Virus,Malware auf PC

Schlag · 06.04.2011, 17:53

Nabend

ccleaner habe ich ausgeführt. den "cofi.exe" kann ich nicht ausführen da das system sofort beim laden nach dem öffnen den Bluescreen bringt. 20x probiert auch im abgesicherten modus..

Was jetzt?

Gruss

cosinus · 06.04.2011, 18:05

Dann erstmal dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Schlag · 06.04.2011, 18:15

2011/04/06 19:11:38.0535 5628 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/06 19:11:40.0548 5628 ================================================================================
2011/04/06 19:11:40.0548 5628 SystemInfo:
2011/04/06 19:11:40.0548 5628
2011/04/06 19:11:40.0548 5628 OS Version: 6.1.7600 ServicePack: 0.0
2011/04/06 19:11:40.0548 5628 Product type: Workstation
2011/04/06 19:11:40.0548 5628 ComputerName: DS-PC
2011/04/06 19:11:40.0548 5628 UserName: DS
2011/04/06 19:11:40.0548 5628 Windows directory: C:\Windows
2011/04/06 19:11:40.0548 5628 System windows directory: C:\Windows
2011/04/06 19:11:40.0548 5628 Processor architecture: Intel x86
2011/04/06 19:11:40.0548 5628 Number of processors: 4
2011/04/06 19:11:40.0548 5628 Page size: 0x1000
2011/04/06 19:11:40.0548 5628 Boot type: Normal boot
2011/04/06 19:11:40.0548 5628 ================================================================================
2011/04/06 19:11:40.0875 5628 Initialize success
2011/04/06 19:12:00.0313 6076 ================================================================================
2011/04/06 19:12:00.0313 6076 Scan started
2011/04/06 19:12:00.0313 6076 Mode: Manual;
2011/04/06 19:12:00.0313 6076 ================================================================================
2011/04/06 19:12:03.0542 6076 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/04/06 19:12:03.0636 6076 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/04/06 19:12:03.0729 6076 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/04/06 19:12:03.0854 6076 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/04/06 19:12:03.0901 6076 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/04/06 19:12:03.0963 6076 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/04/06 19:12:03.0995 6076 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/04/06 19:12:04.0041 6076 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/04/06 19:12:04.0088 6076 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/04/06 19:12:04.0104 6076 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/04/06 19:12:04.0135 6076 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/04/06 19:12:04.0135 6076 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/04/06 19:12:04.0166 6076 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/04/06 19:12:04.0166 6076 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/04/06 19:12:04.0197 6076 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2011/04/06 19:12:04.0213 6076 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/04/06 19:12:04.0244 6076 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2011/04/06 19:12:04.0275 6076 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/04/06 19:12:04.0338 6076 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/04/06 19:12:04.0385 6076 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/04/06 19:12:04.0416 6076 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/06 19:12:04.0447 6076 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/04/06 19:12:04.0525 6076 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/04/06 19:12:04.0603 6076 AVFSFilter (afb27b96a230f7d922fcbab57f316158) C:\Windows\system32\DRIVERS\avfsfilter.sys
2011/04/06 19:12:04.0697 6076 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/04/06 19:12:04.0743 6076 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/04/06 19:12:04.0775 6076 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/04/06 19:12:04.0806 6076 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/04/06 19:12:04.0868 6076 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/06 19:12:04.0899 6076 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/04/06 19:12:04.0915 6076 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/04/06 19:12:04.0946 6076 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/04/06 19:12:04.0977 6076 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/04/06 19:12:05.0009 6076 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/04/06 19:12:05.0040 6076 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/04/06 19:12:05.0071 6076 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/04/06 19:12:05.0133 6076 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/04/06 19:12:05.0227 6076 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
2011/04/06 19:12:05.0289 6076 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
2011/04/06 19:12:05.0367 6076 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
2011/04/06 19:12:05.0430 6076 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/06 19:12:05.0508 6076 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/06 19:12:05.0570 6076 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/04/06 19:12:05.0633 6076 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/04/06 19:12:05.0726 6076 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/04/06 19:12:05.0757 6076 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/04/06 19:12:05.0804 6076 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/04/06 19:12:05.0835 6076 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/04/06 19:12:05.0882 6076 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/04/06 19:12:05.0945 6076 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/04/06 19:12:05.0991 6076 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/04/06 19:12:06.0023 6076 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/04/06 19:12:06.0085 6076 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/04/06 19:12:06.0163 6076 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/04/06 19:12:06.0397 6076 DXGKrnl (c94b6c3cc628179cb9b9061c19888b99) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/06 19:12:06.0647 6076 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/04/06 19:12:06.0787 6076 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/04/06 19:12:06.0896 6076 enodpl (b4556f3d468c8dcb0b259d9d866cd4c4) C:\Windows\system32\drivers\enodpl.sys
2011/04/06 19:12:06.0943 6076 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/04/06 19:12:07.0083 6076 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/04/06 19:12:07.0130 6076 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/04/06 19:12:07.0193 6076 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/06 19:12:07.0224 6076 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/04/06 19:12:07.0271 6076 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/04/06 19:12:07.0333 6076 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/06 19:12:07.0395 6076 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/04/06 19:12:07.0473 6076 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/04/06 19:12:07.0505 6076 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/06 19:12:07.0598 6076 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/04/06 19:12:07.0739 6076 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/04/06 19:12:07.0848 6076 GDBehave (20e66a7546a9bfa48807669107dec7f2) C:\Windows\system32\drivers\GDBehave.sys
2011/04/06 19:12:07.0941 6076 GDMnIcpt (9b7bcd64b5737dbaa00d259289953f1f) C:\Windows\system32\drivers\MiniIcpt.sys
2011/04/06 19:12:08.0051 6076 GDPkIcpt (57d9b33804a621b14f6cc169667360fe) C:\Windows\system32\drivers\PktIcpt.sys
2011/04/06 19:12:08.0144 6076 gdwfpcd (8204a7c5e0f2c79292703872c5277ad8) C:\Windows\system32\drivers\gdwfpcd32.sys
2011/04/06 19:12:08.0253 6076 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/06 19:12:08.0409 6076 GRD (f5df1a80df94331d8e1a7c0a449e5df3) C:\Windows\system32\drivers\GRD.sys
2011/04/06 19:12:08.0659 6076 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/04/06 19:12:08.0784 6076 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/04/06 19:12:08.0862 6076 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/06 19:12:08.0940 6076 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/04/06 19:12:08.0971 6076 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/04/06 19:12:09.0018 6076 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/04/06 19:12:09.0080 6076 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/06 19:12:09.0174 6076 HookCentre (bcd88acce8c61988e9f1f6c34a0ee08b) C:\Windows\system32\drivers\HookCentre.sys
2011/04/06 19:12:09.0236 6076 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/04/06 19:12:09.0392 6076 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/04/06 19:12:09.0501 6076 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/04/06 19:12:09.0735 6076 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/06 19:12:09.0954 6076 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/04/06 19:12:10.0125 6076 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/04/06 19:12:10.0172 6076 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/04/06 19:12:10.0219 6076 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/06 19:12:10.0297 6076 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/06 19:12:10.0359 6076 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/04/06 19:12:10.0406 6076 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/04/06 19:12:10.0469 6076 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/04/06 19:12:10.0531 6076 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/04/06 19:12:10.0609 6076 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/06 19:12:10.0703 6076 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/06 19:12:10.0781 6076 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/06 19:12:10.0890 6076 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/06 19:12:11.0061 6076 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/04/06 19:12:11.0327 6076 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/04/06 19:12:11.0420 6076 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/06 19:12:11.0529 6076 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/04/06 19:12:11.0607 6076 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/04/06 19:12:11.0732 6076 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/04/06 19:12:11.0763 6076 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/04/06 19:12:11.0826 6076 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/04/06 19:12:11.0873 6076 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/04/06 19:12:11.0935 6076 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/04/06 19:12:12.0029 6076 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/04/06 19:12:12.0091 6076 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/06 19:12:12.0169 6076 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/06 19:12:12.0263 6076 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/06 19:12:12.0341 6076 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/04/06 19:12:12.0450 6076 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/04/06 19:12:12.0606 6076 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/06 19:12:12.0731 6076 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/04/06 19:12:12.0871 6076 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/06 19:12:13.0105 6076 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/06 19:12:13.0214 6076 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/06 19:12:13.0261 6076 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/04/06 19:12:13.0308 6076 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/04/06 19:12:13.0370 6076 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/04/06 19:12:13.0433 6076 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/04/06 19:12:13.0589 6076 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/04/06 19:12:13.0791 6076 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/06 19:12:13.0963 6076 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/06 19:12:14.0041 6076 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/04/06 19:12:14.0244 6076 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/04/06 19:12:14.0478 6076 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/06 19:12:14.0665 6076 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/04/06 19:12:14.0696 6076 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/04/06 19:12:14.0993 6076 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/04/06 19:12:15.0117 6076 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/04/06 19:12:15.0679 6076 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/06 19:12:16.0256 6076 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/04/06 19:12:16.0584 6076 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/04/06 19:12:16.0724 6076 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/06 19:12:16.0958 6076 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/06 19:12:17.0083 6076 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/06 19:12:17.0145 6076 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/04/06 19:12:17.0395 6076 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/06 19:12:17.0707 6076 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/06 19:12:18.0066 6076 netr28u (27ee4b406e2f26f6117a9a420bd4cb65) C:\Windows\system32\DRIVERS\netr28u.sys
