Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Internet ist extrem langsam / komische Fehlermeldung 502 mit asiatischen Schriftzeichen (https://www.trojaner-board.de/115068-internet-extrem-langsam-komische-fehlermeldung-502-asiatischen-schriftzeichen.html)

cosinus 23.05.2012 21:34
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Trox 23.05.2012 21:42
Ja shit, 2 Treffer :dummguck: Gefährlich?

Code:
22:38:52.0255 2536        TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
22:38:52.0545 2536        ============================================================
22:38:52.0545 2536        Current date / time: 2012/05/23 22:38:52.0545
22:38:52.0545 2536        SystemInfo:
22:38:52.0545 2536       
22:38:52.0545 2536        OS Version: 6.1.7601 ServicePack: 1.0
22:38:52.0545 2536        Product type: Workstation
22:38:52.0545 2536        ComputerName: KUTTINAT0R
22:38:52.0545 2536        UserName: Kutti
22:38:52.0545 2536        Windows directory: C:\Windows
22:38:52.0545 2536        System windows directory: C:\Windows
22:38:52.0545 2536        Running under WOW64
22:38:52.0545 2536        Processor architecture: Intel x64
22:38:52.0545 2536        Number of processors: 4
22:38:52.0545 2536        Page size: 0x1000
22:38:52.0545 2536        Boot type: Normal boot
22:38:52.0545 2536        ============================================================
22:38:52.0725 2536        Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:38:52.0765 2536        Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:38:52.0795 2536        ============================================================
22:38:52.0795 2536        \Device\Harddisk0\DR0:
22:38:52.0795 2536        MBR partitions:
22:38:52.0795 2536        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:38:52.0795 2536        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
22:38:52.0795 2536        \Device\Harddisk1\DR1:
22:38:52.0795 2536        GPT partitions:
22:38:52.0795 2536        \Device\Harddisk1\DR1\Partition0: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4FA3B638-9291-11E0-B72E-002522C2F396}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
22:38:52.0795 2536        \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5D353AD9-657D-4635-9369-AF49589875AE}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x74E50000
22:38:52.0795 2536        \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6674A099-A8C8-413D-A862-C6168AAA0BE5}, Name: Basic data partition, StartLBA 0x74E90800, BlocksNum 0x3D08F800
22:38:52.0795 2536        \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A39ED7D3-AF47-4BC5-9174-89BFCC795F89}, Name: Basic data partition, StartLBA 0xB1F20000, BlocksNum 0xC350000
22:38:52.0795 2536        \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0C7094C2-A55B-4FF4-B7C3-203F65E367CC}, Name: Basic data partition, StartLBA 0xBE270800, BlocksNum 0x249EF800
22:38:52.0795 2536        \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {60E58F79-3B3C-4BF7-9F5F-D544FCB444A6}, Name: Basic data partition, StartLBA 0xE2C60000, BlocksNum 0x61A8000
22:38:52.0795 2536        MBR partitions:
22:38:52.0795 2536        ============================================================
22:38:52.0795 2536        C: <-> \Device\Harddisk0\DR0\Partition1
22:38:52.0815 2536        D: <-> \Device\Harddisk1\DR1\Partition4
22:38:52.0865 2536        E: <-> \Device\Harddisk1\DR1\Partition2
22:38:52.0915 2536        F: <-> \Device\Harddisk1\DR1\Partition1
22:38:52.0995 2536        G: <-> \Device\Harddisk1\DR1\Partition5
22:38:53.0035 2536        H: <-> \Device\Harddisk1\DR1\Partition3
22:38:53.0035 2536        ============================================================
22:38:53.0035 2536        Initialize success
22:38:53.0035 2536        ============================================================
22:39:31.0970 5256        ============================================================
22:39:31.0970 5256        Scan started
22:39:31.0970 5256        Mode: Manual; SigCheck; TDLFS;
22:39:31.0970 5256        ============================================================
22:39:32.0157 5256        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:39:32.0188 5256        1394ohci - ok
22:39:32.0204 5256        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:39:32.0219 5256        ACPI - ok
22:39:32.0219 5256        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:39:32.0235 5256        AcpiPmi - ok
22:39:32.0250 5256        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:39:32.0266 5256        AdobeARMservice - ok
22:39:32.0282 5256        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:39:32.0282 5256        adp94xx - ok
22:39:32.0297 5256        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:39:32.0313 5256        adpahci - ok
22:39:32.0328 5256        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:39:32.0328 5256        adpu320 - ok
22:39:32.0344 5256        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:39:32.0360 5256        AeLookupSvc - ok
22:39:32.0375 5256        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:39:32.0391 5256        AFD - ok
22:39:32.0406 5256        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:39:32.0406 5256        agp440 - ok
22:39:32.0422 5256        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:39:32.0422 5256        ALG - ok
22:39:32.0422 5256        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:39:32.0438 5256        aliide - ok
22:39:32.0453 5256        AMD External Events Utility (f687d4976eff550fb0be45a5cb19f18f) C:\Windows\system32\atiesrxx.exe
22:39:32.0469 5256        AMD External Events Utility - ok
