| |
| |||||||
Log-Analyse und Auswertung: schwarzer Desktop, fehlende Icons und Ordner, delayed writed failedWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
26.02.2012, 15:49
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cnnb
[2012.01.26 19:24:14 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Franzi\AppData\Roaming\mozilla\Firefox\Profiles\0grq5rxq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.04.29 21:30:50 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Franzi\AppData\Roaming\mozilla\Firefox\Profiles\0grq5rxq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (PDF-XChange Viewer IE-Plugin) - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Programme\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll (Tracker Software Products Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [pcsafedoctor.exe] C:\Program Files (x86)\PCSafeDoctor\pcsafedoctor.exe ()
O4 - HKU\S-1-5-21-3187269907-1231647918-1798794730-1000..\Run: [BHMmHjYKMAcfJ.exe] C:\ProgramData\BHMmHjYKMAcfJ.exe File not found
O4 - HKU\S-1-5-21-3187269907-1231647918-1798794730-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-21-3187269907-1231647918-1798794730-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-21-3187269907-1231647918-1798794730-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-3187269907-1231647918-1798794730-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e6d37420-f173-11de-91fb-9c10b7c4679a}\Shell - "" = AutoRun
O33 - MountPoints2\{e6d37420-f173-11de-91fb-9c10b7c4679a}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e6d37420-f173-11de-91fb-9c10b7c4679a}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{e6d37420-f173-11de-91fb-9c10b7c4679a}\Shell\install\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{ed8a7a06-7158-11df-8426-8ae1784c8e93}\Shell - "" = AutoRun
O33 - MountPoints2\{ed8a7a06-7158-11df-8426-8ae1784c8e93}\Shell\AutoRun\command - "" = E:\autorun.exe
MsConfig:64bit - StartUpReg: BHMmHjYKMAcfJ.exe - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - State: "startup" - Reg Error: Key error.
[2012.02.19 18:34:01 | 000,000,000 | ---D | C] -- C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012.02.23 19:05:30 | 000,000,268 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2012.02.20 18:41:01 | 000,001,059 | ---- | M] () -- C:\Users\Franzi\Desktop\pcsafedoctor.lnk
[2012.02.19 19:07:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForFranzi.job
[2012.02.19 18:43:25 | 000,000,448 | ---- | M] () -- C:\ProgramData\QFqPu6fC3BwT7Y
[2012.02.19 18:40:50 | 000,000,272 | ---- | M] () -- C:\ProgramData\~QFqPu6fC3BwT7Y
[2012.02.19 18:40:49 | 000,000,184 | ---- | M] () -- C:\ProgramData\~QFqPu6fC3BwT7Yr
[2012.02.19 18:34:01 | 000,000,653 | ---- | M] () -- C:\Users\Franzi\Desktop\System Check.lnk
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:D1B5B4F1
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
26.02.2012, 20:57
| #2 |
 | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failedCode:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
C:\Users\Franzi\AppData\Roaming\mozilla\Firefox\Profiles\0grq5rxq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully.
C:\Users\Franzi\AppData\Roaming\mozilla\Firefox\Profiles\0grq5rxq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Users\Franzi\AppData\Roaming\mozilla\Firefox\Profiles\0grq5rxq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Users\Franzi\AppData\Roaming\mozilla\Firefox\Profiles\0grq5rxq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Users\Franzi\AppData\Roaming\mozilla\Firefox\Profiles\0grq5rxq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully.
C:\Users\Franzi\AppData\Roaming\mozilla\Firefox\Profiles\0grq5rxq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Users\Franzi\AppData\Roaming\mozilla\Firefox\Profiles\0grq5rxq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\Franzi\AppData\Roaming\mozilla\Firefox\Profiles\0grq5rxq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
C:\Programme\Microsoft Office\Office14\URLREDIR.DLL moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F}\ deleted successfully.
C:\Programme\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}\ deleted successfully.
File C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivX Download Manager deleted successfully.
C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\pcsafedoctor.exe deleted successfully.
C:\Program Files (x86)\PCSafeDoctor\pcsafedoctor.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-3187269907-1231647918-1798794730-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BHMmHjYKMAcfJ.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3187269907-1231647918-1798794730-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideFastUserSwitching deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\WallpaperStyle deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\WallpaperStyle not found.
Registry value HKEY_USERS\S-1-5-21-3187269907-1231647918-1798794730-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\WallpaperStyle deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3187269907-1231647918-1798794730-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableLockWorkstation deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3187269907-1231647918-1798794730-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableChangePassword deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\An OneNote s&enden\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6d37420-f173-11de-91fb-9c10b7c4679a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6d37420-f173-11de-91fb-9c10b7c4679a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6d37420-f173-11de-91fb-9c10b7c4679a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6d37420-f173-11de-91fb-9c10b7c4679a}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6d37420-f173-11de-91fb-9c10b7c4679a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6d37420-f173-11de-91fb-9c10b7c4679a}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6d37420-f173-11de-91fb-9c10b7c4679a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6d37420-f173-11de-91fb-9c10b7c4679a}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed8a7a06-7158-11df-8426-8ae1784c8e93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ed8a7a06-7158-11df-8426-8ae1784c8e93}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed8a7a06-7158-11df-8426-8ae1784c8e93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ed8a7a06-7158-11df-8426-8ae1784c8e93}\ not found.
File E:\autorun.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\BHMmHjYKMAcfJ.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\DivXUpdate\ not found.
C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check folder moved successfully.
C:\Windows\Tasks\RMSchedule.job moved successfully.
C:\Users\Franzi\Desktop\pcsafedoctor.lnk moved successfully.
C:\Windows\Tasks\HPCeeScheduleForFranzi.job moved successfully.
C:\ProgramData\QFqPu6fC3BwT7Y moved successfully.
C:\ProgramData\~QFqPu6fC3BwT7Y moved successfully.
C:\ProgramData\~QFqPu6fC3BwT7Yr moved successfully.
C:\Users\Franzi\Desktop\System Check.lnk moved successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Franzi
->Temp folder emptied: 3262966 bytes
->Temporary Internet Files folder emptied: 1078657 bytes
->Java cache emptied: 48169332 bytes
->FireFox cache emptied: 182451705 bytes
->Google Chrome cache emptied: 6920928 bytes
->Flash cache emptied: 152866 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2365638 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes
RecycleBin emptied: 3246558643 bytes
Total Files Cleaned = 3.329,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.33.2 log created on 02262012_204933
Files\Folders moved on Reboot...
