25:39.0353 4684 NetBT - ok
11:25:39.0368 4684 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:25:39.0384 4684 nfrd960 - ok
11:25:39.0384 4684 NmPar - ok
11:25:39.0399 4684 nmserial - ok
11:25:39.0415 4684 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:25:39.0446 4684 Npfs - ok
11:25:39.0462 4684 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:25:39.0477 4684 nsiproxy - ok
11:25:39.0509 4684 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
11:25:39.0524 4684 Ntfs - ok
11:25:39.0540 4684 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:25:39.0571 4684 Null - ok
11:25:39.0571 4684 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
11:25:39.0587 4684 nusb3hub - ok
11:25:39.0602 4684 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:25:39.0602 4684 nusb3xhc - ok
11:25:39.0618 4684 nvamacpi (7fd5c060cb907489a5702f628226f54a) C:\Windows\system32\drivers\NVAMACPI.sys
11:25:39.0618 4684 nvamacpi - ok
11:25:39.0633 4684 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
11:25:39.0649 4684 nvraid - ok
11:25:39.0665 4684 nvrd64 (694f5e9d9d624d47f432f5b2e66a0528) C:\Windows\system32\drivers\nvrd64.sys
11:25:39.0665 4684 nvrd64 - ok
11:25:39.0680 4684 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\drivers\nvsmu.sys
11:25:39.0680 4684 nvsmu - ok
11:25:39.0696 4684 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
11:25:39.0711 4684 nvstor - ok
11:25:39.0727 4684 nvstor64 (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\drivers\nvstor64.sys
11:25:39.0727 4684 nvstor64 - ok
11:25:39.0743 4684 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:25:39.0743 4684 nv_agp - ok
11:25:39.0758 4684 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:25:39.0774 4684 ohci1394 - ok
11:25:39.0789 4684 OxPCIeSer (607a26e10ae99558c80c4b097ae57b48) C:\Windows\system32\drivers\OxPCIeSer.sys
11:25:39.0805 4684 OxPCIeSer - ok
11:25:39.0821 4684 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:25:39.0836 4684 Parport - ok
11:25:39.0852 4684 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:25:39.0852 4684 partmgr - ok
11:25:39.0867 4684 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:25:39.0883 4684 pci - ok
11:25:39.0899 4684 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:25:39.0914 4684 pciide - ok
11:25:39.0914 4684 PciIsaSerial (d7c203015e2c2a2eac8dacef156d8dc3) C:\Windows\system32\drivers\PciIsaSerial.sys
11:25:39.0930 4684 PciIsaSerial - ok
11:25:39.0945 4684 PciPPorts (088b509b2f35a3cee00ac0e0bc4c5bed) C:\Windows\system32\drivers\PciPPorts.sys
11:25:39.0961 4684 PciPPorts - ok
11:25:39.0977 4684 PciSPorts (7f97cdd5e91fc73da2b01344957aa058) C:\Windows\system32\drivers\PciSPorts.sys
11:25:39.0977 4684 PciSPorts - ok
11:25:39.0992 4684 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:25:40.0008 4684 pcmcia - ok
11:25:40.0023 4684 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:25:40.0023 4684 pcw - ok
11:25:40.0055 4684 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:25:40.0086 4684 PEAUTH - ok
11:25:40.0117 4684 PPorts (14c04684a25c221ebe2105d169b4b6ff) C:\Windows\system32\drivers\PPorts.sys
11:25:40.0117 4684 PPorts - ok
11:25:40.0133 4684 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:25:40.0148 4684 PptpMiniport - ok
11:25:40.0164 4684 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:25:40.0164 4684 Processor - ok
11:25:40.0179 4684 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:25:40.0211 4684 Psched - ok
11:25:40.0226 4684 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:25:40.0257 4684 ql2300 - ok
11:25:40.0273 4684 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:25:40.0273 4684 ql40xx - ok
11:25:40.0289 4684 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:25:40.0289 4684 QWAVEdrv - ok
11:25:40.0304 4684 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:25:40.0320 4684 RasAcd - ok
11:25:40.0335 4684 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:25:40.0367 4684 RasAgileVpn - ok
11:25:40.0382 4684 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:25:40.0398 4684 Rasl2tp - ok
11:25:40.0413 4684 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:25:40.0429 4684 RasPppoe - ok
11:25:40.0445 4684 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:25:40.0460 4684 RasSstp - ok
11:25:40.0491 4684 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:25:40.0507 4684 rdbss - ok