22:39:32.0469 5256        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:39:32.0484 5256        amdide - ok
22:39:32.0484 5256        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:39:32.0500 5256        AmdK8 - ok
22:39:32.0687 5256        amdkmdag        (74687c33c4ad25a975bbb1ea1e8b3884) C:\Windows\system32\DRIVERS\atikmdag.sys
22:39:32.0765 5256        amdkmdag - ok
22:39:32.0812 5256        amdkmdap        (c7f56ed86327a78e7f8a5cc503a98bd6) C:\Windows\system32\DRIVERS\atikmpag.sys
22:39:32.0828 5256        amdkmdap - ok
22:39:32.0843 5256        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:39:32.0859 5256        AmdPPM - ok
22:39:32.0859 5256        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:39:32.0874 5256        amdsata - ok
22:39:32.0890 5256        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:39:32.0906 5256        amdsbs - ok
22:39:32.0906 5256        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:39:32.0921 5256        amdxata - ok
22:39:32.0921 5256        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:39:32.0984 5256        AppID - ok
22:39:32.0984 5256        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:39:32.0999 5256        AppIDSvc - ok
22:39:33.0015 5256        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:39:33.0030 5256        Appinfo - ok
22:39:33.0046 5256        AppMgmt        (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
22:39:33.0062 5256        AppMgmt - ok
22:39:33.0062 5256        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:39:33.0077 5256        arc - ok
22:39:33.0077 5256        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:39:33.0093 5256        arcsas - ok
22:39:33.0093 5256        AsrAppCharger  (912a215ce180a6e7c923c662d7ec777d) C:\Windows\system32\DRIVERS\AsrAppCharger.sys
22:39:33.0108 5256        AsrAppCharger - ok
22:39:33.0124 5256        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:39:33.0140 5256        AsyncMac - ok
22:39:33.0140 5256        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:39:33.0140 5256        atapi - ok
22:39:33.0186 5256        athr            (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
22:39:33.0218 5256        athr - ok
22:39:33.0264 5256        AtiHdmiService  (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
22:39:33.0280 5256        AtiHdmiService - ok
22:39:33.0311 5256        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:39:33.0358 5256        AudioEndpointBuilder - ok
22:39:33.0358 5256        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:39:33.0374 5256        AudioSrv - ok
22:39:33.0514 5256        AVGIDSAgent    (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
22:39:33.0576 5256        AVGIDSAgent - ok
22:39:33.0623 5256        AVGIDSDriver    (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
22:39:33.0639 5256        AVGIDSDriver - ok
22:39:33.0639 5256        AVGIDSEH        (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
22:39:33.0639 5256        AVGIDSEH - ok
22:39:33.0654 5256        AVGIDSFilter    (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
22:39:33.0654 5256        AVGIDSFilter - ok
22:39:33.0670 5256        Avgldx64        (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
22:39:33.0670 5256        Avgldx64 - ok
22:39:33.0686 5256        Avgmfx64        (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
22:39:33.0686 5256        Avgmfx64 - ok
22:39:33.0686 5256        Avgrkx64        (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
22:39:33.0701 5256        Avgrkx64 - ok
22:39:33.0717 5256        Avgtdia        (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
22:39:33.0717 5256        Avgtdia - ok
22:39:33.0732 5256        avgwd          (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
22:39:33.0732 5256        avgwd - ok
22:39:33.0748 5256        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:39:33.0764 5256        AxInstSV - ok
22:39:33.0779 5256        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:39:33.0795 5256        b06bdrv - ok
22:39:33.0810 5256        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:39:33.0826 5256        b57nd60a - ok
22:39:33.0842 5256        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:39:33.0842 5256        BDESVC - ok
22:39:33.0842 5256        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:39:33.0873 5256        Beep - ok
22:39:33.0888 5256        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
22:39:33.0920 5256        BFE - ok
22:39:33.0951 5256        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
22:39:33.0982 5256        BITS - ok
22:39:33.0982 5256        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:39:33.0998 5256        blbdrive - ok
22:39:33.0998 5256        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:39:34.0013 5256        bowser - ok
22:39:34.0013 5256        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:39:34.0029 5256        BrFiltLo - ok
22:39:34.0029 5256        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:39:34.0044 5256        BrFiltUp - ok
22:39:34.0060 5256        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:39:34.0076 5256        Browser - ok
22:39:34.0091 5256        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:39:34.0107 5256        Brserid - ok
22:39:34.0107 5256        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:39:34.0122 5256        BrSerWdm - ok
22:39:34.0122 5256        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:39:34.0122 5256        BrUsbMdm - ok
22:39:34.0122 5256        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:39:34.0138 5256        BrUsbSer - ok
