Nein, das ist die einzige Log, die mir angezeigt wurde. Soll ich den Vorgang nochmal wiederholen?

Ja wiederhol mal

Da muss beim letzten Mal wohl wirklich etwas schiefgelaufen sein. Hier ist die neue Log:

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Folder C:\Users\Seppo\P-7-78-8964-9648-3874\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Seppo
->Temp folder emptied: 1934810 bytes
->Temporary Internet Files folder emptied: 33835415 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 133085100 bytes
->Flash cache emptied: 4427 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5198318 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 166,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 11072011_152848

Files\Folders moved on Reboot...
C:\Users\Seppo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!

Das ist die Log vom Kasperspy Tool:

18:26:15.0325 2028 TDSS rootkit removing tool 2.6.16.0 Nov 7 2011 16:26:51
18:26:15.0497 2028 ============================================================
18:26:15.0497 2028 Current date / time: 2011/11/07 18:26:15.0497
18:26:15.0497 2028 SystemInfo:
18:26:15.0497 2028
18:26:15.0497 2028 OS Version: 6.1.7600 ServicePack: 0.0
18:26:15.0497 2028 Product type: Workstation
18:26:15.0497 2028 ComputerName: SEPPO-PC
18:26:15.0497 2028 UserName: Seppo
18:26:15.0497 2028 Windows directory: C:\Windows
18:26:15.0497 2028 System windows directory: C:\Windows
18:26:15.0497 2028 Running under WOW64
18:26:15.0497 2028 Processor architecture: Intel x64
18:26:15.0497 2028 Number of processors: 2
18:26:15.0497 2028 Page size: 0x1000
18:26:15.0497 2028 Boot type: Normal boot
18:26:15.0497 2028 ============================================================
18:26:16.0464 2028 Initialize success
18:26:24.0248 1808 ============================================================
18:26:24.0248 1808 Scan started
18:26:24.0248 1808 Mode: Manual; SigCheck; TDLFS;
18:26:24.0248 1808 ============================================================
18:26:24.0607 1808 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
18:26:24.0732 1808 1394ohci - ok
18:26:24.0857 1808 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
18:26:24.0872 1808 ACPI - ok
18:26:24.0919 1808 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
18:26:25.0013 1808 AcpiPmi - ok
18:26:25.0153 1808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:26:25.0184 1808 adp94xx - ok
18:26:25.0262 1808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:26:25.0294 1808 adpahci - ok
18:26:25.0356 1808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:26:25.0387 1808 adpu320 - ok
18:26:25.0465 1808 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
18:26:25.0559 1808 AFD - ok
18:26:25.0668 1808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
18:26:25.0684 1808 agp440 - ok
18:26:25.0762 1808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
18:26:25.0777 1808 aliide - ok
18:26:25.0808 1808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
18:26:25.0824 1808 amdide - ok
18:26:25.0886 1808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:26:25.0949 1808 AmdK8 - ok
18:26:25.0980 1808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:26:26.0042 1808 AmdPPM - ok
18:26:26.0089 1808 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
18:26:26.0105 1808 amdsata - ok
18:26:26.0152 1808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:26:26.0183 1808 amdsbs - ok
18:26:26.0214 1808 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
18:26:26.0230 1808 amdxata - ok
18:26:26.0261 1808 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
18:26:26.0308 1808 AmUStor - ok
18:26:26.0479 1808 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
18:26:26.0573 1808 AppID - ok
18:26:26.0651 1808 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:26:26.0666 1808 arc - ok
18:26:26.0713 1808 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:26:26.0729 1808 arcsas - ok
18:26:26.0760 1808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:26:26.0838 1808 AsyncMac - ok
18:26:26.0900 1808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
18:26:26.0916 1808 atapi - ok
18:26:27.0025 1808 athr (88a02b6046356e6be4e387faa7451439) C:\Windows\system32\DRIVERS\athrx.sys
18:26:27.0166 1808 athr - ok
18:26:27.0275 1808 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
18:26:27.0353 1808 avgntflt - ok
18:26:27.0400 1808 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
18:26:27.0415 1808 avipbb - ok
18:26:27.0446 1808 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
18:26:27.0446 1808 avkmgr - ok
18:26:27.0540 1808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:26:27.0618 1808 b06bdrv - ok
18:26:27.0665 1808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:26:27.0712 1808 b57nd60a - ok
18:26:27.0743 1808 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:26:27.0805 1808 Beep - ok
18:26:27.0852 1808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:26:27.0883 1808 blbdrive - ok
18:26:27.0914 1808 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
18:26:27.0977 1808 bowser - ok
18:26:28.0024 1808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:26:28.0070 1808 BrFiltLo - ok
18:26:28.0102 1808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:26:28.0117 1808 BrFiltUp - ok
18:26:28.0148 1808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:26:28.0211 1808 Brserid - ok
18:26:28.0242 1808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:26:28.0289 1808 BrSerWdm - ok
18:26:28.0320 1808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:26:28.0351 1808 BrUsbMdm - ok
18:26:28.0367 1808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:26:28.0414 1808 BrUsbSer - ok
18:26:28.0460 1808 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:26:28.0507 1808 BthEnum - ok
18:26:28.0554 1808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:26:28.0601 1808 BTHMODEM - ok
18:26:28.0616 1808 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:26:28.0648 1808 BthPan - ok
18:26:28.0772 1808 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
18:26:28.0975 1808 BTHPORT - ok
18:26:29.0287 1808 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
18:26:29.0396 1808 BTHUSB - ok
18:26:29.0490 1808 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:26:29.0615 1808 cdfs - ok
18:26:29.0786 1808 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
18:26:29.0818 1808 cdrom - ok
18:26:29.0911 1808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:26:29.0942 1808 circlass - ok
18:26:30.0005 1808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:26:30.0036 1808 CLFS - ok
18:26:30.0067 1808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:26:30.0114 1808 CmBatt - ok
18:26:30.0145 1808 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
18:26:30.0176 1808 cmdide - ok
18:26:30.0208 1808 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
18:26:30.0254 1808 CNG - ok
18:26:30.0286 1808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:26:30.0301 1808 Compbatt - ok
18:26:30.0301 1808 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
18:26:30.0332 1808 CompositeBus - ok
18:26:30.0379 1808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:26:30.0410 1808 crcdisk - ok