11:25:40.0523 4684 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:25:40.0523 4684 rdpbus - ok
11:25:40.0538 4684 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:25:40.0554 4684 RDPCDD - ok
11:25:40.0569 4684 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:25:40.0585 4684 RDPENCDD - ok
11:25:40.0601 4684 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:25:40.0632 4684 RDPREFMP - ok
11:25:40.0647 4684 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
11:25:40.0663 4684 RDPWD - ok
11:25:40.0679 4684 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:25:40.0679 4684 rdyboost - ok
11:25:40.0710 4684 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:25:40.0725 4684 rspndr - ok
11:25:40.0741 4684 RTHDMIAzAudService (c618475866f6a7129f64a55961c1bb8b) C:\Windows\system32\drivers\RtHDMIVX.sys
11:25:40.0741 4684 RTHDMIAzAudService - ok
11:25:40.0757 4684 RTL8167 (4fe1cef69d36e913738234303986fbb3) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:25:40.0772 4684 RTL8167 - ok
11:25:40.0788 4684 RTL8192su (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
11:25:40.0803 4684 RTL8192su - ok
11:25:40.0819 4684 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:25:40.0819 4684 sbp2port - ok
11:25:40.0835 4684 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:25:40.0866 4684 scfilter - ok
11:25:40.0881 4684 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:25:40.0897 4684 secdrv - ok
11:25:40.0913 4684 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:25:40.0913 4684 Serenum - ok
11:25:40.0944 4684 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:25:40.0944 4684 Serial - ok
11:25:40.0959 4684 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:25:40.0975 4684 sermouse - ok
11:25:41.0006 4684 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:25:41.0022 4684 sffdisk - ok
11:25:41.0037 4684 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:25:41.0053 4684 sffp_mmc - ok
11:25:41.0069 4684 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:25:41.0084 4684 sffp_sd - ok
11:25:41.0084 4684 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:25:41.0100 4684 sfloppy - ok
11:25:41.0131 4684 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:25:41.0147 4684 Sftfs - ok
11:25:41.0162 4684 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:25:41.0178 4684 Sftplay - ok
11:25:41.0193 4684 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:25:41.0193 4684 Sftredir - ok
11:25:41.0209 4684 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:25:41.0209 4684 Sftvol - ok
11:25:41.0225 4684 Si3124r5 (da492c8305434ec6f9bdd60c8b83b10e) C:\Windows\system32\drivers\Si3124r5.sys
11:25:41.0240 4684 Si3124r5 - ok
11:25:41.0256 4684 SiFilter (8d10887a1699cf61e74467694b929b09) C:\Windows\system32\drivers\SiWinAcc.sys
11:25:41.0256 4684 SiFilter - ok
11:25:41.0271 4684 SiRemFil (94e1eda9a0b305a67ee1bbd0a68ce21a) C:\Windows\system32\drivers\SiRemFil.sys
11:25:41.0271 4684 SiRemFil - ok
11:25:41.0287 4684 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:25:41.0287 4684 SiSRaid2 - ok
11:25:41.0303 4684 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:25:41.0318 4684 SiSRaid4 - ok
11:25:41.0334 4684 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:25:41.0349 4684 Smb - ok
11:25:41.0365 4684 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:25:41.0365 4684 spldr - ok
11:25:41.0381 4684 SPorts (739c2571867f351167d1d958990e9d84) C:\Windows\system32\drivers\SPorts.sys
11:25:41.0396 4684 SPorts - ok
11:25:41.0412 4684 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:25:41.0427 4684 srv - ok
11:25:41.0443 4684 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:25:41.0443 4684 srv2 - ok
11:25:41.0459 4684 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:25:41.0474 4684 srvnet - ok
11:25:41.0490 4684 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:25:41.0490 4684 stexstor - ok
11:25:41.0537 4684 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:25:41.0537 4684 swenum - ok
11:25:41.0583 4684 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:25:41.0615 4684 Tcpip - ok
11:25:41.0646 4684 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:25:41.0677 4684 TCPIP6 - ok
11:25:41.0693 4684 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:25:41.0708 4684 tcpipreg - ok