22:39:34.0154 5256        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:39:34.0154 5256        BTHMODEM - ok
22:39:34.0169 5256        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:39:34.0185 5256        bthserv - ok
22:39:34.0200 5256        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:39:34.0216 5256        cdfs - ok
22:39:34.0232 5256        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:39:34.0232 5256        cdrom - ok
22:39:34.0247 5256        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:39:34.0263 5256        CertPropSvc - ok
22:39:34.0263 5256        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:39:34.0278 5256        circlass - ok
22:39:34.0294 5256        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:39:34.0294 5256        CLFS - ok
22:39:34.0310 5256        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:39:34.0325 5256        clr_optimization_v2.0.50727_32 - ok
22:39:34.0341 5256        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:39:34.0341 5256        clr_optimization_v2.0.50727_64 - ok
22:39:34.0356 5256        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:39:34.0372 5256        clr_optimization_v4.0.30319_32 - ok
22:39:34.0388 5256        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:39:34.0388 5256        clr_optimization_v4.0.30319_64 - ok
22:39:34.0403 5256        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:39:34.0403 5256        CmBatt - ok
22:39:34.0403 5256        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:39:34.0419 5256        cmdide - ok
22:39:34.0434 5256        CNG            (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
22:39:34.0450 5256        CNG - ok
22:39:34.0450 5256        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:39:34.0450 5256        Compbatt - ok
22:39:34.0466 5256        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:39:34.0481 5256        CompositeBus - ok
22:39:34.0481 5256        COMSysApp - ok
22:39:34.0528 5256        cphs            (df3e8c2c443d3618260dff5705ce2df5) C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:39:34.0544 5256        cphs - ok
22:39:34.0544 5256        cpuz130 - ok
22:39:34.0544 5256        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:39:34.0559 5256        crcdisk - ok
22:39:34.0575 5256        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
22:39:34.0606 5256        CryptSvc - ok
22:39:34.0622 5256        CSC            (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
22:39:34.0637 5256        CSC - ok
22:39:34.0653 5256        CscService      (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
22:39:34.0684 5256        CscService - ok
22:39:34.0700 5256        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:39:34.0715 5256        DcomLaunch - ok
22:39:34.0731 5256        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:39:34.0762 5256        defragsvc - ok
22:39:34.0778 5256        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:39:34.0793 5256        DfsC - ok
22:39:34.0793 5256        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:39:34.0824 5256        Dhcp - ok
22:39:34.0824 5256        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:39:34.0856 5256        discache - ok
22:39:34.0856 5256        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:39:34.0871 5256        Disk - ok
22:39:34.0871 5256        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:39:34.0887 5256        Dnscache - ok
22:39:34.0902 5256        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:39:34.0918 5256        dot3svc - ok
22:39:34.0934 5256        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:39:34.0949 5256        DPS - ok
22:39:34.0949 5256        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:39:34.0965 5256        drmkaud - ok
22:39:34.0980 5256        dtsoftbus01    (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:39:34.0980 5256        dtsoftbus01 - ok
22:39:35.0012 5256        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:39:35.0027 5256        DXGKrnl - ok
22:39:35.0043 5256        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:39:35.0058 5256        EapHost - ok
22:39:35.0152 5256        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:39:35.0199 5256        ebdrv - ok
22:39:35.0246 5256        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:39:35.0246 5256        EFS - ok
22:39:35.0277 5256        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:39:35.0292 5256        ehRecvr - ok
22:39:35.0308 5256        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:39:35.0324 5256        ehSched - ok
22:39:35.0339 5256        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:39:35.0355 5256        elxstor - ok
22:39:35.0370 5256        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:39:35.0370 5256        ErrDev - ok
22:39:35.0386 5256        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:39:35.0417 5256        EventSystem - ok
22:39:35.0433 5256        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:39:35.0448 5256        exfat - ok
22:39:35.0464 5256        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:39:35.0480 5256        fastfat - ok
22:39:35.0495 5256        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:39:35.0511 5256        Fax - ok
22:39:35.0511 5256        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:39:35.0526 5256        fdc - ok
22:39:35.0526 5256        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:39:35.0542 5256        fdPHost - ok
22:39:35.0558 5256        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:39:35.0573 5256        FDResPub - ok