2011/04/06 19:12:18.0300 6076 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/04/06 19:12:18.0440 6076 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
2011/04/06 19:12:18.0518 6076 nmwcdc (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
2011/04/06 19:12:18.0549 6076 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/04/06 19:12:18.0768 6076 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/06 19:12:19.0064 6076 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2011/04/06 19:12:19.0314 6076 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/04/06 19:12:21.0092 6076 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/06 19:12:21.0498 6076 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/04/06 19:12:21.0623 6076 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2011/04/06 19:12:21.0763 6076 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/04/06 19:12:21.0825 6076 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/06 19:12:21.0981 6076 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/04/06 19:12:22.0059 6076 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/04/06 19:12:22.0106 6076 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/06 19:12:22.0325 6076 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/04/06 19:12:22.0371 6076 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/04/06 19:12:22.0434 6076 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/04/06 19:12:22.0512 6076 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/04/06 19:12:22.0559 6076 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/04/06 19:12:22.0683 6076 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/04/06 19:12:22.0855 6076 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/06 19:12:22.0917 6076 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/04/06 19:12:23.0011 6076 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/06 19:12:23.0198 6076 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
2011/04/06 19:12:23.0495 6076 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/04/06 19:12:23.0573 6076 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/04/06 19:12:23.0635 6076 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/06 19:12:23.0682 6076 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/06 19:12:23.0760 6076 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/04/06 19:12:23.0838 6076 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/06 19:12:23.0916 6076 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/06 19:12:23.0994 6076 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/06 19:12:24.0087 6076 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/06 19:12:24.0150 6076 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/04/06 19:12:24.0181 6076 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/06 19:12:24.0290 6076 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/06 19:12:24.0353 6076 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/04/06 19:12:24.0399 6076 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/04/06 19:12:24.0509 6076 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/04/06 19:12:24.0711 6076 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/04/06 19:12:24.0821 6076 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/06 19:12:24.0961 6076 RTL8167 (d5ede44ca85899e0478208c8413c1c31) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/04/06 19:12:25.0039 6076 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/04/06 19:12:25.0086 6076 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/04/06 19:12:25.0164 6076 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/06 19:12:25.0335 6076 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/06 19:12:25.0413 6076 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/04/06 19:12:25.0507 6076 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/04/06 19:12:25.0803 6076 sfdrv01 (b7018644e132a8dfb12ed90106e06739) C:\Windows\system32\drivers\sfdrv01.sys
2011/04/06 19:12:25.0881 6076 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/04/06 19:12:25.0928 6076 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/06 19:12:25.0944 6076 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/06 19:12:26.0053 6076 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\Windows\system32\drivers\sfhlp02.sys
2011/04/06 19:12:26.0084 6076 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/04/06 19:12:26.0147 6076 sfsync02 (6dc03269f4c71e4ab313c3597f42a340) C:\Windows\system32\drivers\sfsync02.sys
2011/04/06 19:12:26.0256 6076 sfvfs02 (197cef62eb4bc043e1578529fa2b9a48) C:\Windows\system32\drivers\sfvfs02.sys
2011/04/06 19:12:26.0318 6076 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/04/06 19:12:26.0334 6076 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/04/06 19:12:26.0349 6076 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/04/06 19:12:26.0381 6076 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/04/06 19:12:26.0427 6076 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/04/06 19:12:26.0490 6076 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
2011/04/06 19:12:26.0552 6076 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/06 19:12:26.0599 6076 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/06 19:12:26.0708 6076 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/04/06 19:12:26.0724 6076 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/06 19:12:26.0802 6076 tandpl (126d7b3b4c7b724491c604060e1f4e14) C:\Windows\system32\drivers\tandpl.sys
2011/04/06 19:12:26.0895 6076 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/04/06 19:12:26.0989 6076 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/06 19:12:27.0005 6076 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/06 19:12:27.0067 6076 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/04/06 19:12:27.0083 6076 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/04/06 19:12:27.0098 6076 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/06 19:12:27.0129 6076 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/06 19:12:27.0223 6076 tosporte (90afa1a4451bbbee87c9f18a665d8121) C:\Windows\system32\DRIVERS\tosporte.sys
2011/04/06 19:12:27.0410 6076 tosrfbd (b168b345fb7073930c31e0d8b85e8353) C:\Windows\system32\DRIVERS\tosrfbd.sys
2011/04/06 19:12:27.0551 6076 tosrfbnp (74392bab3f0d4810da8436ec79d6955d) C:\Windows\system32\Drivers\tosrfbnp.sys
2011/04/06 19:12:27.0597 6076 Tosrfcom (1ad9eb1b5abd0aeee4084c8153476f1e) C:\Windows\system32\Drivers\tosrfcom.sys
2011/04/06 19:12:27.0660 6076 Tosrfhid (a72a3473180f378cc07d342803ffd580) C:\Windows\system32\DRIVERS\Tosrfhid.sys
2011/04/06 19:12:27.0691 6076 tosrfnds (b2a1a6538245fd69578224bbf2fd4677) C:\Windows\system32\DRIVERS\tosrfnds.sys
2011/04/06 19:12:27.0707 6076 TosRfSnd (8b877e24550e7962da820c8c354ec33a) C:\Windows\system32\drivers\tosrfsnd.sys
2011/04/06 19:12:27.0816 6076 Tosrfusb (97529d04178bf604c62c5be4b8bb2129) C:\Windows\system32\DRIVERS\tosrfusb.sys
2011/04/06 19:12:27.0987 6076 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/06 19:12:28.0050 6076 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/06 19:12:28.0128 6076 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/04/06 19:12:28.0159 6076 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/06 19:12:28.0206 6076 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/04/06 19:12:28.0253 6076 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/06 19:12:28.0299 6076 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/04/06 19:12:28.0346 6076 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/04/06 19:12:28.0424 6076 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
2011/04/06 19:12:28.0565 6076 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/06 19:12:28.0596 6076 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/04/06 19:12:28.0674 6076 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/06 19:12:28.0752 6076 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/06 19:12:28.0892 6076 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/04/06 19:12:29.0189 6076 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/06 19:12:29.0469 6076 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/06 19:12:29.0735 6076 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\drivers\usbser.sys
2011/04/06 19:12:30.0062 6076 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/06 19:12:30.0125 6076 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/06 19:12:30.0437 6076 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/06 19:12:30.0515 6076 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/04/06 19:12:30.0920 6076 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/06 19:12:31.0029 6076 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/04/06 19:12:31.0326 6076 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/04/06 19:12:31.0419 6076 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/04/06 19:12:31.0607 6076 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/04/06 19:12:31.0731 6076 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/04/06 19:12:32.0012 6076 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/04/06 19:12:32.0184 6076 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/04/06 19:12:32.0527 6076 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/04/06 19:12:32.0979 6076 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/04/06 19:12:33.0042 6076 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/04/06 19:12:33.0229 6076 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/04/06 19:12:33.0447 6076 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/04/06 19:12:33.0681 6076 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/04/06 19:12:33.0900 6076 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/06 19:12:34.0009 6076 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/06 19:12:34.0165 6076 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/04/06 19:12:34.0415 6076 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/06 19:12:34.0742 6076 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/04/06 19:12:35.0039 6076 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/04/06 19:12:35.0491 6076 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/04/06 19:12:35.0631 6076 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/04/06 19:12:35.0975 6076 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/06 19:12:36.0099 6076 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/04/06 19:12:36.0505 6076 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/06 19:12:36.0739 6076 \HardDisk1 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/04/06 19:12:37.0379 6076 ================================================================================
2011/04/06 19:12:37.0379 6076 Scan finished
2011/04/06 19:12:37.0379 6076 ================================================================================
2011/04/06 19:12:37.0394 6068 Detected object count: 1
2011/04/06 19:12:53.0025 6068 \HardDisk1 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/04/06 19:12:53.0025 6068 \HardDisk1 - ok
2011/04/06 19:12:53.0041 6068 Rootkit.Win32.TDSS.tdl4(\HardDisk1) - User select action: Cure

cosinus · 06.04.2011, 18:24

TDL4 wurde entfernt. Bitte Windows neu starten und zur Kontrolle den TDSS-Killer nochmal ausführen, das neue Log posten.