C:\Users\Franzi\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
|
|
26.02.2012, 21:24
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ |
|
26.02.2012, 21:55
| #4 |
| | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failedCode:
ATTFilter 21:50:27.0321 2412 TDSS rootkit removing tool 2.7.14.0 Feb 22 2012 16:54:49
21:50:27.0939 2412 ============================================================
21:50:27.0939 2412 Current date / time: 2012/02/26 21:50:27.0939
21:50:27.0939 2412 SystemInfo:
21:50:27.0939 2412
21:50:27.0939 2412 OS Version: 6.1.7601 ServicePack: 1.0
21:50:27.0939 2412 Product type: Workstation
21:50:27.0940 2412 ComputerName: FRANZI-PC
21:50:27.0940 2412 UserName: Franzi
21:50:27.0940 2412 Windows directory: C:\Windows
21:50:27.0940 2412 System windows directory: C:\Windows
21:50:27.0940 2412 Running under WOW64
21:50:27.0940 2412 Processor architecture: Intel x64
21:50:27.0940 2412 Number of processors: 2
21:50:27.0940 2412 Page size: 0x1000
21:50:27.0940 2412 Boot type: Normal boot
21:50:27.0940 2412 ============================================================
21:50:28.0811 2412 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:50:28.0819 2412 \Device\Harddisk0\DR0:
21:50:28.0820 2412 MBR used
21:50:28.0820 2412 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:50:28.0820 2412 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x388F6000
21:50:28.0820 2412 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3895A000, BlocksNum 0x19F8000
21:50:28.0820 2412 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
21:50:28.0905 2412 Initialize success
21:50:28.0905 2412 ============================================================
21:51:26.0304 5056 ============================================================
21:51:26.0304 5056 Scan started
21:51:26.0304 5056 Mode: Manual; SigCheck; TDLFS;
21:51:26.0304 5056 ============================================================
21:51:26.0860 5056 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:51:27.0093 5056 1394ohci - ok
21:51:27.0145 5056 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
21:51:27.0482 5056 Accelerometer - ok
21:51:27.0531 5056 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:51:27.0580 5056 ACPI - ok
21:51:27.0603 5056 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:51:27.0691 5056 AcpiPmi - ok
21:51:27.0740 5056 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:51:27.0788 5056 adp94xx - ok
21:51:27.0823 5056 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:51:27.0862 5056 adpahci - ok
21:51:27.0899 5056 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:51:27.0932 5056 adpu320 - ok
21:51:27.0997 5056 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:51:28.0112 5056 AFD - ok
21:51:28.0165 5056 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:51:28.0194 5056 agp440 - ok
21:51:28.0255 5056 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:51:28.0280 5056 aliide - ok
21:51:28.0311 5056 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:51:28.0336 5056 amdide - ok
21:51:28.0373 5056 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:51:28.0455 5056 AmdK8 - ok
21:51:28.0466 5056 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:51:28.0535 5056 AmdPPM - ok
21:51:28.0581 5056 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:51:28.0611 5056 amdsata - ok
21:51:28.0643 5056 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:51:28.0677 5056 amdsbs - ok
21:51:28.0705 5056 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:51:28.0730 5056 amdxata - ok
21:51:28.0791 5056 AmUStor (8ebe028fc7e48725cdd92013580efd17) C:\Windows\system32\drivers\AmUStor.SYS
21:51:28.0855 5056 AmUStor - ok
21:51:28.0917 5056 ApfiltrService (9815014f3e30357168da272088c6f12f) C:\Windows\system32\DRIVERS\Apfiltr.sys
21:51:28.0948 5056 ApfiltrService - ok
21:51:29.0021 5056 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:51:29.0231 5056 AppID - ok
21:51:29.0293 5056 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:51:29.0322 5056 arc - ok
21:51:29.0345 5056 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:51:29.0376 5056 arcsas - ok
21:51:29.0403 5056 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:51:29.0541 5056 AsyncMac - ok
21:51:29.0602 5056 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:51:29.0627 5056 atapi - ok
21:51:29.0702 5056 athr (38562a6a9cb10844759eaf2b01a7fcd3) C:\Windows\system32\DRIVERS\athrx.sys
21:51:29.0794 5056 athr - ok
21:51:29.0858 5056 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
21:51:29.0883 5056 avgntflt - ok
21:51:29.0923 5056 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
21:51:29.0947 5056 avipbb - ok
21:51:30.0005 5056 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:51:30.0077 5056 b06bdrv - ok
21:51:30.0120 5056 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:51:30.0191 5056 b57nd60a - ok
21:51:30.0219 5056 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:51:30.0321 5056 Beep - ok
21:51:30.0380 5056 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:51:30.0418 5056 blbdrive - ok
21:51:30.0458 5056 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:51:30.0511 5056 bowser - ok
21:51:30.0541 5056 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:51:30.0629 5056 BrFiltLo - ok
21:51:30.0647 5056 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:51:30.0679 5056 BrFiltUp - ok
21:51:30.0708 5056 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:51:30.0780 5056 Brserid - ok
21:51:30.0799 5056 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:51:30.0845 5056 BrSerWdm - ok
21:51:30.0875 5056 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:51:30.0924 5056 BrUsbMdm - ok
21:51:30.0953 5056 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:51:30.0989 5056 BrUsbSer - ok
21:51:31.0024 5056 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:51:31.0073 5056 BTHMODEM - ok
21:51:31.0122 5056 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:51:31.0199 5056 cdfs - ok
21:51:31.0256 5056 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:51:31.0318 5056 cdrom - ok
21:51:31.0376 5056 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:51:31.0440 5056 circlass - ok
21:51:31.0492 5056 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:51:31.0542 5056 CLFS - ok
21:51:31.0628 5056 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:51:31.0673 5056 CmBatt - ok
21:51:31.0716 5056 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:51:31.0741 5056 cmdide - ok
21:51:31.0795 5056 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:51:31.0855 5056 CNG - ok
21:51:31.0939 5056 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:51:31.0965 5056 Compbatt - ok
21:51:32.0011 5056 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:51:32.0062 5056 CompositeBus - ok
21:51:32.0097 5056 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:51:32.0123 5056 crcdisk - ok
21:51:32.0216 5056 DCamUSBNovatek (356bb3dd25987179080f3b669ad4080a) C:\Windows\system32\Drivers\nvtcam.sys
21:51:32.0383 5056 DCamUSBNovatek - ok
21:51:32.0443 5056 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:51:32.0535 5056 DfsC - ok
21:51:32.0575 5056 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:51:32.0649 5056 discache - ok
21:51:32.0698 5056 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:51:32.0727 5056 Disk - ok
21:51:32.0776 5056 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:51:32.0818 5056 drmkaud - ok
21:51:32.0884 5056 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:51:32.0958 5056 DXGKrnl - ok
21:51:33.0076 5056 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:51:33.0277 5056 ebdrv - ok
21:51:33.0348 5056 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:51:33.0416 5056 elxstor - ok
21:51:33.0456 5056 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:51:33.0522 5056 ErrDev - ok
21:51:33.0586 5056 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:51:33.0667 5056 exfat - ok
21:51:33.0705 5056 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:51:33.0804 5056 fastfat - ok
21:51:33.0841 5056 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:51:33.0872 5056 fdc - ok
21:51:33.0902 5056 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:51:33.0932 5056 FileInfo - ok
21:51:33.0953 5056 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:51:34.0035 5056 Filetrace - ok
21:51:34.0055 5056 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:51:34.0084 5056 flpydisk - ok
21:51:34.0122 5056 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:51:34.0163 5056 FltMgr - ok
21:51:34.0203 5056 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:51:34.0231 5056 FsDepends - ok
21:51:34.0252 5056 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:51:34.0278 5056 Fs_Rec - ok
21:51:34.0310 5056 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:51:34.0356 5056 fvevol - ok
21:51:34.0385 5056 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:51:34.0413 5056 gagp30kx - ok
21:51:34.0464 5056 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:51:34.0485 5056 GEARAspiWDM - ok
21:51:34.0552 5056 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:51:34.0623 5056 hcw85cir - ok
21:51:34.0679 5056 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:51:34.0728 5056 HdAudAddService - ok
21:51:34.0795 5056 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:51:34.0842 5056 HDAudBus - ok
21:51:34.0854 5056 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:51:34.0890 5056 HidBatt - ok
21:51:34.0917 5056 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:51:34.0974 5056 HidBth - ok
21:51:34.0991 5056 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:51:35.0048 5056 HidIr - ok
21:51:35.0093 5056 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
21:51:35.0135 5056 HidUsb - ok
21:51:35.0210 5056 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
21:51:35.0232 5056 hpdskflt - ok
21:51:35.0274 5056 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:51:35.0380 5056 HpqKbFiltr - ok
21:51:35.0432 5056 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:51:35.0461 5056 HpSAMD - ok
21:51:35.0516 5056 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:51:35.0624 5056 HTTP - ok
21:51:35.0662 5056 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:51:35.0687 5056 hwpolicy - ok
21:51:35.0729 5056 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:51:35.0763 5056 i8042prt - ok
