Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: WPuxEjVtXoFKKAE.exe und "delayed write failed"

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 04.03.2012, 14:54   #1
sodamixer
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



Guten Tag
während ich surfte meldete Avira "Malware gefunden" nach dem ich auf löschen klickte wurde alle programme geschlossen es tauchte ca. 15 mal die wohl bekannte fehlermeldung "delayed write failed" auf kurz darauf wurde auch der abgang der ATI software und RAM probleme gemeldet. auch von beschädigten HDD clustern wurde berichtet. Nun die glaube ich üblichen symptome Desktop leer, Startleiste leer, Taskmanager nicht über Strg+Alt+Enf zu erreichen etc. auch unter anderen Benutzern. Alle unnötigen HDDs hab kurz nach auftreten des Problems, bis jetzt vom Pc getrennt,
noch angeschlossen 60GB SSD mit einer Partition C:

Fortschritt bisher:
über cmd >taskkill einige Prozesse beendet u.a. WpuxEjVtXoFKKAE.exe
über msconfig>Systemstart das Häkchen bei "WpuxEjVtXoFKKAE.exe" entfernt
über "ordneroptionen ausgeblendete Dataien,Laufwerke anzeigen" mein Pc soweit gebracht nun weitere schritte vorzunehmen.

nun die Logs (AntiVir war nur während des Scans Deaktiviert)
DDS:

.DDS Logfile:
Code:
ATTFilter
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421
Run by admin at 15:13:33 on 2012-03-04
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4079.2920 [GMT 1:00]
.
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\program files (x86)\avira\antivir desktop\avscan.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\Dwm.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer bereitgestellt von ARLT Computer
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [OpAgent] "OpAgent.exe" /agent
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [<NO NAME>] 
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-system: DisableTaskMgr = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: DisableTaskMgr = 1 (0x1)
IE: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{3386AF45-0C3B-47CB-84AA-EAD4E2818EF8} : DhcpNameServer = 192.168.2.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{AE7CD045-E861-484f-8273-0445EE161910}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{F4971EE7-DAA0-4053-9964-665D8EE6A077}
{47833539-D0C5-4125-9FA8-0819E2EAAC93}
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [(Standard)] 
mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRunOnce-x64: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jgcos2hm.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: F:\Programme\Mozilla Firefox\extensions\inspector@mozilla.org\components\inspector.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_xata;amd_xata;C:\Windows\system32\drivers\amd_xata.sys --> C:\Windows\system32\drivers\amd_xata.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AntiVirSchedulerService;Avira AntiVir Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-3-24 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-3-24 269480]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-21 13336]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S1 acedrv06;acedrv06;\??\C:\Windows\system32\drivers\acedrv06.sys --> C:\Windows\system32\drivers\acedrv06.sys [?]
S2 Realtek11nSU;Realtek11nSU;C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [2011-3-23 40960]
S3 adp3132;adp3132;C:\Windows\system32\drivers\adp3132.sys --> C:\Windows\system32\drivers\adp3132.sys [?]
S3 ahcix64s;ahcix64s;C:\Windows\system32\drivers\ahcix64s.sys --> C:\Windows\system32\drivers\ahcix64s.sys [?]
S3 amd_sata;amd_sata;C:\Windows\system32\drivers\amd_sata.sys --> C:\Windows\system32\drivers\amd_sata.sys [?]
S3 amdide64;amdide64;C:\Windows\system32\drivers\amdide64.sys --> C:\Windows\system32\drivers\amdide64.sys [?]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\drivers\asmthub3.sys --> C:\Windows\system32\drivers\asmthub3.sys [?]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\drivers\asmtxhci.sys --> C:\Windows\system32\drivers\asmtxhci.sys [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-3-27 1038088]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\system32\drivers\FLxHCIc.sys --> C:\Windows\system32\drivers\FLxHCIc.sys [?]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\system32\drivers\FLxHCIh.sys --> C:\Windows\system32\drivers\FLxHCIh.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 ISASerial;PCIe-ISA Communication Port;C:\Windows\system32\drivers\ISASerial.sys --> C:\Windows\system32\drivers\ISASerial.sys [?]
S3 MtsHID;TechniSat Mantis BDA HID Driver;C:\Windows\system32\drivers\MtsHID.sys --> C:\Windows\system32\drivers\MtsHID.sys [?]
S3 mv91cons;mv91cons;C:\Windows\system32\drivers\mv91cons.sys --> C:\Windows\system32\drivers\mv91cons.sys [?]
S3 mv91xx;mv91xx;C:\Windows\system32\drivers\mv91xx.sys --> C:\Windows\system32\drivers\mv91xx.sys [?]
S3 nvamacpi;nvamacpi;C:\Windows\system32\drivers\NVAMACPI.sys --> C:\Windows\system32\drivers\NVAMACPI.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 OxPCIeSer;OxPCIeSer;C:\Windows\system32\drivers\OxPCIeSer.sys --> C:\Windows\system32\drivers\OxPCIeSer.sys [?]
S3 PciIsaSerial;PCI-ISA Communication Port;C:\Windows\system32\drivers\PciIsaSerial.sys --> C:\Windows\system32\drivers\PciIsaSerial.sys [?]
S3 PciPPorts;PCI ECP Parallel Port;C:\Windows\system32\drivers\PciPPorts.sys --> C:\Windows\system32\drivers\PciPPorts.sys [?]
S3 PciSPorts;High-Speed PCI Serial Port;C:\Windows\system32\drivers\PciSPorts.sys --> C:\Windows\system32\drivers\PciSPorts.sys [?]
S3 PPorts;PCIe ECP Parallel Port;C:\Windows\system32\drivers\PPorts.sys --> C:\Windows\system32\drivers\PPorts.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?]
S3 Si3124r5;Si3124r5;C:\Windows\system32\drivers\Si3124r5.sys --> C:\Windows\system32\drivers\Si3124r5.sys [?]
S3 SPorts;High-Speed PCIe Serial Port;C:\Windows\system32\drivers\SPorts.sys --> C:\Windows\system32\drivers\SPorts.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-03-04 13:32:32	23152	----a-w-	C:\Windows\System32\drivers\mbam.sys
2012-03-04 13:32:32	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-04 13:28:08	--------	d-----w-	C:\Users\admin\AppData\Roaming\Malwarebytes
2012-03-04 13:28:08	--------	d-----w-	C:\ProgramData\Malwarebytes
2012-03-03 16:12:05	429568	---ha-w-	C:\ProgramData\WPuxEjVtXoFKKAE.exe
2012-02-27 07:45:24	--------	d--h--w-	C:\Users\admin\AppData\Roaming\Zeon
2012-02-17 11:39:02	--------	d--h--w-	C:\Program Files (x86)\MSXML 4.0
2012-02-17 11:39:00	--------	d--h--w-	C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2012-02-17 11:33:38	3145728	----a-w-	C:\Windows\System32\win32k.sys
2012-02-17 11:33:35	690688	----a-w-	C:\Windows\SysWow64\msvcrt.dll
2012-02-17 11:33:35	634880	----a-w-	C:\Windows\System32\msvcrt.dll
2012-02-17 11:33:35	498688	----a-w-	C:\Windows\System32\drivers\afd.sys
2012-02-13 11:40:45	--------	d--h--w-	C:\Program Files (x86)\ScanSoft
2012-02-08 21:59:41	1731920	----a-w-	C:\Windows\System32\ntdll.dll
2012-02-08 21:59:41	1292080	----a-w-	C:\Windows\SysWow64\ntdll.dll
2012-02-08 21:59:40	77312	----a-w-	C:\Windows\System32\packager.dll
2012-02-08 21:59:40	67072	----a-w-	C:\Windows\SysWow64\packager.dll
2012-02-08 21:59:40	514560	----a-w-	C:\Windows\SysWow64\qdvd.dll
2012-02-08 21:59:40	366592	----a-w-	C:\Windows\System32\qdvd.dll
2012-02-08 21:59:40	1572864	----a-w-	C:\Windows\System32\quartz.dll
2012-02-08 21:59:40	1328128	----a-w-	C:\Windows\SysWow64\quartz.dll
.
==================== Find3M  ====================
.
2011-12-14 07:11:03	2308096	----a-w-	C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30	1390080	----a-w-	C:\Windows\System32\wininet.dll
2011-12-14 07:03:38	1493504	----a-w-	C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28	2382848	----a-w-	C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54	1798656	----a-w-	C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18	1127424	----a-w-	C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58	1427456	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04	2382848	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2011-12-09 02:31:33	81920	---ha-w-	C:\Windows\SysWow64\acedrv06.dll
2011-12-09 02:31:33	147456	----a-w-	C:\Windows\System32\drivers\acedrv06.sys
.
============= FINISH: 15:13:42,76 ===============
         
--- --- ---

meine frage nun kann ich einfach die in Malwarebytes die fehler behen oder sollte besser anders vorgegangen werden? bei ähnlichen problemen habe ich hier im forum von einer längeren "Reperatur" gelesen u.a. ComboFix Unhide etc.
vielen Dank! Grüße Sodamixer
Angehängte Dateien
Dateityp: txt Attach.txt (3,9 KB, 151x aufgerufen)
Dateityp: txt mbam-log-2012-03-04 (14-43-01).txt (3,6 KB, 161x aufgerufen)

Geändert von sodamixer (04.03.2012 um 15:33 Uhr)

Alt 04.03.2012, 21:10   #2
Chris4You
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



Hi,

MAM alles löschen lassen, dann ein OTL-Log posten...

Wichtig:Du musst mit dem verseuchten Konto booten!

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread

chris
__________________

__________________

Alt 05.03.2012, 08:44   #3
sodamixer
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



erstmal vielen Dank für die schnelle Antwort sogar Sonntag Abend :-)
Avira und MAM war während OTL Scan aktiv kein Problem oder?
Zum Thema "in verseuchtem Konto booten": Hab den Pc seit den Taskkills und den anderen in meinem ersten Beitrag geschilderten aktionen immer nur im "Energie sparen". Ergänzung zu den, von mir sichtbar gemachten icons/Ordnern, diese sind nur transparent, dazu nutze ich später unhide richtig?
Mein catalyst control center von ATI brint in windows immernoch Fehler mit der einzigen Otion das programm zu schließen?
die Logs:

Code:
ATTFilter
OTL logfile created on: 05.03.2012 09:14:12 - Run 1
OTL by OldTimer - Version 3.2.35.1     Folder = C:\Users\admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 59,91% Memory free
7,96 Gb Paging File | 6,07 Gb Available in Paging File | 76,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,90 Gb Total Space | 15,51 Gb Free Space | 27,75% Space Free | Partition Type: NTFS
 