18:26:30.0473 1808 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
18:26:30.0520 1808 DfsC - ok
18:26:30.0566 1808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:26:30.0644 1808 discache - ok
18:26:30.0660 1808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:26:30.0691 1808 Disk - ok
18:26:30.0785 1808 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\SysWOW64\Drivers\DKbFltr.sys
18:26:30.0800 1808 DKbFltr - ok
18:26:30.0925 1808 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:26:30.0956 1808 drmkaud - ok
18:26:31.0019 1808 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
18:26:31.0066 1808 DXGKrnl - ok
18:26:31.0175 1808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:26:31.0346 1808 ebdrv - ok
18:26:31.0424 1808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:26:31.0456 1808 elxstor - ok
18:26:31.0487 1808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
18:26:31.0518 1808 ErrDev - ok
18:26:31.0580 1808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:26:31.0658 1808 exfat - ok
18:26:31.0674 1808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:26:31.0768 1808 fastfat - ok
18:26:31.0814 1808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:26:31.0861 1808 fdc - ok
18:26:31.0892 1808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:26:31.0908 1808 FileInfo - ok
18:26:31.0924 1808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:26:31.0986 1808 Filetrace - ok
18:26:32.0002 1808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:26:32.0033 1808 flpydisk - ok
18:26:32.0064 1808 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
18:26:32.0095 1808 FltMgr - ok
18:26:32.0111 1808 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:26:32.0126 1808 FsDepends - ok
18:26:32.0158 1808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:26:32.0173 1808 Fs_Rec - ok
18:26:32.0204 1808 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
18:26:32.0236 1808 fvevol - ok
18:26:32.0267 1808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:26:32.0282 1808 gagp30kx - ok
18:26:32.0376 1808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:26:32.0454 1808 hcw85cir - ok
18:26:32.0501 1808 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
18:26:32.0548 1808 HdAudAddService - ok
18:26:32.0579 1808 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:26:32.0610 1808 HDAudBus - ok
18:26:32.0641 1808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:26:32.0672 1808 HidBatt - ok
18:26:32.0704 1808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:26:32.0750 1808 HidBth - ok
18:26:32.0782 1808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:26:32.0813 1808 HidIr - ok
18:26:32.0875 1808 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
18:26:32.0906 1808 HidUsb - ok
18:26:32.0953 1808 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
18:26:32.0969 1808 HpSAMD - ok
18:26:33.0031 1808 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
18:26:33.0125 1808 HTTP - ok
18:26:33.0140 1808 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
18:26:33.0156 1808 hwpolicy - ok
18:26:33.0187 1808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
18:26:33.0218 1808 i8042prt - ok
18:26:33.0281 1808 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
18:26:33.0312 1808 iaStor - ok
18:26:33.0359 1808 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
18:26:33.0390 1808 iaStorV - ok
18:26:33.0686 1808 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:26:34.0108 1808 igfx - ok
18:26:34.0217 1808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:26:34.0232 1808 iirsp - ok
18:26:34.0342 1808 IntcAzAudAddService (1a6241b70453a6629a83db942aa6b08c) C:\Windows\system32\drivers\RTKVHD64.sys
18:26:34.0388 1808 IntcAzAudAddService - ok
18:26:34.0451 1808 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
18:26:34.0498 1808 IntcHdmiAddService - ok
18:26:34.0529 1808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
18:26:34.0544 1808 intelide - ok
18:26:34.0591 1808 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:26:34.0622 1808 intelppm - ok
18:26:34.0669 1808 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:26:34.0747 1808 IpFilterDriver - ok
18:26:34.0763 1808 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:26:34.0794 1808 IPMIDRV - ok
18:26:34.0810 1808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:26:34.0888 1808 IPNAT - ok
18:26:34.0919 1808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:26:34.0934 1808 IRENUM - ok
18:26:34.0966 1808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
18:26:34.0981 1808 isapnp - ok
18:26:35.0012 1808 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
18:26:35.0028 1808 iScsiPrt - ok
18:26:35.0059 1808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:26:35.0075 1808 kbdclass - ok
18:26:35.0106 1808 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
18:26:35.0153 1808 kbdhid - ok
18:26:35.0184 1808 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
18:26:35.0200 1808 KSecDD - ok
18:26:35.0231 1808 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
18:26:35.0246 1808 KSecPkg - ok
18:26:35.0278 1808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:26:35.0340 1808 ksthunk - ok
18:26:35.0387 1808 L1C (ad88105efddc55877ea8d06346d75989) C:\Windows\system32\DRIVERS\L1C62x64.sys
18:26:35.0434 1808 L1C - ok
18:26:35.0512 1808 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:26:35.0574 1808 lltdio - ok
18:26:35.0636 1808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:26:35.0652 1808 LSI_FC - ok
18:26:35.0668 1808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:26:35.0683 1808 LSI_SAS - ok
18:26:35.0699 1808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:26:35.0714 1808 LSI_SAS2 - ok
18:26:35.0746 1808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:26:35.0761 1808 LSI_SCSI - ok
18:26:35.0792 1808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:26:35.0870 1808 luafv - ok
18:26:35.0917 1808 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
18:26:35.0933 1808 MBAMProtector - ok
18:26:35.0964 1808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:26:35.0980 1808 megasas - ok
18:26:36.0011 1808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:26:36.0042 1808 MegaSR - ok
18:26:36.0073 1808 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:26:36.0151 1808 Modem - ok
18:26:36.0182 1808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:26:36.0214 1808 monitor - ok
18:26:36.0229 1808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:26:36.0260 1808 mouclass - ok
18:26:36.0323 1808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:26:36.0354 1808 mouhid - ok
18:26:36.0354 1808 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
18:26:36.0385 1808 mountmgr - ok
18:26:36.0401 1808 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
18:26:36.0432 1808 mpio - ok
18:26:36.0432 1808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:26:36.0526 1808 mpsdrv - ok
18:26:36.0541 1808 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
18:26:36.0588 1808 MRxDAV - ok
18:26:36.0619 1808 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:26:36.0666 1808 mrxsmb - ok
