| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internetaktivitäten langsam/werden unterbrochenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.03.2012, 15:16
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Internetaktivitäten langsam/werden unterbrochen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.03.2012, 21:28
| #17 |
 | Internetaktivitäten langsam/werden unterbrochenCode:
ATTFilter 21:22:18.0421 3572 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
21:22:20.0433 3572 ============================================================
21:22:20.0433 3572 Current date / time: 2012/03/14 21:22:20.0433
21:22:20.0433 3572 SystemInfo:
21:22:20.0433 3572
21:22:20.0433 3572 OS Version: 6.1.7601 ServicePack: 1.0
21:22:20.0433 3572 Product type: Workstation
21:22:20.0433 3572 ComputerName: NPC
21:22:20.0433 3572 UserName: *****
21:22:20.0433 3572 Windows directory: C:\Windows
21:22:20.0433 3572 System windows directory: C:\Windows
21:22:20.0433 3572 Running under WOW64
21:22:20.0433 3572 Processor architecture: Intel x64
21:22:20.0433 3572 Number of processors: 2
21:22:20.0433 3572 Page size: 0x1000
21:22:20.0433 3572 Boot type: Normal boot
21:22:20.0433 3572 ============================================================
21:22:23.0444 3572 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:22:23.0460 3572 Drive \Device\Harddisk2\DR2 - Size: 0xFB900000 (3.93 Gb), SectorSize: 0x200, Cylinders: 0x201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:22:23.0475 3572 \Device\Harddisk0\DR0:
21:22:23.0507 3572 MBR used
21:22:23.0507 3572 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
21:22:23.0507 3572 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0xA323000
21:22:23.0522 3572 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xBD56000, BlocksNum 0x2E62F800
21:22:23.0522 3572 \Device\Harddisk2\DR2:
21:22:23.0522 3572 MBR used
21:22:23.0522 3572 \Device\Harddisk2\DR2\Partition0: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7DC7C1
21:22:23.0600 3572 Initialize success
21:22:23.0600 3572 ============================================================
21:23:06.0500 4148 ============================================================
21:23:06.0500 4148 Scan started
21:23:06.0500 4148 Mode: Manual; SigCheck; TDLFS;
21:23:06.0500 4148 ============================================================
21:23:07.0280 4148 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:23:07.0405 4148 1394ohci - ok
21:23:07.0467 4148 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:23:07.0499 4148 ACPI - ok
21:23:07.0545 4148 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:23:07.0592 4148 AcpiPmi - ok
21:23:07.0733 4148 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:23:07.0779 4148 adp94xx - ok
21:23:07.0826 4148 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:23:07.0857 4148 adpahci - ok
21:23:07.0920 4148 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:23:07.0951 4148 adpu320 - ok
21:23:08.0045 4148 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:23:08.0123 4148 AFD - ok
21:23:08.0247 4148 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:23:08.0263 4148 agp440 - ok
21:23:08.0310 4148 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:23:08.0325 4148 aliide - ok
21:23:08.0419 4148 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:23:08.0435 4148 amdide - ok
21:23:08.0481 4148 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:23:08.0528 4148 AmdK8 - ok
21:23:08.0793 4148 amdkmdag (d3e6b2e1394d93fe9db0ba24814b0d8f) C:\Windows\system32\DRIVERS\atipmdag.sys
21:23:09.0059 4148 amdkmdag - ok
21:23:09.0152 4148 amdkmdap (cc4d915d786d3da973b2ea9b95d59a29) C:\Windows\system32\DRIVERS\atikmpag.sys
21:23:09.0215 4148 amdkmdap - ok
21:23:09.0324 4148 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:23:09.0386 4148 AmdPPM - ok
21:23:09.0480 4148 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:23:09.0511 4148 amdsata - ok
21:23:09.0558 4148 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:23:09.0589 4148 amdsbs - ok
21:23:09.0620 4148 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:23:09.0636 4148 amdxata - ok
21:23:09.0698 4148 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:23:09.0792 4148 AppID - ok
21:23:09.0901 4148 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:23:09.0932 4148 arc - ok
21:23:09.0963 4148 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:23:09.0979 4148 arcsas - ok
21:23:10.0026 4148 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:23:10.0104 4148 AsyncMac - ok
21:23:10.0151 4148 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:23:10.0166 4148 atapi - ok
21:23:10.0307 4148 athr (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys
21:23:10.0353 4148 athr - ok
21:23:10.0494 4148 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:23:10.0556 4148 AtiPcie - ok