11:25:41.0724 4684 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:25:41.0739 4684 TDPIPE - ok
11:25:41.0755 4684 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:25:41.0771 4684 TDTCP - ok
11:25:41.0786 4684 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:25:41.0802 4684 tdx - ok
11:25:41.0817 4684 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
11:25:41.0833 4684 TermDD - ok
11:25:41.0849 4684 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:25:41.0864 4684 tssecsrv - ok
11:25:41.0880 4684 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:25:41.0880 4684 TsUsbFlt - ok
11:25:41.0895 4684 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:25:41.0895 4684 TsUsbGD - ok
11:25:41.0911 4684 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:25:41.0927 4684 tunnel - ok
11:25:41.0942 4684 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:25:41.0958 4684 uagp35 - ok
11:25:41.0973 4684 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:25:41.0989 4684 udfs - ok
11:25:42.0005 4684 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:25:42.0020 4684 uliagpkx - ok
11:25:42.0020 4684 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:25:42.0036 4684 umbus - ok
11:25:42.0051 4684 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:25:42.0051 4684 UmPass - ok
11:25:42.0067 4684 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
11:25:42.0083 4684 usbccgp - ok
11:25:42.0098 4684 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:25:42.0098 4684 usbcir - ok
11:25:42.0114 4684 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\DRIVERS\usbehci.sys
11:25:42.0129 4684 usbehci - ok
11:25:42.0145 4684 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\DRIVERS\usbhub.sys
11:25:42.0145 4684 usbhub - ok
11:25:42.0161 4684 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
11:25:42.0176 4684 usbohci - ok
11:25:42.0192 4684 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:25:42.0192 4684 usbprint - ok
11:25:42.0207 4684 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:25:42.0207 4684 USBSTOR - ok
11:25:42.0223 4684 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
11:25:42.0239 4684 usbuhci - ok
11:25:42.0254 4684 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:25:42.0254 4684 vdrvroot - ok
11:25:42.0270 4684 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:25:42.0285 4684 vga - ok
11:25:42.0301 4684 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:25:42.0317 4684 VgaSave - ok
11:25:42.0332 4684 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:25:42.0332 4684 vhdmp - ok
11:25:42.0348 4684 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:25:42.0363 4684 viaide - ok
11:25:42.0379 4684 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:25:42.0379 4684 volmgr - ok
11:25:42.0395 4684 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:25:42.0410 4684 volmgrx - ok
11:25:42.0426 4684 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:25:42.0426 4684 volsnap - ok
11:25:42.0441 4684 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:25:42.0457 4684 vsmraid - ok
11:25:42.0473 4684 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:25:42.0473 4684 vwifibus - ok
11:25:42.0488 4684 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:25:42.0504 4684 vwififlt - ok
11:25:42.0519 4684 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:25:42.0519 4684 WacomPen - ok
11:25:42.0535 4684 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:25:42.0566 4684 WANARP - ok
11:25:42.0566 4684 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:25:42.0582 4684 Wanarpv6 - ok
11:25:42.0597 4684 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:25:42.0597 4684 Wd - ok
11:25:42.0629 4684 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:25:42.0629 4684 Wdf01000 - ok
11:25:42.0660 4684 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:25:42.0675 4684 WfpLwf - ok
11:25:42.0691 4684 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:25:42.0691 4684 WIMMount - ok
11:25:42.0722 4684 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:25:42.0722 4684 WinUsb - ok
11:25:42.0738 4684 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:25:42.0753 4684 WmiAcpi - ok
11:25:42.0769 4684 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:25:42.0785 4684 ws2ifsl - ok