Schlag · 06.04.2011, 19:10

Hab ich gleich gemacht:

wurde nix mehr gefunden.

Zitat:

2011/04/06 20:07:07.0200 3284 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/06 20:07:09.0218 3284 ================================================================================
2011/04/06 20:07:09.0218 3284 SystemInfo:
2011/04/06 20:07:09.0218 3284
2011/04/06 20:07:09.0218 3284 OS Version: 6.1.7600 ServicePack: 0.0
2011/04/06 20:07:09.0218 3284 Product type: Workstation
2011/04/06 20:07:09.0218 3284 ComputerName: DS-PC
2011/04/06 20:07:09.0218 3284 UserName: DS
2011/04/06 20:07:09.0218 3284 Windows directory: C:\Windows
2011/04/06 20:07:09.0218 3284 System windows directory: C:\Windows
2011/04/06 20:07:09.0218 3284 Processor architecture: Intel x86
2011/04/06 20:07:09.0218 3284 Number of processors: 4
2011/04/06 20:07:09.0218 3284 Page size: 0x1000
2011/04/06 20:07:09.0218 3284 Boot type: Normal boot
2011/04/06 20:07:09.0218 3284 ================================================================================
2011/04/06 20:07:09.0510 3284 Initialize success
2011/04/06 20:07:11.0612 4460 ================================================================================
2011/04/06 20:07:11.0612 4460 Scan started
2011/04/06 20:07:11.0612 4460 Mode: Manual;
2011/04/06 20:07:11.0612 4460 ================================================================================
2011/04/06 20:07:15.0188 4460 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/04/06 20:07:15.0251 4460 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/04/06 20:07:15.0298 4460 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/04/06 20:07:15.0360 4460 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/04/06 20:07:15.0391 4460 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/04/06 20:07:15.0438 4460 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/04/06 20:07:15.0500 4460 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/04/06 20:07:15.0532 4460 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/04/06 20:07:15.0594 4460 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/04/06 20:07:15.0625 4460 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/04/06 20:07:15.0641 4460 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/04/06 20:07:15.0672 4460 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/04/06 20:07:15.0719 4460 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/04/06 20:07:15.0750 4460 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/04/06 20:07:15.0781 4460 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2011/04/06 20:07:15.0812 4460 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/04/06 20:07:15.0844 4460 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2011/04/06 20:07:15.0875 4460 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/04/06 20:07:15.0922 4460 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/04/06 20:07:15.0953 4460 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/04/06 20:07:16.0000 4460 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/06 20:07:16.0031 4460 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/04/06 20:07:16.0109 4460 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/04/06 20:07:16.0156 4460 AVFSFilter (afb27b96a230f7d922fcbab57f316158) C:\Windows\system32\DRIVERS\avfsfilter.sys
2011/04/06 20:07:16.0218 4460 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/04/06 20:07:16.0265 4460 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/04/06 20:07:16.0296 4460 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/04/06 20:07:16.0343 4460 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/04/06 20:07:16.0390 4460 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/06 20:07:16.0421 4460 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/04/06 20:07:16.0436 4460 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/04/06 20:07:16.0468 4460 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/04/06 20:07:16.0499 4460 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/04/06 20:07:16.0530 4460 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/04/06 20:07:16.0561 4460 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/04/06 20:07:16.0608 4460 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/04/06 20:07:16.0639 4460 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/04/06 20:07:16.0670 4460 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
2011/04/06 20:07:16.0717 4460 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
2011/04/06 20:07:16.0764 4460 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
2011/04/06 20:07:16.0951 4460 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/06 20:07:16.0998 4460 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/06 20:07:17.0060 4460 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/04/06 20:07:17.0138 4460 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/04/06 20:07:17.0201 4460 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/04/06 20:07:17.0216 4460 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/04/06 20:07:17.0263 4460 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/04/06 20:07:17.0279 4460 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/04/06 20:07:17.0326 4460 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/04/06 20:07:17.0372 4460 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/04/06 20:07:17.0404 4460 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/04/06 20:07:17.0528 4460 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/04/06 20:07:17.0560 4460 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/04/06 20:07:17.0638 4460 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/04/06 20:07:17.0809 4460 DXGKrnl (c94b6c3cc628179cb9b9061c19888b99) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/06 20:07:18.0012 4460 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/04/06 20:07:18.0137 4460 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/04/06 20:07:18.0246 4460 enodpl (b4556f3d468c8dcb0b259d9d866cd4c4) C:\Windows\system32\drivers\enodpl.sys
2011/04/06 20:07:18.0262 4460 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/04/06 20:07:18.0324 4460 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/04/06 20:07:18.0371 4460 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/04/06 20:07:18.0433 4460 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/06 20:07:18.0480 4460 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/04/06 20:07:18.0652 4460 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/04/06 20:07:18.0714 4460 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/06 20:07:18.0761 4460 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/04/06 20:07:18.0823 4460 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/04/06 20:07:18.0854 4460 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/06 20:07:18.0917 4460 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/04/06 20:07:18.0964 4460 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/04/06 20:07:19.0026 4460 GDBehave (20e66a7546a9bfa48807669107dec7f2) C:\Windows\system32\drivers\GDBehave.sys
2011/04/06 20:07:19.0088 4460 GDMnIcpt (9b7bcd64b5737dbaa00d259289953f1f) C:\Windows\system32\drivers\MiniIcpt.sys
2011/04/06 20:07:19.0229 4460 GDPkIcpt (57d9b33804a621b14f6cc169667360fe) C:\Windows\system32\drivers\PktIcpt.sys
2011/04/06 20:07:19.0291 4460 gdwfpcd (8204a7c5e0f2c79292703872c5277ad8) C:\Windows\system32\drivers\gdwfpcd32.sys
2011/04/06 20:07:19.0338 4460 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/06 20:07:19.0432 4460 GRD (f5df1a80df94331d8e1a7c0a449e5df3) C:\Windows\system32\drivers\GRD.sys
2011/04/06 20:07:20.0726 4460 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/04/06 20:07:20.0851 4460 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/04/06 20:07:20.0929 4460 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/06 20:07:20.0976 4460 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/04/06 20:07:21.0038 4460 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/04/06 20:07:21.0116 4460 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/04/06 20:07:21.0194 4460 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/06 20:07:21.0272 4460 HookCentre (bcd88acce8c61988e9f1f6c34a0ee08b) C:\Windows\system32\drivers\HookCentre.sys
2011/04/06 20:07:21.0335 4460 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/04/06 20:07:21.0413 4460 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/04/06 20:07:21.0600 4460 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/04/06 20:07:21.0850 4460 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/06 20:07:22.0240 4460 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/04/06 20:07:23.0020 4460 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/04/06 20:07:23.0238 4460 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/04/06 20:07:23.0300 4460 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/06 20:07:23.0347 4460 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/06 20:07:23.0425 4460 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/04/06 20:07:23.0519 4460 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/04/06 20:07:23.0566 4460 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/04/06 20:07:23.0628 4460 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/04/06 20:07:23.0690 4460 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/06 20:07:23.0737 4460 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/06 20:07:23.0800 4460 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/06 20:07:23.0846 4460 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/06 20:07:23.0909 4460 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/04/06 20:07:24.0065 4460 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/04/06 20:07:24.0096 4460 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/06 20:07:24.0143 4460 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/04/06 20:07:24.0190 4460 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/04/06 20:07:24.0252 4460 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/04/06 20:07:24.0314 4460 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/04/06 20:07:24.0377 4460 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/04/06 20:07:24.0424 4460 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/04/06 20:07:24.0470 4460 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/04/06 20:07:24.0533 4460 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/04/06 20:07:24.0611 4460 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/06 20:07:24.0673 4460 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/06 20:07:24.0720 4460 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/06 20:07:24.0767 4460 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/04/06 20:07:24.0798 4460 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/04/06 20:07:24.0845 4460 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/06 20:07:24.0892 4460 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/04/06 20:07:24.0970 4460 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/06 20:07:25.0063 4460 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/06 20:07:25.0141 4460 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/06 20:07:25.0172 4460 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/04/06 20:07:25.0219 4460 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/04/06 20:07:25.0297 4460 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/04/06 20:07:25.0344 4460 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/04/06 20:07:25.0391 4460 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/04/06 20:07:25.0453 4460 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/06 20:07:25.0500 4460 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/06 20:07:25.0516 4460 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/04/06 20:07:25.0562 4460 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/04/06 20:07:25.0625 4460 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/06 20:07:25.0687 4460 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/04/06 20:07:25.0718 4460 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/04/06 20:07:25.0781 4460 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/04/06 20:07:25.0812 4460 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/04/06 20:07:25.0859 4460 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/06 20:07:25.0937 4460 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/04/06 20:07:26.0062 4460 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/04/06 20:07:26.0124 4460 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/06 20:07:26.0171 4460 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/06 20:07:26.0249 4460 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/06 20:07:26.0296 4460 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/04/06 20:07:26.0327 4460 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/06 20:07:26.0374 4460 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/06 20:07:26.0530 4460 netr28u (27ee4b406e2f26f6117a9a420bd4cb65) C:\Windows\system32\DRIVERS\netr28u.sys