21:23:10.0697 4148 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:23:10.0790 4148 b06bdrv - ok
21:23:10.0899 4148 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:23:10.0962 4148 b57nd60a - ok
21:23:11.0071 4148 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:23:11.0180 4148 Beep - ok
21:23:11.0352 4148 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120302.001\BHDrvx64.sys
21:23:11.0399 4148 BHDrvx64 - ok
21:23:11.0477 4148 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:23:11.0539 4148 blbdrive - ok
21:23:11.0586 4148 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:23:11.0633 4148 bowser - ok
21:23:11.0742 4148 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:23:11.0804 4148 BrFiltLo - ok
21:23:11.0913 4148 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:23:11.0945 4148 BrFiltUp - ok
21:23:11.0976 4148 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:23:12.0038 4148 Brserid - ok
21:23:12.0069 4148 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:23:12.0085 4148 BrSerWdm - ok
21:23:12.0194 4148 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:23:12.0241 4148 BrUsbMdm - ok
21:23:12.0350 4148 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:23:12.0381 4148 BrUsbSer - ok
21:23:12.0413 4148 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:23:12.0475 4148 BTHMODEM - ok
21:23:12.0553 4148 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:23:12.0631 4148 cdfs - ok
21:23:12.0709 4148 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:23:12.0771 4148 cdrom - ok
21:23:12.0896 4148 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:23:12.0943 4148 circlass - ok
21:23:12.0990 4148 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:23:13.0005 4148 CLFS - ok
21:23:13.0130 4148 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:23:13.0177 4148 CmBatt - ok
21:23:13.0224 4148 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:23:13.0239 4148 cmdide - ok
21:23:13.0286 4148 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:23:13.0333 4148 CNG - ok
21:23:13.0427 4148 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:23:13.0458 4148 Compbatt - ok
21:23:13.0505 4148 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:23:13.0551 4148 CompositeBus - ok
21:23:13.0645 4148 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:23:13.0676 4148 crcdisk - ok
21:23:13.0739 4148 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:23:13.0817 4148 DfsC - ok
21:23:13.0926 4148 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:23:13.0973 4148 discache - ok
21:23:14.0019 4148 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:23:14.0051 4148 Disk - ok
21:23:14.0175 4148 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:23:14.0222 4148 drmkaud - ok
21:23:14.0300 4148 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:23:14.0331 4148 DXGKrnl - ok
21:23:14.0456 4148 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:23:14.0597 4148 ebdrv - ok
21:23:14.0706 4148 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:23:14.0753 4148 eeCtrl - ok
21:23:14.0893 4148 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:23:14.0940 4148 elxstor - ok
21:23:15.0049 4148 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:23:15.0080 4148 EraserUtilRebootDrv - ok
21:23:15.0174 4148 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:23:15.0236 4148 ErrDev - ok
21:23:15.0423 4148 ewusbnet (8adacffad67394c711698ea074ce3bab) C:\Windows\system32\DRIVERS\ewusbnet.sys
21:23:15.0455 4148 ewusbnet - ok
21:23:15.0548 4148 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:23:15.0642 4148 exfat - ok
21:23:15.0689 4148 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:23:15.0767 4148 fastfat - ok
21:23:15.0860 4148 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:23:15.0907 4148 fdc - ok
21:23:15.0938 4148 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:23:15.0954 4148 FileInfo - ok
21:23:15.0969 4148 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:23:16.0063 4148 Filetrace - ok
21:23:16.0094 4148 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:23:16.0125 4148 flpydisk - ok
21:23:16.0235 4148 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:23:16.0266 4148 FltMgr - ok
21:23:16.0313 4148 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:23:16.0328 4148 FsDepends - ok
21:23:16.0359 4148 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:23:16.0359 4148 Fs_Rec - ok
21:23:16.0422 4148 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:23:16.0437 4148 fvevol - ok
21:23:16.0484 4148 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:23:16.0515 4148 gagp30kx - ok
21:23:16.0703 4148 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:23:16.0703 4148 GEARAspiWDM - ok
21:23:16.0843 4148 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:23:16.0890 4148 hcw85cir - ok