11:25:42.0800 4684 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:25:42.0816 4684 WudfPf - ok
11:25:42.0847 4684 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:25:42.0863 4684 WUDFRd - ok
11:25:42.0863 4684 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:25:42.0878 4684 \Device\Harddisk0\DR0 - ok
11:25:42.0878 4684 Boot (0x1200) (d3cc6e42e35cf2123fc3362518571fb2) \Device\Harddisk0\DR0\Partition0
11:25:42.0878 4684 \Device\Harddisk0\DR0\Partition0 - ok
11:25:42.0878 4684 ============================================================
11:25:42.0878 4684 Scan finished
11:25:42.0878 4684 ============================================================
11:25:42.0878 4568 Detected object count: 1
11:25:42.0878 4568 Actual detected object count: 1
11:25:50.0538 4568 acedrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
11:25:50.0538 4568 acedrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
Code:
ATTFilter All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: admin
->Temp folder emptied: 596541449 bytes
->Temporary Internet Files folder emptied: 90959557 bytes
->Java cache emptied: 503523 bytes
->FireFox cache emptied: 51028245 bytes
->Opera cache emptied: 17580835 bytes
->Flash cache emptied: 20570 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Gast
->Temp folder emptied: 325767 bytes
->Temporary Internet Files folder emptied: 8357671 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 14885366 bytes
->Opera cache emptied: 13139450 bytes
->Flash cache emptied: 1430 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3105962 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 14942163 bytes
Total Files Cleaned = 774,00 mb
OTL by OldTimer - Version 3.2.35.1 log created on 03052012_110404
Files\Folders moved on Reboot...
C:\Users\admin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
|
|
05.03.2012, 12:18
| #6 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" Hi, den Satz habe ich nicht verstanden: nebenbei: das ich momentan nur c: also nur eine von drei hdds am pc ist schon ok während den scans? Was meinst Du damit? MBR-Check Lade Dir http://ad13.geekstogo.com/MBRCheck.exe und speichere die Datei auf dem Desktop.
chris
__________________ --> WPuxEjVtXoFKKAE.exe und "delayed write failed" |
|
05.03.2012, 12:43
| #7 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" ich hab bei der eröffnung meines Beitrags geschrieben, dass ich kurz nach Auftreten des Problems, alle unnötigen HDDs vom Pc getrennt habe (mehrere Paritionen verteilt auf einer IDE und einer Sata II Platte) . nur meine 60 GB SSD mit einer Partition C: worauf mein Win7 und mind. 95% aller Programme installiert ist, nur die Platte ist noch angeschlossen. Ich geh davon aus, das du dies schon am Anfang gelesen hast, dachte aber ich frag lieber nochmal nach, wegen den ganzen Scans. Wegen der unbekannten Meldung in TDSS welche ich bis jetzt nur geskiped habe soll ich nichtsmehr unternehmen ? Hier der MBR check Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: MSI
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: MSI
System Product Name: MS-7681
Logical Drives Mask: 0x00010084
Kernel Drivers (total 194):
0x03615000 \SystemRoot\system32\ntoskrnl.exe
0x03BFE000 \SystemRoot\system32\hal.dll
0x00B9F000 \SystemRoot\system32\kdcom.dll
0x00CEC000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D3B000 \SystemRoot\system32\PSHED.dll
0x00D4F000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E4E000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EF2000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F01000 \SystemRoot\system32\drivers\ACPI.sys
0x00F58000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F61000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F6B000 \SystemRoot\system32\drivers\pci.sys
0x00F9E000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00FAB000 \SystemRoot\System32\drivers\partmgr.sys
0x00FC0000 \SystemRoot\system32\drivers\volmgr.sys
0x010B6000 \SystemRoot\System32\drivers\volmgrx.sys
0x01112000 \SystemRoot\System32\drivers\mountmgr.sys
0x0112C000 \SystemRoot\system32\drivers\nvrd64.sys
0x011A4000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01284000 \SystemRoot\system32\drivers\iaStor.sys
0x013D8000 \SystemRoot\system32\drivers\amdsata.sys
0x01200000 \SystemRoot\system32\drivers\storport.sys
0x01000000 \SystemRoot\system32\drivers\amdsbs.sys