2011/04/06 20:07:26.0608 4460 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/04/06 20:07:26.0686 4460 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
2011/04/06 20:07:26.0748 4460 nmwcdc (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
2011/04/06 20:07:26.0795 4460 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/04/06 20:07:26.0857 4460 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/06 20:07:26.0935 4460 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2011/04/06 20:07:27.0029 4460 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/04/06 20:07:27.0419 4460 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/06 20:07:27.0778 4460 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/04/06 20:07:27.0824 4460 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2011/04/06 20:07:27.0902 4460 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/04/06 20:07:27.0949 4460 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/06 20:07:28.0043 4460 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/04/06 20:07:28.0074 4460 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/04/06 20:07:28.0136 4460 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/06 20:07:28.0199 4460 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/04/06 20:07:28.0261 4460 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/04/06 20:07:28.0292 4460 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/04/06 20:07:28.0324 4460 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/04/06 20:07:28.0355 4460 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/04/06 20:07:28.0386 4460 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/04/06 20:07:28.0480 4460 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/06 20:07:28.0542 4460 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/04/06 20:07:28.0620 4460 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/06 20:07:28.0698 4460 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
2011/04/06 20:07:28.0963 4460 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/04/06 20:07:29.0026 4460 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/04/06 20:07:29.0088 4460 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/06 20:07:29.0150 4460 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/06 20:07:29.0213 4460 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/04/06 20:07:29.0244 4460 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/06 20:07:29.0291 4460 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/06 20:07:29.0369 4460 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/06 20:07:29.0416 4460 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/06 20:07:29.0447 4460 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/04/06 20:07:29.0478 4460 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/06 20:07:29.0509 4460 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/06 20:07:29.0525 4460 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/04/06 20:07:29.0743 4460 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/04/06 20:07:29.0806 4460 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/04/06 20:07:29.0884 4460 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/04/06 20:07:29.0930 4460 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/06 20:07:29.0977 4460 RTL8167 (d5ede44ca85899e0478208c8413c1c31) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/04/06 20:07:30.0040 4460 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/04/06 20:07:30.0071 4460 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/04/06 20:07:30.0118 4460 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/06 20:07:30.0149 4460 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/06 20:07:30.0164 4460 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/04/06 20:07:30.0196 4460 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/04/06 20:07:30.0274 4460 sfdrv01 (b7018644e132a8dfb12ed90106e06739) C:\Windows\system32\drivers\sfdrv01.sys
2011/04/06 20:07:30.0398 4460 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/04/06 20:07:30.0430 4460 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/06 20:07:30.0461 4460 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/06 20:07:30.0492 4460 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\Windows\system32\drivers\sfhlp02.sys
2011/04/06 20:07:30.0508 4460 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/04/06 20:07:30.0570 4460 sfsync02 (6dc03269f4c71e4ab313c3597f42a340) C:\Windows\system32\drivers\sfsync02.sys
2011/04/06 20:07:30.0601 4460 sfvfs02 (197cef62eb4bc043e1578529fa2b9a48) C:\Windows\system32\drivers\sfvfs02.sys
2011/04/06 20:07:30.0648 4460 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/04/06 20:07:30.0679 4460 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/04/06 20:07:30.0710 4460 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/04/06 20:07:30.0757 4460 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/04/06 20:07:30.0804 4460 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/04/06 20:07:30.0882 4460 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
2011/04/06 20:07:30.0976 4460 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/06 20:07:31.0038 4460 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/06 20:07:31.0116 4460 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/04/06 20:07:31.0163 4460 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/06 20:07:31.0241 4460 tandpl (126d7b3b4c7b724491c604060e1f4e14) C:\Windows\system32\drivers\tandpl.sys
2011/04/06 20:07:31.0288 4460 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/04/06 20:07:31.0366 4460 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/06 20:07:31.0397 4460 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/06 20:07:31.0428 4460 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/04/06 20:07:31.0459 4460 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/04/06 20:07:31.0475 4460 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/06 20:07:31.0693 4460 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/06 20:07:31.0787 4460 tosporte (90afa1a4451bbbee87c9f18a665d8121) C:\Windows\system32\DRIVERS\tosporte.sys
2011/04/06 20:07:31.0849 4460 tosrfbd (b168b345fb7073930c31e0d8b85e8353) C:\Windows\system32\DRIVERS\tosrfbd.sys
2011/04/06 20:07:31.0896 4460 tosrfbnp (74392bab3f0d4810da8436ec79d6955d) C:\Windows\system32\Drivers\tosrfbnp.sys
2011/04/06 20:07:31.0943 4460 Tosrfcom (1ad9eb1b5abd0aeee4084c8153476f1e) C:\Windows\system32\Drivers\tosrfcom.sys
2011/04/06 20:07:31.0958 4460 Tosrfhid (a72a3473180f378cc07d342803ffd580) C:\Windows\system32\DRIVERS\Tosrfhid.sys
2011/04/06 20:07:32.0021 4460 tosrfnds (b2a1a6538245fd69578224bbf2fd4677) C:\Windows\system32\DRIVERS\tosrfnds.sys
2011/04/06 20:07:32.0052 4460 TosRfSnd (8b877e24550e7962da820c8c354ec33a) C:\Windows\system32\drivers\tosrfsnd.sys
2011/04/06 20:07:32.0099 4460 Tosrfusb (97529d04178bf604c62c5be4b8bb2129) C:\Windows\system32\DRIVERS\tosrfusb.sys
2011/04/06 20:07:32.0364 4460 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/06 20:07:32.0442 4460 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/06 20:07:32.0489 4460 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/04/06 20:07:32.0536 4460 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/06 20:07:32.0582 4460 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/04/06 20:07:32.0614 4460 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/06 20:07:32.0879 4460 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/04/06 20:07:32.0926 4460 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/04/06 20:07:32.0988 4460 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
2011/04/06 20:07:33.0019 4460 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/06 20:07:33.0050 4460 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/04/06 20:07:33.0097 4460 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/06 20:07:33.0128 4460 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/06 20:07:33.0160 4460 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/04/06 20:07:33.0191 4460 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/06 20:07:33.0238 4460 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/06 20:07:33.0284 4460 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\drivers\usbser.sys
2011/04/06 20:07:33.0316 4460 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/06 20:07:33.0347 4460 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/06 20:07:33.0378 4460 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/06 20:07:33.0425 4460 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/04/06 20:07:33.0456 4460 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/06 20:07:33.0487 4460 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/04/06 20:07:33.0550 4460 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/04/06 20:07:33.0596 4460 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/04/06 20:07:33.0643 4460 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/04/06 20:07:33.0690 4460 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/04/06 20:07:33.0737 4460 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/04/06 20:07:34.0033 4460 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/04/06 20:07:34.0127 4460 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/04/06 20:07:34.0174 4460 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/04/06 20:07:34.0236 4460 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/04/06 20:07:34.0283 4460 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/04/06 20:07:34.0345 4460 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/04/06 20:07:34.0376 4460 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/04/06 20:07:34.0408 4460 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/06 20:07:34.0439 4460 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/06 20:07:34.0486 4460 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/04/06 20:07:34.0517 4460 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/06 20:07:34.0595 4460 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/04/06 20:07:34.0642 4460 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/04/06 20:07:34.0751 4460 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/04/06 20:07:34.0813 4460 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/04/06 20:07:34.0860 4460 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/06 20:07:34.0907 4460 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/04/06 20:07:34.0938 4460 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/06 20:07:35.0032 4460 ================================================================================
2011/04/06 20:07:35.0032 4460 Scan finished
2011/04/06 20:07:35.0032 4460 ================================================================================