21:23:17.0061 4148 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:23:17.0108 4148 HdAudAddService - ok
21:23:17.0233 4148 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:23:17.0280 4148 HDAudBus - ok
21:23:17.0342 4148 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:23:17.0389 4148 HidBatt - ok
21:23:17.0561 4148 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:23:17.0623 4148 HidBth - ok
21:23:17.0763 4148 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:23:17.0810 4148 HidIr - ok
21:23:17.0935 4148 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
21:23:17.0966 4148 HidUsb - ok
21:23:18.0450 4148 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:23:18.0481 4148 HpSAMD - ok
21:23:18.0606 4148 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:23:18.0731 4148 HTTP - ok
21:23:18.0840 4148 hwdatacard (d969d0e26c5b1e813b17066a8318d5d4) C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:23:18.0871 4148 hwdatacard - ok
21:23:18.0980 4148 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:23:19.0011 4148 hwpolicy - ok
21:23:19.0121 4148 hwusbdev (b45b3647ba32749b94fa689175ec8c26) C:\Windows\system32\DRIVERS\ewusbdev.sys
21:23:19.0183 4148 hwusbdev - ok
21:23:19.0479 4148 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:23:19.0526 4148 i8042prt - ok
21:23:19.0573 4148 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:23:19.0604 4148 iaStorV - ok
21:23:19.0760 4148 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120310.001\IDSvia64.sys
21:23:19.0791 4148 IDSVia64 - ok
21:23:19.0901 4148 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:23:19.0916 4148 iirsp - ok
21:23:20.0057 4148 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
21:23:20.0119 4148 IntcAzAudAddService - ok
21:23:20.0166 4148 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:23:20.0197 4148 intelide - ok
21:23:20.0244 4148 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:23:20.0291 4148 intelppm - ok
21:23:20.0337 4148 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:23:20.0400 4148 IpFilterDriver - ok
21:23:20.0447 4148 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:23:20.0493 4148 IPMIDRV - ok
21:23:20.0540 4148 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:23:20.0618 4148 IPNAT - ok
21:23:20.0712 4148 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:23:20.0774 4148 IRENUM - ok
21:23:20.0821 4148 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:23:20.0837 4148 isapnp - ok
21:23:20.0883 4148 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:23:20.0930 4148 iScsiPrt - ok
21:23:21.0055 4148 k57nd60a (37e053a2cf8f0082b689ed74106e0cec) C:\Windows\system32\DRIVERS\k57nd60a.sys
21:23:21.0086 4148 k57nd60a - ok
21:23:21.0133 4148 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:23:21.0149 4148 kbdclass - ok
21:23:21.0195 4148 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:23:21.0242 4148 kbdhid - ok
21:23:21.0351 4148 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:23:21.0383 4148 KSecDD - ok
21:23:21.0398 4148 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:23:21.0429 4148 KSecPkg - ok
21:23:21.0476 4148 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:23:21.0554 4148 ksthunk - ok
21:23:21.0663 4148 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:23:21.0757 4148 lltdio - ok
21:23:21.0788 4148 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:23:21.0804 4148 LSI_FC - ok
21:23:21.0835 4148 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:23:21.0851 4148 LSI_SAS - ok
21:23:21.0866 4148 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:23:21.0882 4148 LSI_SAS2 - ok
21:23:21.0897 4148 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:23:21.0913 4148 LSI_SCSI - ok
21:23:21.0944 4148 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:23:22.0053 4148 luafv - ok
21:23:22.0085 4148 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:23:22.0085 4148 megasas - ok
21:23:22.0131 4148 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:23:22.0163 4148 MegaSR - ok
21:23:22.0287 4148 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:23:22.0334 4148 Modem - ok
21:23:22.0397 4148 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:23:22.0444 4148 monitor - ok
21:23:22.0568 4148 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:23:22.0584 4148 mouclass - ok
21:23:22.0662 4148 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:23:22.0709 4148 mouhid - ok
21:23:22.0787 4148 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:23:22.0802 4148 mountmgr - ok
21:23:22.0865 4148 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:23:22.0880 4148 mpio - ok
21:23:22.0943 4148 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:23:23.0005 4148 mpsdrv - ok
21:23:23.0052 4148 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:23:23.0099 4148 MRxDAV - ok