0x01263000 \SystemRoot\system32\drivers\amdxata.sys
0x0126E000 \SystemRoot\system32\drivers\amd_xata.sys
0x01047000 \SystemRoot\system32\drivers\fltmgr.sys
0x01093000 \SystemRoot\system32\drivers\fileinfo.sys
0x013F6000 \SystemRoot\system32\drivers\SiWinAcc.sys
0x0144A000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01614000 \SystemRoot\System32\Drivers\msrpc.sys
0x01672000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0168D000 \SystemRoot\System32\Drivers\cng.sys
0x016FF000 \SystemRoot\System32\drivers\pcw.sys
0x01710000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x018E0000 \SystemRoot\system32\drivers\ndis.sys
0x01800000 \SystemRoot\system32\drivers\NETIO.SYS
0x01860000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01AC8000 \SystemRoot\System32\drivers\tcpip.sys
0x01CCC000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01D16000 \SystemRoot\system32\drivers\volsnap.sys
0x01D62000 \SystemRoot\System32\Drivers\spldr.sys
0x01D6A000 \SystemRoot\System32\drivers\rdyboost.sys
0x01DA4000 \SystemRoot\system32\drivers\SiRemFil.sys
0x01DAC000 \SystemRoot\System32\Drivers\mup.sys
0x01DBE000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01A00000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01A3A000 \SystemRoot\system32\drivers\disk.sys
0x03199000 \SystemRoot\System32\Drivers\Null.SYS
0x031A2000 \SystemRoot\System32\Drivers\Beep.SYS
0x031A9000 \SystemRoot\System32\drivers\vga.sys
0x031B7000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x031DC000 \SystemRoot\System32\drivers\watchdog.sys
0x031EC000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x031F5000 \SystemRoot\system32\drivers\rdpencdd.sys
0x0316F000 \SystemRoot\system32\drivers\rdprefmp.sys
0x03178000 \SystemRoot\System32\Drivers\Msfs.SYS
0x03183000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01A5E000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01A80000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0171A000 \SystemRoot\system32\drivers\afd.sys
0x0188B000 \SystemRoot\System32\DRIVERS\netbt.sys
0x01A8D000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x01A96000 \SystemRoot\system32\DRIVERS\pacer.sys
0x01DC7000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x01DDD000 \SystemRoot\system32\DRIVERS\netbios.sys
0x017A3000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x019D3000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x01DEC000 \SystemRoot\system32\DRIVERS\termdd.sys
0x00DAD000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x01ABC000 \SystemRoot\system32\drivers\nsiproxy.sys
0x019EE000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x018D0000 \SystemRoot\System32\drivers\discache.sys
0x01400000 \SystemRoot\System32\Drivers\dfsc.sys
0x017E6000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x0141E000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x011D4000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x00E00000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x07614000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x06CCC000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x06C00000 \SystemRoot\System32\drivers\dxgmms1.sys
0x06C46000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x06C6A000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x07F10000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x06C7B000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
0x06CAC000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x06DC0000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x06CAE000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x07F66000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x06CB7000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x07F7C000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x07F92000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x07FB6000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x07FC2000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x00FD5000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x00CC0000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x07078000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x07092000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x070A1000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x070B0000 \SystemRoot\system32\DRIVERS\swenum.sys