18:26:36.0682 1808 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:26:36.0697 1808 mrxsmb10 - ok
18:26:36.0728 1808 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:26:36.0760 1808 mrxsmb20 - ok
18:26:36.0791 1808 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
18:26:36.0806 1808 msahci - ok
18:26:36.0838 1808 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
18:26:36.0853 1808 msdsm - ok
18:26:36.0884 1808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:26:36.0947 1808 Msfs - ok
18:26:36.0962 1808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:26:37.0025 1808 mshidkmdf - ok
18:26:37.0040 1808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
18:26:37.0056 1808 msisadrv - ok
18:26:37.0103 1808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:26:37.0165 1808 MSKSSRV - ok
18:26:37.0196 1808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:26:37.0274 1808 MSPCLOCK - ok
18:26:37.0274 1808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:26:37.0352 1808 MSPQM - ok
18:26:37.0384 1808 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
18:26:37.0399 1808 MsRPC - ok
18:26:37.0415 1808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
18:26:37.0446 1808 mssmbios - ok
18:26:37.0446 1808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:26:37.0524 1808 MSTEE - ok
18:26:37.0540 1808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:26:37.0571 1808 MTConfig - ok
18:26:37.0618 1808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:26:37.0633 1808 Mup - ok
18:26:37.0664 1808 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
18:26:37.0680 1808 mwlPSDFilter - ok
18:26:37.0680 1808 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
18:26:37.0696 1808 mwlPSDNServ - ok
18:26:37.0711 1808 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
18:26:37.0727 1808 mwlPSDVDisk - ok
18:26:37.0789 1808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:26:37.0852 1808 NativeWifiP - ok
18:26:37.0898 1808 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
18:26:37.0961 1808 NDIS - ok
18:26:38.0008 1808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:26:38.0086 1808 NdisCap - ok
18:26:38.0101 1808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:26:38.0179 1808 NdisTapi - ok
18:26:38.0226 1808 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
18:26:38.0288 1808 Ndisuio - ok
18:26:38.0288 1808 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:26:38.0382 1808 NdisWan - ok
18:26:38.0382 1808 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
18:26:38.0460 1808 NDProxy - ok
18:26:38.0491 1808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:26:38.0554 1808 NetBIOS - ok
18:26:38.0585 1808 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
18:26:38.0663 1808 NetBT - ok
18:26:38.0912 1808 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
18:26:39.0193 1808 NETw5s64 - ok
18:26:39.0287 1808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:26:39.0318 1808 nfrd960 - ok
18:26:39.0365 1808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:26:39.0427 1808 Npfs - ok
18:26:39.0443 1808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:26:39.0521 1808 nsiproxy - ok
18:26:39.0583 1808 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
18:26:39.0677 1808 Ntfs - ok
18:26:39.0692 1808 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:26:39.0755 1808 Null - ok
18:26:39.0786 1808 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
18:26:39.0802 1808 nvraid - ok
18:26:39.0817 1808 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
18:26:39.0848 1808 nvstor - ok
18:26:39.0848 1808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
18:26:39.0880 1808 nv_agp - ok
18:26:39.0926 1808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
18:26:39.0958 1808 ohci1394 - ok
18:26:40.0004 1808 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:26:40.0036 1808 Parport - ok
18:26:40.0051 1808 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
18:26:40.0067 1808 partmgr - ok
18:26:40.0082 1808 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
18:26:40.0114 1808 pci - ok
18:26:40.0129 1808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
18:26:40.0145 1808 pciide - ok
18:26:40.0176 1808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:26:40.0207 1808 pcmcia - ok
18:26:40.0238 1808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:26:40.0254 1808 pcw - ok
18:26:40.0270 1808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:26:40.0348 1808 PEAUTH - ok
18:26:40.0426 1808 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
18:26:40.0488 1808 PptpMiniport - ok
18:26:40.0519 1808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:26:40.0566 1808 Processor - ok
18:26:40.0628 1808 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
18:26:40.0706 1808 Psched - ok
18:26:40.0753 1808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:26:40.0847 1808 ql2300 - ok
18:26:40.0862 1808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:26:40.0878 1808 ql40xx - ok
18:26:40.0909 1808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:26:40.0940 1808 QWAVEdrv - ok
18:26:40.0972 1808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:26:41.0050 1808 RasAcd - ok
18:26:41.0081 1808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:26:41.0143 1808 RasAgileVpn - ok
18:26:41.0159 1808 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:26:41.0221 1808 Rasl2tp - ok
18:26:41.0252 1808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:26:41.0315 1808 RasPppoe - ok
18:26:41.0330 1808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:26:41.0393 1808 RasSstp - ok
18:26:41.0424 1808 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
18:26:41.0502 1808 rdbss - ok
18:26:41.0518 1808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:26:41.0549 1808 rdpbus - ok
18:26:41.0564 1808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:26:41.0627 1808 RDPCDD - ok
18:26:41.0642 1808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:26:41.0720 1808 RDPENCDD - ok
18:26:41.0736 1808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:26:41.0798 1808 RDPREFMP - ok
18:26:41.0814 1808 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
18:26:41.0908 1808 RDPWD - ok
18:26:41.0954 1808 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
18:26:41.0970 1808 rdyboost - ok
18:26:42.0001 1808 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:26:42.0048 1808 RFCOMM - ok
18:26:42.0079 1808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:26:42.0157 1808 rspndr - ok
18:26:42.0220 1808 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
18:26:42.0251 1808 sbp2port - ok
18:26:42.0266 1808 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
18:26:42.0344 1808 scfilter - ok
18:26:42.0407 1808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:26:42.0454 1808 secdrv - ok
18:26:42.0516 1808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:26:42.0547 1808 Serenum - ok
18:26:42.0594 1808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:26:42.0625 1808 Serial - ok
18:26:42.0656 1808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:26:42.0672 1808 sermouse - ok