21:23:23.0146 4148 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:23:23.0177 4148 mrxsmb - ok
21:23:23.0286 4148 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:23:23.0333 4148 mrxsmb10 - ok
21:23:23.0380 4148 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:23:23.0411 4148 mrxsmb20 - ok
21:23:23.0770 4148 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:23:23.0785 4148 msahci - ok
21:23:23.0816 4148 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:23:23.0848 4148 msdsm - ok
21:23:23.0910 4148 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:23:23.0957 4148 Msfs - ok
21:23:23.0972 4148 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:23:24.0035 4148 mshidkmdf - ok
21:23:24.0082 4148 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:23:24.0097 4148 msisadrv - ok
21:23:24.0206 4148 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:23:24.0284 4148 MSKSSRV - ok
21:23:24.0331 4148 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:23:24.0409 4148 MSPCLOCK - ok
21:23:24.0518 4148 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:23:24.0628 4148 MSPQM - ok
21:23:24.0737 4148 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:23:24.0784 4148 MsRPC - ok
21:23:24.0830 4148 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:23:24.0846 4148 mssmbios - ok
21:23:24.0940 4148 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:23:25.0033 4148 MSTEE - ok
21:23:25.0064 4148 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:23:25.0080 4148 MTConfig - ok
21:23:25.0127 4148 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:23:25.0127 4148 Mup - ok
21:23:25.0252 4148 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:23:25.0298 4148 NativeWifiP - ok
21:23:25.0486 4148 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120313.002\ENG64.SYS
21:23:25.0517 4148 NAVENG - ok
21:23:25.0751 4148 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120313.002\EX64.SYS
21:23:25.0844 4148 NAVEX15 - ok
21:23:25.0985 4148 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:23:26.0032 4148 NDIS - ok
21:23:26.0094 4148 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:23:26.0172 4148 NdisCap - ok
21:23:26.0250 4148 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:23:26.0328 4148 NdisTapi - ok
21:23:26.0437 4148 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:23:26.0500 4148 Ndisuio - ok
21:23:26.0546 4148 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:23:26.0624 4148 NdisWan - ok
21:23:26.0718 4148 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:23:26.0780 4148 NDProxy - ok
21:23:26.0905 4148 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:23:26.0983 4148 NetBIOS - ok
21:23:27.0030 4148 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:23:27.0108 4148 NetBT - ok
21:23:27.0217 4148 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:23:27.0248 4148 nfrd960 - ok
21:23:27.0295 4148 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:23:27.0342 4148 Npfs - ok
21:23:27.0436 4148 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:23:27.0498 4148 nsiproxy - ok
21:23:27.0576 4148 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:23:27.0654 4148 Ntfs - ok
21:23:27.0748 4148 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
21:23:27.0763 4148 NTIDrvr - ok
21:23:27.0779 4148 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:23:27.0841 4148 Null - ok
21:23:27.0950 4148 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:23:27.0982 4148 nvraid - ok
21:23:28.0013 4148 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:23:28.0028 4148 nvstor - ok
21:23:28.0060 4148 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:23:28.0091 4148 nv_agp - ok
21:23:28.0138 4148 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:23:28.0169 4148 ohci1394 - ok
21:23:28.0325 4148 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:23:28.0372 4148 Parport - ok
21:23:28.0418 4148 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:23:28.0450 4148 partmgr - ok
21:23:28.0574 4148 PCDSRVC{EDD8E36B-5B151F0E-06020101}_0 - ok
21:23:28.0684 4148 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:23:28.0715 4148 pci - ok
21:23:28.0855 4148 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:23:28.0871 4148 pciide - ok
21:23:28.0902 4148 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:23:28.0933 4148 pcmcia - ok
21:23:28.0964 4148 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:23:28.0980 4148 pcw - ok
21:23:29.0011 4148 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:23:29.0074 4148 PEAUTH - ok
21:23:29.0214 4148 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:23:29.0292 4148 PptpMiniport - ok
21:23:29.0323 4148 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:23:29.0354 4148 Processor - ok
21:23:29.0479 4148 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:23:29.0542 4148 Psched - ok