21:51:35.0816 5056 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
21:51:35.0840 5056 iaStor - ok
21:51:35.0895 5056 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:51:35.0936 5056 iaStorV - ok
21:51:36.0118 5056 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:51:36.0433 5056 igfx - ok
21:51:36.0468 5056 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:51:36.0494 5056 iirsp - ok
21:51:36.0538 5056 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:51:36.0563 5056 intelide - ok
21:51:36.0603 5056 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:51:36.0646 5056 intelppm - ok
21:51:36.0688 5056 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:51:36.0778 5056 IpFilterDriver - ok
21:51:36.0832 5056 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:51:36.0884 5056 IPMIDRV - ok
21:51:36.0926 5056 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:51:37.0010 5056 IPNAT - ok
21:51:37.0053 5056 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:51:37.0127 5056 IRENUM - ok
21:51:37.0168 5056 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:51:37.0194 5056 isapnp - ok
21:51:37.0221 5056 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:51:37.0260 5056 iScsiPrt - ok
21:51:37.0313 5056 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:51:37.0341 5056 kbdclass - ok
21:51:37.0373 5056 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:51:37.0421 5056 kbdhid - ok
21:51:37.0466 5056 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:51:37.0496 5056 KSecDD - ok
21:51:37.0529 5056 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:51:37.0563 5056 KSecPkg - ok
21:51:37.0585 5056 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:51:37.0660 5056 ksthunk - ok
21:51:37.0706 5056 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:51:37.0786 5056 lltdio - ok
21:51:37.0831 5056 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:51:37.0862 5056 LSI_FC - ok
21:51:37.0892 5056 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:51:37.0921 5056 LSI_SAS - ok
21:51:37.0955 5056 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:51:37.0983 5056 LSI_SAS2 - ok
21:51:38.0029 5056 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:51:38.0059 5056 LSI_SCSI - ok
21:51:38.0100 5056 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:51:38.0200 5056 luafv - ok
21:51:38.0261 5056 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
21:51:38.0282 5056 MBAMProtector - ok
21:51:38.0349 5056 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:51:38.0375 5056 megasas - ok
21:51:38.0410 5056 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:51:38.0448 5056 MegaSR - ok
21:51:38.0486 5056 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:51:38.0565 5056 Modem - ok
21:51:38.0589 5056 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:51:38.0633 5056 monitor - ok
21:51:38.0690 5056 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:51:38.0717 5056 mouclass - ok
21:51:38.0766 5056 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:51:38.0796 5056 mouhid - ok
21:51:38.0857 5056 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:51:38.0887 5056 mountmgr - ok
21:51:38.0951 5056 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:51:38.0985 5056 mpio - ok
21:51:39.0018 5056 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:51:39.0101 5056 mpsdrv - ok
21:51:39.0150 5056 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:51:39.0248 5056 MRxDAV - ok
21:51:39.0310 5056 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:51:39.0372 5056 mrxsmb - ok
21:51:39.0418 5056 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:51:39.0473 5056 mrxsmb10 - ok
21:51:39.0498 5056 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:51:39.0531 5056 mrxsmb20 - ok
21:51:39.0571 5056 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:51:39.0596 5056 msahci - ok
21:51:39.0633 5056 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:51:39.0666 5056 msdsm - ok
21:51:39.0708 5056 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:51:39.0778 5056 Msfs - ok
21:51:39.0800 5056 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:51:39.0877 5056 mshidkmdf - ok
21:51:39.0912 5056 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:51:39.0937 5056 msisadrv - ok
21:51:39.0979 5056 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:51:40.0052 5056 MSKSSRV - ok
21:51:40.0074 5056 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:51:40.0156 5056 MSPCLOCK - ok
21:51:40.0168 5056 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:51:40.0263 5056 MSPQM - ok
21:51:40.0311 5056 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:51:40.0351 5056 MsRPC - ok
21:51:40.0389 5056 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:51:40.0415 5056 mssmbios - ok
21:51:40.0432 5056 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:51:40.0506 5056 MSTEE - ok
21:51:40.0537 5056 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:51:40.0572 5056 MTConfig - ok
21:51:40.0595 5056 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:51:40.0624 5056 Mup - ok
21:51:40.0676 5056 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:51:40.0737 5056 NativeWifiP - ok
21:51:40.0796 5056 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:51:40.0869 5056 NDIS - ok
21:51:40.0908 5056 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:51:40.0978 5056 NdisCap - ok
21:51:41.0005 5056 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:51:41.0070 5056 NdisTapi - ok
21:51:41.0117 5056 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:51:41.0200 5056 Ndisuio - ok
21:51:41.0239 5056 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:51:41.0327 5056 NdisWan - ok
21:51:41.0364 5056 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:51:41.0448 5056 NDProxy - ok
21:51:41.0501 5056 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:51:41.0578 5056 NetBIOS - ok
21:51:41.0632 5056 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:51:41.0728 5056 NetBT - ok
21:51:41.0879 5056 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
21:51:42.0122 5056 netw5v64 - ok
21:51:42.0157 5056 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:51:42.0185 5056 nfrd960 - ok
21:51:42.0207 5056 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:51:42.0286 5056 Npfs - ok
21:51:42.0311 5056 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:51:42.0390 5056 nsiproxy - ok
21:51:42.0463 5056 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:51:42.0574 5056 Ntfs - ok
21:51:42.0600 5056 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:51:42.0666 5056 Null - ok
21:51:42.0709 5056 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys
21:51:42.0731 5056 NVHDA - ok
21:51:42.0983 5056 nvlddmkm (e63279a205da5c225369770e400904a8) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:51:43.0498 5056 nvlddmkm - ok
21:51:43.0556 5056 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:51:43.0587 5056 nvraid - ok
21:51:43.0617 5056 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:51:43.0649 5056 nvstor - ok
21:51:43.0731 5056 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:51:43.0763 5056 nv_agp - ok
21:51:43.0798 5056 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:51:43.0848 5056 ohci1394 - ok
21:51:43.0916 5056 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:51:43.0949 5056 Parport - ok
21:51:43.0982 5056 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:51:44.0012 5056 partmgr - ok
21:51:44.0080 5056 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
21:51:44.0143 5056 pccsmcfd - ok
21:51:44.0177 5056 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:51:44.0214 5056 pci - ok
21:51:44.0251 5056 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:51:44.0275 5056 pciide - ok
21:51:44.0307 5056 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:51:44.0357 5056 pcmcia - ok
21:51:44.0394 5056 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:51:44.0422 5056 pcw - ok
21:51:44.0455 5056 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:51:44.0582 5056 PEAUTH - ok
21:51:44.0685 5056 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:51:44.0774 5056 PptpMiniport - ok
21:51:44.0798 5056 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:51:44.0841 5056 Processor - ok
21:51:44.0897 5056 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:51:44.0970 5056 Psched - ok
21:51:45.0039 5056 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:51:45.0147 5056 ql2300 - ok
21:51:45.0170 5056 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:51:45.0202 5056 ql40xx - ok
21:51:45.0231 5056 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:51:45.0291 5056 QWAVEdrv - ok
21:51:45.0321 5056 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:51:45.0409 5056 RasAcd - ok
21:51:45.0459 5056 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:51:45.0532 5056 RasAgileVpn - ok
21:51:45.0572 5056 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:51:45.0643 5056 Rasl2tp - ok
21:51:45.0672 5056 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:51:45.0750 5056 RasPppoe - ok
21:51:45.0774 5056 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:51:45.0855 5056 RasSstp - ok
21:51:45.0904 5056 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:51:46.0000 5056 rdbss - ok
21:51:46.0027 5056 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:51:46.0067 5056 rdpbus - ok
21:51:46.0090 5056 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:51:46.0170 5056 RDPCDD - ok
21:51:46.0192 5056 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:51:46.0274 5056 RDPENCDD - ok
21:51:46.0301 5056 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:51:46.0367 5056 RDPREFMP - ok
21:51:46.0412 5056 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:51:46.0501 5056 RDPWD - ok
21:51:46.0533 5056 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:51:46.0569 5056 rdyboost - ok
21:51:46.0623 5056 RkHit - ok
21:51:46.0659 5056 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:51:46.0747 5056 rspndr - ok
21:51:46.0791 5056 RTL8167 (91296f0b2653281b2f11e0fce56aa427) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:51:46.0841 5056 RTL8167 - ok
21:51:46.0914 5056 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:51:46.0932 5056 SASDIFSV - ok
21:51:46.0963 5056 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:51:46.0980 5056 SASKUTIL - ok
21:51:47.0053 5056 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:51:47.0083 5056 sbp2port - ok