0x070B2000 \SystemRoot\system32\DRIVERS\ks.sys
0x070F5000 \SystemRoot\system32\DRIVERS\umbus.sys
0x07107000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x07161000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
0x0717A000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0718F000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x07000000 \SystemRoot\system32\drivers\RtHDMIVX.sys
0x071B9000 \SystemRoot\system32\drivers\portcls.sys
0x07048000 \SystemRoot\system32\drivers\drmk.sys
0x0706A000 \SystemRoot\system32\drivers\ksthunk.sys
0x08448000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x086E7000 \SystemRoot\system32\drivers\MBfilt64.sys
0x086F5000 \SystemRoot\System32\Drivers\crashdmp.sys
0x03000000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x08703000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00080000 \SystemRoot\System32\win32k.sys
0x08716000 \SystemRoot\System32\drivers\Dxapi.sys
0x08722000 \SystemRoot\system32\DRIVERS\monitor.sys
0x08730000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x0873E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x08757000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x08760000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x00480000 \SystemRoot\System32\TSDDD.dll
0x006D0000 \SystemRoot\System32\cdd.dll
0x0876D000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x00990000 \SystemRoot\System32\ATMFD.DLL
0x0877B000 \SystemRoot\system32\drivers\luafv.sys
0x0879E000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x087BD000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x087C8000 \SystemRoot\system32\drivers\WudfPf.sys
0x087E9000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02C29000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02C7C000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02C8F000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02CA7000 \SystemRoot\system32\drivers\HTTP.sys
0x02D70000 \SystemRoot\system32\DRIVERS\bowser.sys
0x02D8E000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02DA6000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x040E3000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x04131000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x04155000 \SystemRoot\System32\Drivers\adfs.SYS
0x04000000 \SystemRoot\system32\drivers\peauth.sys
0x040A6000 \SystemRoot\System32\Drivers\secdrv.SYS
0x08051000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x08112000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x0815F000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x08190000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0416D000 \SystemRoot\System32\DRIVERS\srv2.sys
0x08CD8000 \SystemRoot\System32\DRIVERS\srv.sys
0x08D70000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x08D7B000 \SystemRoot\system32\drivers\spsys.sys
0x08DEC000 \??\C:\Windows\system32\drivers\mbam.sys
0x08C00000 \SystemRoot\system32\DRIVERS\RTL8192su.sys
0x08CC3000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x76CD0000 \Windows\System32\ntdll.dll
0x48130000 \Windows\System32\smss.exe
0xFEFF0000 \Windows\System32\apisetschema.dll
0xFFBA0000 \Windows\System32\autochk.exe
0xFEED0000 \Windows\System32\msctf.dll
0x76B80000 \Windows\System32\urlmon.dll
0xFEEB0000 \Windows\System32\imagehlp.dll
0xFEDD0000 \Windows\System32\advapi32.dll
0x76EA0000 \Windows\System32\psapi.dll
0xFE040000 \Windows\System32\shell32.dll
0x76A60000 \Windows\System32\kernel32.dll
0x76850000 \Windows\System32\iertutil.dll
0xFDE60000 \Windows\System32\setupapi.dll
0xFDE30000 \Windows\System32\imm32.dll
0xFDD90000 \Windows\System32\msvcrt.dll
0xFDB80000 \Windows\System32\ole32.dll
0xFDB00000 \Windows\System32\shlwapi.dll
0xFDA30000 \Windows\System32\usp10.dll
0x76E90000 \Windows\System32\normaliz.dll
0xFD990000 \Windows\System32\comdlg32.dll
0xFD910000 \Windows\System32\difxapi.dll
0xFD900000 \Windows\System32\nsi.dll
0x76750000 \Windows\System32\user32.dll
0x765F0000 \Windows\System32\wininet.dll
0xFD7D0000 \Windows\System32\rpcrt4.dll
0xFD780000 \Windows\System32\ws2_32.dll
0xFD720000 \Windows\System32\Wldap32.dll
0xFD680000 \Windows\System32\clbcatq.dll
0xFD670000 \Windows\System32\lpk.dll
0xFD650000 \Windows\System32\sechost.dll
0xFD570000 \Windows\System32\oleaut32.dll
0xFD500000 \Windows\System32\gdi32.dll
0xFD460000 \Windows\System32\comctl32.dll