21:23:29.0573 4148 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
21:23:29.0588 4148 PxHlpa64 - ok
21:23:29.0682 4148 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:23:29.0776 4148 ql2300 - ok
21:23:29.0822 4148 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:23:29.0854 4148 ql40xx - ok
21:23:29.0885 4148 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:23:29.0916 4148 QWAVEdrv - ok
21:23:29.0947 4148 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:23:29.0978 4148 RasAcd - ok
21:23:30.0025 4148 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:23:30.0072 4148 RasAgileVpn - ok
21:23:30.0119 4148 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:23:30.0181 4148 Rasl2tp - ok
21:23:30.0212 4148 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:23:30.0290 4148 RasPppoe - ok
21:23:30.0400 4148 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:23:30.0462 4148 RasSstp - ok
21:23:30.0524 4148 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:23:30.0618 4148 rdbss - ok
21:23:30.0665 4148 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:23:30.0696 4148 rdpbus - ok
21:23:30.0727 4148 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:23:30.0774 4148 RDPCDD - ok
21:23:30.0852 4148 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:23:30.0930 4148 RDPENCDD - ok
21:23:30.0961 4148 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:23:30.0992 4148 RDPREFMP - ok
21:23:31.0039 4148 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
21:23:31.0070 4148 RDPWD - ok
21:23:31.0195 4148 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:23:31.0226 4148 rdyboost - ok
21:23:31.0367 4148 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:23:31.0460 4148 rspndr - ok
21:23:31.0585 4148 RSUSBSTOR (763ae0c6d9df4c24b7e2c26036a8188a) C:\Windows\System32\Drivers\RtsUStor.sys
21:23:31.0616 4148 RSUSBSTOR - ok
21:23:31.0663 4148 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys
21:23:31.0694 4148 RTHDMIAzAudService - ok
21:23:31.0741 4148 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:23:31.0757 4148 sbp2port - ok
21:23:31.0804 4148 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:23:31.0850 4148 scfilter - ok
21:23:31.0960 4148 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:23:32.0053 4148 secdrv - ok
21:23:32.0116 4148 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:23:32.0162 4148 Serenum - ok
21:23:32.0178 4148 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:23:32.0225 4148 Serial - ok
21:23:32.0272 4148 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:23:32.0287 4148 sermouse - ok
21:23:32.0350 4148 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:23:32.0381 4148 sffdisk - ok
21:23:32.0428 4148 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:23:32.0443 4148 sffp_mmc - ok
21:23:32.0474 4148 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:23:32.0506 4148 sffp_sd - ok
21:23:32.0552 4148 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:23:32.0584 4148 sfloppy - ok
21:23:32.0646 4148 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:23:32.0662 4148 SiSRaid2 - ok
21:23:32.0708 4148 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:23:32.0724 4148 SiSRaid4 - ok
21:23:32.0771 4148 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:23:32.0818 4148 Smb - ok
21:23:32.0880 4148 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:23:32.0896 4148 spldr - ok
21:23:33.0036 4148 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS
21:23:33.0067 4148 SRTSP - ok
21:23:33.0208 4148 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS
21:23:33.0223 4148 SRTSPX - ok
21:23:33.0348 4148 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:23:33.0410 4148 srv - ok
21:23:33.0457 4148 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:23:33.0504 4148 srv2 - ok
21:23:33.0613 4148 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:23:33.0660 4148 srvnet - ok
21:23:33.0785 4148 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:23:33.0800 4148 stexstor - ok
21:23:33.0863 4148 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:23:33.0878 4148 swenum - ok
21:23:34.0050 4148 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS
21:23:34.0097 4148 SymDS - ok
21:23:34.0253 4148 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS
21:23:34.0315 4148 SymEFA - ok
21:23:34.0440 4148 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:23:34.0456 4148 SymEvent - ok
21:23:34.0565 4148 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS
21:23:34.0580 4148 SymIRON - ok
21:23:34.0721 4148 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS
21:23:34.0752 4148 SymNetS - ok
21:23:34.0861 4148 SynTP (064a2530a4a7c7cec1be6a1945645be4) C:\Windows\system32\DRIVERS\SynTP.sys
21:23:34.0892 4148 SynTP - ok