21:51:47.0128 5056 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:51:47.0218 5056 scfilter - ok
21:51:47.0269 5056 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
21:51:47.0322 5056 sdbus - ok
21:51:47.0352 5056 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:51:47.0432 5056 secdrv - ok
21:51:47.0484 5056 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:51:47.0513 5056 Serenum - ok
21:51:47.0544 5056 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:51:47.0598 5056 Serial - ok
21:51:47.0635 5056 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:51:47.0672 5056 sermouse - ok
21:51:47.0722 5056 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:51:47.0760 5056 sffdisk - ok
21:51:47.0778 5056 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:51:47.0821 5056 sffp_mmc - ok
21:51:47.0842 5056 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:51:47.0880 5056 sffp_sd - ok
21:51:47.0919 5056 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:51:47.0969 5056 sfloppy - ok
21:51:48.0022 5056 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:51:48.0050 5056 SiSRaid2 - ok
21:51:48.0073 5056 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:51:48.0108 5056 SiSRaid4 - ok
21:51:48.0150 5056 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:51:48.0241 5056 Smb - ok
21:51:48.0283 5056 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:51:48.0308 5056 spldr - ok
21:51:48.0380 5056 sptd (51de15ca5c05bca46d8b110cd00a02fb) C:\Windows\system32\Drivers\sptd.sys
21:51:48.0381 5056 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51de15ca5c05bca46d8b110cd00a02fb
21:51:48.0384 5056 sptd ( LockedFile.Multi.Generic ) - warning
21:51:48.0384 5056 sptd - detected LockedFile.Multi.Generic (1)
21:51:48.0433 5056 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:51:48.0503 5056 srv - ok
21:51:48.0554 5056 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:51:48.0621 5056 srv2 - ok
21:51:48.0656 5056 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:51:48.0694 5056 SrvHsfHDA - ok
21:51:48.0743 5056 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:51:48.0868 5056 SrvHsfV92 - ok
21:51:48.0919 5056 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:51:48.0997 5056 SrvHsfWinac - ok
21:51:49.0035 5056 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:51:49.0089 5056 srvnet - ok
21:51:49.0144 5056 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:51:49.0171 5056 stexstor - ok
21:51:49.0219 5056 STHDA (ed1722f43ce61409ef68340402d6267d) C:\Windows\system32\DRIVERS\stwrt64.sys
21:51:49.0274 5056 STHDA - ok
21:51:49.0315 5056 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:51:49.0339 5056 swenum - ok
21:51:49.0457 5056 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:51:49.0628 5056 Tcpip - ok
21:51:49.0680 5056 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:51:49.0746 5056 TCPIP6 - ok
21:51:49.0795 5056 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:51:49.0874 5056 tcpipreg - ok
21:51:49.0919 5056 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:51:50.0008 5056 TDPIPE - ok
21:51:50.0039 5056 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:51:50.0122 5056 TDTCP - ok
21:51:50.0163 5056 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:51:50.0255 5056 tdx - ok
21:51:50.0336 5056 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:51:50.0364 5056 TermDD - ok
21:51:50.0438 5056 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:51:50.0516 5056 tssecsrv - ok
21:51:50.0567 5056 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:51:50.0615 5056 TsUsbFlt - ok
21:51:50.0655 5056 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:51:50.0718 5056 tunnel - ok
21:51:50.0754 5056 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:51:50.0783 5056 uagp35 - ok
21:51:50.0825 5056 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:51:50.0908 5056 udfs - ok
21:51:50.0972 5056 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:51:51.0001 5056 uliagpkx - ok
21:51:51.0029 5056 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:51:51.0072 5056 umbus - ok
21:51:51.0101 5056 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:51:51.0136 5056 UmPass - ok
21:51:51.0183 5056 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
21:51:51.0225 5056 USBAAPL64 - ok
21:51:51.0279 5056 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
21:51:51.0326 5056 usbaudio - ok
21:51:51.0357 5056 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:51:51.0413 5056 usbccgp - ok
21:51:51.0445 5056 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:51:51.0500 5056 usbcir - ok
21:51:51.0533 5056 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:51:51.0564 5056 usbehci - ok
21:51:51.0612 5056 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:51:51.0669 5056 usbhub - ok
21:51:51.0702 5056 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:51:51.0745 5056 usbohci - ok
21:51:51.0776 5056 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:51:51.0810 5056 usbprint - ok
21:51:51.0835 5056 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:51:51.0891 5056 USBSTOR - ok
21:51:51.0923 5056 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
21:51:51.0979 5056 usbuhci - ok
21:51:52.0034 5056 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
21:51:52.0075 5056 usbvideo - ok
21:51:52.0114 5056 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:51:52.0141 5056 vdrvroot - ok
21:51:52.0192 5056 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:51:52.0226 5056 vga - ok
21:51:52.0247 5056 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:51:52.0330 5056 VgaSave - ok
21:51:52.0362 5056 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:51:52.0401 5056 vhdmp - ok
21:51:52.0422 5056 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:51:52.0449 5056 viaide - ok
21:51:52.0485 5056 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:51:52.0516 5056 volmgr - ok
21:51:52.0567 5056 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:51:52.0612 5056 volmgrx - ok
21:51:52.0639 5056 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:51:52.0680 5056 volsnap - ok
21:51:52.0730 5056 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:51:52.0768 5056 vsmraid - ok
21:51:52.0802 5056 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:51:52.0845 5056 vwifibus - ok
21:51:52.0885 5056 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:51:52.0938 5056 vwififlt - ok
21:51:52.0989 5056 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:51:53.0025 5056 WacomPen - ok
21:51:53.0075 5056 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:51:53.0162 5056 WANARP - ok
21:51:53.0168 5056 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:51:53.0230 5056 Wanarpv6 - ok
21:51:53.0301 5056 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:51:53.0327 5056 Wd - ok
21:51:53.0374 5056 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:51:53.0438 5056 Wdf01000 - ok
21:51:53.0480 5056 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:51:53.0545 5056 WfpLwf - ok
21:51:53.0571 5056 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:51:53.0596 5056 WIMMount - ok
21:51:53.0683 5056 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:51:53.0742 5056 WinUsb - ok
21:51:53.0796 5056 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:51:53.0823 5056 WmiAcpi - ok
21:51:53.0875 5056 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:51:53.0947 5056 ws2ifsl - ok
21:51:54.0005 5056 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:51:54.0096 5056 WudfPf - ok
21:51:54.0141 5056 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:51:54.0230 5056 WUDFRd - ok
21:51:54.0288 5056 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
21:51:54.0345 5056 yukonw7 - ok
21:51:54.0384 5056 MBR (0x1B8) (e6b4ca0a654dd2c9f72c0ea0fd94f376) \Device\Harddisk0\DR0
21:51:54.0484 5056 \Device\Harddisk0\DR0 - ok
21:51:54.0516 5056 Boot (0x1200) (142998438f1333885c0512c777e8a234) \Device\Harddisk0\DR0\Partition0
21:51:54.0519 5056 \Device\Harddisk0\DR0\Partition0 - ok
21:51:54.0532 5056 Boot (0x1200) (facb7b5fb03014d65391793286307b9f) \Device\Harddisk0\DR0\Partition1
21:51:54.0535 5056 \Device\Harddisk0\DR0\Partition1 - ok
21:51:54.0565 5056 Boot (0x1200) (b2c2db7ef9262ae66641a1cd9ef8e85f) \Device\Harddisk0\DR0\Partition2
21:51:54.0567 5056 \Device\Harddisk0\DR0\Partition2 - ok
21:51:54.0582 5056 Boot (0x1200) (9dc49683b982f8afb15b36431170ab4b) \Device\Harddisk0\DR0\Partition3
21:51:54.0583 5056 \Device\Harddisk0\DR0\Partition3 - ok
21:51:54.0583 5056 ============================================================
21:51:54.0583 5056 Scan finished
21:51:54.0584 5056 ============================================================
21:51:54.0603 3144 Detected object count: 1
21:51:54.0603 3144 Actual detected object count: 1
21:52:08.0368 3144 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:52:08.0368 3144 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:53:39.0330 4348 ============================================================
21:53:39.0330 4348 Scan started
21:53:39.0330 4348 Mode: Manual; SigCheck; TDLFS;
21:53:39.0330 4348 ============================================================
21:53:39.0827 4348 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:53:39.0882 4348 1394ohci - ok
21:53:39.0945 4348 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
21:53:39.0968 4348 Accelerometer - ok
21:53:40.0026 4348 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:53:40.0055 4348 ACPI - ok
21:53:40.0106 4348 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:53:40.0140 4348 AcpiPmi - ok
21:53:40.0186 4348 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:53:40.0220 4348 adp94xx - ok
21:53:40.0261 4348 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:53:40.0292 4348 adpahci - ok
21:53:40.0337 4348 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:53:40.0370 4348 adpu320 - ok
21:53:40.0427 4348 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:53:40.0465 4348 AFD - ok
21:53:40.0512 4348 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:53:40.0533 4348 agp440 - ok
21:53:40.0577 4348 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:53:40.0599 4348 aliide - ok
21:53:40.0625 4348 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:53:40.0647 4348 amdide - ok
21:53:40.0686 4348 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:53:40.0714 4348 AmdK8 - ok