PC läuft wieder schneller..

cosinus · 06.04.2011, 19:44

Ok

Dann probier jetzt nochmal cofi.exe - sollte jetzt gehen!

Schlag · 06.04.2011, 20:28

Joa is alles schon wieder besser.

Ich hab's dann laufen lassen aber er macht nicht ganz fertig. soll heissen nach dem Ablaufen des Programmes wird Windows auf den Wallpaper reduziert ohne Windowspanel. Dann bleibt die Anwendung einfach stehen mit der txt datei die aber nicht als das ausgewiesen ist und es passiert einfach nix mehr. Soll heissen ich kann den text auch nicht Markieren oder Copy Paste oder so.

cosinus · 06.04.2011, 22:49

Lad die cofi.exe neu herunter, starte Windows neu und probiers nochmal.

Schlag · 07.04.2011, 16:51

So hier habe ich den Log. von heute.

Combofix Logfile:

Code:

ATTFilter

ComboFix 11-04-06.03 - DS 07.04.2011  16:58:43.2.4 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.41.1031.18.3063.2108 [GMT 2:00]
ausgeführt von:: c:\users\DS\Desktop\cofi.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: SPYWAREfighter *Disabled/Updated* {54CEAF19-6DDF-F31A-F96A-11F730C2EC03}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\kkchqweg.vbt
.
-- Vorheriger Suchlauf --
.
c:\windows\system32\userinit.exe . . . ist infiziert!!
.
--------
.
c:\windows\system32\userinit.exe . . . ist infiziert!!
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-03-07 bis 2011-04-07  ))))))))))))))))))))))))))))))
.
.
2011-04-07 15:33 . 2011-04-07 15:33	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-04-07 14:47 . 2011-04-07 14:47	28752	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{96A717C0-F2C7-4C1E-A7CA-DE8790CC994E}\MpKslb79826c3.sys
2011-04-06 19:01 . 2011-03-23 08:11	6792528	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{96A717C0-F2C7-4C1E-A7CA-DE8790CC994E}\mpengine.dll
2011-04-06 18:55 . 2010-11-30 09:43	439632	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{405DF807-F954-489A-B141-7DC802A92DA6}\gapaengine.dll
2011-04-06 18:49 . 2011-04-06 18:49	--------	d-----w-	c:\program files\Microsoft Security Client
2011-04-06 18:47 . 2010-04-09 07:24	240008	----a-w-	c:\windows\system32\drivers\netio.sys
2011-04-06 17:20 . 2010-12-21 05:36	1389568	----a-w-	c:\windows\system32\msxml6.dll
2011-04-06 17:20 . 2010-12-21 05:36	1236992	----a-w-	c:\windows\system32\msxml3.dll
2011-04-06 17:20 . 2010-12-21 05:34	80384	----a-w-	c:\windows\system32\davclnt.dll
2011-04-06 17:19 . 2011-02-03 05:45	219008	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2011-04-06 17:19 . 2010-11-02 04:46	728448	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2011-04-06 17:19 . 2010-11-02 04:23	107520	----a-w-	c:\windows\system32\cdd.dll
2011-04-06 16:36 . 2011-04-06 16:37	--------	d-----w-	c:\program files\CCleaner
2011-04-05 19:27 . 2011-04-05 19:27	--------	d-----w-	C:\_OTL
2011-03-31 15:59 . 2011-03-31 16:00	--------	d-----w-	c:\program files\ERUNT
2011-03-27 20:22 . 2011-03-27 20:22	29992	----a-w-	c:\windows\system32\drivers\GRD.sys
2011-03-27 19:40 . 2011-03-27 20:36	47560	----a-w-	c:\windows\system32\drivers\PktIcpt.sys
2011-03-27 19:39 . 2011-03-27 20:34	62024	----a-w-	c:\windows\system32\drivers\MiniIcpt.sys
2011-03-27 19:39 . 2011-03-27 20:34	33480	----a-w-	c:\windows\system32\drivers\GDBehave.sys
2011-03-27 19:39 . 2011-03-27 19:39	40904	----a-w-	c:\windows\system32\drivers\gdwfpcd32.sys
2011-03-27 19:38 . 2011-04-06 18:52	--------	d-----w-	c:\programdata\G DATA
2011-03-27 19:38 . 2011-04-06 18:47	--------	d-----w-	c:\program files\G Data
2011-03-27 19:38 . 2011-04-06 18:47	--------	d-----w-	c:\program files\Common Files\G Data
2011-03-27 19:23 . 2011-03-30 15:55	--------	d-----w-	c:\programdata\clp
2011-03-27 19:23 . 2011-03-27 19:23	--------	d-----w-	c:\programdata\Common Toolkit Suite
2011-03-27 19:23 . 2011-03-27 19:23	--------	d-----w-	c:\program files\Fighters
2011-03-27 19:23 . 2011-03-27 19:23	--------	d-----w-	c:\program files\Common Files\Common Toolkit Suite
2011-03-27 19:22 . 2011-03-27 19:23	--------	d-----w-	c:\programdata\Fighters
2011-03-27 19:21 . 2011-03-27 19:21	--------	d-----w-	c:\users\DS\AppData\Roaming\Fighters
2011-03-27 19:21 . 2011-03-27 19:21	--------	d-----w-	c:\users\DS\AppData\Local\PackageAware
2011-03-27 18:36 . 2011-03-27 18:36	--------	d-----w-	c:\program files\Microsoft SQL Server
2011-03-27 18:33 . 2011-03-27 18:33	200384	----a-w-	c:\programdata\Microsoft\VBExpress\10.0\1031\ResourceCache.dll
2011-03-27 18:30 . 2011-03-27 18:31	--------	d-----w-	c:\program files\Microsoft Visual Studio 10.0
2011-03-27 18:30 . 2011-03-27 18:30	--------	d-----w-	c:\program files\Microsoft SDKs
2011-03-27 18:30 . 2011-03-27 18:30	--------	d-----w-	c:\program files\Microsoft Help Viewer
2011-03-27 17:56 . 2011-03-27 19:02	--------	d-----w-	c:\users\DS\Pavark
2011-03-27 17:54 . 2011-03-27 17:54	--------	d-----w-	c:\program files\Windows Live Safety Center
2011-03-27 17:25 . 2011-03-27 17:25	388096	----a-r-	c:\users\DS\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-27 17:25 . 2011-03-27 17:25	--------	d-----w-	c:\program files\Trend Micro
2011-03-27 10:17 . 2011-03-27 10:17	--------	d-----w-	c:\windows\system32\wbem\en-US
2011-03-27 08:35 . 2011-03-27 08:35	801792	----a-w-	c:\windows\system32\FntCache.dll
2011-03-27 08:35 . 2011-03-27 08:35	739840	----a-w-	c:\windows\system32\d2d1.dll
2011-03-27 08:35 . 2011-03-27 08:35	3181568	----a-w-	c:\windows\system32\mf.dll
2011-03-27 08:35 . 2011-03-27 08:35	218624	----a-w-	c:\windows\system32\d3d10_1core.dll
2011-03-27 08:35 . 2011-03-27 08:35	196608	----a-w-	c:\windows\system32\mfreadwrite.dll
2011-03-27 08:35 . 2011-03-27 08:35	161792	----a-w-	c:\windows\system32\d3d10_1.dll
2011-03-27 08:35 . 2011-03-27 08:35	1495040	----a-w-	c:\windows\system32\ExplorerFrame.dll
2011-03-27 08:35 . 2011-03-27 08:35	1170944	----a-w-	c:\windows\system32\d3d10warp.dll
2011-03-27 08:35 . 2011-03-27 08:35	1074176	----a-w-	c:\windows\system32\DWrite.dll
2011-03-26 20:46 . 2011-03-26 20:46	--------	d-----w-	c:\users\DS\AppData\Roaming\Malwarebytes
2011-03-26 20:46 . 2010-12-20 17:09	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-26 20:46 . 2011-03-26 20:46	--------	d-----w-	c:\programdata\Malwarebytes
2011-03-26 20:45 . 2011-03-26 20:46	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-03-26 20:45 . 2010-12-20 17:08	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-03-26 19:46 . 2011-03-26 20:29	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2011-03-26 19:46 . 2011-03-27 18:23	--------	d-----w-	c:\program files\Microsoft.NET
2011-03-26 19:46 . 2011-03-26 19:46	--------	d-----w-	c:\program files\Microsoft Sync Framework
2011-03-26 19:45 . 2011-03-26 20:29	--------	d-----w-	c:\program files\Microsoft Visual Studio 8
2011-03-26 19:44 . 2011-03-26 19:44	--------	d-----w-	c:\program files\Microsoft Analysis Services
2011-03-26 19:44 . 2011-03-26 19:44	--------	d-----w-	c:\users\DS\AppData\Local\Microsoft Help
2011-03-26 19:43 . 2011-04-07 14:43	--------	d-----w-	c:\programdata\Microsoft Help
2011-03-26 19:42 . 2011-03-26 19:42	--------	d-----r-	C:\MSOCache
2011-03-26 17:48 . 2011-03-29 20:14	43520	----a-w-	c:\windows\system32\CmdLineExt03.dll
2011-03-26 17:01 . 2011-03-26 17:01	--------	d-----w-	c:\users\DS\AppData\Local\LAG