Computer Name: ARLT | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\admin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe (Realtek)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe (Adobe Systems Incorporated)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\bc264c7dba2096c2c88080090bf42600\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6aef03034d33721bfbd588d9d7fffe60\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (Realtek11nSU) -- C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe (Realtek)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (acedrv06) -- C:\Windows\SysNative\drivers\acedrv06.sys ()
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (mv91xx) -- C:\Windows\SysNative\drivers\mv91xx.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (mv91cons) -- C:\Windows\SysNative\drivers\mv91cons.sys (Marvell Semiconductor Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (FLxHCIc) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic)
DRV:64bit: - (FLxHCIh) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic)
DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\drivers\SiWinAcc.sys (Silicon Image, Inc.)
DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\drivers\SiRemFil.sys (Silicon Image, Inc.)
DRV:64bit: - (Si3124r5) -- C:\Windows\SysNative\drivers\Si3124r5.sys (Silicon Image, Inc)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (adp3132) -- C:\Windows\SysNative\drivers\adp3132.sys (Adaptec, Inc.)
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV:64bit: - (nvamacpi) -- C:\Windows\SysNative\drivers\nvamacpi.sys (NVIDIA Corporation)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (MtsHID) -- C:\Windows\SysNative\drivers\MtsHID.sys (TechniSat Provide)
DRV:64bit: - (ahcix64s) -- C:\Windows\SysNative\drivers\ahcix64s.sys (Advanced Micro Devices, Inc)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (PciIsaSerial) -- C:\Windows\SysNative\drivers\PciIsaSerial.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (PciPPorts) -- C:\Windows\SysNative\drivers\PciPPorts.sys ()
DRV:64bit: - (PciSPorts) -- C:\Windows\SysNative\drivers\PciSPorts.sys ()
DRV:64bit: - (OxPCIeSer) -- C:\Windows\SysNative\drivers\OxPCIeSer.sys (OEM)
DRV:64bit: - (SPorts) -- C:\Windows\SysNative\drivers\SPorts.sys ()
DRV:64bit: - (PPorts) -- C:\Windows\SysNative\drivers\PPorts.sys ()
DRV:64bit: - (ISASerial) -- C:\Windows\SysNative\drivers\ISASerial.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (amdide64) -- C:\Windows\SysNative\drivers\amdide64.sys (Advanced Micro Devices)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 63 FF 73 4F B8 CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.02 16:19:31 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.08.15 17:13:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Extensions
[2012.02.28 11:52:17 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\jgcos2hm.default\extensions
[2011.08.22 20:33:38 | 000,000,000 | -H-D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\jgcos2hm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.08.15 17:13:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JGCOS2HM.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
() (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JGCOS2HM.DEFAULT\EXTENSIONS\LIEFERHELD@EXTENSIONS.PARTNERADDONS.DE.XPI
[2012.01.02 16:19:31 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.02 16:19:30 | 000,001,392 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.02 16:19:30 | 000,002,252 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.02 16:19:30 | 000,001,153 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.02 16:19:30 | 000,006,805 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.02 16:19:30 | 000,001,178 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.02 16:19:30 | 000,001,105 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.03.27 17:29:51 | 000,001,300 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [OpAgent] "OpAgent.exe" /agent File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3386AF45-0C3B-47CB-84AA-EAD4E2818EF8}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b5170bf1-b3b7-11e0-bb0e-a4ada291f63e}\Shell - "" = AutoRun
O33 - MountPoints2\{b5170bf1-b3b7-11e0-bb0e-a4ada291f63e}\Shell\AutoRun\command - "" = H:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.05 08:55:18 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2012.03.04 15:06:33 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\admin\Desktop\dds.com
[2012.03.04 14:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.04 14:32:32 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.03.04 14:32:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.03.04 14:29:19 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\Neuer Ordner
[2012.03.04 14:28:08 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Malwarebytes
[2012.03.04 14:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.02 21:58:07 | 000,000,000 | -H-D | C] -- C:\Users\admin\Desktop\canditose
[2012.02.27 08:45:24 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Roaming\Zeon
[2012.02.24 08:23:13 | 000,000,000 | -H-D | C] -- C:\Users\admin\Desktop\icc profile
[2012.02.17 12:39:02 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.02.17 12:39:00 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2012.02.17 12:37:30 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.17 12:37:30 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.17 12:37:29 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.02.17 12:37:29 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.02.17 12:37:29 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.02.17 12:37:29 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.17 12:37:29 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.17 12:37:29 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.17 12:37:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.17 12:37:28 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.02.17 12:37:28 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.02.17 12:33:35 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.02.13 12:41:01 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Roaming\ScanSoft
[2012.02.13 12:40:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\ScanSoft
[2012.02.13 12:40:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage 16
[2012.02.13 12:40:45 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\ScanSoft
[2012.02.09 15:04:13 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.02.09 15:04:13 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.02.09 15:04:13 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.02.09 15:04:13 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.02.09 15:04:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.02.09 15:04:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.02.08 22:59:41 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.02.08 22:59:40 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.02.08 22:59:40 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.02.08 22:59:40 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.02.08 22:59:40 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.02.08 22:59:40 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.02.08 22:59:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.05 09:10:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.05 09:10:33 | 3207,561,216 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.05 09:09:39 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.05 09:09:39 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.05 09:01:09 | 001,473,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.05 09:01:09 | 000,644,072 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.05 09:01:09 | 000,607,436 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.05 09:01:09 | 000,126,374 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.05 09:01:09 | 000,103,556 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.05 08:55:18 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2012.03.04 15:10:27 | 000,000,168 | ---- | M] () -- C:\Users\admin\defogger_reenable
[2012.03.04 15:06:33 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\admin\Desktop\dds.com
[2012.03.04 15:04:34 | 000,050,477 | ---- | M] () -- C:\Users\admin\Desktop\Defogger.exe
[2012.03.04 14:32:33 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.03 15:24:36 | 000,000,095 | -H-- | M] () -- C:\Windows\winamp.ini
[2012.02.29 17:32:32 | 000,237,876 | -H-- | M] () -- C:\Users\admin\Desktop\anmeldung.xps
[2012.02.28 20:10:22 | 007,354,707 | -H-- | M] () -- C:\Users\admin\Desktop\DSC_0052.JPG
[2012.02.27 21:52:13 | 002,952,105 | -H-- | M] () -- C:\Users\admin\Desktop\DSC_0664.jpg
[2012.02.27 11:49:03 | 001,855,586 | -H-- | M] () -- C:\Users\admin\Desktop\DatenblattSlimLumiFlex(4).pdf
[2012.02.27 11:44:09 | 001,855,586 | -H-- | M] () -- C:\Users\admin\Desktop\DatenblattSlimLumiFlex(6).pdf
[2012.02.21 12:32:11 | 000,075,836 | -H-- | M] () -- C:\Users\admin\Desktop\registrierungsurkunde-wendelin.pdf
[2012.02.20 14:04:40 | 000,561,113 | -H-- | M] () -- C:\Users\admin\Desktop\JOBBÖRSE - Stellenangebot.mht
[2012.02.17 14:58:06 | 002,883,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.17 12:38:58 | 001,499,556 | -H-- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.13 12:40:56 | 000,000,407 | -H-- | M] () -- C:\Windows\MAXLINK.INI
[2012.02.13 08:40:43 | 000,920,761 | -H-- | M] () -- C:\Users\admin\Desktop\40955_1_ADOTECHII_Kurzanleitung.pdf
[2012.02.13 08:39:37 | 000,025,463 | -H-- | M] () -- C:\Users\admin\Desktop\adox-cms-20-rollfilm-120.html
 
========== Files Created - No Company Name ==========
 
[2012.03.04 15:10:27 | 000,000,168 | ---- | C] () -- C:\Users\admin\defogger_reenable
[2012.03.04 15:04:34 | 000,050,477 | ---- | C] () -- C:\Users\admin\Desktop\Defogger.exe
[2012.03.04 14:32:33 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.29 17:32:32 | 000,237,876 | -H-- | C] () -- C:\Users\admin\Desktop\anmeldung.xps
[2012.02.28 20:10:20 | 007,354,707 | -H-- | C] () -- C:\Users\admin\Desktop\DSC_0052.JPG
[2012.02.27 21:52:11 | 002,952,105 | -H-- | C] () -- C:\Users\admin\Desktop\DSC_0664.jpg
[2012.02.27 11:49:00 | 001,855,586 | -H-- | C] () -- C:\Users\admin\Desktop\DatenblattSlimLumiFlex(4).pdf
[2012.02.27 11:44:04 | 001,855,586 | -H-- | C] () -- C:\Users\admin\Desktop\DatenblattSlimLumiFlex(6).pdf
[2012.02.21 12:32:11 | 000,075,836 | -H-- | C] () -- C:\Users\admin\Desktop\registrierungsurkunde-wendelin.pdf
[2012.02.20 14:04:40 | 000,561,113 | -H-- | C] () -- C:\Users\admin\Desktop\JOBBÖRSE - Stellenangebot.mht
[2012.02.13 12:40:56 | 000,000,407 | -H-- | C] () -- C:\Windows\MAXLINK.INI
[2012.02.13 08:40:41 | 000,920,761 | -H-- | C] () -- C:\Users\admin\Desktop\40955_1_ADOTECHII_Kurzanleitung.pdf
[2012.02.13 08:39:37 | 000,025,463 | -H-- | C] () -- C:\Users\admin\Desktop\adox-cms-20-rollfilm-120.html
[2011.12.09 03:31:33 | 000,081,920 | -H-- | C] () -- C:\Windows\SysWow64\acedrv06.dll
[2011.12.09 03:31:29 | 000,000,000 | -H-- | C] () -- C:\Windows\stduser.ini
[2011.07.24 23:04:30 | 000,000,017 | -H-- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2011.07.24 16:54:35 | 001,499,556 | -H-- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.13 19:08:30 | 000,018,944 | -H-- | C] () -- C:\Windows\eraser.exe
[2011.03.23 21:50:42 | 000,007,605 | -H-- | C] () -- C:\Users\admin\AppData\Local\Resmon.ResmonCfg
[2011.03.23 20:58:34 | 000,000,095 | -H-- | C] () -- C:\Windows\winamp.ini
[2011.03.23 15:31:08 | 000,451,072 | -H-- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011.03.21 12:44:24 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.09 09:48:22 | 000,003,113 | -H-- | C] () -- C:\Windows\SysWow64\atipblag.dat

< End of report >
         
Extras

Code:
ATTFilter
OTL Extras logfile created on: 05.03.2012 09:14:12 - Run 1
OTL by OldTimer - Version 3.2.35.1     Folder = C:\Users\admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 59,91% Memory free
7,96 Gb Paging File | 6,07 Gb Available in Paging File | 76,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,90 Gb Total Space | 15,51 Gb Free Space | 27,75% Space Free | Partition Type: NTFS
 
Computer Name: ARLT | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5E2BDF97-E0C7-75AE-29E1-5EA9DA262F2F}" = WMV9/VC-1 Video Playback
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6A9B5F9E-CAF3-2264-9DA0-E374F9A34279}" = AMD Drag and Drop Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EA6D29C-9D85-49A1-A1D7-1CFC32F294B2}" = Adobe Photoshop Lightroom 2.4 64-bit
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE57C044-8912-A181-A0E4-BC2DAB3A092A}" = ATI Catalyst Install Manager
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E0F50F89-193E-E9F7-F8CD-7243DB1DFF04}" = ccc-utility64
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1367FA2F-2B3D-430F-872F-588B93420BFC}" = TimeShift
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = REALTEK Wireless LAN Driver and Utility
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{BACEBABA-2BA2-05BC-A5DC-CF495F155A24}" = Catalyst Control Center Localization All
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC29B835-95A5-3CD9-087B-F94D7B9ECC9B}" = Catalyst Control Center InstallProxy
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDECEFE0-5669-4AC2-9EFC-DADE420556F5}" = ScanSoft OmniPage 16
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E497FF62-960D-D750-D14F-C5E25C7AA14F}" = ccc-core-static
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2898333-ED2F-EC49-5617-A23F2636A05A}" = Catalyst Control Center Graphics Previews Common
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FFA48C9D-8B43-772C-BECE-EA29587D8DDB}" = CCC Help German
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5445c5ddd9a5c69582d3c1e2bba18f7" = Adobe Creative Suite 4 Master Collection
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.815
"jetCast - Winamp DSP plugin" = jetCast - Winamp DSP plugin
"LeechFTP" = LeechFTP 
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OpenAL" = OpenAL
"Opera 11.61.1250" = Opera 11.61
"PhotomatixPro3_is1" = Photomatix Pro version 3.0
"PTGui" = PTGui Trial 9.0.4
"VLC media player" = VLC media player 1.1.10
"Winamp" = Winamp (nur entfernen)
"WinLiveSuite" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
schönen Wochenanfang!
Grüße Sodamixer
__________________

Alt 05.03.2012, 09:39   #4
Chris4You
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



Hi,



Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

:Commands
[emptytemp]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

Unhide

Lade Dir unhide von folgender Adresse runter und dann per Doppelklick als Admin ausführen:
http://filepony.de/download-unhide/
Es werden alle versteckten Dateien sichtbar gemacht, ggf. welche die versteckt sein sollten wieder unsichtbar machen (Auswählen im Explorer->Eigenschaften->versteckt)

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Stelle den Killer wir folgt ein:

Dann den Scan starten durch (Start Scan).
Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 05.03.2012, 10:42   #5
sodamixer
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



ich hoff von dem otl fix hab ich das richtige unten gepostet, hab da nichts was explizit als "ergebnis" benannt war gefunden.
catalyt control center scheint wieder zu gehen und auch intel rapid store technologie macht bis auf weiteres keine aussetzer.
undhide hat auch prima funktioniert.
nebenbei: das ich momentan nur c: also nur eine von drei hdds am pc ist schon ok während den scans?

TDSS:
da sind jetzt 2 scans dokumentiert, sorry der erste war mit offenem opera habs deshalb zur sicherheit nochmal gemacht.