0xFD420000 \Windows\System32\cfgmgr32.dll
0xFD400000 \Windows\System32\devobj.dll
0xFD390000 \Windows\System32\KernelBase.dll
0xFD350000 \Windows\System32\wintrust.dll
0xFD1E0000 \Windows\System32\crypt32.dll
0xFD1D0000 \Windows\System32\msasn1.dll
0x759F0000 \Windows\SysWOW64\normaliz.dll
Processes (total 57):
0 System Idle Process
4 System
304 C:\Windows\System32\smss.exe
460 csrss.exe
540 C:\Windows\System32\wininit.exe
548 csrss.exe
588 C:\Windows\System32\services.exe
612 C:\Windows\System32\lsass.exe
620 C:\Windows\System32\lsm.exe
676 C:\Windows\System32\winlogon.exe
764 C:\Windows\System32\svchost.exe
844 C:\Windows\System32\svchost.exe
904 C:\Windows\System32\atiesrxx.exe
952 C:\Windows\System32\svchost.exe
984 C:\Windows\System32\svchost.exe
1012 C:\Windows\System32\svchost.exe
712 C:\Windows\System32\svchost.exe
1128 C:\Windows\System32\svchost.exe
1340 C:\Windows\System32\atieclxx.exe
1384 C:\Windows\System32\spoolsv.exe
1452 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1484 C:\Windows\System32\svchost.exe
1584 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1660 C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
1820 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
1828 C:\Windows\System32\conhost.exe
2004 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
2032 C:\Windows\System32\svchost.exe
1072 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
320 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
2112 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2220 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
2764 C:\Windows\System32\taskhost.exe
2840 C:\Windows\System32\sppsvc.exe
3064 C:\Windows\System32\svchost.exe
1256 C:\Windows\System32\dwm.exe
2524 C:\Windows\explorer.exe
2660 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2696 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
2988 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
2516 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3116 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
3328 C:\Windows\System32\SearchIndexer.exe
3532 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
3784 C:\Windows\System32\svchost.exe
3476 C:\Program Files\Windows Media Player\wmpnetwk.exe
1972 C:\Windows\System32\svchost.exe
4396 C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
4744 dllhost.exe
4772 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1252 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
4696 C:\Windows\System32\svchost.exe
3864 C:\Windows\System32\svchost.exe
1836 C:\Windows\System32\SearchProtocolHost.exe
3684 C:\Windows\System32\SearchFilterHost.exe
3648 C:\Users\admin\Desktop\MBRCheck.exe
3580 C:\Windows\System32\conhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\Q: --> error 5
PhysicalDrive0 Model Number: OCZ-AGILITY2, Rev: 1.24
Size Device Name MBR Status
--------------------------------------------
55 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
|
|
05.03.2012, 13:41
| #8 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" Hi, das sieht eigentlich gut aus, noch Einschränkungen/Probleme bemerkbar? chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
05.03.2012, 14:10
| #9 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" jetzt hab ich doch noch ein "Problem" entdeckt in der Startleiste sind "Alle Programme" zwar alle wieder eingetragen, wenn ich draufklicke sind die Einträge aber leer ausser der neu installierte Inhalt von MAM wird angezeigt was war nun mit der Meldung von TDSS? fehlalarm o.ä.? => nicht weiter relevant? das die anderen Festplatten nicht gescanned wurden ist dadurch, dass sich darauf eigentlich nur reine Daten wie Bilder und Musik befinden nicht tragisch, welcher scan empfiehlt sich dennoch wenn ich die Festplatten gleich wieder anschließen werden? macht die verwendung eines nicht aktivierten win7 von der sicherheit her irgendwelche unterschiede? resumee: normalweise verwende ich nur opera, halte diesen auch immer akutell nur bei problemen verwende ich FF kann es sein das durch einen veralteten FF und eventuell nicht gemachte Flash Player updates solche sicherheitslücken entsehen? der Besuch einer wirklich unvertrauenswürdigen Seite wäre MIR nicht aufgefallen. für die Zukunft : Browser in SandBox und MAM ausreichen? macht es unter Win7 einen unterschied ob ich mit einem Administrator Benutzer-Konto surfe? oder sollte man wie früher geraten nie mit einem Konto welches vollen Zugriff hat surfen? Auf jendenfall mal ein rieeeesen Dankeschön Chris man merkt ja immer erst was man hat wenn mans nichtmehr hat (Laufendes System) Grüße Wendelin Geändert von sodamixer (05.03.2012 um 14:33 Uhr) |