2011-03-26 17:01 . 2011-03-26 17:01	--------	d-----w-	c:\programdata\LAG
2011-03-25 16:44 . 2011-03-15 04:05	6792528	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{53EFBEEA-4868-44A0-B14F-DEACD5376B53}\mpengine.dll
2011-03-24 18:13 . 2011-03-24 18:13	--------	d-----w-	c:\programdata\TOSHIBA
2011-03-24 18:11 . 2011-03-24 18:11	--------	d-----w-	c:\users\DS\AppData\Local\Toshiba
2011-03-24 18:06 . 2011-03-24 18:06	--------	d-----w-	c:\program files\Toshiba
2011-03-18 17:45 . 2011-03-18 17:45	--------	d-----w-	c:\users\DS\AppData\Local\Apple Computer
2011-03-18 17:44 . 2011-03-18 17:44	--------	d-----w-	c:\program files\QuickTime
2011-03-18 17:44 . 2011-03-18 17:44	--------	d-----w-	c:\users\DS\AppData\Local\Apple
2011-03-18 17:44 . 2011-03-18 17:44	--------	d-----w-	c:\program files\Apple Software Update
2011-03-18 17:44 . 2011-03-18 17:44	--------	d-----w-	c:\program files\Bonjour
2011-03-18 17:43 . 2011-03-18 17:45	--------	d-----w-	c:\program files\Common Files\Apple
2011-03-18 17:43 . 2011-03-18 17:44	--------	d-----w-	c:\programdata\Apple
2011-03-12 11:28 . 2011-03-12 11:28	103864	----a-w-	c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-03-10 17:04 . 2010-12-23 05:28	642048	----a-w-	c:\windows\system32\CPFilters.dll
2011-03-10 17:04 . 2010-12-23 05:28	534528	----a-w-	c:\windows\system32\EncDec.dll
2011-03-10 17:04 . 2010-12-23 05:24	199680	----a-w-	c:\windows\system32\mpg2splt.ax
2011-03-10 17:04 . 2010-12-18 05:30	2690560	----a-w-	c:\windows\system32\mstscax.dll
2011-03-10 17:04 . 2010-12-18 05:26	1034240	----a-w-	c:\windows\system32\mstsc.exe
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-27 08:36 . 2011-03-27 08:36	74752	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-03-27 08:36 . 2011-03-27 08:36	1126912	----a-w-	c:\windows\system32\wininet.dll
2011-03-27 08:36 . 2011-03-27 08:36	76800	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-03-27 08:36 . 2011-03-27 08:36	63488	----a-w-	c:\windows\system32\tdc.ocx
2011-03-27 08:36 . 2011-03-27 08:36	420864	----a-w-	c:\windows\system32\vbscript.dll
2011-03-27 08:36 . 2011-03-27 08:36	152064	----a-w-	c:\windows\system32\wextract.exe
2011-03-27 08:35 . 2011-03-27 08:35	1619456	----a-w-	c:\windows\system32\WMVDECOD.DLL
2011-03-27 08:35 . 2011-03-27 08:35	135168	----a-w-	c:\windows\system32\XpsRasterService.dll
2011-02-18 15:36 . 2011-02-18 15:36	41984	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2011-02-18 15:36 . 2011-02-18 15:36	4184352	----a-w-	c:\windows\system32\usbaaplrc.dll
2011-01-08 03:27 . 2011-02-05 19:44	941160	----a-w-	c:\windows\system32\nvdispco322090.dll
2011-01-08 03:27 . 2011-02-05 19:44	837736	----a-w-	c:\windows\system32\nvgenco322040.dll
2011-01-08 03:27 . 2011-02-05 19:44	57960	----a-w-	c:\windows\system32\OpenCL.dll
2011-01-08 03:27 . 2011-02-05 19:44	4941928	----a-w-	c:\windows\system32\nvcuda.dll
2011-01-08 03:27 . 2011-02-05 19:44	2895976	----a-w-	c:\windows\system32\nvcuvid.dll
2011-01-08 03:27 . 2011-02-05 19:44	2251368	----a-w-	c:\windows\system32\nvcuvenc.dll
2011-01-08 03:27 . 2011-02-05 19:44	15047272	----a-w-	c:\windows\system32\nvoglv32.dll
2011-01-08 03:27 . 2011-02-05 19:44	13011560	----a-w-	c:\windows\system32\nvcompiler.dll
2011-01-08 03:27 . 2011-02-05 19:44	10920	----a-w-	c:\windows\system32\drivers\nvBridge.kmd
2011-01-08 03:27 . 2011-02-05 19:44	10467656	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2011-01-08 03:27 . 2011-02-05 19:44	10078312	----a-w-	c:\windows\system32\nvd3dum.dll
2011-01-08 03:27 . 2009-09-27 22:12	1965672	----a-w-	c:\windows\system32\nvapi.dll
2011-01-08 03:27 . 2009-07-13 22:09	5653096	----a-w-	c:\windows\system32\nvwgf2um.dll
2011-01-07 20:06 . 2011-01-07 20:06	580200	----a-w-	c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 20:06 . 2011-01-07 20:06	3597416	----a-w-	c:\windows\system32\nvcpl.dll
2011-01-07 20:06 . 2011-01-07 20:06	2620520	----a-w-	c:\windows\system32\nvsvc.dll
2011-01-07 20:06 . 2011-01-07 20:06	608872	----a-w-	c:\windows\system32\nvvsvc.exe
2011-01-07 20:06 . 2011-01-07 20:06	2558568	----a-w-	c:\windows\system32\nvsvcr.dll
2011-01-07 20:06 . 2011-01-07 20:06	111208	----a-w-	c:\windows\system32\nvmctray.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
.
c:\users\DS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07	932288	----a-r-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54	91520	----a-w-	c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAHeadless]
2009-09-06 03:40	615808	----a-w-	c:\program files\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-03-07 14:33	421160	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-10-17 09:29	39408	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SWPROguard]
2010-12-24 13:01	983688	----a-w-	c:\program files\Fighters\SPYWAREfighter\swproTray.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400]
R4 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-06 169312]
R4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-17 136176]
R4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-12-16 3453712]
R4 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [2010-12-24 1141896]
S1 MpKslb79826c3;MpKslb79826c3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{96A717C0-F2C7-4C1E-A7CA-DE8790CC994E}\MpKslb79826c3.sys [2011-04-07 28752]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [2010-12-24 10264]
S3 netr28u;RT2870-USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-07-13 657408]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-17 09:29]
.
2011-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-17 09:29]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.ch/ig?hl=de&amp;source=iglk
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-ITSecMng - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
AddRemove-DSGPlayer - c:\program files\OXXOGames\GPlayer\\MyInstall.exe
AddRemove-SPYWAREfighter - c:\programdata\{D81057B4-29EC-41EB-A123-4E4E49873404}\SPYWAREfighter.exe
AddRemove-{5A7D2B13-9522-48A9-A06F-A9C4AA33D8AD} - c:\programdata\{D81057B4-29EC-41EB-A123-4E4E49873404}\SPYWAREfighter.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AV Engine Scanning Service]
"ImagePath"="C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AV Watch Service]
"ImagePath"="C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AV Engine Scanning Service]
"ImagePath"="C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AV Watch Service]
"ImagePath"="C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2372889540-1645382447-2808601559-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:e9,e7,b2,0f,2d,45,be,94,1c,d3,f7,45,f4,8a,4d,26,51,46,58,6e,c5,
   58,66,d1,59,21,6b,55,d8,2a,4e,ab,03,72,98,3d,1a,ee,51,27,53,e1,b7,aa,c7,da,\
"rkeysecu"=hex:01,45,30,3d,dd,1b,b4,da,c3,68,0b,62,c8,c5,f3,e7
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
c:\program files\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-04-07  17:43:34 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-04-07 15:43
.
Vor Suchlauf: 13 Verzeichnis(se), 378'308'616'192 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 378'134'380'544 Bytes frei
.
- - End Of File - - CF1B8B30A26D6D99D1D96021DE7A9D96