Code:
ATTFilter
11:23:25.0298 4712	TDSS rootkit removing tool 2.7.18.0 Mar  2 2012 09:40:07
11:23:25.0333 4712	============================================================
11:23:25.0333 4712	Current date / time: 2012/03/05 11:23:25.0333
11:23:25.0333 4712	SystemInfo:
11:23:25.0333 4712	
11:23:25.0333 4712	OS Version: 6.1.7601 ServicePack: 1.0
11:23:25.0333 4712	Product type: Workstation
11:23:25.0333 4712	ComputerName: ARLT
11:23:25.0333 4712	UserName: admin
11:23:25.0333 4712	Windows directory: C:\Windows
11:23:25.0333 4712	System windows directory: C:\Windows
11:23:25.0333 4712	Running under WOW64
11:23:25.0333 4712	Processor architecture: Intel x64
11:23:25.0333 4712	Number of processors: 4
11:23:25.0333 4712	Page size: 0x1000
11:23:25.0333 4712	Boot type: Normal boot
11:23:25.0333 4712	============================================================
11:23:25.0486 4712	Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:23:25.0489 4712	\Device\Harddisk0\DR0:
11:23:25.0489 4712	MBR used
11:23:25.0489 4712	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6FCB800
11:23:25.0491 4712	Initialize success
11:23:25.0491 4712	============================================================
11:24:07.0152 4560	============================================================
11:24:07.0152 4560	Scan started
11:24:07.0152 4560	Mode: Manual; SigCheck; TDLFS; 
11:24:07.0152 4560	============================================================
11:24:07.0339 4560	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
11:24:07.0399 4560	1394ohci - ok
11:24:07.0419 4560	acedrv06        (c8030d922511a926d0aa06b78c4b87a9) C:\Windows\system32\drivers\acedrv06.sys
11:24:07.0424 4560	acedrv06 ( UnsignedFile.Multi.Generic ) - warning
11:24:07.0424 4560	acedrv06 - detected UnsignedFile.Multi.Generic (1)
11:24:07.0442 4560	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:24:07.0454 4560	ACPI - ok
11:24:07.0469 4560	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:24:07.0489 4560	AcpiPmi - ok
11:24:07.0507 4560	adfs            (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
11:24:07.0557 4560	adfs - ok
11:24:07.0579 4560	adp3132         (132190688d8e51d61f88a150d7df9fb4) C:\Windows\system32\drivers\adp3132.sys
11:24:07.0592 4560	adp3132 - ok
11:24:07.0612 4560	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:24:07.0627 4560	adp94xx - ok
11:24:07.0644 4560	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:24:07.0657 4560	adpahci - ok
11:24:07.0672 4560	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:24:07.0682 4560	adpu320 - ok
11:24:07.0704 4560	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:24:07.0719 4560	AFD - ok
11:24:07.0734 4560	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:24:07.0742 4560	agp440 - ok
11:24:07.0759 4560	ahcix64s        (af53917d9741a84627fa689ea622558a) C:\Windows\system32\drivers\ahcix64s.sys
11:24:07.0767 4560	ahcix64s - ok
11:24:07.0782 4560	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:24:07.0789 4560	aliide - ok
11:24:07.0804 4560	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:24:07.0812 4560	amdide - ok
11:24:07.0824 4560	amdide64        (d52a2e98c5eeff88ced28793b6b04d84) C:\Windows\system32\drivers\amdide64.sys
11:24:07.0829 4560	amdide64 - ok
11:24:07.0844 4560	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:24:07.0854 4560	AmdK8 - ok
11:24:07.0987 4560	amdkmdag        (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
11:24:08.0132 4560	amdkmdag - ok
11:24:08.0149 4560	amdkmdap        (7fe67d107329dc2cf89136a8e19bceb7) C:\Windows\system32\DRIVERS\atikmpag.sys
11:24:08.0159 4560	amdkmdap - ok
11:24:08.0177 4560	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:24:08.0184 4560	AmdPPM - ok
11:24:08.0199 4560	amdsata         (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
11:24:08.0207 4560	amdsata - ok
11:24:08.0222 4560	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:24:08.0229 4560	amdsbs - ok
11:24:08.0244 4560	amdxata         (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
11:24:08.0249 4560	amdxata - ok
11:24:08.0264 4560	amd_sata        (80a508d0c7a21bc13c01d4c671541203) C:\Windows\system32\drivers\amd_sata.sys
11:24:08.0269 4560	amd_sata - ok
11:24:08.0287 4560	amd_xata        (2be940f3a632a1a301b22b096bf221f1) C:\Windows\system32\drivers\amd_xata.sys
11:24:08.0292 4560	amd_xata - ok
11:24:08.0309 4560	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:24:08.0392 4560	AppID - ok
11:24:08.0412 4560	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:24:08.0424 4560	arc - ok
11:24:08.0439 4560	arcsas          (46e8c3eb03224a1e55c6f0c100a9d2cc) C:\Windows\system32\drivers\arcsas.sys
11:24:08.0449 4560	arcsas - ok
11:24:08.0464 4560	asmthub3        (e3b9c89d2ed4a538ab2fc6ec76fa2b17) C:\Windows\system32\drivers\asmthub3.sys
11:24:08.0474 4560	asmthub3 - ok
11:24:08.0492 4560	asmtxhci        (88ce83be5176020be39194a6369af2c2) C:\Windows\system32\drivers\asmtxhci.sys
11:24:08.0507 4560	asmtxhci - ok
11:24:08.0519 4560	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:24:08.0552 4560	AsyncMac - ok
11:24:08.0567 4560	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:24:08.0572 4560	atapi - ok
11:24:08.0589 4560	avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
11:24:08.0594 4560	avgntflt - ok
11:24:08.0609 4560	avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
11:24:08.0614 4560	avipbb - ok
11:24:08.0632 4560	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:24:08.0644 4560	b06bdrv - ok
11:24:08.0659 4560	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:24:08.0669 4560	b57nd60a - ok
11:24:08.0682 4560	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:24:08.0702 4560	Beep - ok
11:24:08.0719 4560	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:24:08.0727 4560	blbdrive - ok
11:24:08.0744 4560	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:24:08.0752 4560	bowser - ok
11:24:08.0767 4560	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:24:08.0774 4560	BrFiltLo - ok
11:24:08.0789 4560	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:24:08.0797 4560	BrFiltUp - ok
11:24:08.0814 4560	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:24:08.0824 4560	Brserid - ok
11:24:08.0837 4560	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:24:08.0847 4560	BrSerWdm - ok
11:24:08.0862 4560	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:24:08.0869 4560	BrUsbMdm - ok
11:24:08.0887 4560	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:24:08.0894 4560	BrUsbSer - ok
11:24:08.0909 4560	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:24:08.0919 4560	BTHMODEM - ok
11:24:08.0937 4560	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:24:08.0957 4560	cdfs - ok
11:24:08.0974 4560	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:24:08.0984 4560	cdrom - ok
11:24:08.0999 4560	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:24:09.0009 4560	circlass - ok
11:24:09.0024 4560	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:24:09.0034 4560	CLFS - ok
11:24:09.0052 4560	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:24:09.0059 4560	CmBatt - ok
11:24:09.0074 4560	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:24:09.0079 4560	cmdide - ok
11:24:09.0099 4560	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:24:09.0114 4560	CNG - ok
11:24:09.0127 4560	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:24:09.0132 4560	Compbatt - ok
11:24:09.0147 4560	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:24:09.0154 4560	CompositeBus - ok
11:24:09.0172 4560	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:24:09.0177 4560	crcdisk - ok
11:24:09.0197 4560	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:24:09.0217 4560	DfsC - ok
11:24:09.0232 4560	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:24:09.0252 4560	discache - ok
11:24:09.0267 4560	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:24:09.0274 4560	Disk - ok
11:24:09.0292 4560	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:24:09.0299 4560	drmkaud - ok
11:24:09.0319 4560	dtsoftbus01     (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:24:09.0327 4560	dtsoftbus01 - ok
11:24:09.0349 4560	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:24:09.0364 4560	DXGKrnl - ok
11:24:09.0377 4560	EagleX64 - ok
11:24:09.0434 4560	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:24:09.0479 4560	ebdrv - ok
11:24:09.0502 4560	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:24:09.0514 4560	elxstor - ok
11:24:09.0529 4560	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:24:09.0537 4560	ErrDev - ok
11:24:09.0557 4560	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:24:09.0579 4560	exfat - ok
11:24:09.0597 4560	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:24:09.0619 4560	fastfat - ok
11:24:09.0637 4560	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:24:09.0644 4560	fdc - ok
11:24:09.0659 4560	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:24:09.0667 4560	FileInfo - ok
11:24:09.0679 4560	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:24:09.0699 4560	Filetrace - ok
11:24:09.0717 4560	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:24:09.0724 4560	flpydisk - ok
11:24:09.0742 4560	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:24:09.0752 4560	FltMgr - ok
11:24:09.0764 4560	FLxHCIc         (e35f19855192d025da41e8dfa318206a) C:\Windows\system32\drivers\FLxHCIc.sys
11:24:09.0772 4560	FLxHCIc - ok
11:24:09.0787 4560	FLxHCIh         (bbbd5d42d8cb3ad0f43f7bc4db92eb5e) C:\Windows\system32\drivers\FLxHCIh.sys
11:24:09.0792 4560	FLxHCIh - ok
11:24:09.0809 4560	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:24:09.0814 4560	FsDepends - ok
11:24:09.0832 4560	fssfltr         (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
11:24:09.0837 4560	fssfltr - ok
11:24:09.0852 4560	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:24:09.0857 4560	Fs_Rec - ok
11:24:09.0874 4560	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:24:09.0884 4560	fvevol - ok
11:24:09.0897 4560	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:24:09.0902 4560	gagp30kx - ok
11:24:09.0919 4560	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:24:09.0927 4560	hcw85cir - ok
11:24:09.0947 4560	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:24:09.0959 4560	HdAudAddService - ok
11:24:09.0977 4560	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:24:09.0984 4560	HDAudBus - ok
11:24:09.0999 4560	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:24:10.0007 4560	HidBatt - ok
11:24:10.0024 4560	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:24:10.0032 4560	HidBth - ok
11:24:10.0047 4560	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:24:10.0057 4560	HidIr - ok
11:24:10.0072 4560	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:24:10.0079 4560	HidUsb - ok
11:24:10.0097 4560	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:24:10.0104 4560	HpSAMD - ok
11:24:10.0127 4560	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:24:10.0154 4560	HTTP - ok
11:24:10.0169 4560	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:24:10.0174 4560	hwpolicy - ok
11:24:10.0189 4560	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:24:10.0197 4560	i8042prt - ok
11:24:10.0217 4560	iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
11:24:10.0224 4560	iaStor - ok
11:24:10.0244 4560	iaStorV         (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
11:24:10.0254 4560	iaStorV - ok
11:24:10.0272 4560	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:24:10.0277 4560	iirsp - ok
11:24:10.0294 4560	Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
11:24:10.0302 4560	Impcd - ok
11:24:10.0342 4560	IntcAzAudAddService (9297bc7fb61f58670ee176dd18f4dd92) C:\Windows\system32\drivers\RTKVHD64.sys
11:24:10.0369 4560	IntcAzAudAddService - ok
11:24:10.0384 4560	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:24:10.0392 4560	intelide - ok
11:24:10.0407 4560	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:24:10.0414 4560	intelppm - ok
11:24:10.0432 4560	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:24:10.0452 4560	IpFilterDriver - ok
11:24:10.0467 4560	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:24:10.0474 4560	IPMIDRV - ok
11:24:10.0492 4560	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:24:10.0512 4560	IPNAT - ok
11:24:10.0529 4560	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:24:10.0539 4560	IRENUM - ok
11:24:10.0554 4560	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:24:10.0559 4560	isapnp - ok
11:24:10.0574 4560	ISASerial       (ac45d94185cf67267d06bf2f45e9e31e) C:\Windows\system32\drivers\ISASerial.sys
11:24:10.0582 4560	ISASerial - ok
11:24:10.0599 4560	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:24:10.0607 4560	iScsiPrt - ok
11:24:10.0622 4560	JRAID           (50de7dd7edb1b512b13666588aefbf6f) C:\Windows\system32\drivers\jraid.sys
11:24:10.0629 4560	JRAID - ok
11:24:10.0644 4560	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:24:10.0649 4560	kbdclass - ok
11:24:10.0664 4560	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:24:10.0672 4560	kbdhid - ok
11:24:10.0689 4560	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:24:10.0694 4560	KSecDD - ok
11:24:10.0709 4560	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:24:10.0717 4560	KSecPkg - ok
11:24:10.0732 4560	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:24:10.0752 4560	ksthunk - ok
11:24:10.0772 4560	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:24:10.0792 4560	lltdio - ok
11:24:10.0812 4560	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:24:10.0817 4560	LSI_FC - ok
11:24:10.0834 4560	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:24:10.0839 4560	LSI_SAS - ok
11:24:10.0857 4560	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:24:10.0862 4560	LSI_SAS2 - ok
11:24:10.0877 4560	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:24:10.0884 4560	LSI_SCSI - ok
11:24:10.0899 4560	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:24:10.0919 4560	luafv - ok
11:24:10.0937 4560	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
11:24:10.0942 4560	MBAMProtector - ok
11:24:10.0957 4560	MBfilt          (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
11:24:10.0962 4560	MBfilt - ok
11:24:10.0977 4560	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:24:10.0982 4560	megasas - ok
11:24:10.0999 4560	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:24:11.0009 4560	MegaSR - ok
11:24:11.0024 4560	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:24:11.0044 4560	Modem - ok
11:24:11.0059 4560	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:24:11.0069 4560	monitor - ok
11:24:11.0084 4560	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:24:11.0089 4560	mouclass - ok
11:24:11.0104 4560	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:24:11.0112 4560	mouhid - ok
11:24:11.0129 4560	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:24:11.0134 4560	mountmgr - ok
11:24:11.0152 4560	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:24:11.0159 4560	mpio - ok
11:24:11.0172 4560	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:24:11.0192 4560	mpsdrv - ok
11:24:11.0209 4560	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:24:11.0222 4560	MRxDAV - ok
11:24:11.0237 4560	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:24:11.0247 4560	mrxsmb - ok
11:24:11.0264 4560	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:24:11.0274 4560	mrxsmb10 - ok
11:24:11.0289 4560	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:24:11.0297 4560	mrxsmb20 - ok
11:24:11.0312 4560	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:24:11.0317 4560	msahci - ok
11:24:11.0334 4560	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:24:11.0339 4560	msdsm - ok
11:24:11.0357 4560	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:24:11.0377 4560	Msfs - ok
11:24:11.0389 4560	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:24:11.0409 4560	mshidkmdf - ok