21:53:40.0734 4348 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:53:40.0769 4348 AmdPPM - ok
21:53:40.0812 4348 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:53:40.0841 4348 amdsata - ok
21:53:40.0876 4348 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:53:40.0901 4348 amdsbs - ok
21:53:40.0936 4348 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:53:40.0959 4348 amdxata - ok
21:53:41.0006 4348 AmUStor (8ebe028fc7e48725cdd92013580efd17) C:\Windows\system32\drivers\AmUStor.SYS
21:53:41.0032 4348 AmUStor - ok
21:53:41.0088 4348 ApfiltrService (9815014f3e30357168da272088c6f12f) C:\Windows\system32\DRIVERS\Apfiltr.sys
21:53:41.0116 4348 ApfiltrService - ok
21:53:41.0161 4348 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:53:41.0230 4348 AppID - ok
21:53:41.0342 4348 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:53:41.0370 4348 arc - ok
21:53:41.0383 4348 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:53:41.0406 4348 arcsas - ok
21:53:41.0444 4348 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:53:41.0512 4348 AsyncMac - ok
21:53:41.0561 4348 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:53:41.0584 4348 atapi - ok
21:53:41.0660 4348 athr (38562a6a9cb10844759eaf2b01a7fcd3) C:\Windows\system32\DRIVERS\athrx.sys
21:53:41.0707 4348 athr - ok
21:53:41.0767 4348 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
21:53:41.0785 4348 avgntflt - ok
21:53:41.0823 4348 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
21:53:41.0841 4348 avipbb - ok
21:53:41.0897 4348 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:53:41.0929 4348 b06bdrv - ok
21:53:41.0962 4348 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:53:41.0991 4348 b57nd60a - ok
21:53:42.0029 4348 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:53:42.0093 4348 Beep - ok
21:53:42.0173 4348 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:53:42.0199 4348 blbdrive - ok
21:53:42.0251 4348 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:53:42.0274 4348 bowser - ok
21:53:42.0301 4348 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:53:42.0330 4348 BrFiltLo - ok
21:53:42.0358 4348 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:53:42.0384 4348 BrFiltUp - ok
21:53:42.0428 4348 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:53:42.0455 4348 Brserid - ok
21:53:42.0485 4348 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:53:42.0514 4348 BrSerWdm - ok
21:53:42.0544 4348 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:53:42.0574 4348 BrUsbMdm - ok
21:53:42.0597 4348 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:53:42.0628 4348 BrUsbSer - ok
21:53:42.0660 4348 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:53:42.0692 4348 BTHMODEM - ok
21:53:42.0742 4348 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:53:42.0808 4348 cdfs - ok
21:53:42.0851 4348 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:53:42.0889 4348 cdrom - ok
21:53:42.0922 4348 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:53:42.0955 4348 circlass - ok
21:53:42.0996 4348 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:53:43.0028 4348 CLFS - ok
21:53:43.0083 4348 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:53:43.0108 4348 CmBatt - ok
21:53:43.0146 4348 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:53:43.0166 4348 cmdide - ok
21:53:43.0225 4348 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:53:43.0273 4348 CNG - ok
21:53:43.0315 4348 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:53:43.0336 4348 Compbatt - ok
21:53:43.0383 4348 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:53:43.0415 4348 CompositeBus - ok
21:53:43.0469 4348 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:53:43.0493 4348 crcdisk - ok
21:53:43.0587 4348 DCamUSBNovatek (356bb3dd25987179080f3b669ad4080a) C:\Windows\system32\Drivers\nvtcam.sys
21:53:43.0679 4348 DCamUSBNovatek - ok
21:53:43.0749 4348 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:53:43.0820 4348 DfsC - ok
21:53:43.0881 4348 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:53:43.0948 4348 discache - ok
21:53:43.0987 4348 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:53:44.0014 4348 Disk - ok
21:53:44.0066 4348 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:53:44.0101 4348 drmkaud - ok
21:53:44.0179 4348 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:53:44.0220 4348 DXGKrnl - ok
21:53:44.0349 4348 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:53:44.0439 4348 ebdrv - ok
21:53:44.0496 4348 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:53:44.0530 4348 elxstor - ok
21:53:44.0573 4348 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:53:44.0598 4348 ErrDev - ok
21:53:44.0661 4348 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:53:44.0731 4348 exfat - ok
21:53:44.0771 4348 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:53:44.0843 4348 fastfat - ok
21:53:44.0884 4348 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:53:44.0913 4348 fdc - ok
21:53:44.0953 4348 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:53:44.0976 4348 FileInfo - ok
21:53:45.0003 4348 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:53:45.0071 4348 Filetrace - ok
21:53:45.0105 4348 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:53:45.0138 4348 flpydisk - ok
21:53:45.0189 4348 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:53:45.0218 4348 FltMgr - ok
21:53:45.0261 4348 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:53:45.0283 4348 FsDepends - ok
21:53:45.0311 4348 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:53:45.0333 4348 Fs_Rec - ok
21:53:45.0374 4348 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:53:45.0408 4348 fvevol - ok
21:53:45.0444 4348 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:53:45.0467 4348 gagp30kx - ok
21:53:45.0507 4348 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:53:45.0522 4348 GEARAspiWDM - ok
21:53:45.0567 4348 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:53:45.0594 4348 hcw85cir - ok
21:53:45.0647 4348 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:53:45.0683 4348 HdAudAddService - ok
21:53:45.0723 4348 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:53:45.0753 4348 HDAudBus - ok
21:53:45.0774 4348 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:53:45.0799 4348 HidBatt - ok
21:53:45.0836 4348 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:53:45.0871 4348 HidBth - ok
21:53:45.0897 4348 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:53:45.0927 4348 HidIr - ok
21:53:45.0962 4348 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
21:53:45.0988 4348 HidUsb - ok
21:53:46.0046 4348 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
21:53:46.0063 4348 hpdskflt - ok
21:53:46.0094 4348 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:53:46.0115 4348 HpqKbFiltr - ok
21:53:46.0161 4348 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:53:46.0183 4348 HpSAMD - ok
21:53:46.0245 4348 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:53:46.0320 4348 HTTP - ok
21:53:46.0371 4348 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:53:46.0393 4348 hwpolicy - ok
21:53:46.0425 4348 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:53:46.0451 4348 i8042prt - ok
21:53:46.0503 4348 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
21:53:46.0530 4348 iaStor - ok
21:53:46.0575 4348 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:53:46.0606 4348 iaStorV - ok
21:53:46.0810 4348 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:53:46.0954 4348 igfx - ok
21:53:47.0007 4348 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:53:47.0030 4348 iirsp - ok
21:53:47.0085 4348 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:53:47.0107 4348 intelide - ok
21:53:47.0151 4348 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:53:47.0181 4348 intelppm - ok
21:53:47.0235 4348 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:53:47.0300 4348 IpFilterDriver - ok
21:53:47.0346 4348 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:53:47.0382 4348 IPMIDRV - ok
21:53:47.0415 4348 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:53:47.0483 4348 IPNAT - ok
21:53:47.0518 4348 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:53:47.0554 4348 IRENUM - ok
21:53:47.0608 4348 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:53:47.0629 4348 isapnp - ok
21:53:47.0686 4348 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:53:47.0715 4348 iScsiPrt - ok
21:53:47.0745 4348 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:53:47.0767 4348 kbdclass - ok
21:53:47.0813 4348 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:53:47.0842 4348 kbdhid - ok
21:53:47.0897 4348 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:53:47.0921 4348 KSecDD - ok
21:53:47.0961 4348 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:53:47.0990 4348 KSecPkg - ok
21:53:48.0025 4348 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:53:48.0096 4348 ksthunk - ok
21:53:48.0171 4348 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:53:48.0242 4348 lltdio - ok
21:53:48.0296 4348 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:53:48.0322 4348 LSI_FC - ok
21:53:48.0357 4348 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:53:48.0380 4348 LSI_SAS - ok
21:53:48.0420 4348 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:53:48.0443 4348 LSI_SAS2 - ok
21:53:48.0477 4348 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:53:48.0501 4348 LSI_SCSI - ok
21:53:48.0532 4348 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:53:48.0597 4348 luafv - ok
21:53:48.0627 4348 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
21:53:48.0648 4348 MBAMProtector - ok
21:53:48.0707 4348 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:53:48.0729 4348 megasas - ok
21:53:48.0756 4348 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:53:48.0785 4348 MegaSR - ok
21:53:48.0835 4348 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:53:48.0911 4348 Modem - ok
21:53:48.0939 4348 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:53:48.0970 4348 monitor - ok
21:53:49.0022 4348 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:53:49.0045 4348 mouclass - ok
21:53:49.0091 4348 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:53:49.0124 4348 mouhid - ok