18:26:42.0703 1808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
18:26:42.0750 1808 sffdisk - ok
18:26:42.0766 1808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:26:42.0812 1808 sffp_mmc - ok
18:26:42.0844 1808 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
18:26:42.0890 1808 sffp_sd - ok
18:26:42.0906 1808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:26:42.0953 1808 sfloppy - ok
18:26:43.0000 1808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:26:43.0015 1808 SiSRaid2 - ok
18:26:43.0031 1808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:26:43.0062 1808 SiSRaid4 - ok
18:26:43.0078 1808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:26:43.0156 1808 Smb - ok
18:26:43.0187 1808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:26:43.0218 1808 spldr - ok
18:26:43.0265 1808 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
18:26:43.0312 1808 srv - ok
18:26:43.0343 1808 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
18:26:43.0374 1808 srv2 - ok
18:26:43.0421 1808 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
18:26:43.0452 1808 srvnet - ok
18:26:43.0499 1808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:26:43.0514 1808 stexstor - ok
18:26:43.0546 1808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
18:26:43.0561 1808 swenum - ok
18:26:43.0639 1808 SynTP (bcf305959b53b200ceb2ad25ad22f8a7) C:\Windows\system32\DRIVERS\SynTP.sys
18:26:43.0655 1808 SynTP - ok
18:26:43.0764 1808 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
18:26:43.0826 1808 Tcpip - ok
18:26:43.0904 1808 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
18:26:43.0967 1808 TCPIP6 - ok
18:26:43.0998 1808 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
18:26:44.0060 1808 tcpipreg - ok
18:26:44.0092 1808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:26:44.0170 1808 TDPIPE - ok
18:26:44.0201 1808 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:26:44.0279 1808 TDTCP - ok
18:26:44.0310 1808 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
18:26:44.0388 1808 tdx - ok
18:26:44.0404 1808 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
18:26:44.0419 1808 TermDD - ok
18:26:44.0450 1808 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:26:44.0528 1808 tssecsrv - ok
18:26:44.0560 1808 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
18:26:44.0638 1808 tunnel - ok
18:26:44.0653 1808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:26:44.0684 1808 uagp35 - ok
18:26:44.0700 1808 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
18:26:44.0794 1808 udfs - ok
18:26:44.0825 1808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
18:26:44.0840 1808 uliagpkx - ok
18:26:44.0872 1808 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
18:26:44.0903 1808 umbus - ok
18:26:44.0918 1808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:26:44.0965 1808 UmPass - ok
18:26:44.0996 1808 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
18:26:45.0043 1808 usbccgp - ok
18:26:45.0090 1808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
18:26:45.0137 1808 usbcir - ok
18:26:45.0168 1808 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
18:26:45.0184 1808 usbehci - ok
18:26:45.0230 1808 usbhub (7cc1c95896d60e868aa6dd2dd2f97ead) C:\Windows\system32\DRIVERS\usbhub.sys
18:26:45.0262 1808 usbhub - ok
18:26:45.0277 1808 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
18:26:45.0308 1808 usbohci - ok
18:26:45.0340 1808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:26:45.0386 1808 usbprint - ok
18:26:45.0418 1808 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:26:45.0464 1808 USBSTOR - ok
18:26:45.0480 1808 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
18:26:45.0527 1808 usbuhci - ok
18:26:45.0558 1808 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
18:26:45.0620 1808 usbvideo - ok
18:26:45.0652 1808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
18:26:45.0667 1808 vdrvroot - ok
18:26:45.0698 1808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:26:45.0730 1808 vga - ok
18:26:45.0745 1808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:26:45.0808 1808 VgaSave - ok
18:26:45.0839 1808 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
18:26:45.0870 1808 vhdmp - ok
18:26:45.0886 1808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
18:26:45.0901 1808 viaide - ok
18:26:45.0932 1808 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
18:26:45.0964 1808 volmgr - ok
18:26:45.0995 1808 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
18:26:46.0026 1808 volmgrx - ok
18:26:46.0057 1808 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
18:26:46.0073 1808 volsnap - ok
18:26:46.0104 1808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:26:46.0120 1808 vsmraid - ok
18:26:46.0151 1808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:26:46.0182 1808 vwifibus - ok
18:26:46.0182 1808 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:26:46.0229 1808 vwififlt - ok
18:26:46.0291 1808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:26:46.0322 1808 WacomPen - ok
18:26:46.0385 1808 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:26:46.0463 1808 WANARP - ok
18:26:46.0478 1808 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:26:46.0541 1808 Wanarpv6 - ok
18:26:47.0056 1808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:26:47.0071 1808 Wd - ok
18:26:47.0149 1808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:26:47.0196 1808 Wdf01000 - ok
18:26:47.0383 1808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:26:47.0446 1808 WfpLwf - ok
18:26:47.0539 1808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:26:47.0555 1808 WIMMount - ok
18:26:47.0758 1808 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
18:26:47.0789 1808 WinUsb - ok
18:26:47.0867 1808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:26:47.0898 1808 WmiAcpi - ok
18:26:47.0929 1808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:26:48.0007 1808 ws2ifsl - ok
18:26:48.0070 1808 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
18:26:48.0148 1808 WudfPf - ok
18:26:48.0194 1808 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:26:48.0272 1808 WUDFRd - ok
18:26:48.0319 1808 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:26:48.0553 1808 \Device\Harddisk0\DR0 - ok
18:26:48.0553 1808 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
18:26:48.0725 1808 \Device\Harddisk1\DR1 - ok
18:26:48.0740 1808 Boot (0x1200) (69ca8094d3f4e6d36570a5c3be8ec0f9) \Device\Harddisk0\DR0\Partition0
18:26:48.0740 1808 \Device\Harddisk0\DR0\Partition0 - ok
18:26:48.0787 1808 Boot (0x1200) (6bbe52093861277cf1f1ecdc3d4e4bbe) \Device\Harddisk0\DR0\Partition1
18:26:48.0787 1808 \Device\Harddisk0\DR0\Partition1 - ok
18:26:48.0787 1808 Boot (0x1200) (b8a2e957071c78807531a02ed0d4e82a) \Device\Harddisk1\DR1\Partition0
18:26:48.0787 1808 \Device\Harddisk1\DR1\Partition0 - ok
18:26:48.0787 1808 ============================================================
18:26:48.0787 1808 Scan finished
18:26:48.0787 1808 ============================================================
18:26:48.0818 1712 Detected object count: 0
18:26:48.0818 1712 Actual detected object count: 0