11:24:11.0424 4560	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:24:11.0429 4560	msisadrv - ok
11:24:11.0444 4560	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:24:11.0464 4560	MSKSSRV - ok
11:24:11.0482 4560	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:24:11.0502 4560	MSPCLOCK - ok
11:24:11.0514 4560	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:24:11.0534 4560	MSPQM - ok
11:24:11.0552 4560	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:24:11.0562 4560	MsRPC - ok
11:24:11.0577 4560	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:24:11.0582 4560	mssmbios - ok
11:24:11.0597 4560	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:24:11.0617 4560	MSTEE - ok
11:24:11.0632 4560	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:24:11.0639 4560	MTConfig - ok
11:24:11.0654 4560	MTsensor        (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\drivers\ASACPI.sys
11:24:11.0659 4560	MTsensor - ok
11:24:11.0674 4560	MtsHID          (07ad6825d5c658595cab7f8f5849401c) C:\Windows\system32\drivers\MtsHID.sys
11:24:11.0679 4560	MtsHID - ok
11:24:11.0694 4560	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:24:11.0699 4560	Mup - ok
11:24:11.0714 4560	mv91cons        (049f1ed7f1b5dbb9d6c8767e7de02741) C:\Windows\system32\drivers\mv91cons.sys
11:24:11.0719 4560	mv91cons - ok
11:24:11.0737 4560	mv91xx          (4fad606c7aeb336e5aa4a005de09ca80) C:\Windows\system32\drivers\mv91xx.sys
11:24:11.0747 4560	mv91xx - ok
11:24:11.0767 4560	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:24:11.0779 4560	NativeWifiP - ok
11:24:11.0804 4560	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:24:11.0822 4560	NDIS - ok
11:24:11.0837 4560	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:24:11.0857 4560	NdisCap - ok
11:24:11.0872 4560	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:24:11.0892 4560	NdisTapi - ok
11:24:11.0907 4560	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:24:11.0927 4560	Ndisuio - ok
11:24:11.0962 4560	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:24:11.0999 4560	NdisWan - ok
11:24:12.0022 4560	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:24:12.0044 4560	NDProxy - ok
11:24:12.0067 4560	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:24:12.0087 4560	NetBIOS - ok
11:24:12.0117 4560	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:24:12.0152 4560	NetBT - ok
11:24:12.0172 4560	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:24:12.0177 4560	nfrd960 - ok
11:24:12.0192 4560	NmPar - ok
11:24:12.0204 4560	nmserial - ok
11:24:12.0222 4560	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:24:12.0242 4560	Npfs - ok
11:24:12.0257 4560	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:24:12.0277 4560	nsiproxy - ok
11:24:12.0314 4560	Ntfs            (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
11:24:12.0342 4560	Ntfs - ok
11:24:12.0359 4560	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:24:12.0379 4560	Null - ok
11:24:12.0394 4560	nusb3hub        (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
11:24:12.0402 4560	nusb3hub - ok
11:24:12.0419 4560	nusb3xhc        (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:24:12.0427 4560	nusb3xhc - ok
11:24:12.0439 4560	nvamacpi        (7fd5c060cb907489a5702f628226f54a) C:\Windows\system32\drivers\NVAMACPI.sys
11:24:12.0444 4560	nvamacpi - ok
11:24:12.0462 4560	nvraid          (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
11:24:12.0467 4560	nvraid - ok
11:24:12.0484 4560	nvrd64          (694f5e9d9d624d47f432f5b2e66a0528) C:\Windows\system32\drivers\nvrd64.sys
11:24:12.0489 4560	nvrd64 - ok
11:24:12.0504 4560	nvsmu           (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\drivers\nvsmu.sys
11:24:12.0509 4560	nvsmu - ok
11:24:12.0527 4560	nvstor          (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
11:24:12.0534 4560	nvstor - ok
11:24:12.0549 4560	nvstor64        (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\drivers\nvstor64.sys
11:24:12.0557 4560	nvstor64 - ok
11:24:12.0574 4560	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:24:12.0579 4560	nv_agp - ok
11:24:12.0597 4560	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:24:12.0604 4560	ohci1394 - ok
11:24:12.0622 4560	OxPCIeSer       (607a26e10ae99558c80c4b097ae57b48) C:\Windows\system32\drivers\OxPCIeSer.sys
11:24:12.0627 4560	OxPCIeSer - ok
11:24:12.0644 4560	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:24:12.0652 4560	Parport - ok
11:24:12.0669 4560	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:24:12.0674 4560	partmgr - ok
11:24:12.0689 4560	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:24:12.0697 4560	pci - ok
11:24:12.0712 4560	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:24:12.0717 4560	pciide - ok
11:24:12.0732 4560	PciIsaSerial    (d7c203015e2c2a2eac8dacef156d8dc3) C:\Windows\system32\drivers\PciIsaSerial.sys
11:24:12.0739 4560	PciIsaSerial - ok
11:24:12.0754 4560	PciPPorts       (088b509b2f35a3cee00ac0e0bc4c5bed) C:\Windows\system32\drivers\PciPPorts.sys
11:24:12.0759 4560	PciPPorts - ok
11:24:12.0777 4560	PciSPorts       (7f97cdd5e91fc73da2b01344957aa058) C:\Windows\system32\drivers\PciSPorts.sys
11:24:12.0784 4560	PciSPorts - ok
11:24:12.0799 4560	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:24:12.0809 4560	pcmcia - ok
11:24:12.0824 4560	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:24:12.0829 4560	pcw - ok
11:24:12.0849 4560	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:24:12.0877 4560	PEAUTH - ok
11:24:12.0899 4560	PPorts          (14c04684a25c221ebe2105d169b4b6ff) C:\Windows\system32\drivers\PPorts.sys
11:24:12.0907 4560	PPorts - ok
11:24:12.0922 4560	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:24:12.0942 4560	PptpMiniport - ok
11:24:12.0959 4560	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:24:12.0967 4560	Processor - ok
11:24:12.0984 4560	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:24:13.0007 4560	Psched - ok
11:24:13.0037 4560	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:24:13.0059 4560	ql2300 - ok
11:24:13.0077 4560	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:24:13.0084 4560	ql40xx - ok
11:24:13.0099 4560	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:24:13.0109 4560	QWAVEdrv - ok
11:24:13.0124 4560	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:24:13.0144 4560	RasAcd - ok
11:24:13.0159 4560	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:24:13.0182 4560	RasAgileVpn - ok
11:24:13.0197 4560	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:24:13.0219 4560	Rasl2tp - ok
11:24:13.0234 4560	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:24:13.0254 4560	RasPppoe - ok
11:24:13.0272 4560	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:24:13.0292 4560	RasSstp - ok
11:24:13.0312 4560	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:24:13.0334 4560	rdbss - ok
11:24:13.0349 4560	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:24:13.0359 4560	rdpbus - ok
11:24:13.0374 4560	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:24:13.0394 4560	RDPCDD - ok
11:24:13.0409 4560	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:24:13.0429 4560	RDPENCDD - ok
11:24:13.0444 4560	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:24:13.0464 4560	RDPREFMP - ok
11:24:13.0479 4560	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
11:24:13.0499 4560	RDPWD - ok
11:24:13.0517 4560	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:24:13.0524 4560	rdyboost - ok
11:24:13.0544 4560	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:24:13.0564 4560	rspndr - ok
11:24:13.0582 4560	RTHDMIAzAudService (c618475866f6a7129f64a55961c1bb8b) C:\Windows\system32\drivers\RtHDMIVX.sys
11:24:13.0587 4560	RTHDMIAzAudService - ok
11:24:13.0607 4560	RTL8167         (4fe1cef69d36e913738234303986fbb3) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:24:13.0617 4560	RTL8167 - ok
11:24:13.0637 4560	RTL8192su       (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
11:24:13.0647 4560	RTL8192su - ok
11:24:13.0664 4560	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:24:13.0669 4560	sbp2port - ok
11:24:13.0687 4560	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:24:13.0707 4560	scfilter - ok
11:24:13.0724 4560	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:24:13.0744 4560	secdrv - ok
11:24:13.0762 4560	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:24:13.0769 4560	Serenum - ok
11:24:13.0787 4560	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:24:13.0794 4560	Serial - ok
11:24:13.0809 4560	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:24:13.0817 4560	sermouse - ok
11:24:13.0834 4560	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:24:13.0844 4560	sffdisk - ok
11:24:13.0859 4560	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:24:13.0869 4560	sffp_mmc - ok
11:24:13.0884 4560	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:24:13.0892 4560	sffp_sd - ok
11:24:13.0907 4560	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:24:13.0914 4560	sfloppy - ok
11:24:13.0937 4560	Sftfs           (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:24:13.0947 4560	Sftfs - ok
11:24:13.0964 4560	Sftplay         (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:24:13.0972 4560	Sftplay - ok
11:24:13.0987 4560	Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:24:13.0989 4560	Sftredir - ok
11:24:14.0004 4560	Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:24:14.0009 4560	Sftvol - ok
11:24:14.0029 4560	Si3124r5        (da492c8305434ec6f9bdd60c8b83b10e) C:\Windows\system32\drivers\Si3124r5.sys
11:24:14.0039 4560	Si3124r5 - ok
11:24:14.0054 4560	SiFilter        (8d10887a1699cf61e74467694b929b09) C:\Windows\system32\drivers\SiWinAcc.sys
11:24:14.0059 4560	SiFilter - ok
11:24:14.0074 4560	SiRemFil        (94e1eda9a0b305a67ee1bbd0a68ce21a) C:\Windows\system32\drivers\SiRemFil.sys
11:24:14.0079 4560	SiRemFil - ok
11:24:14.0094 4560	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:24:14.0099 4560	SiSRaid2 - ok
11:24:14.0114 4560	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:24:14.0122 4560	SiSRaid4 - ok
11:24:14.0134 4560	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:24:14.0159 4560	Smb - ok
11:24:14.0177 4560	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:24:14.0182 4560	spldr - ok
11:24:14.0197 4560	SPorts          (739c2571867f351167d1d958990e9d84) C:\Windows\system32\drivers\SPorts.sys
11:24:14.0204 4560	SPorts - ok
11:24:14.0227 4560	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:24:14.0237 4560	srv - ok
11:24:14.0262 4560	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:24:14.0272 4560	srv2 - ok
11:24:14.0289 4560	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:24:14.0297 4560	srvnet - ok
11:24:14.0314 4560	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:24:14.0319 4560	stexstor - ok
11:24:14.0334 4560	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:24:14.0339 4560	swenum - ok
11:24:14.0377 4560	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:24:14.0407 4560	Tcpip - ok
11:24:14.0439 4560	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:24:14.0482 4560	TCPIP6 - ok
11:24:14.0499 4560	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:24:14.0519 4560	tcpipreg - ok
11:24:14.0537 4560	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:24:14.0557 4560	TDPIPE - ok
11:24:14.0572 4560	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:24:14.0592 4560	TDTCP - ok
11:24:14.0609 4560	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:24:14.0629 4560	tdx - ok
11:24:14.0644 4560	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
11:24:14.0649 4560	TermDD - ok
11:24:14.0669 4560	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:24:14.0689 4560	tssecsrv - ok
11:24:14.0704 4560	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:24:14.0709 4560	TsUsbFlt - ok
11:24:14.0724 4560	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:24:14.0732 4560	TsUsbGD - ok
11:24:14.0749 4560	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:24:14.0769 4560	tunnel - ok
11:24:14.0782 4560	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:24:14.0789 4560	uagp35 - ok
11:24:14.0807 4560	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:24:14.0829 4560	udfs - ok
11:24:14.0849 4560	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:24:14.0854 4560	uliagpkx - ok
11:24:14.0869 4560	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:24:14.0877 4560	umbus - ok
11:24:14.0892 4560	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:24:14.0899 4560	UmPass - ok
11:24:14.0914 4560	usbccgp         (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
11:24:14.0924 4560	usbccgp - ok
11:24:14.0939 4560	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:24:14.0949 4560	usbcir - ok
11:24:14.0964 4560	usbehci         (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\DRIVERS\usbehci.sys
11:24:14.0972 4560	usbehci - ok
11:24:14.0992 4560	usbhub          (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\DRIVERS\usbhub.sys
11:24:15.0002 4560	usbhub - ok
11:24:15.0019 4560	usbohci         (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
11:24:15.0024 4560	usbohci - ok
11:24:15.0042 4560	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:24:15.0052 4560	usbprint - ok
11:24:15.0067 4560	USBSTOR         (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:24:15.0074 4560	USBSTOR - ok
11:24:15.0092 4560	usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
11:24:15.0099 4560	usbuhci - ok
11:24:15.0117 4560	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:24:15.0122 4560	vdrvroot - ok
11:24:15.0137 4560	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:24:15.0147 4560	vga - ok
11:24:15.0162 4560	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:24:15.0182 4560	VgaSave - ok
11:24:15.0199 4560	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:24:15.0207 4560	vhdmp - ok
11:24:15.0222 4560	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:24:15.0227 4560	viaide - ok
11:24:15.0242 4560	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:24:15.0247 4560	volmgr - ok
11:24:15.0267 4560	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:24:15.0277 4560	volmgrx - ok
11:24:15.0292 4560	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:24:15.0299 4560	volsnap - ok
11:24:15.0317 4560	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:24:15.0324 4560	vsmraid - ok
11:24:15.0339 4560	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:24:15.0347 4560	vwifibus - ok
11:24:15.0364 4560	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:24:15.0374 4560	vwififlt - ok
11:24:15.0392 4560	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:24:15.0399 4560	WacomPen - ok
11:24:15.0414 4560	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:24:15.0437 4560	WANARP - ok
11:24:15.0439 4560	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:24:15.0457 4560	Wanarpv6 - ok
11:24:15.0474 4560	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:24:15.0479 4560	Wd - ok
11:24:15.0502 4560	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:24:15.0514 4560	Wdf01000 - ok
11:24:15.0534 4560	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:24:15.0554 4560	WfpLwf - ok
11:24:15.0569 4560	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:24:15.0574 4560	WIMMount - ok
11:24:15.0597 4560	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:24:15.0607 4560	WinUsb - ok
11:24:15.0627 4560	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:24:15.0632 4560	WmiAcpi - ok
11:24:15.0652 4560	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:24:15.0672 4560	ws2ifsl - ok
11:24:15.0692 4560	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:24:15.0712 4560	WudfPf - ok
11:24:15.0729 4560	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:24:15.0749 4560	WUDFRd - ok
11:24:15.0757 4560	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:24:15.0777 4560	\Device\Harddisk0\DR0 - ok