21:23:35.0002 4148 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:23:35.0111 4148 Tcpip - ok
21:23:35.0204 4148 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:23:35.0267 4148 TCPIP6 - ok
21:23:35.0392 4148 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:23:35.0454 4148 tcpipreg - ok
21:23:35.0548 4148 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:23:35.0579 4148 TDPIPE - ok
21:23:35.0610 4148 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:23:35.0657 4148 TDTCP - ok
21:23:35.0782 4148 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:23:35.0875 4148 tdx - ok
21:23:35.0922 4148 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:23:35.0938 4148 TermDD - ok
21:23:35.0984 4148 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:23:36.0078 4148 tssecsrv - ok
21:23:36.0187 4148 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:23:36.0234 4148 TsUsbFlt - ok
21:23:36.0359 4148 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:23:36.0437 4148 tunnel - ok
21:23:36.0530 4148 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:23:36.0562 4148 uagp35 - ok
21:23:36.0593 4148 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
21:23:36.0608 4148 UBHelper - ok
21:23:36.0640 4148 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:23:36.0733 4148 udfs - ok
21:23:36.0842 4148 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:23:36.0874 4148 uliagpkx - ok
21:23:36.0905 4148 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:23:36.0936 4148 umbus - ok
21:23:37.0030 4148 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:23:37.0076 4148 UmPass - ok
21:23:37.0139 4148 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:23:37.0201 4148 usbccgp - ok
21:23:37.0310 4148 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:23:37.0342 4148 usbcir - ok
21:23:37.0404 4148 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:23:37.0435 4148 usbehci - ok
21:23:37.0544 4148 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:23:37.0591 4148 usbhub - ok
21:23:37.0700 4148 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
21:23:37.0763 4148 usbohci - ok
21:23:37.0810 4148 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:23:37.0841 4148 usbprint - ok
21:23:37.0919 4148 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:23:37.0966 4148 USBSTOR - ok
21:23:38.0044 4148 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:23:38.0075 4148 usbuhci - ok
21:23:38.0200 4148 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
21:23:38.0262 4148 usbvideo - ok
21:23:38.0387 4148 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:23:38.0402 4148 vdrvroot - ok
21:23:38.0465 4148 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:23:38.0496 4148 vga - ok
21:23:38.0512 4148 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:23:38.0574 4148 VgaSave - ok
21:23:38.0621 4148 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:23:38.0652 4148 vhdmp - ok
21:23:38.0699 4148 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:23:38.0730 4148 viaide - ok
21:23:38.0777 4148 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:23:38.0792 4148 volmgr - ok
21:23:38.0839 4148 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:23:38.0855 4148 volmgrx - ok
21:23:38.0902 4148 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:23:38.0933 4148 volsnap - ok
21:23:38.0980 4148 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:23:38.0995 4148 vsmraid - ok
21:23:39.0042 4148 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:23:39.0058 4148 vwifibus - ok
21:23:39.0089 4148 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:23:39.0136 4148 vwififlt - ok
21:23:39.0260 4148 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:23:39.0292 4148 vwifimp - ok
21:23:39.0323 4148 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:23:39.0370 4148 WacomPen - ok
21:23:39.0494 4148 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:23:39.0588 4148 WANARP - ok
21:23:39.0604 4148 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:23:39.0650 4148 Wanarpv6 - ok
21:23:39.0728 4148 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:23:39.0760 4148 Wd - ok
21:23:39.0806 4148 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:23:39.0838 4148 Wdf01000 - ok
21:23:39.0978 4148 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:23:40.0056 4148 WfpLwf - ok
21:23:40.0072 4148 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:23:40.0087 4148 WIMMount - ok
21:23:40.0196 4148 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:23:40.0306 4148 WmiAcpi - ok
21:23:40.0415 4148 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:23:40.0493 4148 ws2ifsl - ok
21:23:40.0540 4148 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:23:40.0586 4148 WudfPf - ok
21:23:40.0602 4148 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:23:40.0664 4148 WUDFRd - ok