--- --- ---

Habe ich noch was zu beachten?

Gruss

cosinus · 07.04.2011, 19:12

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.

Doppelklick auf die MBRCheck.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Das Tool braucht nur wenige Sekunden.
Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste mir bitte den Inhalt des .txt Dokumentes

Schlag · 08.04.2011, 18:30

Hab ich gemacht:

OSAM Logfile:

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 19:26:57 on 08.04.2011

OS: Windows 7 Home Premium Edition (Build 7600), 32-bit
Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\MLCFG32.CPL
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl
"TosBtLocalCOM" - "TOSHIBA CORPORATION" - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\LocalCOM.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)
"AVFSFilter" (AVFSFilter) - ? - C:\Windows\System32\DRIVERS\avfsfilter.sys  (File signed by Microsoft | File found, but it contains no detailed information)
"catchme" (catchme) - ? - C:\Users\DS\AppData\Local\Temp\catchme.sys  (File not found)
"enodpl" (enodpl) - ? - C:\Windows\System32\drivers\enodpl.sys  (File found, but it contains no detailed information)
"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)
"MpKslca020f5f" (MpKslca020f5f) - "Microsoft Corporation" - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A461832B-7CA5-4D62-936A-BC9F1FC688A6}\MpKslca020f5f.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"StarForce Protection Environment Driver (version 1.x)" (sfdrv01) - "Protection Technology (StarForce)" - C:\Windows\System32\drivers\sfdrv01.sys
"StarForce Protection Helper Driver (version 2.x)" (sfhlp02) - "Protection Technology (StarForce)" - C:\Windows\System32\drivers\sfhlp02.sys
"StarForce Protection Synchronization Driver (version 2.x)" (sfsync02) - "Protection Technology" - C:\Windows\System32\drivers\sfsync02.sys
"StarForce Protection VFS Driver (version 2.x)" (sfvfs02) - "Protection Technology (StarForce)" - C:\Windows\System32\drivers\sfvfs02.sys
"tandpl" (tandpl) - ? - C:\Windows\System32\drivers\tandpl.sys  (File found, but it contains no detailed information)

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\Display\nvui.dll
{D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll
{83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll
{09A47860-11B0-4DA5-AFA5-26D86198A780} "EPP" - "Microsoft Corporation" - c:\PROGRA~1\MI8079~1\shellext.dll
{532A0152-8933-40E1-995B-1D917C7720C0} "FanatecMouseShlExt Class" - ? - C:\Program Files\Fanatec\emul8or\FanatecMousePages.dll  (File not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\MLSHEXT.DLL
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL
{82AA9188-44E0-40B9-B956-43A10C315B4F} "RootShellFolder Class" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfFTPShellExtension.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -   (File not found | COM-object registry key not found)
{2ED7FD81-CBA6-45E5-A49A-5E84889A94E2} "ShellDragDropHandler Class" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfShellTools.dll
{7568C3F3-DF7E-436A-95C2-772819DF58B4} "ShellFolderExternal Class" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfFavoritesShellExtension.dll
{119310E6-5FB7-4eeb-BEDB-9E229E76B9B4} "ShellFolderMultiUploadDestination Class" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfFTPShellExtension.dll
{3B164627-7060-47BB-A1BE-DF5540B02821} "ShellFolderMultiUploadSource Class" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfFTPShellExtension.dll
{6E0A0931-B89D-45B7-8BF0-F221A6D67257} "ShellFolderRoot Class" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfFavoritesShellExtension.dll
{EB5EE1F3-041A-4c03-9D51-2BEC6715FB00} "ShellFolderSearchRoot Class" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfFTPShellExtension.dll
{F87DED31-303F-4ED1-9BCE-D360FBC74E0A} "SmartFTP ContextMenu Shell Extension" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfShellTools.dll
{EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} "SmartFTP Drop ShellIconOverlayHandler" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfShellTools.dll
{FD504287-1372-40d2-ACA6-216A8FCC243D} "SmartFTP FavoritesShellFolder Class" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfFavoritesShellExtension.dll
{0848278D-D88B-445b-BEDC-7DFBDB061F5F} "SmartFTP FavoritesShellFolderDesktop class" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfFavoritesShellExtension.dll
{40FDFA48-5F4E-4627-A78E-6A49A3D4492F} "SmartFTP ShellDropHandler Class" - "SmartSoft Ltd." - C:\Program Files\SmartFTP Client\sfShellTools.dll
{BD88A479-9623-4897-8546-BC62B9628F44} "SPTHandler" - ? -   (File not found | COM-object registry key not found)
{52B87208-9CCF-42C9-B88E-069281105805} "Trojan Remover Shell Extension" - ? -   (File not found | COM-object registry key not found)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} "Java Plug-in 1.4.2" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_21.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10o.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{3860DD98-0549-4D50-AA72-5D17D200EE10} "Windows Live OneCare safety scanner control" - "Microsoft Corporation" - C:\Program Files\Windows Live Safety Center\wlscCtrl2.dll / hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-ch/wlscctrl2.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -   (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
{FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -   (File not found | COM-object registry key not found)

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corporation" - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\DS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"ERUNT AutoBackup.lnk" - ? - C:\Program Files\ERUNT\AUTOBACK.EXE  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"MSC" - "Microsoft Corporation" - "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Toshiba Bluetooth Monitor" - "TOSHIBA CORPORATION." - C:\Windows\system32\tbtmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243" (NisSrv) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
"AV Engine Scanning Service" (AV Engine Scanning Service) - "Preventon Technologies Limited" - C:\Program Files\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
"AV Watch Service" (AV Watch Service) - "Preventon Technologies Limited" - C:\Program Files\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
"Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe
"NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll
"WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/QUOTE]

Und die 2te:

Zitat:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: System manufacturer
System Product Name: System Product Name
Logical Drives Mask: 0x000003dc