11:24:15.0779 4560	Boot (0x1200)   (d3cc6e42e35cf2123fc3362518571fb2) \Device\Harddisk0\DR0\Partition0
11:24:15.0779 4560	\Device\Harddisk0\DR0\Partition0 - ok
11:24:15.0779 4560	============================================================
11:24:15.0779 4560	Scan finished
11:24:15.0779 4560	============================================================
11:24:15.0784 4536	Detected object count: 1
11:24:15.0784 4536	Actual detected object count: 1
11:24:57.0882 4536	acedrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
11:24:57.0882 4536	acedrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:25:35.0000 4684	============================================================
11:25:35.0000 4684	Scan started
11:25:35.0000 4684	Mode: Manual; SigCheck; TDLFS; 
11:25:35.0000 4684	============================================================
11:25:35.0078 4684	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
11:25:35.0094 4684	1394ohci - ok
11:25:35.0109 4684	acedrv06        (c8030d922511a926d0aa06b78c4b87a9) C:\Windows\system32\drivers\acedrv06.sys
11:25:35.0109 4684	acedrv06 ( UnsignedFile.Multi.Generic ) - warning
11:25:35.0109 4684	acedrv06 - detected UnsignedFile.Multi.Generic (1)
11:25:35.0125 4684	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:25:35.0141 4684	ACPI - ok
11:25:35.0156 4684	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:25:35.0156 4684	AcpiPmi - ok
11:25:35.0172 4684	adfs            (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
11:25:35.0187 4684	adfs - ok
11:25:35.0203 4684	adp3132         (132190688d8e51d61f88a150d7df9fb4) C:\Windows\system32\drivers\adp3132.sys
11:25:35.0219 4684	adp3132 - ok
11:25:35.0234 4684	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:25:35.0250 4684	adp94xx - ok
11:25:35.0265 4684	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:25:35.0265 4684	adpahci - ok
11:25:35.0281 4684	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:25:35.0297 4684	adpu320 - ok
11:25:35.0312 4684	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:25:35.0328 4684	AFD - ok
11:25:35.0343 4684	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:25:35.0343 4684	agp440 - ok
11:25:35.0375 4684	ahcix64s        (af53917d9741a84627fa689ea622558a) C:\Windows\system32\drivers\ahcix64s.sys
11:25:35.0375 4684	ahcix64s - ok
11:25:35.0390 4684	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:25:35.0390 4684	aliide - ok
11:25:35.0406 4684	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:25:35.0421 4684	amdide - ok
11:25:35.0437 4684	amdide64        (d52a2e98c5eeff88ced28793b6b04d84) C:\Windows\system32\drivers\amdide64.sys
11:25:35.0437 4684	amdide64 - ok
11:25:35.0453 4684	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:25:35.0468 4684	AmdK8 - ok
11:25:35.0609 4684	amdkmdag        (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
11:25:35.0671 4684	amdkmdag - ok
11:25:35.0687 4684	amdkmdap        (7fe67d107329dc2cf89136a8e19bceb7) C:\Windows\system32\DRIVERS\atikmpag.sys
11:25:35.0702 4684	amdkmdap - ok
11:25:35.0718 4684	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:25:35.0718 4684	AmdPPM - ok
11:25:35.0733 4684	amdsata         (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
11:25:35.0733 4684	amdsata - ok
11:25:35.0749 4684	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:25:35.0765 4684	amdsbs - ok
11:25:35.0780 4684	amdxata         (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
11:25:35.0780 4684	amdxata - ok
11:25:35.0796 4684	amd_sata        (80a508d0c7a21bc13c01d4c671541203) C:\Windows\system32\drivers\amd_sata.sys
11:25:35.0811 4684	amd_sata - ok
11:25:35.0827 4684	amd_xata        (2be940f3a632a1a301b22b096bf221f1) C:\Windows\system32\drivers\amd_xata.sys
11:25:35.0827 4684	amd_xata - ok
11:25:35.0858 4684	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:25:35.0874 4684	AppID - ok
11:25:35.0889 4684	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:25:35.0905 4684	arc - ok
11:25:35.0921 4684	arcsas          (46e8c3eb03224a1e55c6f0c100a9d2cc) C:\Windows\system32\drivers\arcsas.sys
11:25:35.0921 4684	arcsas - ok
11:25:35.0936 4684	asmthub3        (e3b9c89d2ed4a538ab2fc6ec76fa2b17) C:\Windows\system32\drivers\asmthub3.sys
11:25:35.0936 4684	asmthub3 - ok
11:25:35.0967 4684	asmtxhci        (88ce83be5176020be39194a6369af2c2) C:\Windows\system32\drivers\asmtxhci.sys
11:25:35.0967 4684	asmtxhci - ok
11:25:35.0983 4684	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:25:35.0999 4684	AsyncMac - ok
11:25:36.0014 4684	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:25:36.0014 4684	atapi - ok
11:25:36.0045 4684	avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
11:25:36.0045 4684	avgntflt - ok
11:25:36.0061 4684	avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
11:25:36.0061 4684	avipbb - ok
11:25:36.0077 4684	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:25:36.0092 4684	b06bdrv - ok
11:25:36.0108 4684	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:25:36.0123 4684	b57nd60a - ok
11:25:36.0139 4684	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:25:36.0155 4684	Beep - ok
11:25:36.0170 4684	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:25:36.0170 4684	blbdrive - ok
11:25:36.0186 4684	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:25:36.0201 4684	bowser - ok
11:25:36.0217 4684	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:25:36.0217 4684	BrFiltLo - ok
11:25:36.0233 4684	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:25:36.0233 4684	BrFiltUp - ok
11:25:36.0264 4684	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:25:36.0264 4684	Brserid - ok
11:25:36.0279 4684	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:25:36.0295 4684	BrSerWdm - ok
11:25:36.0311 4684	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:25:36.0311 4684	BrUsbMdm - ok
11:25:36.0326 4684	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:25:36.0326 4684	BrUsbSer - ok
11:25:36.0342 4684	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:25:36.0357 4684	BTHMODEM - ok
11:25:36.0373 4684	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:25:36.0389 4684	cdfs - ok
11:25:36.0404 4684	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:25:36.0420 4684	cdrom - ok
11:25:36.0435 4684	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:25:36.0435 4684	circlass - ok
11:25:36.0451 4684	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:25:36.0467 4684	CLFS - ok
11:25:36.0482 4684	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:25:36.0482 4684	CmBatt - ok
11:25:36.0498 4684	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:25:36.0498 4684	cmdide - ok
11:25:36.0513 4684	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:25:36.0529 4684	CNG - ok
11:25:36.0545 4684	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:25:36.0545 4684	Compbatt - ok
11:25:36.0560 4684	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:25:36.0576 4684	CompositeBus - ok
11:25:36.0591 4684	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:25:36.0591 4684	crcdisk - ok
11:25:36.0607 4684	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:25:36.0623 4684	DfsC - ok
11:25:36.0638 4684	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:25:36.0685 4684	discache - ok
11:25:36.0701 4684	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:25:36.0701 4684	Disk - ok
11:25:36.0716 4684	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:25:36.0732 4684	drmkaud - ok
11:25:36.0747 4684	dtsoftbus01     (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:25:36.0747 4684	dtsoftbus01 - ok
11:25:36.0779 4684	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:25:36.0779 4684	DXGKrnl - ok
11:25:36.0794 4684	EagleX64 - ok
11:25:36.0857 4684	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:25:36.0888 4684	ebdrv - ok
11:25:36.0903 4684	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:25:36.0919 4684	elxstor - ok
11:25:36.0935 4684	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:25:36.0935 4684	ErrDev - ok
11:25:36.0950 4684	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:25:36.0981 4684	exfat - ok
11:25:36.0997 4684	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:25:37.0013 4684	fastfat - ok
11:25:37.0028 4684	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:25:37.0028 4684	fdc - ok
11:25:37.0044 4684	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:25:37.0059 4684	FileInfo - ok
11:25:37.0075 4684	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:25:37.0091 4684	Filetrace - ok
11:25:37.0106 4684	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:25:37.0106 4684	flpydisk - ok
11:25:37.0122 4684	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:25:37.0137 4684	FltMgr - ok
11:25:37.0153 4684	FLxHCIc         (e35f19855192d025da41e8dfa318206a) C:\Windows\system32\drivers\FLxHCIc.sys
11:25:37.0153 4684	FLxHCIc - ok
11:25:37.0169 4684	FLxHCIh         (bbbd5d42d8cb3ad0f43f7bc4db92eb5e) C:\Windows\system32\drivers\FLxHCIh.sys
11:25:37.0169 4684	FLxHCIh - ok
11:25:37.0200 4684	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:25:37.0200 4684	FsDepends - ok
11:25:37.0215 4684	fssfltr         (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
11:25:37.0215 4684	fssfltr - ok
11:25:37.0231 4684	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:25:37.0231 4684	Fs_Rec - ok
11:25:37.0262 4684	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:25:37.0262 4684	fvevol - ok
11:25:37.0278 4684	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:25:37.0278 4684	gagp30kx - ok
11:25:37.0293 4684	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:25:37.0309 4684	hcw85cir - ok
11:25:37.0325 4684	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:25:37.0325 4684	HdAudAddService - ok
11:25:37.0340 4684	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:25:37.0356 4684	HDAudBus - ok
11:25:37.0371 4684	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:25:37.0371 4684	HidBatt - ok
11:25:37.0387 4684	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:25:37.0403 4684	HidBth - ok
11:25:37.0418 4684	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:25:37.0418 4684	HidIr - ok
11:25:37.0434 4684	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:25:37.0449 4684	HidUsb - ok
11:25:37.0465 4684	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:25:37.0465 4684	HpSAMD - ok
11:25:37.0481 4684	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:25:37.0512 4684	HTTP - ok
11:25:37.0527 4684	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:25:37.0527 4684	hwpolicy - ok
11:25:37.0543 4684	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:25:37.0559 4684	i8042prt - ok
11:25:37.0574 4684	iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
11:25:37.0574 4684	iaStor - ok
11:25:37.0605 4684	iaStorV         (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
11:25:37.0605 4684	iaStorV - ok
11:25:37.0621 4684	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:25:37.0637 4684	iirsp - ok
11:25:37.0652 4684	Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
11:25:37.0652 4684	Impcd - ok
11:25:37.0699 4684	IntcAzAudAddService (9297bc7fb61f58670ee176dd18f4dd92) C:\Windows\system32\drivers\RTKVHD64.sys
11:25:37.0715 4684	IntcAzAudAddService - ok
11:25:37.0730 4684	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:25:37.0746 4684	intelide - ok
11:25:37.0761 4684	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:25:37.0761 4684	intelppm - ok
11:25:37.0777 4684	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:25:37.0793 4684	IpFilterDriver - ok
11:25:37.0808 4684	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:25:37.0824 4684	IPMIDRV - ok
11:25:37.0839 4684	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:25:37.0855 4684	IPNAT - ok
11:25:37.0871 4684	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:25:37.0871 4684	IRENUM - ok
11:25:37.0886 4684	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:25:37.0902 4684	isapnp - ok
11:25:37.0917 4684	ISASerial       (ac45d94185cf67267d06bf2f45e9e31e) C:\Windows\system32\drivers\ISASerial.sys
11:25:37.0917 4684	ISASerial - ok
11:25:37.0933 4684	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:25:37.0949 4684	iScsiPrt - ok
11:25:37.0964 4684	JRAID           (50de7dd7edb1b512b13666588aefbf6f) C:\Windows\system32\drivers\jraid.sys
11:25:37.0964 4684	JRAID - ok
11:25:37.0980 4684	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:25:37.0980 4684	kbdclass - ok
11:25:37.0995 4684	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:25:38.0011 4684	kbdhid - ok
11:25:38.0027 4684	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:25:38.0027 4684	KSecDD - ok
11:25:38.0042 4684	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:25:38.0042 4684	KSecPkg - ok
11:25:38.0058 4684	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:25:38.0089 4684	ksthunk - ok
11:25:38.0105 4684	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:25:38.0120 4684	lltdio - ok
11:25:38.0136 4684	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:25:38.0136 4684	LSI_FC - ok
11:25:38.0151 4684	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:25:38.0167 4684	LSI_SAS - ok
11:25:38.0183 4684	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:25:38.0183 4684	LSI_SAS2 - ok
11:25:38.0198 4684	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:25:38.0198 4684	LSI_SCSI - ok
11:25:38.0214 4684	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:25:38.0245 4684	luafv - ok
11:25:38.0261 4684	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
11:25:38.0261 4684	MBAMProtector - ok
11:25:38.0276 4684	MBfilt          (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
11:25:38.0276 4684	MBfilt - ok
11:25:38.0292 4684	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:25:38.0307 4684	megasas - ok
11:25:38.0323 4684	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:25:38.0323 4684	MegaSR - ok
11:25:38.0339 4684	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:25:38.0354 4684	Modem - ok
11:25:38.0370 4684	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:25:38.0385 4684	monitor - ok
11:25:38.0401 4684	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:25:38.0401 4684	mouclass - ok
11:25:38.0417 4684	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:25:38.0417 4684	mouhid - ok
11:25:38.0432 4684	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:25:38.0448 4684	mountmgr - ok
11:25:38.0463 4684	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:25:38.0463 4684	mpio - ok
11:25:38.0479 4684	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:25:38.0495 4684	mpsdrv - ok
11:25:38.0510 4684	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:25:38.0526 4684	MRxDAV - ok
11:25:38.0541 4684	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:25:38.0557 4684	mrxsmb - ok
11:25:38.0573 4684	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:25:38.0573 4684	mrxsmb10 - ok
11:25:38.0588 4684	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:25:38.0604 4684	mrxsmb20 - ok
11:25:38.0619 4684	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:25:38.0619 4684	msahci - ok
11:25:38.0635 4684	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:25:38.0651 4684	msdsm - ok
11:25:38.0666 4684	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:25:38.0682 4684	Msfs - ok
11:25:38.0697 4684	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:25:38.0713 4684	mshidkmdf - ok
11:25:38.0729 4684	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:25:38.0729 4684	msisadrv - ok
11:25:38.0744 4684	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:25:38.0775 4684	MSKSSRV - ok
11:25:38.0791 4684	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:25:38.0807 4684	MSPCLOCK - ok
11:25:38.0822 4684	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:25:38.0838 4684	MSPQM - ok
11:25:38.0853 4684	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:25:38.0869 4684	MsRPC - ok
11:25:38.0885 4684	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:25:38.0885 4684	mssmbios - ok