21:23:40.0758 4148 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:23:40.0992 4148 \Device\Harddisk0\DR0 - ok
21:23:41.0008 4148 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk2\DR2
21:23:47.0731 4148 \Device\Harddisk2\DR2 - ok
21:23:47.0731 4148 Boot (0x1200) (eae31c0f8cb36874a952a243be97fb8b) \Device\Harddisk0\DR0\Partition0
21:23:47.0731 4148 \Device\Harddisk0\DR0\Partition0 - ok
21:23:47.0747 4148 Boot (0x1200) (dbf621bcc68ae68050b2804c36e45f8a) \Device\Harddisk0\DR0\Partition1
21:23:47.0747 4148 \Device\Harddisk0\DR0\Partition1 - ok
21:23:47.0778 4148 Boot (0x1200) (e1569c0ac76db41e1f16365263e8188e) \Device\Harddisk0\DR0\Partition2
21:23:47.0778 4148 \Device\Harddisk0\DR0\Partition2 - ok
21:23:47.0778 4148 Boot (0x1200) (62029afef553a5a2f49f76b8fe530acf) \Device\Harddisk2\DR2\Partition0
21:23:47.0778 4148 \Device\Harddisk2\DR2\Partition0 - ok
21:23:47.0778 4148 ============================================================
21:23:47.0778 4148 Scan finished
21:23:47.0778 4148 ============================================================
21:23:47.0794 2300 Detected object count: 0
21:23:47.0794 2300 Actual detected object count: 0
|
|
14.03.2012, 22:01
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Internetaktivitäten langsam/werden unterbrochen Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
23.03.2012, 23:59
| #19 |
| | Internetaktivitäten langsam/werden unterbrochenCode:
ATTFilter ComboFix 12-03-17.01 - ***** 18.03.2012 23:22:27.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4091.2527 [GMT 1:00]
ausgeführt von:: c:\users\*****\Desktop\ComboFix.exe
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\chrome\autocompleteprochrome.crx
c:\program files (x86)\AutocompletePro\FireFoxExtension.exe
c:\program files (x86)\AutocompletePro\InstTracker.exe
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome.manifest
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.js
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\utils.js
c:\program files (x86)\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js
c:\program files (x86)\AutocompletePro\support@predictad.com\install.rdf
c:\program files (x86)\AutocompletePro\unins000.dat
c:\program files (x86)\AutocompletePro\unins000.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-02-18 bis 2012-03-18 ))))))))))))))))))))))))))))))
.
.
2012-03-18 23:03 . 2012-03-18 23:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-14 21:57 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 21:57 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 21:57 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 20:43 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 20:43 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 20:43 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-13 21:03 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-13 21:03 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-13 21:03 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 21:03 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-13 21:02 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-13 21:02 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-13 21:02 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-10 13:01 . 2012-03-10 13:01 -------- d-----w- C:\_OTL
2012-02-26 19:43 . 2012-02-26 19:43 -------- d-----w- c:\program files (x86)\Veetle
2012-02-21 20:29 . 2012-02-21 20:29 -------- d-----w- c:\program files (x86)\ESET
2012-02-19 20:44 . 2012-02-19 20:44 -------- d-----w- c:\users\****\AppData\Roaming\Malwarebytes
2012-02-19 20:44 . 2012-02-19 20:44 -------- d-----w- c:\programdata\Malwarebytes
2012-02-18 22:53 . 2012-02-19 20:47 -------- d-----w- c:\users\*****\AppData\Local\NPE
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-10 10:12 . 2011-09-25 12:06 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-08 21:20 . 2012-02-08 21:20 174200 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-01-26 23:52 . 2011-01-29 17:13 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-17 03:39 . 2012-02-08 20:40 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5E157E2B-89A1-4939-B6D2-8D14AC8E4446}\mpengine.dll
2012-01-04 10:44 . 2012-02-14 20:54 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-14 20:54 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2011-12-30 06:26 . 2012-02-14 20:54 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-14 20:54 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-14 20:54 498688 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-21 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2010-05-26 1545568]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2010-06-17 370176]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 136176]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 136176]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 PCDSRVC{EDD8E36B-5B151F0E-06020101}_0;PCDSRVC{EDD8E36B-5B151F0E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\users\*****\appdata\local\temp\xesc82lluhdr\pcdrdiag\bin\pcdsrvc_x64.pkms [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [2012-03-02 1157240]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120316.005\IDSvia64.sys [2012-02-07 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe [2011-04-17 130008]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-28 255744]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-08 138360]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 23:09]