21:53:49.0174 4348 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:53:49.0198 4348 mountmgr - ok
21:53:49.0251 4348 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:53:49.0275 4348 mpio - ok
21:53:49.0309 4348 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:53:49.0376 4348 mpsdrv - ok
21:53:49.0433 4348 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:53:49.0469 4348 MRxDAV - ok
21:53:49.0511 4348 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:53:49.0538 4348 mrxsmb - ok
21:53:49.0594 4348 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:53:49.0628 4348 mrxsmb10 - ok
21:53:49.0666 4348 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:53:49.0692 4348 mrxsmb20 - ok
21:53:49.0731 4348 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:53:49.0754 4348 msahci - ok
21:53:49.0785 4348 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:53:49.0811 4348 msdsm - ok
21:53:49.0861 4348 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:53:49.0932 4348 Msfs - ok
21:53:49.0969 4348 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:53:50.0034 4348 mshidkmdf - ok
21:53:50.0072 4348 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:53:50.0092 4348 msisadrv - ok
21:53:50.0139 4348 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:53:50.0207 4348 MSKSSRV - ok
21:53:50.0228 4348 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:53:50.0291 4348 MSPCLOCK - ok
21:53:50.0311 4348 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:53:50.0382 4348 MSPQM - ok
21:53:50.0439 4348 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:53:50.0468 4348 MsRPC - ok
21:53:50.0525 4348 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:53:50.0548 4348 mssmbios - ok
21:53:50.0576 4348 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:53:50.0649 4348 MSTEE - ok
21:53:50.0681 4348 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:53:50.0711 4348 MTConfig - ok
21:53:50.0747 4348 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:53:50.0769 4348 Mup - ok
21:53:50.0812 4348 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:53:50.0847 4348 NativeWifiP - ok
21:53:50.0908 4348 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:53:50.0948 4348 NDIS - ok
21:53:50.0978 4348 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:53:51.0041 4348 NdisCap - ok
21:53:51.0067 4348 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:53:51.0135 4348 NdisTapi - ok
21:53:51.0187 4348 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:53:51.0247 4348 Ndisuio - ok
21:53:51.0292 4348 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:53:51.0355 4348 NdisWan - ok
21:53:51.0400 4348 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:53:51.0466 4348 NDProxy - ok
21:53:51.0505 4348 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:53:51.0568 4348 NetBIOS - ok
21:53:51.0611 4348 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:53:51.0683 4348 NetBT - ok
21:53:51.0865 4348 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
21:53:52.0002 4348 netw5v64 - ok
21:53:52.0046 4348 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:53:52.0068 4348 nfrd960 - ok
21:53:52.0122 4348 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:53:52.0205 4348 Npfs - ok
21:53:52.0240 4348 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:53:52.0307 4348 nsiproxy - ok
21:53:52.0387 4348 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:53:52.0448 4348 Ntfs - ok
21:53:52.0480 4348 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:53:52.0546 4348 Null - ok
21:53:52.0589 4348 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys
21:53:52.0607 4348 NVHDA - ok
21:53:52.0855 4348 nvlddmkm (e63279a205da5c225369770e400904a8) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:53:53.0220 4348 nvlddmkm - ok
21:53:53.0289 4348 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:53:53.0318 4348 nvraid - ok
21:53:53.0357 4348 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:53:53.0392 4348 nvstor - ok
21:53:53.0449 4348 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:53:53.0475 4348 nv_agp - ok
21:53:53.0522 4348 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:53:53.0552 4348 ohci1394 - ok
21:53:53.0639 4348 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:53:53.0666 4348 Parport - ok
21:53:53.0706 4348 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:53:53.0729 4348 partmgr - ok
21:53:53.0782 4348 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
21:53:53.0805 4348 pccsmcfd - ok
21:53:53.0842 4348 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:53:53.0873 4348 pci - ok
21:53:53.0917 4348 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:53:53.0938 4348 pciide - ok
21:53:53.0963 4348 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:53:54.0001 4348 pcmcia - ok
21:53:54.0059 4348 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:53:54.0087 4348 pcw - ok
21:53:54.0130 4348 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:53:54.0227 4348 PEAUTH - ok
21:53:54.0377 4348 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:53:54.0449 4348 PptpMiniport - ok
21:53:54.0488 4348 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:53:54.0518 4348 Processor - ok
21:53:54.0588 4348 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:53:54.0663 4348 Psched - ok
21:53:54.0737 4348 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:53:54.0802 4348 ql2300 - ok
21:53:54.0832 4348 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:53:54.0862 4348 ql40xx - ok
21:53:54.0905 4348 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:53:54.0939 4348 QWAVEdrv - ok
21:53:54.0970 4348 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:53:55.0046 4348 RasAcd - ok
21:53:55.0083 4348 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:53:55.0155 4348 RasAgileVpn - ok
21:53:55.0205 4348 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:53:55.0268 4348 Rasl2tp - ok
21:53:55.0304 4348 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:53:55.0377 4348 RasPppoe - ok
21:53:55.0407 4348 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:53:55.0474 4348 RasSstp - ok
21:53:55.0528 4348 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:53:55.0602 4348 rdbss - ok
21:53:55.0660 4348 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:53:55.0695 4348 rdpbus - ok
21:53:55.0731 4348 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:53:55.0797 4348 RDPCDD - ok
21:53:55.0825 4348 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:53:55.0898 4348 RDPENCDD - ok
21:53:55.0916 4348 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:53:55.0984 4348 RDPREFMP - ok
21:53:56.0044 4348 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:53:56.0112 4348 RDPWD - ok
21:53:56.0174 4348 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:53:56.0199 4348 rdyboost - ok
21:53:56.0242 4348 RkHit - ok
21:53:56.0308 4348 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:53:56.0383 4348 rspndr - ok
21:53:56.0424 4348 RTL8167 (91296f0b2653281b2f11e0fce56aa427) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:53:56.0455 4348 RTL8167 - ok
21:53:56.0521 4348 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:53:56.0539 4348 SASDIFSV - ok
21:53:56.0563 4348 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:53:56.0579 4348 SASKUTIL - ok
21:53:56.0628 4348 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:53:56.0652 4348 sbp2port - ok
21:53:56.0720 4348 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:53:56.0784 4348 scfilter - ok
21:53:56.0835 4348 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
21:53:56.0873 4348 sdbus - ok
21:53:56.0901 4348 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:53:56.0970 4348 secdrv - ok
21:53:57.0033 4348 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:53:57.0061 4348 Serenum - ok
21:53:57.0102 4348 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:53:57.0137 4348 Serial - ok
21:53:57.0185 4348 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:53:57.0212 4348 sermouse - ok
21:53:57.0288 4348 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:53:57.0320 4348 sffdisk - ok
21:53:57.0344 4348 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:53:57.0382 4348 sffp_mmc - ok
21:53:57.0407 4348 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:53:57.0443 4348 sffp_sd - ok
21:53:57.0477 4348 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:53:57.0503 4348 sfloppy - ok
21:53:57.0563 4348 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:53:57.0585 4348 SiSRaid2 - ok
21:53:57.0614 4348 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:53:57.0643 4348 SiSRaid4 - ok
21:53:57.0683 4348 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:53:57.0748 4348 Smb - ok
21:53:57.0799 4348 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:53:57.0819 4348 spldr - ok
21:53:57.0905 4348 sptd (51de15ca5c05bca46d8b110cd00a02fb) C:\Windows\system32\Drivers\sptd.sys
21:53:57.0905 4348 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51de15ca5c05bca46d8b110cd00a02fb
21:53:57.0908 4348 sptd ( LockedFile.Multi.Generic ) - warning
21:53:57.0908 4348 sptd - detected LockedFile.Multi.Generic (1)
21:53:57.0974 4348 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:53:58.0006 4348 srv - ok
21:53:58.0069 4348 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:53:58.0099 4348 srv2 - ok
21:53:58.0178 4348 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:53:58.0208 4348 SrvHsfHDA - ok
21:53:58.0309 4348 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:53:58.0360 4348 SrvHsfV92 - ok
21:53:58.0418 4348 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:53:58.0455 4348 SrvHsfWinac - ok
21:53:58.0519 4348 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:53:58.0544 4348 srvnet - ok
21:53:58.0636 4348 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:53:58.0658 4348 stexstor - ok
21:53:58.0727 4348 STHDA (ed1722f43ce61409ef68340402d6267d) C:\Windows\system32\DRIVERS\stwrt64.sys
21:53:58.0761 4348 STHDA - ok
21:53:58.0831 4348 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:53:58.0854 4348 swenum - ok
21:53:58.0980 4348 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:53:59.0051 4348 Tcpip - ok
21:53:59.0113 4348 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:53:59.0179 4348 TCPIP6 - ok
21:53:59.0237 4348 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:53:59.0305 4348 tcpipreg - ok
21:53:59.0372 4348 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:53:59.0447 4348 TDPIPE - ok