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

• Lade dir ComboFix hier herunter auf deinen Desktop.

• Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

• Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
  Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

• Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 11-11-07.03 - Seppo 07.11.2011  19:27:08.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3999.2855 [GMT 1:00]
ausgeführt von:: c:\users\Seppo\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\facemoods.com
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.crx
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.png
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsApp.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsEng.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-10-07 bis 2011-11-07  ))))))))))))))))))))))))))))))
.
.
2011-11-07 18:37 . 2011-11-07 18:37	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-11-07 14:07 . 2011-11-07 14:09	--------	d-----w-	c:\program files (x86)\JDownloader
2011-11-07 13:21 . 2011-11-07 13:21	--------	d-----w-	c:\program files (x86)\Common Files\Java
2011-11-07 12:58 . 2011-11-07 12:58	--------	d-----w-	C:\_OTL
2011-11-06 13:12 . 2011-11-06 13:12	--------	d-----w-	c:\program files (x86)\MSECache
2011-11-06 13:10 . 2011-10-19 15:56	97312	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-11-06 13:10 . 2011-10-19 15:56	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2011-11-06 13:10 . 2011-10-19 15:56	130760	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-11-06 13:10 . 2011-11-06 13:10	--------	d-----w-	c:\programdata\Avira
2011-11-06 13:10 . 2011-11-06 13:10	--------	d-----w-	c:\program files (x86)\Avira
2011-11-04 15:02 . 2011-11-04 15:02	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2011-11-04 15:01 . 2011-11-04 15:02	--------	d-----w-	c:\program files\DivX
2011-11-04 15:01 . 2011-11-04 15:02	--------	d-----w-	c:\program files (x86)\Common Files\DivX Shared
2011-11-04 15:01 . 2011-11-04 15:02	--------	d-----w-	c:\program files (x86)\DivX
2011-11-04 15:00 . 2011-11-04 15:02	--------	d-----w-	c:\programdata\DivX
2011-11-04 05:51 . 2011-10-18 01:27	8570192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{758E42CD-4BC0-4C94-B223-484C869BC97D}\mpengine.dll
2011-11-04 05:50 . 2011-04-28 03:58	552448	----a-w-	c:\windows\system32\drivers\bthport.sys
2011-11-04 05:50 . 2011-04-28 03:58	80384	----a-w-	c:\windows\system32\drivers\BTHUSB.SYS
2011-11-03 17:40 . 2009-11-25 11:47	99176	----a-w-	c:\windows\SysWow64\PresentationHostProxy.dll
2011-11-03 17:40 . 2009-11-25 11:47	49472	----a-w-	c:\windows\SysWow64\netfxperf.dll
2011-11-03 17:40 . 2009-11-25 11:47	48960	----a-w-	c:\windows\system32\netfxperf.dll
2011-11-03 17:40 . 2009-11-25 11:47	297808	----a-w-	c:\windows\SysWow64\mscoree.dll
2011-11-03 17:40 . 2009-11-25 11:47	295264	----a-w-	c:\windows\SysWow64\PresentationHost.exe
2011-11-03 17:40 . 2009-11-25 11:47	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2011-11-03 17:40 . 2009-11-25 11:47	109912	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2011-11-03 17:40 . 2009-11-25 11:47	444752	----a-w-	c:\windows\system32\mscoree.dll
2011-11-03 17:40 . 2009-11-25 11:47	320352	----a-w-	c:\windows\system32\PresentationHost.exe
2011-11-03 17:40 . 2009-11-25 11:47	1942856	----a-w-	c:\windows\system32\dfshim.dll
2011-11-03 17:40 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2011-11-03 17:35 . 2011-11-03 17:35	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2011-11-03 07:42 . 2011-07-09 05:14	2048	----a-w-	c:\windows\system32\tzres.dll
2011-11-03 07:42 . 2011-07-09 04:30	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2011-11-03 07:42 . 2010-12-18 06:11	714752	----a-w-	c:\windows\system32\kerberos.dll
2011-11-03 07:42 . 2010-12-18 05:29	541184	----a-w-	c:\windows\SysWow64\kerberos.dll
2011-11-03 07:40 . 2011-07-09 02:44	287744	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-11-03 07:37 . 2010-06-19 06:53	52224	----a-w-	c:\windows\system32\rtutils.dll
2011-11-03 07:37 . 2010-06-19 06:23	37376	----a-w-	c:\windows\SysWow64\rtutils.dll
2011-11-03 07:37 . 2010-08-21 06:29	558592	----a-w-	c:\windows\system32\spoolsv.exe
2011-11-03 07:37 . 2011-02-19 04:13	367104	----a-w-	c:\windows\system32\atmfd.dll
2011-11-03 07:37 . 2011-02-19 03:37	294912	----a-w-	c:\windows\SysWow64\atmfd.dll
2011-11-03 07:36 . 2011-02-19 06:36	46080	----a-w-	c:\windows\system32\atmlib.dll
2011-11-03 07:36 . 2011-02-19 05:32	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2011-11-03 07:36 . 2011-06-23 05:29	5507968	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-11-03 07:36 . 2011-06-23 04:38	3957120	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-11-03 07:36 . 2011-06-23 04:38	3902336	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-11-03 07:36 . 2010-10-16 05:19	395776	----a-w-	c:\windows\system32\webio.dll
2011-11-03 07:36 . 2010-10-16 04:36	314368	----a-w-	c:\windows\SysWow64\webio.dll
2011-11-03 07:36 . 2010-07-29 06:30	82944	----a-w-	c:\windows\SysWow64\iccvid.dll
2011-11-03 07:34 . 2011-03-03 06:17	182272	----a-w-	c:\windows\system32\dnsrslvr.dll
2011-11-03 07:34 . 2011-03-03 06:14	30208	----a-w-	c:\windows\system32\dnscacheugc.exe
2011-11-03 07:34 . 2011-03-03 05:27	28672	----a-w-	c:\windows\SysWow64\dnscacheugc.exe
2011-11-03 07:34 . 2010-05-19 19:48	144384	----a-w-	c:\windows\system32\cdd.dll
2011-11-03 07:32 . 2011-08-17 05:32	613888	----a-w-	c:\windows\system32\psisdecd.dll
2011-11-03 07:31 . 2011-07-16 02:26	2048	----a-w-	c:\windows\SysWow64\user.exe
2011-11-02 20:45 . 2011-11-02 20:45	--------	d-----w-	c:\program files (x86)\ESET
2011-11-02 20:38 . 2011-11-02 20:38	--------	d-----w-	c:\programdata\Malwarebytes
2011-11-02 20:37 . 2011-11-02 20:38	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-02 20:37 . 2011-08-31 16:00	25416	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\de-DE
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\SysWow64\XPSViewer
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\SysWow64\drivers\UMDF\de-DE
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\SysWow64\drivers\de-DE
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\SysWow64\de