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 23:09]
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1164433500-2484290119-350120935-1000Core.job
- c:\users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-25 12:24]
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1164433500-2484290119-350120935-1000UA.job
- c:\users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-25 12:24]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mStart Page =
mLocal Page =
IE: Free YouTube to MP3 Converter - c:\users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: youtube.com\www
TCP: Interfaces\{31656834-DE9A-4E04-8AF6-810737781926}: NameServer = 193.189.244.206 193.189.244.225
TCP: Interfaces\{B49A345D-43BE-4FAB-A924-F0E2C4A265EB}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{C783F711-25D9-43D6-8BE9-8A4FAC52DB9D}: NameServer = 193.189.244.225 193.189.244.206
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-AutocompletePro3_is1 - c:\program files (x86)\AutocompletePro\unins000.exe
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\*****\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\5.2.0.13\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{EDD8E36B-5B151F0E-06020101}_0]
"ImagePath"="\??\c:\users\*****\appdata\local\temp\xesc82lluhdr\pcdrdiag\bin\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-03-19 00:10:41 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-03-18 23:10
.
Vor Suchlauf: 8 Verzeichnis(se), 44.030.808.064 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 43.517.771.776 Bytes frei
.
- - End Of File - - 3BE1BEBF4589CEB00778B3009C94CC9F
|
|
24.03.2012, 18:18
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Internetaktivitäten langsam/werden unterbrochen Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.03.2012, 23:37
| #21 |
| | Internetaktivitäten langsam/werden unterbrochenCode:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-24 21:21:48
-----------------------------
21:21:48.467 OS Version: Windows x64 6.1.7601 Service Pack 1
21:21:48.467 Number of processors: 2 586 0x603
21:21:48.467 ComputerName: NPC UserName:
21:21:50.667 Initialize success
21:25:46.539 AVAST engine defs: 12032400
21:36:22.245 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:36:22.245 Disk 0 Vendor: ST9500325AS 0001SDM1 Size: 476940MB BusType: 11
21:36:22.261 Disk 0 MBR read successfully
21:36:22.277 Disk 0 MBR scan
21:36:22.308 Disk 0 Windows 7 default MBR code
21:36:22.323 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
21:36:22.339 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
21:36:22.355 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 83526 MB offset 27469824
21:36:22.370 Disk 0 Partition - 00 0F Extended LBA 380000 MB offset 198531072
21:36:22.401 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 379999 MB offset 198533120
21:36:22.448 Disk 0 scanning C:\Windows\system32\drivers
21:36:38.938 Service scanning
21:37:08.858 Modules scanning
21:37:08.874 Disk 0 trace - called modules:
21:37:08.890 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:37:08.905 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800460e060]
21:37:08.905 3 CLASSPNP.SYS[fffff88001b7443f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004598060]
21:37:09.872 AVAST engine scan C:\Windows
21:37:13.024 AVAST engine scan C:\Windows\system32
21:41:13.420 AVAST engine scan C:\Windows\system32\drivers
21:41:32.499 AVAST engine scan C:\Users\F
21:50:10.607 AVAST engine scan C:\ProgramData
21:53:16.590 Scan finished successfully
21:57:01.792 Disk 0 MBR has been saved successfully to "C:\Users\*****\Desktop\MBR.dat"
21:57:01.808 The log file has been saved successfully to "C:\Users\*****\Desktop\aswMBR.txt"
|
|
25.03.2012, 14:49
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Internetaktivitäten langsam/werden unterbrochen Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Internetaktivitäten langsam/werden unterbrochen |
| aktivitäten, aufbau, browser, explorer, firefox, guten, interne, internet, internet explorer, internetverbindung, langsam, norton, not, phase, probleme, scan, scanner, sehr langsam, seite, seiten, verbindung, virenscan, virenscanner, windows, windows 7 |
Linear-Darstellung