21:53:59.0481 4348 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:53:59.0551 4348 TDTCP - ok
21:53:59.0646 4348 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:53:59.0710 4348 tdx - ok
21:53:59.0754 4348 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:53:59.0774 4348 TermDD - ok
21:53:59.0830 4348 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:53:59.0892 4348 tssecsrv - ok
21:53:59.0951 4348 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:53:59.0979 4348 TsUsbFlt - ok
21:54:00.0031 4348 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:54:00.0099 4348 tunnel - ok
21:54:00.0146 4348 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:54:00.0171 4348 uagp35 - ok
21:54:00.0218 4348 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:54:00.0290 4348 udfs - ok
21:54:00.0356 4348 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:54:00.0378 4348 uliagpkx - ok
21:54:00.0421 4348 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:54:00.0452 4348 umbus - ok
21:54:00.0485 4348 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:54:00.0512 4348 UmPass - ok
21:54:00.0567 4348 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
21:54:00.0591 4348 USBAAPL64 - ok
21:54:00.0647 4348 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
21:54:00.0679 4348 usbaudio - ok
21:54:00.0716 4348 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:54:00.0743 4348 usbccgp - ok
21:54:00.0796 4348 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:54:00.0827 4348 usbcir - ok
21:54:00.0868 4348 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:54:00.0899 4348 usbehci - ok
21:54:00.0955 4348 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:54:00.0982 4348 usbhub - ok
21:54:01.0028 4348 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:54:01.0057 4348 usbohci - ok
21:54:01.0103 4348 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:54:01.0140 4348 usbprint - ok
21:54:01.0169 4348 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:54:01.0204 4348 USBSTOR - ok
21:54:01.0241 4348 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
21:54:01.0282 4348 usbuhci - ok
21:54:01.0337 4348 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
21:54:01.0392 4348 usbvideo - ok
21:54:01.0457 4348 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:54:01.0481 4348 vdrvroot - ok
21:54:01.0543 4348 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:54:01.0577 4348 vga - ok
21:54:01.0607 4348 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:54:01.0684 4348 VgaSave - ok
21:54:01.0722 4348 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:54:01.0750 4348 vhdmp - ok
21:54:01.0790 4348 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:54:01.0815 4348 viaide - ok
21:54:01.0869 4348 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:54:01.0898 4348 volmgr - ok
21:54:01.0968 4348 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:54:01.0995 4348 volmgrx - ok
21:54:02.0023 4348 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:54:02.0049 4348 volsnap - ok
21:54:02.0090 4348 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:54:02.0114 4348 vsmraid - ok
21:54:02.0137 4348 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:54:02.0164 4348 vwifibus - ok
21:54:02.0187 4348 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:54:02.0218 4348 vwififlt - ok
21:54:02.0258 4348 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:54:02.0281 4348 WacomPen - ok
21:54:02.0311 4348 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:54:02.0373 4348 WANARP - ok
21:54:02.0385 4348 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:54:02.0443 4348 Wanarpv6 - ok
21:54:02.0503 4348 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:54:02.0522 4348 Wd - ok
21:54:02.0568 4348 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:54:02.0603 4348 Wdf01000 - ok
21:54:02.0650 4348 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:54:02.0712 4348 WfpLwf - ok
21:54:02.0733 4348 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:54:02.0752 4348 WIMMount - ok
21:54:02.0820 4348 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:54:02.0847 4348 WinUsb - ok
21:54:02.0892 4348 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:54:02.0914 4348 WmiAcpi - ok
21:54:02.0962 4348 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:54:03.0023 4348 ws2ifsl - ok
21:54:03.0084 4348 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:54:03.0147 4348 WudfPf - ok
21:54:03.0163 4348 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:54:03.0224 4348 WUDFRd - ok
21:54:03.0277 4348 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
21:54:03.0308 4348 yukonw7 - ok
21:54:03.0347 4348 MBR (0x1B8) (e6b4ca0a654dd2c9f72c0ea0fd94f376) \Device\Harddisk0\DR0
21:54:03.0447 4348 \Device\Harddisk0\DR0 - ok
21:54:03.0479 4348 Boot (0x1200) (142998438f1333885c0512c777e8a234) \Device\Harddisk0\DR0\Partition0
21:54:03.0482 4348 \Device\Harddisk0\DR0\Partition0 - ok
21:54:03.0495 4348 Boot (0x1200) (facb7b5fb03014d65391793286307b9f) \Device\Harddisk0\DR0\Partition1
21:54:03.0498 4348 \Device\Harddisk0\DR0\Partition1 - ok
21:54:03.0528 4348 Boot (0x1200) (b2c2db7ef9262ae66641a1cd9ef8e85f) \Device\Harddisk0\DR0\Partition2
21:54:03.0531 4348 \Device\Harddisk0\DR0\Partition2 - ok
21:54:03.0545 4348 Boot (0x1200) (9dc49683b982f8afb15b36431170ab4b) \Device\Harddisk0\DR0\Partition3
21:54:03.0546 4348 \Device\Harddisk0\DR0\Partition3 - ok
21:54:03.0547 4348 ============================================================
21:54:03.0547 4348 Scan finished
21:54:03.0547 4348 ============================================================
21:54:03.0561 2964 Detected object count: 1
21:54:03.0561 2964 Actual detected object count: 1
21:54:13.0603 2964 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:54:13.0603 2964 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
|
|
26.02.2012, 22:21
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.02.2012, 22:57
| #6 |
| | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed Combofix Logfile: Code:
ATTFilter ComboFix 12-02-25.02 - Franzi 26.02.2012 22:30:20.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4063.2703 [GMT 1:00]
ausgeführt von:: c:\users\Franzi\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Franzi\AppData\Roaming\Local
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_RkHit
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-01-26 bis 2012-02-26 ))))))))))))))))))))))))))))))
.
.
2012-02-26 21:38 . 2012-02-26 21:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-26 19:49 . 2012-02-26 19:49 -------- d-----w- C:\_OTL
2012-02-25 23:53 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DFCE6193-F8F7-44FC-848A-476614E7C3A9}\mpengine.dll
2012-02-22 20:07 . 2012-02-22 20:07 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-02-22 19:40 . 2012-02-22 19:40 -------- d-----w- c:\program files (x86)\ESET
2012-02-20 21:08 . 2012-02-20 21:08 -------- d-----w- c:\users\Franzi\AppData\Roaming\Malwarebytes
2012-02-20 21:08 . 2012-02-20 21:08 -------- d-----w- c:\programdata\Malwarebytes
2012-02-20 21:08 . 2012-02-20 21:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-20 21:08 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-20 18:04 . 2012-02-20 18:04 -------- d-----w- c:\users\Franzi\AppData\Roaming\Curiolab
2012-02-20 18:03 . 2012-02-20 21:08 -------- d-----w- c:\program files (x86)\Exterminate It!
2012-02-20 17:54 . 2012-02-20 18:03 -------- d-----w- c:\users\Franzi\AppData\Roaming\GetRightToGo
2012-02-20 17:40 . 2010-12-30 09:54 34736 ----a-w- c:\windows\SysWow64\drivers\RKHit.sys
2012-02-20 17:40 . 2012-02-26 19:49 -------- d-----w- c:\program files (x86)\PCSafeDoctor
2012-02-19 18:13 . 2012-02-19 18:13 -------- d-----w- c:\users\Franzi\AppData\Roaming\SUPERAntiSpyware.com
2012-02-19 18:13 . 2012-02-19 18:17 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-02-19 18:13 . 2012-02-19 18:13 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-02-19 17:55 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-19 17:55 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2012-02-19 17:55 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-19 17:50 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-19 17:50 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-02-19 17:50 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-19 17:50 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-02-19 17:49 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-02-19 16:49 . 2012-02-19 16:49 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2012-02-13 18:14 . 2012-02-13 18:14 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-02-13 18:14 . 2012-02-13 18:14 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-02-13 18:14 . 2012-02-13 18:14 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-02-13 18:14 . 2012-02-13 18:14 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-02-13 07:47 . 2012-02-13 07:47 -------- d-----w- c:\users\Franzi\AppData\Roaming\Avira
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-22 20:06 . 2010-04-19 08:24 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-01-29 04:10 . 2009-12-25 07:36 279656 ------w- c:\windows\system32\MpSigStub.exe
2011-11-30 20:13 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-11-30 20:13 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-07-15 1668664]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-01-20 5487488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 323640]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-06-22 60464]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2009-09-05 385024]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-05-20 500792]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-14 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\users\Franzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Franzi\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
OpenOffice.org 3.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-26 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-26 135664]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-15 136360]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S3 DCamUSBNovatek;USB2.0 UVC Camera;c:\windows\system32\Drivers\nvtcam.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-02-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-25 16:23]
.