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\SysWow64\0407
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\SysWow64\wbem\de-DE
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\system32\drivers\UMDF\de-DE
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\system32\drivers\de-DE
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\system32\de
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\system32\0407
2011-11-02 17:38 . 2011-11-02 17:38	--------	d-----w-	c:\windows\system32\wbem\de-DE
2011-11-02 17:37 . 2011-11-02 17:37	3584	----a-w-	c:\windows\system32\Spool\prtprocs\x64\de-DE\LXKPTPRC.DLL.mui
2011-11-02 17:32 . 2011-11-02 17:32	--------	d-----w-	c:\windows\NAPP_Dism_Log
2011-11-02 13:53 . 2011-11-02 13:53	--------	d-----w-	c:\program files (x86)\OpenOffice.org 3
2011-11-02 13:52 . 2011-11-07 13:17	--------	d-----w-	c:\program files (x86)\Java
2011-11-02 09:59 . 2011-11-02 09:59	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-02 09:45 . 2011-11-02 09:45	--------	d--h--w-	c:\programdata\CanonBJ
2011-11-02 09:45 . 2009-07-14 01:40	84992	----a-w-	c:\windows\system32\Spool\prtprocs\x64\CNBPP4.DLL
2011-11-02 09:23 . 2011-05-24 18:14	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-11-02 09:19 . 2011-11-02 09:20	--------	d-----w-	c:\program files (x86)\MediaMonkey
2011-11-02 09:17 . 2011-11-02 09:17	--------	d-----w-	c:\program files (x86)\VideoLAN
2011-11-02 09:10 . 2011-11-02 09:10	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2011-11-02 09:08 . 2006-11-29 12:06	4398360	----a-w-	c:\windows\system32\d3dx9_32.dll
2011-11-02 09:08 . 2006-11-29 12:06	3426072	----a-w-	c:\windows\SysWow64\d3dx9_32.dll
2011-11-02 09:08 . 2011-11-02 09:08	--------	d-----w-	c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-11-02 09:07 . 2011-11-02 09:07	--------	d-----w-	c:\program files (x86)\Microsoft
2011-11-02 09:07 . 2011-11-02 09:07	--------	d-----w-	c:\program files (x86)\Windows Live SkyDrive
2011-11-02 09:06 . 2011-11-02 09:08	--------	d-----w-	c:\program files (x86)\Windows Live
2011-11-02 09:05 . 2011-11-02 09:05	--------	d-----w-	c:\program files (x86)\Common Files\Windows Live
2011-11-02 09:04 . 2009-06-19 09:44	8362	----a-w-	c:\windows\Suyin.reg
2011-11-02 09:04 . 2008-06-25 13:22	20480	----a-w-	c:\windows\USB_VIDEO_REG.exe
2011-11-02 09:04 . 2009-06-11 16:19	1658880	----a-w-	c:\windows\Acer Crystal Eye webcam.EXE
2011-11-02 09:04 . 2008-12-30 12:42	626688	----a-w-	c:\windows\Image.dll
2011-11-02 09:04 . 2008-07-29 18:29	200704	----a-w-	c:\windows\PLFSetI.exe
2011-11-02 09:01 . 2011-11-02 09:01	--------	d-----w-	c:\program files\Synaptics
2011-11-02 09:01 . 2010-01-09 07:19	139264	----a-w-	c:\windows\system32\cabview.dll
2011-11-02 09:01 . 2010-01-09 06:52	132608	----a-w-	c:\windows\SysWow64\cabview.dll
2011-11-02 09:01 . 2009-12-29 08:03	220672	----a-w-	c:\windows\system32\wintrust.dll
2011-11-02 09:01 . 2009-12-29 06:55	172032	----a-w-	c:\windows\SysWow64\wintrust.dll
2011-11-02 08:58 . 2011-11-02 08:58	--------	d---a-w-	C:\book
2011-11-02 08:55 . 2011-11-02 08:55	--------	d-----w-	c:\program files (x86)\OEM
2011-11-02 08:55 . 2011-11-02 08:55	--------	d-----w-	c:\program files\Acer Accessory Store
2011-11-02 08:55 . 2011-11-02 08:55	--------	d-----w-	c:\program files (x86)\MSXML 4.0
2011-11-02 08:46 . 2011-11-02 08:46	--------	d-----w-	c:\windows\SysWow64\x64
2011-11-02 08:46 . 2011-11-02 08:46	--------	d-----w-	c:\windows\SysWow64\Lang
2011-11-02 08:46 . 2010-08-25 18:45	948760	----a-w-	c:\windows\SysWow64\igxpun.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-02 17:37 . 2011-11-02 17:37	2560	----a-w-	c:\windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
2011-11-02 17:37 . 2011-11-02 17:37	5632	----a-w-	c:\windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
2011-11-02 17:37 . 2011-11-02 17:37	2560	----a-w-	c:\windows\SysWow64\drivers\de-DE\scfilter.sys.mui
2011-11-02 17:37 . 2011-11-02 17:37	51712	----a-w-	c:\windows\SysWow64\drivers\de-DE\tcpip.sys.mui
2011-11-02 17:36 . 2011-11-02 17:36	29696	----a-w-	c:\windows\SysWow64\drivers\de-DE\bfe.dll.mui
2011-11-02 17:36 . 2011-11-02 17:36	16896	----a-w-	c:\windows\SysWow64\drivers\de-DE\pacer.sys.mui
2011-11-02 08:47 . 2010-02-23 08:16	6	----a-w-	c:\windows\system32\PLD_Framework.cmd
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2010-02-23 08:32	433648	----a-w-	c:\programdata\Partner\Partner.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41	120104	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-23 39408]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-09-24 825864]
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-16 91432]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-25 588648]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-19 258512]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-2-23 708608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 135664]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2010-02-23 332272]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-19 86224]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-10-29 844320]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 76687669
*Deregistered* - 76687669
.
Inhalt des "geplante Tasks" Ordners
.
2011-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 09:14]
.
2011-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 09:14]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2010-02-23 08:32	750064	----a-w-	c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:44	137512	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-23 7981600]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-10-29 822816]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-10 349480]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = 
uLocal Page = c:\windows\system32\blank.htm
mStart Page = 
mLocal Page = 
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Seppo\AppData\Roaming\Mozilla\Firefox\Profiles\lwjdzyus.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-11-07  19:53:15
ComboFix-quarantined-files.txt  2011-11-07 18:53
.
Vor Suchlauf: 9 Verzeichnis(se), 223.035.273.216 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 222.914.011.136 Bytes frei
.
- - End Of File - - 45AB7F19AD126B955E51B33DB58E41EC
         