11:25:38.0900 4684	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:25:38.0916 4684	MSTEE - ok
11:25:38.0931 4684	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:25:38.0947 4684	MTConfig - ok
11:25:38.0963 4684	MTsensor        (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\drivers\ASACPI.sys
11:25:38.0963 4684	MTsensor - ok
11:25:38.0978 4684	MtsHID          (07ad6825d5c658595cab7f8f5849401c) C:\Windows\system32\drivers\MtsHID.sys
11:25:38.0978 4684	MtsHID - ok
11:25:38.0994 4684	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:25:38.0994 4684	Mup - ok
11:25:39.0009 4684	mv91cons        (049f1ed7f1b5dbb9d6c8767e7de02741) C:\Windows\system32\drivers\mv91cons.sys
11:25:39.0025 4684	mv91cons - ok
11:25:39.0041 4684	mv91xx          (4fad606c7aeb336e5aa4a005de09ca80) C:\Windows\system32\drivers\mv91xx.sys
11:25:39.0041 4684	mv91xx - ok
11:25:39.0056 4684	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:25:39.0072 4684	NativeWifiP - ok
11:25:39.0103 4684	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:25:39.0103 4684	NDIS - ok
11:25:39.0119 4684	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:25:39.0150 4684	NdisCap - ok
11:25:39.0165 4684	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:25:39.0181 4684	NdisTapi - ok
11:25:39.0197 4684	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:25:39.0212 4684	Ndisuio - ok
11:25:39.0228 4684	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:25:39.0243 4684	NdisWan - ok
11:25:39.0259 4684	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:25:39.0290 4684	NDProxy - ok
11:25:39.0306 4684	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:25:39.0321 4684	NetBIOS - ok
11:25:39.0337 4684	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:25:39.0353 4684	NetBT - ok
11:25:39.0368 4684	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:25:39.0384 4684	nfrd960 - ok
11:25:39.0384 4684	NmPar - ok
11:25:39.0399 4684	nmserial - ok
11:25:39.0415 4684	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:25:39.0446 4684	Npfs - ok
11:25:39.0462 4684	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:25:39.0477 4684	nsiproxy - ok
11:25:39.0509 4684	Ntfs            (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
11:25:39.0524 4684	Ntfs - ok
11:25:39.0540 4684	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:25:39.0571 4684	Null - ok
11:25:39.0571 4684	nusb3hub        (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
11:25:39.0587 4684	nusb3hub - ok
11:25:39.0602 4684	nusb3xhc        (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:25:39.0602 4684	nusb3xhc - ok
11:25:39.0618 4684	nvamacpi        (7fd5c060cb907489a5702f628226f54a) C:\Windows\system32\drivers\NVAMACPI.sys
11:25:39.0618 4684	nvamacpi - ok
11:25:39.0633 4684	nvraid          (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
11:25:39.0649 4684	nvraid - ok
11:25:39.0665 4684	nvrd64          (694f5e9d9d624d47f432f5b2e66a0528) C:\Windows\system32\drivers\nvrd64.sys
11:25:39.0665 4684	nvrd64 - ok
11:25:39.0680 4684	nvsmu           (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\drivers\nvsmu.sys
11:25:39.0680 4684	nvsmu - ok
11:25:39.0696 4684	nvstor          (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
11:25:39.0711 4684	nvstor - ok
11:25:39.0727 4684	nvstor64        (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\drivers\nvstor64.sys
11:25:39.0727 4684	nvstor64 - ok
11:25:39.0743 4684	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:25:39.0743 4684	nv_agp - ok
11:25:39.0758 4684	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:25:39.0774 4684	ohci1394 - ok
11:25:39.0789 4684	OxPCIeSer       (607a26e10ae99558c80c4b097ae57b48) C:\Windows\system32\drivers\OxPCIeSer.sys
11:25:39.0805 4684	OxPCIeSer - ok
11:25:39.0821 4684	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:25:39.0836 4684	Parport - ok
11:25:39.0852 4684	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:25:39.0852 4684	partmgr - ok
11:25:39.0867 4684	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:25:39.0883 4684	pci - ok
11:25:39.0899 4684	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:25:39.0914 4684	pciide - ok
11:25:39.0914 4684	PciIsaSerial    (d7c203015e2c2a2eac8dacef156d8dc3) C:\Windows\system32\drivers\PciIsaSerial.sys
11:25:39.0930 4684	PciIsaSerial - ok
11:25:39.0945 4684	PciPPorts       (088b509b2f35a3cee00ac0e0bc4c5bed) C:\Windows\system32\drivers\PciPPorts.sys
11:25:39.0961 4684	PciPPorts - ok
11:25:39.0977 4684	PciSPorts       (7f97cdd5e91fc73da2b01344957aa058) C:\Windows\system32\drivers\PciSPorts.sys
11:25:39.0977 4684	PciSPorts - ok
11:25:39.0992 4684	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:25:40.0008 4684	pcmcia - ok
11:25:40.0023 4684	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:25:40.0023 4684	pcw - ok
11:25:40.0055 4684	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:25:40.0086 4684	PEAUTH - ok
11:25:40.0117 4684	PPorts          (14c04684a25c221ebe2105d169b4b6ff) C:\Windows\system32\drivers\PPorts.sys
11:25:40.0117 4684	PPorts - ok
11:25:40.0133 4684	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:25:40.0148 4684	PptpMiniport - ok
11:25:40.0164 4684	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:25:40.0164 4684	Processor - ok
11:25:40.0179 4684	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:25:40.0211 4684	Psched - ok
11:25:40.0226 4684	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:25:40.0257 4684	ql2300 - ok
11:25:40.0273 4684	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:25:40.0273 4684	ql40xx - ok
11:25:40.0289 4684	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:25:40.0289 4684	QWAVEdrv - ok
11:25:40.0304 4684	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:25:40.0320 4684	RasAcd - ok
11:25:40.0335 4684	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:25:40.0367 4684	RasAgileVpn - ok
11:25:40.0382 4684	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:25:40.0398 4684	Rasl2tp - ok
11:25:40.0413 4684	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:25:40.0429 4684	RasPppoe - ok
11:25:40.0445 4684	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:25:40.0460 4684	RasSstp - ok
11:25:40.0491 4684	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:25:40.0507 4684	rdbss - ok
11:25:40.0523 4684	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:25:40.0523 4684	rdpbus - ok
11:25:40.0538 4684	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:25:40.0554 4684	RDPCDD - ok
11:25:40.0569 4684	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:25:40.0585 4684	RDPENCDD - ok
11:25:40.0601 4684	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:25:40.0632 4684	RDPREFMP - ok
11:25:40.0647 4684	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
11:25:40.0663 4684	RDPWD - ok
11:25:40.0679 4684	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:25:40.0679 4684	rdyboost - ok
11:25:40.0710 4684	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:25:40.0725 4684	rspndr - ok
11:25:40.0741 4684	RTHDMIAzAudService (c618475866f6a7129f64a55961c1bb8b) C:\Windows\system32\drivers\RtHDMIVX.sys
11:25:40.0741 4684	RTHDMIAzAudService - ok
11:25:40.0757 4684	RTL8167         (4fe1cef69d36e913738234303986fbb3) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:25:40.0772 4684	RTL8167 - ok
11:25:40.0788 4684	RTL8192su       (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
11:25:40.0803 4684	RTL8192su - ok
11:25:40.0819 4684	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:25:40.0819 4684	sbp2port - ok
11:25:40.0835 4684	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:25:40.0866 4684	scfilter - ok
11:25:40.0881 4684	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:25:40.0897 4684	secdrv - ok
11:25:40.0913 4684	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:25:40.0913 4684	Serenum - ok
11:25:40.0944 4684	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:25:40.0944 4684	Serial - ok
11:25:40.0959 4684	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:25:40.0975 4684	sermouse - ok
11:25:41.0006 4684	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:25:41.0022 4684	sffdisk - ok
11:25:41.0037 4684	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:25:41.0053 4684	sffp_mmc - ok
11:25:41.0069 4684	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:25:41.0084 4684	sffp_sd - ok
11:25:41.0084 4684	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:25:41.0100 4684	sfloppy - ok
11:25:41.0131 4684	Sftfs           (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:25:41.0147 4684	Sftfs - ok
11:25:41.0162 4684	Sftplay         (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:25:41.0178 4684	Sftplay - ok
11:25:41.0193 4684	Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:25:41.0193 4684	Sftredir - ok
11:25:41.0209 4684	Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:25:41.0209 4684	Sftvol - ok
11:25:41.0225 4684	Si3124r5        (da492c8305434ec6f9bdd60c8b83b10e) C:\Windows\system32\drivers\Si3124r5.sys
11:25:41.0240 4684	Si3124r5 - ok
11:25:41.0256 4684	SiFilter        (8d10887a1699cf61e74467694b929b09) C:\Windows\system32\drivers\SiWinAcc.sys
11:25:41.0256 4684	SiFilter - ok
11:25:41.0271 4684	SiRemFil        (94e1eda9a0b305a67ee1bbd0a68ce21a) C:\Windows\system32\drivers\SiRemFil.sys
11:25:41.0271 4684	SiRemFil - ok
11:25:41.0287 4684	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:25:41.0287 4684	SiSRaid2 - ok
11:25:41.0303 4684	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:25:41.0318 4684	SiSRaid4 - ok
11:25:41.0334 4684	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:25:41.0349 4684	Smb - ok
11:25:41.0365 4684	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:25:41.0365 4684	spldr - ok
11:25:41.0381 4684	SPorts          (739c2571867f351167d1d958990e9d84) C:\Windows\system32\drivers\SPorts.sys
11:25:41.0396 4684	SPorts - ok
11:25:41.0412 4684	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:25:41.0427 4684	srv - ok
11:25:41.0443 4684	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:25:41.0443 4684	srv2 - ok
11:25:41.0459 4684	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:25:41.0474 4684	srvnet - ok
11:25:41.0490 4684	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:25:41.0490 4684	stexstor - ok
11:25:41.0537 4684	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:25:41.0537 4684	swenum - ok
11:25:41.0583 4684	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:25:41.0615 4684	Tcpip - ok
11:25:41.0646 4684	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:25:41.0677 4684	TCPIP6 - ok
11:25:41.0693 4684	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:25:41.0708 4684	tcpipreg - ok
11:25:41.0724 4684	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:25:41.0739 4684	TDPIPE - ok
11:25:41.0755 4684	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:25:41.0771 4684	TDTCP - ok
11:25:41.0786 4684	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:25:41.0802 4684	tdx - ok
11:25:41.0817 4684	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
11:25:41.0833 4684	TermDD - ok
11:25:41.0849 4684	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:25:41.0864 4684	tssecsrv - ok
11:25:41.0880 4684	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:25:41.0880 4684	TsUsbFlt - ok
11:25:41.0895 4684	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:25:41.0895 4684	TsUsbGD - ok
11:25:41.0911 4684	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:25:41.0927 4684	tunnel - ok
11:25:41.0942 4684	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:25:41.0958 4684	uagp35 - ok
11:25:41.0973 4684	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:25:41.0989 4684	udfs - ok
11:25:42.0005 4684	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:25:42.0020 4684	uliagpkx - ok
11:25:42.0020 4684	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:25:42.0036 4684	umbus - ok
11:25:42.0051 4684	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:25:42.0051 4684	UmPass - ok
11:25:42.0067 4684	usbccgp         (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
11:25:42.0083 4684	usbccgp - ok
11:25:42.0098 4684	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:25:42.0098 4684	usbcir - ok
11:25:42.0114 4684	usbehci         (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\DRIVERS\usbehci.sys
11:25:42.0129 4684	usbehci - ok
11:25:42.0145 4684	usbhub          (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\DRIVERS\usbhub.sys
11:25:42.0145 4684	usbhub - ok
11:25:42.0161 4684	usbohci         (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
11:25:42.0176 4684	usbohci - ok
11:25:42.0192 4684	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:25:42.0192 4684	usbprint - ok
11:25:42.0207 4684	USBSTOR         (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:25:42.0207 4684	USBSTOR - ok
11:25:42.0223 4684	usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
11:25:42.0239 4684	usbuhci - ok
11:25:42.0254 4684	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:25:42.0254 4684	vdrvroot - ok
11:25:42.0270 4684	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:25:42.0285 4684	vga - ok
11:25:42.0301 4684	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:25:42.0317 4684	VgaSave - ok
11:25:42.0332 4684	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:25:42.0332 4684	vhdmp - ok
11:25:42.0348 4684	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:25:42.0363 4684	viaide - ok
11:25:42.0379 4684	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:25:42.0379 4684	volmgr - ok
11:25:42.0395 4684	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:25:42.0410 4684	volmgrx - ok
11:25:42.0426 4684	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:25:42.0426 4684	volsnap - ok
11:25:42.0441 4684	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:25:42.0457 4684	vsmraid - ok
11:25:42.0473 4684	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:25:42.0473 4684	vwifibus - ok
11:25:42.0488 4684	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:25:42.0504 4684	vwififlt - ok
11:25:42.0519 4684	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:25:42.0519 4684	WacomPen - ok
11:25:42.0535 4684	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:25:42.0566 4684	WANARP - ok
11:25:42.0566 4684	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:25:42.0582 4684	Wanarpv6 - ok
11:25:42.0597 4684	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:25:42.0597 4684	Wd - ok
11:25:42.0629 4684	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:25:42.0629 4684	Wdf01000 - ok
11:25:42.0660 4684	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:25:42.0675 4684	WfpLwf - ok
11:25:42.0691 4684	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:25:42.0691 4684	WIMMount - ok
11:25:42.0722 4684	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:25:42.0722 4684	WinUsb - ok
11:25:42.0738 4684	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:25:42.0753 4684	WmiAcpi - ok
11:25:42.0769 4684	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:25:42.0785 4684	ws2ifsl - ok
11:25:42.0800 4684	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:25:42.0816 4684	WudfPf - ok
11:25:42.0847 4684	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:25:42.0863 4684	WUDFRd - ok
11:25:42.0863 4684	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:25:42.0878 4684	\Device\Harddisk0\DR0 - ok
11:25:42.0878 4684	Boot (0x1200)   (d3cc6e42e35cf2123fc3362518571fb2) \Device\Harddisk0\DR0\Partition0
11:25:42.0878 4684	\Device\Harddisk0\DR0\Partition0 - ok
11:25:42.0878 4684	============================================================
11:25:42.0878 4684	Scan finished
11:25:42.0878 4684	============================================================
11:25:42.0878 4568	Detected object count: 1
11:25:42.0878 4568	Actual detected object count: 1
11:25:50.0538 4568	acedrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
11:25:50.0538 4568	acedrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
OTL custim fix log