2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-26 16:34]
.
2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-26 16:34]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Franzi\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-23 16334368]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-07-16 323072]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-06-29 318464]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-08 171520]
"combofix"="c:\combofix\CF20859.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cnnb
uLocal Page = c:\windows\system32\blank.htm
mStart Page =
mLocal Page =
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to Mp3 Converter - c:\users\Franzi\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Franzi\AppData\Roaming\Mozilla\Firefox\Profiles\0grq5rxq.default\
FF - user.js: yahoo.homepage.dontask - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-SunJavaUpdateSched - Disable_By_c:\program files (x86)\Common Files\Java\Java Update\jusched.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files (x86)\DivX\DivXCodecUninstall.exe
AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - c:\program files (x86)\DivX\DivXPlayerUninstall.exe
AddRemove-{B60DCA15-56A3-4D2D-8747-22CF7D7B588B} - c:\program files (x86)\InstallShield Installation Information\{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-02-26 22:46:49 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-02-26 21:46
.
Vor Suchlauf: 14 Verzeichnis(se), 369.035.440.128 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 368.437.432.320 Bytes frei
.
- - End Of File - - 755357D4E210DF0C77FC433464FB6A45
|
|
27.02.2012, 09:36
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.02.2012, 22:16
| #8 |
| | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed Hallo, das Programm scanned und meldet dann "avast! Antirootkit funktioniert nicht mehr...das Programm wird aufgrund eines Problem nicht richtig ausgeführt. Das Programm wird geschlossen und Sie werden benachrichtigt, wenn eine Lösung verfügbar ist." |
|
27.02.2012, 22:27
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed Starte aswMBR neu, stell unten links auf (none) und klick dann nochmal auf Scan
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.02.2012, 22:33
| #10 |
| | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed Hab ich gemacht, jedoch kam dann ein blue screen und Windows hat neu gestartet. Was kann ich tun? |
|
27.02.2012, 22:36
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed Wiederhol das bitte nochmal. Ggf. im abgesicherten Modus
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.02.2012, 22:48
| #12 |
| | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failedCode:
ATTFilter aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-02-27 22:45:15
-----------------------------
22:45:15.438 OS Version: Windows x64 6.1.7601 Service Pack 1
22:45:15.438 Number of processors: 2 586 0x170A
22:45:15.438 ComputerName: FRANZI-PC UserName: Franzi
22:45:20.196 Initialize success
22:45:28.589 AVAST engine defs: 12022700
22:45:34.064 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:45:34.080 Disk 0 Vendor: ST950042 0003 Size: 476940MB BusType: 3
22:45:34.111 Disk 0 MBR read successfully
22:45:34.111 Disk 0 MBR scan
22:45:34.127 Disk 0 unknown MBR code
22:45:34.142 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
22:45:34.158 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463340 MB offset 409600
22:45:34.189 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13296 MB offset 949329920
22:45:34.205 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
22:45:34.251 Disk 0 scanning C:\Windows\system32\drivers
22:45:47.449 Service scanning
22:46:14.234 Modules scanning
22:46:14.250 Disk 0 trace - called modules:
22:46:14.265 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
22:46:14.281 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800577c060]
22:46:14.297 3 CLASSPNP.SYS[fffff88000c2943f] -> nt!IofCallDriver -> [0xfffffa800577b650]
22:46:14.312 5 hpdskflt.sys[fffff880025bf289] -> nt!IofCallDriver -> [0xfffffa8004a4c830]
22:46:14.328 7 ACPI.sys[fffff8800116c7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8004a9c050]
22:46:14.328 Scan finished successfully
22:46:32.736 Disk 0 MBR has been saved successfully to "C:\Users\Franzi\Desktop\MBR.dat"
22:46:32.751 The log file has been saved successfully to "C:\Users\Franzi\Desktop\aswMBR.txt"
|
|
28.02.2012, 09:28
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.02.2012, 22:31
| #14 |
| | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failedCode:
ATTFilter aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-02-27 22:45:15
-----------------------------
22:45:15.438 OS Version: Windows x64 6.1.7601 Service Pack 1
22:45:15.438 Number of processors: 2 586 0x170A
22:45:15.438 ComputerName: FRANZI-PC UserName: Franzi
22:45:20.196 Initialize success
22:45:28.589 AVAST engine defs: 12022700
22:45:34.064 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:45:34.080 Disk 0 Vendor: ST950042 0003 Size: 476940MB BusType: 3
22:45:34.111 Disk 0 MBR read successfully
22:45:34.111 Disk 0 MBR scan
22:45:34.127 Disk 0 unknown MBR code
22:45:34.142 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
22:45:34.158 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463340 MB offset 409600
22:45:34.189 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13296 MB offset 949329920
22:45:34.205 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
22:45:34.251 Disk 0 scanning C:\Windows\system32\drivers
22:45:47.449 Service scanning
22:46:14.234 Modules scanning
22:46:14.250 Disk 0 trace - called modules:
22:46:14.265 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
22:46:14.281 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800577c060]
22:46:14.297 3 CLASSPNP.SYS[fffff88000c2943f] -> nt!IofCallDriver -> [0xfffffa800577b650]
22:46:14.312 5 hpdskflt.sys[fffff880025bf289] -> nt!IofCallDriver -> [0xfffffa8004a4c830]
22:46:14.328 7 ACPI.sys[fffff8800116c7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8004a9c050]
22:46:14.328 Scan finished successfully
22:46:32.736 Disk 0 MBR has been saved successfully to "C:\Users\Franzi\Desktop\MBR.dat"
22:46:32.751 The log file has been saved successfully to "C:\Users\Franzi\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-02-28 22:24:02
-----------------------------
22:24:02.105 OS Version: Windows x64 6.1.7601 Service Pack 1
22:24:02.120 Number of processors: 2 586 0x170A
22:24:02.120 ComputerName: FRANZI-PC UserName: Franzi
22:24:05.568 Initialize success
22:24:15.895 AVAST engine defs: 12022700
22:25:07.921 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:25:07.921 Disk 0 Vendor: ST950042 0003 Size: 476940MB BusType: 3
22:25:07.953 Disk 0 MBR read successfully
22:25:07.953 Disk 0 MBR scan
22:25:07.953 Disk 0 Windows 7 default MBR code
22:25:07.968 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
22:25:07.984 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463340 MB offset 409600
22:25:08.015 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13296 MB offset 949329920
22:25:08.031 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
22:25:08.093 Disk 0 scanning C:\Windows\system32\drivers
22:25:22.351 Service scanning
22:25:55.361 Modules scanning
22:25:55.377 Disk 0 trace - called modules:
22:25:55.408 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys spnw.sys hal.dll
22:25:55.408 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586a060]
22:25:55.423 3 CLASSPNP.SYS[fffff88000c4f43f] -> nt!IofCallDriver -> [0xfffffa8005869b10]
22:25:55.439 5 hpdskflt.sys[fffff880025e9289] -> nt!IofCallDriver -> [0xfffffa8004ae7330]
22:25:55.439 7 ACPI.sys[fffff880011917a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8004b79050]
22:25:55.455 Scan finished successfully
22:26:10.680 Disk 0 MBR has been saved successfully to "C:\Users\Franzi\Desktop\MBR.dat"
22:26:10.696 The log file has been saved successfully to "C:\Users\Franzi\Desktop\aswMBR.txt"
|
|
28.02.2012, 22:51
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed |
| antivir, appdata, avira, bildschirm, computer, control, desktop, detected, download, ergebnis, explorer, exterminate, failed, fehler, festplatte, google, icons, infected, internet, log, microsoft, ordner, roaming, software, start, temp |
Hybrid-Darstellung