--- --- ---

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

• Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
• Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
• Klicke auf Scan.
• Warte bitte bis Scan finished successfully im DOS Fenster steht.
• Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-07 20:47:46
-----------------------------
20:47:46.790 OS Version: Windows x64 6.1.7600
20:47:46.790 Number of processors: 2 586 0x170A
20:47:46.790 ComputerName: SEPPO-PC UserName: Seppo
20:47:48.865 Initialize success
20:47:54.652 AVAST engine defs: 11110700
20:48:01.267 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
20:48:01.282 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
20:48:01.298 Disk 0 MBR read successfully
20:48:01.298 Disk 0 MBR scan
20:48:01.298 Disk 0 Windows 7 default MBR code
20:48:01.314 Service scanning
20:48:02.562 Modules scanning
20:48:02.562 Disk 0 trace - called modules:
20:48:02.608 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:48:02.608 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80047db060]
20:48:02.608 3 CLASSPNP.SYS[fffff8800145143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa800468f050]
20:48:04.699 AVAST engine scan C:\Windows
20:48:12.561 AVAST engine scan C:\Windows\system32
20:49:51.777 AVAST engine scan C:\Windows\system32\drivers
20:50:01.512 AVAST engine scan C:\Users\Seppo
20:51:56.125 AVAST engine scan C:\ProgramData
20:52:06.593 Scan finished successfully
20:52:16.858 Disk 0 MBR has been saved successfully to "C:\Users\Seppo\Desktop\MBR.dat"
20:52:16.873 The log file has been saved successfully to "C:\Users\Seppo\Desktop\aswMBR.txt"