Kernel Drivers (total 169):
0x82C44000 \SystemRoot\system32\ntkrnlpa.exe
0x82C0D000 \SystemRoot\system32\halmacpi.dll
0x80BB2000 \SystemRoot\system32\kdcom.dll
0x8321F000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x83297000 \SystemRoot\system32\PSHED.dll
0x832A8000 \SystemRoot\system32\BOOTVID.dll
0x832B0000 \SystemRoot\system32\CLFS.SYS
0x832F2000 \SystemRoot\system32\CI.dll
0x8AE15000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8AE86000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8AE94000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8AEDC000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x8AEE5000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8AEED000 \SystemRoot\system32\DRIVERS\pci.sys
0x8AF17000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8AF22000 \SystemRoot\System32\drivers\partmgr.sys
0x8AF33000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8AF43000 \SystemRoot\System32\drivers\volmgrx.sys
0x8AF8E000 \SystemRoot\system32\DRIVERS\pciide.sys
0x8AF95000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8AFA3000 \SystemRoot\System32\drivers\mountmgr.sys
0x8AFC2000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8AFCB000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8AFEE000 \SystemRoot\system32\DRIVERS\msahci.sys
0x8AE00000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8339D000 \SystemRoot\system32\drivers\fltmgr.sys
0x833D1000 \SystemRoot\system32\drivers\fileinfo.sys
0x8AE09000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x8B037000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B166000 \SystemRoot\System32\Drivers\msrpc.sys
0x8B191000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8B23B000 \SystemRoot\System32\Drivers\cng.sys
0x8B298000 \SystemRoot\System32\drivers\pcw.sys
0x8B2A6000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8B2AF000 \SystemRoot\system32\drivers\ndis.sys
0x8B366000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B3A4000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8B415000 \SystemRoot\System32\drivers\tcpip.sys
0x8B55E000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B58F000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8B5CE000 \SystemRoot\System32\Drivers\spldr.sys
0x8B5D6000 \SystemRoot\System32\drivers\sfvfs02.sys
0x8B5EE000 \SystemRoot\System32\drivers\sfhlp02.sys
0x8B400000 \SystemRoot\System32\drivers\sfdrv01.sys
0x8B3C9000 \SystemRoot\System32\drivers\rdyboost.sys
0x8B200000 \SystemRoot\System32\Drivers\mup.sys
0x8B5F6000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8B1A4000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8B210000 \SystemRoot\system32\DRIVERS\disk.sys
0x8B1D6000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8B011000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x90007000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x9002E000 \SystemRoot\System32\Drivers\Null.SYS
0x90035000 \SystemRoot\System32\Drivers\Beep.SYS
0x9003C000 \SystemRoot\System32\drivers\vga.sys
0x90048000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x90069000 \SystemRoot\System32\drivers\watchdog.sys
0x90076000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x9007E000 \SystemRoot\system32\drivers\rdpencdd.sys
0x90086000 \SystemRoot\system32\drivers\rdprefmp.sys
0x9008E000 \SystemRoot\System32\Drivers\Msfs.SYS
0x90099000 \SystemRoot\System32\Drivers\Npfs.SYS
0x900A7000 \SystemRoot\system32\DRIVERS\tdx.sys
0x900BE000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x900C9000 \SystemRoot\system32\drivers\afd.sys
0x90123000 \SystemRoot\System32\DRIVERS\netbt.sys
0x90155000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x9015C000 \SystemRoot\system32\DRIVERS\pacer.sys
0x9017B000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x9018C000 \SystemRoot\system32\DRIVERS\netbios.sys
0x9019A000 \SystemRoot\system32\DRIVERS\serial.sys
0x901B4000 \SystemRoot\System32\Drivers\tosrfcom.sys
0x901C4000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x901D7000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8FE08000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8FE49000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8FE53000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8FE5D000 \SystemRoot\System32\drivers\discache.sys
0x8FE69000 \SystemRoot\System32\Drivers\dfsc.sys
0x8FE81000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8FE8F000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8FEB0000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x90604000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x90FFE000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x8FEC2000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8FF79000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8FFB2000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x9782B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x97876000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x97895000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
0x978DA000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x97906000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0x97908000 \SystemRoot\system32\DRIVERS\serenum.sys
0x97912000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x97918000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x97921000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x9792E000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x97940000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x97958000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x97963000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x97985000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x9799D000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x979B4000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x979CB000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x979D8000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x979E5000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8FFC1000 \SystemRoot\system32\DRIVERS\ks.sys
0x979E7000 \SystemRoot\system32\DRIVERS\umbus.sys
0x91E21000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x91E65000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x91E76000 \SystemRoot\system32\drivers\HdAudio.sys
0x91EC6000 \SystemRoot\system32\drivers\portcls.sys
0x91EF5000 \SystemRoot\system32\drivers\drmk.sys
0x91F0E000 \SystemRoot\system32\DRIVERS\tosporte.sys
0x91F19000 \SystemRoot\System32\Drivers\crashdmp.sys
0x91F26000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x91F31000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x91F3A000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x99CA0000 \SystemRoot\System32\win32k.sys
0x91F4B000 \SystemRoot\System32\drivers\Dxapi.sys
0x91F55000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x91F6C000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x91F6E000 \SystemRoot\system32\DRIVERS\monitor.sys
0x8CC1D000 \SystemRoot\system32\DRIVERS\netr28u.sys
0x8CCC6000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x8CCD0000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8CCDB000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8CCEE000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8CCF5000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x8CD01000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x99F00000 \SystemRoot\System32\TSDDD.dll
0x99F30000 \SystemRoot\System32\cdd.dll
0x8CD0C000 \SystemRoot\system32\drivers\luafv.sys
0x8CD27000 \SystemRoot\system32\drivers\WudfPf.sys
0x8CD41000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8CD51000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x8CD97000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x8CDA7000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x91F79000 \SystemRoot\system32\drivers\HTTP.sys
0x8CDBA000 \SystemRoot\system32\DRIVERS\bowser.sys
0x8CDD3000 \SystemRoot\System32\drivers\mpsdrv.sys
0x97800000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA0627000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA0662000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA067D000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0xA069E000 \SystemRoot\system32\DRIVERS\atksgt.sys
0xA06E1000 \SystemRoot\system32\DRIVERS\MpNWMon.sys
0xA06EB000 \SystemRoot\System32\drivers\enodpl.sys
0xA06ED000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0xA06F2000 \SystemRoot\system32\drivers\peauth.sys
0xA0789000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA0793000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA07B4000 \SystemRoot\System32\drivers\tandpl.sys
0xA07B6000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA4232000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA4281000 \SystemRoot\System32\DRIVERS\srv.sys
0xA42D2000 \SystemRoot\system32\DRIVERS\NisDrvWFP.sys
0xA42DE000 \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A461832B-7CA5-4D62-936A-BC9F1FC688A6}\MpKslca020f5f.sys
0xA42E4000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0xA4387000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0xA43B4000 \SystemRoot\system32\DRIVERS\avfsfilter.sys
0x77A80000 \Windows\System32\ntdll.dll
0x479A0000 \Windows\System32\smss.exe
0x77CC0000 \Windows\System32\apisetschema.dll
0x000E0000 \Windows\System32\autochk.exe
0x77C00000 \Windows\System32\rpcrt4.dll
0x77BD0000 \Windows\System32\imagehlp.dll
0x77970000 \Windows\System32\urlmon.dll
0x778E0000 \Windows\System32\clbcatq.dll

Processes (total 54):
0 System Idle Process
4 System
284 C:\Windows\System32\smss.exe
380 csrss.exe
456 C:\Windows\System32\wininit.exe
464 csrss.exe
504 C:\Windows\System32\services.exe
528 C:\Windows\System32\lsass.exe
536 C:\Windows\System32\lsm.exe
632 C:\Windows\System32\winlogon.exe
708 C:\Windows\System32\svchost.exe
772 C:\Windows\System32\nvvsvc.exe
812 C:\Windows\System32\svchost.exe
884 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
996 C:\Windows\System32\svchost.exe
1028 C:\Windows\System32\svchost.exe
1056 C:\Windows\System32\svchost.exe
1204 C:\Windows\System32\svchost.exe
1292 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1304 C:\Windows\System32\nvvsvc.exe
1348 C:\Windows\System32\svchost.exe
1560 C:\Windows\System32\spoolsv.exe
1608 C:\Windows\System32\svchost.exe
1816 C:\Windows\System32\dwm.exe
1824 C:\Windows\System32\taskhost.exe
1912 C:\Windows\explorer.exe
312 C:\Windows\System32\taskeng.exe
388 C:\Program Files\Google\Update\GoogleUpdate.exe
552 C:\Program Files\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
1776 C:\Program Files\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
496 C:\Windows\System32\svchost.exe
2076 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2168 C:\Windows\System32\svchost.exe
2228 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2580 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
2768 C:\Windows\System32\SearchIndexer.exe
2824 C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
2936 C:\Windows\System32\taskhost.exe
3244 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
3272 C:\Program Files\Microsoft Security Client\msseces.exe
3712 WUDFHost.exe
3740 C:\Windows\System32\svchost.exe
3884 C:\Program Files\Windows Media Player\wmpnetwk.exe
1688 dllhost.exe
936 C:\Windows\servicing\TrustedInstaller.exe
4468 C:\Windows\System32\svchost.exe
5164 C:\Program Files\Internet Explorer\iexplore.exe
2444 C:\Program Files\Internet Explorer\iexplore.exe
6128 C:\Windows\System32\audiodg.exe
4248 C:\Windows\System32\SearchProtocolHost.exe
3348 C:\Windows\System32\SearchFilterHost.exe
2736 C:\Users\DS\Desktop\MBRCheck.exe
4424 C:\Windows\System32\conhost.exe
2732 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
\\.\D: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)

PhysicalDrive0 Model Number: WDCWD6401AALS-00L3B2, Rev: 01.03B01
PhysicalDrive1 Model Number: SAMSUNGHD250HJ, Rev: FH100-06

Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
232 GB \\.\PhysicalDrive1 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979

Done!

Danke

cosinus · 08.04.2011, 18:46

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Schlag · 08.04.2011, 19:02

Also mit Malwarebytes bin ich dran, mit dem schnellen Scan.

Und das Andere Prgramm lasse ich heute Abend noch drüber.

Also meinst es ist wieder gut??

Ich habe noch nicht die 100% Geschwindigkeit aber alles andere funzt.

Kann ich noch was machen, dass der Rechner schneller geht?

Kannst du ein Prog. empfehlen?

Ansonsten ein grosses Grazie!!!!!!!

(Was zahlt man so als Spende)??--> PM

Gruss

cosinus · 08.04.2011, 19:10

Zitat:

Also mit Malwarebytes bin ich dran, mit dem schnellen Scan.

Wo hab ich Quickscan geschrieben?!

Schlag · 08.04.2011, 19:13

sorry habe nicht alle infos geschrieben.. ich habe direkt ein quickscann gemacht weil ich jetzt weg muss dann mache ich heute abend oder morgen die 2 anderen als Vollscann.. (ca 2Std)

Ich lasse den PC nicht gerne alleine die Scanns machen. Da sitze ich bei und schau n DVD^^ (nicht am PC) das ich weiss wenn was nicht geht.

Is das OK? und was meinst du zu meinen anderen Frage?

Gruss

06.04.2011, 18:05	#17
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virus,Malware auf PC Dann erstmal dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html __________________ __________________

06.04.2011, 18:24	#19
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virus,Malware auf PC TDL4 wurde entfernt. Bitte Windows neu starten und zur Kontrolle den TDSS-Killer nochmal ausführen, das neue Log posten. __________________ Logfiles bitte immer in CODE-Tags posten

06.04.2011, 19:44	#21
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virus,Malware auf PC Ok Dann probier jetzt nochmal cofi.exe - sollte jetzt gehen! __________________ --> Virus,Malware auf PC

06.04.2011, 22:49	#23
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virus,Malware auf PC Lad die cofi.exe neu herunter, starte Windows neu und probiers nochmal. __________________ Logfiles bitte immer in CODE-Tags posten

08.04.2011, 18:46	#27
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virus,Malware auf PC Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! __________________ Logfiles bitte immer in CODE-Tags posten

Virus,Malware auf PC

Log-Analyse und Auswertung: Virus,Malware auf PC