Code:
ATTFilter
All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: admin
->Temp folder emptied: 596541449 bytes
->Temporary Internet Files folder emptied: 90959557 bytes
->Java cache emptied: 503523 bytes
->FireFox cache emptied: 51028245 bytes
->Opera cache emptied: 17580835 bytes
->Flash cache emptied: 20570 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Gast
->Temp folder emptied: 325767 bytes
->Temporary Internet Files folder emptied: 8357671 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 14885366 bytes
->Opera cache emptied: 13139450 bytes
->Flash cache emptied: 1430 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3105962 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 14942163 bytes
 
Total Files Cleaned = 774,00 mb
 
 
OTL by OldTimer - Version 3.2.35.1 log created on 03052012_110404

Files\Folders moved on Reboot...
C:\Users\admin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
         


Alt 05.03.2012, 11:18   #6
Chris4You
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



Hi,

den Satz habe ich nicht verstanden:
nebenbei: das ich momentan nur c: also nur eine von drei hdds am pc ist schon ok während den scans?

Was meinst Du damit?


MBR-Check
Lade Dir http://ad13.geekstogo.com/MBRCheck.exe und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
  • Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur eine Sekunde.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste bitte den Inhalt des .txt Dokumentes

chris
__________________
--> WPuxEjVtXoFKKAE.exe und "delayed write failed"

Alt 05.03.2012, 11:43   #7
sodamixer
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



ich hab bei der eröffnung meines Beitrags geschrieben, dass ich kurz nach Auftreten des Problems, alle unnötigen HDDs vom Pc getrennt habe (mehrere Paritionen verteilt auf einer IDE und einer Sata II Platte) .
nur meine 60 GB SSD mit einer Partition C: worauf mein Win7 und mind. 95% aller Programme installiert ist, nur die Platte ist noch angeschlossen.
Ich geh davon aus, das du dies schon am Anfang gelesen hast, dachte aber ich frag lieber nochmal nach, wegen den ganzen Scans.
Wegen der unbekannten Meldung in TDSS welche ich bis jetzt nur geskiped habe soll ich nichtsmehr unternehmen ?

Hier der MBR check

Code:
ATTFilter
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:			
Windows Version:		Windows 7 Home Premium Edition
Windows Information:		Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer:	MSI
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		MSI
System Product Name:		MS-7681
Logical Drives Mask:		0x00010084

Kernel Drivers (total 194):
  0x03615000 \SystemRoot\system32\ntoskrnl.exe
  0x03BFE000 \SystemRoot\system32\hal.dll
  0x00B9F000 \SystemRoot\system32\kdcom.dll
  0x00CEC000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x00D3B000 \SystemRoot\system32\PSHED.dll
  0x00D4F000 \SystemRoot\system32\CLFS.SYS
  0x00C00000 \SystemRoot\system32\CI.dll
  0x00E4E000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x00EF2000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x00F01000 \SystemRoot\system32\drivers\ACPI.sys
  0x00F58000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x00F61000 \SystemRoot\system32\drivers\msisadrv.sys
  0x00F6B000 \SystemRoot\system32\drivers\pci.sys
  0x00F9E000 \SystemRoot\system32\drivers\vdrvroot.sys
  0x00FAB000 \SystemRoot\System32\drivers\partmgr.sys
  0x00FC0000 \SystemRoot\system32\drivers\volmgr.sys
  0x010B6000 \SystemRoot\System32\drivers\volmgrx.sys
  0x01112000 \SystemRoot\System32\drivers\mountmgr.sys
  0x0112C000 \SystemRoot\system32\drivers\nvrd64.sys
  0x011A4000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x01284000 \SystemRoot\system32\drivers\iaStor.sys
  0x013D8000 \SystemRoot\system32\drivers\amdsata.sys
  0x01200000 \SystemRoot\system32\drivers\storport.sys
  0x01000000 \SystemRoot\system32\drivers\amdsbs.sys
  0x01263000 \SystemRoot\system32\drivers\amdxata.sys
  0x0126E000 \SystemRoot\system32\drivers\amd_xata.sys
  0x01047000 \SystemRoot\system32\drivers\fltmgr.sys
  0x01093000 \SystemRoot\system32\drivers\fileinfo.sys
  0x013F6000 \SystemRoot\system32\drivers\SiWinAcc.sys
  0x0144A000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x01614000 \SystemRoot\System32\Drivers\msrpc.sys
  0x01672000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x0168D000 \SystemRoot\System32\Drivers\cng.sys
  0x016FF000 \SystemRoot\System32\drivers\pcw.sys
  0x01710000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x018E0000 \SystemRoot\system32\drivers\ndis.sys
  0x01800000 \SystemRoot\system32\drivers\NETIO.SYS
  0x01860000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x01AC8000 \SystemRoot\System32\drivers\tcpip.sys
  0x01CCC000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x01D16000 \SystemRoot\system32\drivers\volsnap.sys
  0x01D62000 \SystemRoot\System32\Drivers\spldr.sys
  0x01D6A000 \SystemRoot\System32\drivers\rdyboost.sys
  0x01DA4000 \SystemRoot\system32\drivers\SiRemFil.sys
  0x01DAC000 \SystemRoot\System32\Drivers\mup.sys
  0x01DBE000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x01A00000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x01A3A000 \SystemRoot\system32\drivers\disk.sys
  0x03199000 \SystemRoot\System32\Drivers\Null.SYS
  0x031A2000 \SystemRoot\System32\Drivers\Beep.SYS
  0x031A9000 \SystemRoot\System32\drivers\vga.sys
  0x031B7000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x031DC000 \SystemRoot\System32\drivers\watchdog.sys
  0x031EC000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x031F5000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x0316F000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x03178000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x03183000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x01A5E000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x01A80000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x0171A000 \SystemRoot\system32\drivers\afd.sys
  0x0188B000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x01A8D000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x01A96000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x01DC7000 \SystemRoot\system32\DRIVERS\vwififlt.sys
  0x01DDD000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x017A3000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
  0x019D3000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x01DEC000 \SystemRoot\system32\DRIVERS\termdd.sys
  0x00DAD000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x01ABC000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x019EE000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0x018D0000 \SystemRoot\System32\drivers\discache.sys
  0x01400000 \SystemRoot\System32\Drivers\dfsc.sys
  0x017E6000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x0141E000 \SystemRoot\system32\DRIVERS\avipbb.sys
  0x011D4000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x00E00000 \SystemRoot\system32\DRIVERS\atikmpag.sys
  0x07614000 \SystemRoot\system32\DRIVERS\atikmdag.sys
  0x06CCC000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x06C00000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x06C46000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0x06C6A000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x07F10000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x06C7B000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
  0x06CAC000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x06DC0000 \SystemRoot\system32\DRIVERS\1394ohci.sys
  0x06CAE000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
  0x07F66000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x06CB7000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
  0x07F7C000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x07F92000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x07FB6000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x07FC2000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x00FD5000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x00CC0000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x07078000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x07092000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x070A1000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x070B0000 \SystemRoot\system32\DRIVERS\swenum.sys
  0x070B2000 \SystemRoot\system32\DRIVERS\ks.sys
  0x070F5000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x07107000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x07161000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
  0x0717A000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x0718F000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x07000000 \SystemRoot\system32\drivers\RtHDMIVX.sys
  0x071B9000 \SystemRoot\system32\drivers\portcls.sys
  0x07048000 \SystemRoot\system32\drivers\drmk.sys
  0x0706A000 \SystemRoot\system32\drivers\ksthunk.sys
  0x08448000 \SystemRoot\system32\drivers\RTKVHD64.sys
  0x086E7000 \SystemRoot\system32\drivers\MBfilt64.sys
  0x086F5000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x03000000 \SystemRoot\System32\Drivers\dump_iaStor.sys
  0x08703000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x00080000 \SystemRoot\System32\win32k.sys
  0x08716000 \SystemRoot\System32\drivers\Dxapi.sys
  0x08722000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x08730000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x0873E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x08757000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x08760000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x00480000 \SystemRoot\System32\TSDDD.dll
  0x006D0000 \SystemRoot\System32\cdd.dll
  0x0876D000 \SystemRoot\system32\DRIVERS\kbdhid.sys
  0x00990000 \SystemRoot\System32\ATMFD.DLL
  0x0877B000 \SystemRoot\system32\drivers\luafv.sys
  0x0879E000 \SystemRoot\system32\DRIVERS\avgntflt.sys
  0x087BD000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
  0x087C8000 \SystemRoot\system32\drivers\WudfPf.sys
  0x087E9000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x02C29000 \SystemRoot\system32\DRIVERS\nwifi.sys
  0x02C7C000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x02C8F000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x02CA7000 \SystemRoot\system32\drivers\HTTP.sys
  0x02D70000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x02D8E000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x02DA6000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x040E3000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x04131000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x04155000 \SystemRoot\System32\Drivers\adfs.SYS
  0x04000000 \SystemRoot\system32\drivers\peauth.sys
  0x040A6000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x08051000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
  0x08112000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
  0x0815F000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x08190000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x0416D000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x08CD8000 \SystemRoot\System32\DRIVERS\srv.sys
  0x08D70000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
  0x08D7B000 \SystemRoot\system32\drivers\spsys.sys
  0x08DEC000 \??\C:\Windows\system32\drivers\mbam.sys
  0x08C00000 \SystemRoot\system32\DRIVERS\RTL8192su.sys
  0x08CC3000 \SystemRoot\system32\DRIVERS\vwifibus.sys
  0x76CD0000 \Windows\System32\ntdll.dll
  0x48130000 \Windows\System32\smss.exe
  0xFEFF0000 \Windows\System32\apisetschema.dll
  0xFFBA0000 \Windows\System32\autochk.exe
  0xFEED0000 \Windows\System32\msctf.dll
  0x76B80000 \Windows\System32\urlmon.dll
  0xFEEB0000 \Windows\System32\imagehlp.dll
  0xFEDD0000 \Windows\System32\advapi32.dll
  0x76EA0000 \Windows\System32\psapi.dll
  0xFE040000 \Windows\System32\shell32.dll
  0x76A60000 \Windows\System32\kernel32.dll
  0x76850000 \Windows\System32\iertutil.dll
  0xFDE60000 \Windows\System32\setupapi.dll
  0xFDE30000 \Windows\System32\imm32.dll
  0xFDD90000 \Windows\System32\msvcrt.dll
  0xFDB80000 \Windows\System32\ole32.dll
  0xFDB00000 \Windows\System32\shlwapi.dll
  0xFDA30000 \Windows\System32\usp10.dll
  0x76E90000 \Windows\System32\normaliz.dll
  0xFD990000 \Windows\System32\comdlg32.dll
  0xFD910000 \Windows\System32\difxapi.dll
  0xFD900000 \Windows\System32\nsi.dll
  0x76750000 \Windows\System32\user32.dll
  0x765F0000 \Windows\System32\wininet.dll
  0xFD7D0000 \Windows\System32\rpcrt4.dll
  0xFD780000 \Windows\System32\ws2_32.dll
  0xFD720000 \Windows\System32\Wldap32.dll
  0xFD680000 \Windows\System32\clbcatq.dll
  0xFD670000 \Windows\System32\lpk.dll
  0xFD650000 \Windows\System32\sechost.dll
  0xFD570000 \Windows\System32\oleaut32.dll
  0xFD500000 \Windows\System32\gdi32.dll
  0xFD460000 \Windows\System32\comctl32.dll
  0xFD420000 \Windows\System32\cfgmgr32.dll
  0xFD400000 \Windows\System32\devobj.dll
  0xFD390000 \Windows\System32\KernelBase.dll
  0xFD350000 \Windows\System32\wintrust.dll
  0xFD1E0000 \Windows\System32\crypt32.dll
  0xFD1D0000 \Windows\System32\msasn1.dll
  0x759F0000 \Windows\SysWOW64\normaliz.dll