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Ich werde die Logs nun nacheinander posten:

1.) MWB

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8109

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

07.11.2011 21:44:34
mbam-log-2011-11-07 (21-44-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 319061
Laufzeit: 29 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Von SuperAntiSpyware:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 11/07/2011 at 09:59 PM

Application Version : 5.0.1134

Core Rules Database Version : 7908
Trace Rules Database Version: 5720

Scan type : Quick Scan
Total Scan Time : 00:06:07

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned : 499
Memory threats detected : 0
Registry items scanned : 59575
Registry threats detected : 0
File items scanned : 10389
File threats detected : 64

Adware.Tracking Cookie
C:\Users\Seppo\AppData\Roaming\Microsoft\Windows\Cookies\seppo@amazon-adsystem[1].txt [ /amazon-adsystem ]
.serving-sys.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\seppo@adviva[1].txt [ Cookie:seppo@adviva.net/ ]
.adfarm1.adition.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\seppo@serving-sys[2].txt [ Cookie:seppo@serving-sys.com/ ]
.mediaplex.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\seppo@traffictrack[1].txt [ Cookie:seppo@traffictrack.de/ ]
.doubleclick.net [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\V3BZRO2M.txt [ Cookie:seppo@questionmarket.com/ ]
.tribalfusion.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\22H3LBBQ.txt [ Cookie:seppo@ad2.adfarm1.adition.com/ ]
ad3.adfarm1.adition.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\OK3UMWAB.txt [ Cookie:seppo@ad.zanox.com/ ]
.adfarm1.adition.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\CBZ8OZ0E.txt [ Cookie:seppo@adfarm1.adition.com/ ]
ad.zanox.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\075MD8GJ.txt [ Cookie:seppo@zanox.com/ ]
.tradedoubler.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\seppo@atdmt[2].txt [ Cookie:seppo@atdmt.com/ ]
.traffictrack.de [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\seppo@mediaplex[1].txt [ Cookie:seppo@mediaplex.com/ ]
adx.chip.de [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\seppo@tradedoubler[1].txt [ Cookie:seppo@tradedoubler.com/ ]
.zanox.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\NTALTU3N.txt [ Cookie:seppo@adx.chip.de/ ]
statse.webtrendslive.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y4AG5FJ3.txt [ Cookie:seppo@ad.yieldmanager.com/ ]
accounts.google.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\seppo@apmebf[2].txt [ Cookie:seppo@apmebf.com/ ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\seppo@webmasterplan[2].txt [ Cookie:seppo@webmasterplan.com/ ]
C:\USERS\SEPPO\AppData\Roaming\Microsoft\Windows\Cookies\Low\DYCRDJ64.txt [ Cookie:seppo@ad3.adfarm1.adition.com/ ]
C:\USERS\SEPPO\Cookies\seppo@amazon-adsystem[1].txt [ Cookie:seppo@amazon-adsystem.com/ ]
de.sitestat.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.divx.112.2o7.net [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
stats.computecmedia.de [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]
audit.median.hu [ C:\USERS\SEPPO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWJDZYUS.DEFAULT\COOKIES.SQLITE ]

Bislang nur harmlose Cookies. Machst du ESET bitte noch?

Die Cookies sind also nicht weiter wild? Hier das ESET-Log:

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=04aaef876027c542b77a6e77e6fb148a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-02 10:02:28
# local_time=2011-11-02 11:02:28 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 46210 46210 0 0
# compatibility_mode=5893 16776573 100 94 8718 71897750 0 0
# compatibility_mode=8192 67108863 100 0 4800 4800 0 0
# scanned=97149
# found=2
# cleaned=0
# scan_time=3470
C:\Users\Seppo\P-7-78-8964-9648-3874\wincrs.exe Win32/AutoRun.IRCBot.HO worm (unable to clean) 00000000000000000000000000000000 I
${Memory} Win32/AutoRun.IRCBot.HO worm 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=04aaef876027c542b77a6e77e6fb148a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-04 04:19:25
# local_time=2011-11-04 05:19:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 191421 191421 0 0
# compatibility_mode=5893 16776573 100 94 3965 72042961 0 0
# compatibility_mode=8192 67108863 100 0 150011 150011 0 0
# scanned=149250
# found=0
# cleaned=0
# scan_time=10454
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=04aaef876027c542b77a6e77e6fb148a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-05 11:40:33
# local_time=2011-11-05 12:40:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 266947 266947 0 0
# compatibility_mode=5893 16776573 100 94 10425 72118487 0 0
# compatibility_mode=8192 67108863 100 0 225537 225537 0 0
# scanned=153473
# found=0
# cleaned=0
# scan_time=4617
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=04aaef876027c542b77a6e77e6fb148a
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-07 10:12:40
# local_time=2011-11-07 11:12:40 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 118367 118367 0 0
# compatibility_mode=5893 16776574 100 94 3673 72329629 0 0
# compatibility_mode=8192 67108863 100 0 436679 436679 0 0
# scanned=88298
# found=0
# cleaned=0
# scan_time=4202
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=04aaef876027c542b77a6e77e6fb148a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-08 05:23:13
# local_time=2011-11-08 06:23:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 185191 185191 0 0
# compatibility_mode=5893 16776574 100 94 3767 72396453 0 0
# compatibility_mode=8192 67108863 100 0 503503 503503 0 0
# scanned=154466
# found=0
# cleaned=0
# scan_time=6411

Hat sich mein Problem damit dann erledigt?

Mit freundlichen Grüßen
TsuBasti

Keine weiteren Funde!
Rechner wieder im Lot oder gibts noch Probleme und/oder andere Funde?