|
05.03.2012, 15:04
| #10 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" Hi, Du kannst den Teriber acedrv06.sys bei virustotal.com prüfen lassen, ich denke es ist ein f/p (false/positiv)... Mit Startleiste meinst Du die "Quickstartleiste"...? Falls Du die Festplatten per USB anschließt, die SHIFT-Taste gedrückt halten, bis alles erkannt wurde. Dann würde ich einen Scanner drüberjagen... Auch für WIN7 etc. gilt immer mit "GUEST"-Account surfen... Das Teil kommt durch Windowssicherheitslücken auf den Rechner, Infektion erfolgt normalerweise durch ein in eine "noramle" Webpage eingeschmuggelten IFRAME, der dann auf einen Hackersurfer umleitet der durch die Sicherheitslücke einen Dropper schleust, der dann "nachlädt"... Daher ist Sanbxo und eingeschränkte Userrechte eine gute Idee... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
05.03.2012, 15:27
| #11 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" was ich meine ist links unten "start" mit dem win symbol da gibts den bei mir ersten punkt "alle programme" und darin sind zwar alle programme eingetragen meist in ordnern aber diese ordner sind eben leer. die verknüpfungen welche direkt beim klick auf "start" sichtbar werden sind einwandfrei. und rechts unten die "status"symbole neben der uhr gefallen mir sogar besser wie davor, sind jetzt wie früher bei xp alle nebeneinander sichtbar nicht mehr zum aufklappen :-) wegen den surf accounts muss ich halt schauen wie sich das mit dem normalen work flow kombinieren lässt, weil ich halt oft "arbeite" (photoshop) und surfe gleichzeitig. zu den festplatten, wie schon erwähnt handelt es sich um IDE und SATA also nicht USB :-) und welchen von den vielen scannern lass ich da jetzt am sinnvollsten nochmal laufen, wenn alle platten dran sind? Außer bei Malwarebytes kann ich mit den Ergebnis Logs ja eh nichts anfangen. Du kannst nicht zufällig Tips zur Fotografie gebrauchen? wäre so ne Gegenleistun, ansonsten gedenke ich mal ne Klenigkeit zu spenden . |
|
05.03.2012, 15:40
| #12 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" Hi, Malwarebytes sollte genügen... Sind die Programmeinträge (ORdner) unter Code:
ATTFilter C:\users\user1\appdata\... und
c:\users\all users\
chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
05.03.2012, 18:24
| #13 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" also ich habe unter Code:
ATTFilter C:\Users\admin\AppData
all users hab ich nicht nur Code:
ATTFilter C:\Users\Public
auch acrobat reader soll ja ein sicherheitsrisiko darstellen, zudem habe ich eh meist probleme PDFs direkt in opera zu öffnen was vermutlich mit 2 verschiedenen acrobat versionen zusammenhänge, nur finde ich den reader nicht in der liste der installierten programme auch nicht im revo uninstaller ne idee? Geändert von sodamixer (05.03.2012 um 18:49 Uhr) |
|
05.03.2012, 20:56
| #14 | |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" Hi, prüf mal folgenden Pfad: c:\ProgramData\Microsoft\Windows\Startmenü\Programme .... Was meinst Du mit Zitat:
chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
05.03.2012, 22:43
| #15 |
| | WPuxEjVtXoFKKAE.exe und "delayed write failed" naja beim scan mim MAM kamen doch einige "Probleme" diese habe ich dann über MAM behoben, wenn ich jetzt MAM öffne sind diese behobenen probleme in der quarantäne dort gibt es dann die möglichkeit sie zu löschen. ja in deinem beschrieben Pfad gibt es zwar ordner genau wie in meinem startmenü eben aber genauso sind diese eben alle leer, teilweise sind unterordner drin aber diese sind dann auch wiederum leer |
|
| Themen zu WPuxEjVtXoFKKAE.exe und "delayed write failed" |
| adobe, antivir, antivir guard, avira, converter, defender, desktop, desktop leer, device driver, disabletaskmgr, explorer, failed, fehlermeldung, firefox, helper, home, malware, malware gefunden, mozilla, mp3, pdf, plug-in, programme, prozesse, realtek, software, svchost.exe, taskmanager, usb, usb 2.0, usb 3.0, windows, windows 7 home, windows 7 home premium |
Linear-Darstellung