Processes (total 57):
       0 System Idle Process
       4 System
     304 C:\Windows\System32\smss.exe
     460 csrss.exe
     540 C:\Windows\System32\wininit.exe
     548 csrss.exe
     588 C:\Windows\System32\services.exe
     612 C:\Windows\System32\lsass.exe
     620 C:\Windows\System32\lsm.exe
     676 C:\Windows\System32\winlogon.exe
     764 C:\Windows\System32\svchost.exe
     844 C:\Windows\System32\svchost.exe
     904 C:\Windows\System32\atiesrxx.exe
     952 C:\Windows\System32\svchost.exe
     984 C:\Windows\System32\svchost.exe
    1012 C:\Windows\System32\svchost.exe
     712 C:\Windows\System32\svchost.exe
    1128 C:\Windows\System32\svchost.exe
    1340 C:\Windows\System32\atieclxx.exe
    1384 C:\Windows\System32\spoolsv.exe
    1452 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    1484 C:\Windows\System32\svchost.exe
    1584 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    1660 C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
    1820 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    1828 C:\Windows\System32\conhost.exe
    2004 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    2032 C:\Windows\System32\svchost.exe
    1072 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
     320 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    2112 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    2220 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    2764 C:\Windows\System32\taskhost.exe
    2840 C:\Windows\System32\sppsvc.exe
    3064 C:\Windows\System32\svchost.exe
    1256 C:\Windows\System32\dwm.exe
    2524 C:\Windows\explorer.exe
    2660 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    2696 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    2988 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    2516 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    3116 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    3328 C:\Windows\System32\SearchIndexer.exe
    3532 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    3784 C:\Windows\System32\svchost.exe
    3476 C:\Program Files\Windows Media Player\wmpnetwk.exe
    1972 C:\Windows\System32\svchost.exe
    4396 C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
    4744 dllhost.exe
    4772 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    1252 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    4696 C:\Windows\System32\svchost.exe
    3864 C:\Windows\System32\svchost.exe
    1836 C:\Windows\System32\SearchProtocolHost.exe
    3684 C:\Windows\System32\SearchFilterHost.exe
    3648 C:\Users\admin\Desktop\MBRCheck.exe
    3580 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000  (NTFS)
\\.\Q: -->  error 5

PhysicalDrive0 Model Number: OCZ-AGILITY2, Rev: 1.24    

      Size  Device Name          MBR Status
  --------------------------------------------
     55 GB  \\.\PhysicalDrive0   Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!
         

Alt 05.03.2012, 12:41   #8
Chris4You
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



Hi,

das sieht eigentlich gut aus, noch Einschränkungen/Probleme bemerkbar?

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 05.03.2012, 13:10   #9
sodamixer
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



jetzt hab ich doch noch ein "Problem" entdeckt in der Startleiste sind "Alle Programme" zwar alle wieder eingetragen, wenn ich draufklicke sind die Einträge aber leer ausser der neu installierte Inhalt von MAM wird angezeigt

was war nun mit der Meldung von TDSS? fehlalarm o.ä.? => nicht weiter relevant?

das die anderen
Festplatten nicht gescanned wurden ist dadurch, dass sich darauf eigentlich nur reine Daten wie Bilder und Musik befinden nicht tragisch, welcher scan empfiehlt sich dennoch wenn ich die Festplatten gleich wieder anschließen werden?

macht die verwendung eines nicht aktivierten win7 von der sicherheit her irgendwelche unterschiede?

resumee: normalweise verwende ich nur opera, halte diesen auch immer akutell nur bei problemen verwende ich FF kann es sein das durch einen veralteten FF und eventuell nicht gemachte Flash Player updates solche sicherheitslücken entsehen? der Besuch einer wirklich unvertrauenswürdigen Seite wäre MIR nicht aufgefallen.
für die Zukunft : Browser in SandBox und MAM ausreichen?
macht es unter Win7 einen unterschied ob ich mit einem Administrator Benutzer-Konto surfe? oder sollte man wie früher geraten nie mit einem Konto welches vollen Zugriff hat surfen?

Auf jendenfall mal ein rieeeesen Dankeschön Chris man merkt ja immer erst was man hat wenn mans nichtmehr hat (Laufendes System)
Grüße Wendelin

Geändert von sodamixer (05.03.2012 um 13:33 Uhr)

Alt 05.03.2012, 14:04   #10
Chris4You
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



Hi,

Du kannst den Teriber acedrv06.sys bei virustotal.com prüfen lassen, ich denke es ist ein f/p (false/positiv)...

Mit Startleiste meinst Du die "Quickstartleiste"...?

Falls Du die Festplatten per USB anschließt, die SHIFT-Taste gedrückt halten, bis alles erkannt wurde. Dann würde ich einen Scanner drüberjagen...

Auch für WIN7 etc. gilt immer mit "GUEST"-Account surfen...
Das Teil kommt durch Windowssicherheitslücken auf den Rechner, Infektion erfolgt normalerweise durch ein in eine "noramle" Webpage eingeschmuggelten IFRAME, der dann auf einen Hackersurfer umleitet der durch die Sicherheitslücke einen Dropper schleust, der dann "nachlädt"...

Daher ist Sanbxo und eingeschränkte Userrechte eine gute Idee...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 05.03.2012, 14:27   #11
sodamixer
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



was ich meine ist links unten "start" mit dem win symbol da gibts den bei mir ersten punkt "alle programme" und darin sind zwar alle programme eingetragen meist in ordnern aber diese ordner sind eben leer. die verknüpfungen welche direkt beim klick auf "start" sichtbar werden sind einwandfrei. und rechts unten die "status"symbole neben der uhr gefallen mir sogar besser wie davor, sind jetzt wie früher bei xp alle nebeneinander sichtbar nicht mehr zum aufklappen :-)
wegen den surf accounts muss ich halt schauen wie sich das mit dem normalen work flow kombinieren lässt, weil ich halt oft "arbeite" (photoshop) und surfe gleichzeitig.
zu den festplatten, wie schon erwähnt handelt es sich um IDE und SATA also nicht USB :-) und welchen von den vielen scannern lass ich da jetzt am sinnvollsten nochmal laufen, wenn alle platten dran sind? Außer bei Malwarebytes kann ich mit den Ergebnis Logs ja eh nichts anfangen.
Du kannst nicht zufällig Tips zur Fotografie gebrauchen? wäre so ne Gegenleistun, ansonsten gedenke ich mal ne Klenigkeit zu spenden .

Alt 05.03.2012, 14:40   #12
Chris4You
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



Hi,

Malwarebytes sollte genügen...

Sind die Programmeinträge (ORdner) unter
Code:
ATTFilter
C:\users\user1\appdata\... und
c:\users\all users\
         
noch vorhanden...?

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 05.03.2012, 17:24   #13
sodamixer
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



also ich habe unter
Code:
ATTFilter
C:\Users\admin\AppData
         
3 unterordner local localLow und roaming in welchen davon sollte was drin sein?

all users hab ich nicht nur
Code:
ATTFilter
C:\Users\Public
         
MAM hat beine behobenen probleme in quarantäne, kann ich löschen oder?
auch acrobat reader soll ja ein sicherheitsrisiko darstellen, zudem habe ich eh meist probleme PDFs direkt in opera zu öffnen was vermutlich mit 2 verschiedenen acrobat versionen zusammenhänge, nur finde ich den reader nicht in der liste der installierten programme auch nicht im revo uninstaller ne idee?

Geändert von sodamixer (05.03.2012 um 17:49 Uhr)

Alt 05.03.2012, 19:56   #14
Chris4You
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



Hi,

prüf mal folgenden Pfad:
c:\ProgramData\Microsoft\Windows\Startmenü\Programme ....

Was meinst Du mit
Zitat:
MAM hat beine behobenen probleme in quarantäne, kann ich löschen oder?
?

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 05.03.2012, 21:43   #15
sodamixer
 
WPuxEjVtXoFKKAE.exe und "delayed write failed" - Standard

WPuxEjVtXoFKKAE.exe und "delayed write failed"



naja beim scan mim MAM kamen doch einige "Probleme" diese habe ich dann über MAM behoben, wenn ich jetzt MAM öffne sind diese behobenen probleme in der quarantäne dort gibt es dann die möglichkeit sie zu löschen.
ja in deinem beschrieben Pfad gibt es zwar ordner genau wie in meinem startmenü eben aber genauso sind diese eben alle leer, teilweise sind unterordner drin aber diese sind dann auch wiederum leer

Antwort

Themen zu WPuxEjVtXoFKKAE.exe und "delayed write failed"
adobe, antivir, antivir guard, avira, converter, defender, desktop, desktop leer, device driver, disabletaskmgr, explorer, failed, fehlermeldung, firefox, helper, home, malware, malware gefunden, mozilla, mp3, pdf, programme, prozesse, realtek, software, svchost.exe, taskmanager, usb, usb 2.0, usb 3.0, windows, windows 7 home, windows 7 home premium



Ähnliche Themen: WPuxEjVtXoFKKAE.exe und "delayed write failed"


  1. System Check - "Windows - Delayed Write Failed", schwarzer Bildschirm, Datenverlust?
    Log-Analyse und Auswertung - 26.03.2012 (12)
  2. windows 7 gecrasht - "Windows - Delayed Write Failed" "Failed to save all the components..."
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (12)
  3. "Delayed write failed"- Virus/ Versteckte Objekte
    Log-Analyse und Auswertung - 06.01.2012 (20)
  4. WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 25.11.2011 (7)
  5. "Windows - Delayed Write Failed" - Schwarzer Bildschirm, keine Icons
    Log-Analyse und Auswertung - 23.11.2011 (24)
  6. Schwarzer Desktop, Icons versteckt, "delayed write failed..."
    Plagegeister aller Art und deren Bekämpfung - 21.11.2011 (48)
  7. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428
    Log-Analyse und Auswertung - 15.11.2011 (35)
  8. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - St
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (16)
  9. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (101)
  10. Windows - Delayed Write Failed - Failed to save...
    Log-Analyse und Auswertung - 10.11.2011 (7)
  11. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 09.11.2011 (25)
  12. Nach "Windows - Delayed Write Failed" Laptop Trojaner Frei?
    Log-Analyse und Auswertung - 08.11.2011 (10)
  13. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 07.11.2011 (10)
  14. Windows - Delayed Write Failed. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 07.11.2011 (12)
  15. Alle Dateien weg, "windows - delayed write failed" usw.
    Log-Analyse und Auswertung - 06.11.2011 (3)
  16. Alle Dateien weg, "windows - delayed write failed"
    Mülltonne - 04.11.2011 (1)
  17. "Windows - Delayed Write Failed" Trojaner
    Log-Analyse und Auswertung - 22.10.2011 (1)

Zum Thema WPuxEjVtXoFKKAE.exe und "delayed write failed" - Guten Tag während ich surfte meldete Avira "Malware gefunden" nach dem ich auf löschen klickte wurde alle programme geschlossen es tauchte ca. 15 mal die wohl bekannte fehlermeldung "delayed write - WPuxEjVtXoFKKAE.exe und "delayed write failed"...
Archiv
Du betrachtest: WPuxEjVtXoFKKAE.exe und "delayed write failed" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.