22:39:35.0589 5256        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:39:35.0589 5256        FileInfo - ok
22:39:35.0589 5256        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:39:35.0620 5256        Filetrace - ok
22:39:35.0620 5256        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:39:35.0620 5256        flpydisk - ok
22:39:35.0636 5256        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:39:35.0636 5256        FltMgr - ok
22:39:35.0651 5256        FNETTBOH_305    (fe95ae537b41a7e2f4cfe353064dc4af) C:\Windows\system32\drivers\FNETTBOH_305.SYS
22:39:35.0651 5256        FNETTBOH_305 - ok
22:39:35.0651 5256        FNETURPX        (7c3c4b4c951ec1bdfd4f769d05e2cc68) C:\Windows\system32\drivers\FNETURPX.SYS
22:39:35.0667 5256        FNETURPX - ok
22:39:35.0698 5256        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:39:35.0714 5256        FontCache - ok
22:39:35.0729 5256        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:39:35.0729 5256        FontCache3.0.0.0 - ok
22:39:35.0729 5256        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:39:35.0745 5256        FsDepends - ok
22:39:35.0745 5256        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:39:35.0745 5256        Fs_Rec - ok
22:39:35.0760 5256        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:39:35.0760 5256        fvevol - ok
22:39:35.0776 5256        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:39:35.0776 5256        gagp30kx - ok
22:39:35.0776 5256        GEARAspiWDM - ok
22:39:35.0807 5256        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:39:35.0838 5256        gpsvc - ok
22:39:35.0838 5256        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:39:35.0854 5256        hcw85cir - ok
22:39:35.0854 5256        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:39:35.0870 5256        HdAudAddService - ok
22:39:35.0870 5256        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:39:35.0885 5256        HDAudBus - ok
22:39:35.0885 5256        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:39:35.0901 5256        HidBatt - ok
22:39:35.0901 5256        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:39:35.0916 5256        HidBth - ok
22:39:35.0916 5256        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:39:35.0932 5256        HidIr - ok
22:39:35.0932 5256        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:39:35.0963 5256        hidserv - ok
22:39:35.0963 5256        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:39:35.0963 5256        HidUsb - ok
22:39:35.0979 5256        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:39:35.0994 5256        hkmsvc - ok
22:39:36.0010 5256        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:39:36.0010 5256        HomeGroupListener - ok
22:39:36.0026 5256        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:39:36.0041 5256        HomeGroupProvider - ok
22:39:36.0041 5256        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:39:36.0041 5256        HpSAMD - ok
22:39:36.0072 5256        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:39:36.0104 5256        HTTP - ok
22:39:36.0104 5256        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:39:36.0104 5256        hwpolicy - ok
22:39:36.0104 5256        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:39:36.0119 5256        i8042prt - ok
22:39:36.0135 5256        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:39:36.0150 5256        iaStorV - ok
22:39:36.0182 5256        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:39:36.0197 5256        idsvc - ok
22:39:36.0556 5256        igfx            (276ee9cdab16c50e1df0e4cefa882f5f) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:39:36.0759 5256        igfx - ok
22:39:36.0790 5256        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:39:36.0806 5256        iirsp - ok
22:39:36.0821 5256        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:39:36.0868 5256        IKEEXT - ok
22:39:36.0946 5256        IntcAzAudAddService (a0c2c3d4c03c4fb896cfc53873784178) C:\Windows\system32\drivers\RTKVHD64.sys
22:39:36.0977 5256        IntcAzAudAddService - ok
22:39:37.0024 5256        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:39:37.0024 5256        intelide - ok
22:39:37.0040 5256        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:39:37.0040 5256        intelppm - ok
22:39:37.0055 5256        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:39:37.0086 5256        IPBusEnum - ok
22:39:37.0086 5256        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:39:37.0118 5256        IpFilterDriver - ok
22:39:37.0133 5256        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
22:39:37.0149 5256        iphlpsvc - ok
22:39:37.0164 5256        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:39:37.0180 5256        IPMIDRV - ok
22:39:37.0180 5256        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:39:37.0211 5256        IPNAT - ok
22:39:37.0211 5256        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:39:37.0227 5256        IRENUM - ok
22:39:37.0227 5256        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:39:37.0242 5256        isapnp - ok
22:39:37.0242 5256        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:39:37.0258 5256        iScsiPrt - ok
22:39:37.0258 5256        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:39:37.0274 5256        kbdclass - ok
22:39:37.0274 5256        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
22:39:37.0274 5256        kbdhid - ok
22:39:37.0289 5256        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:39:37.0289 5256        KeyIso - ok
22:39:37.0305 5256        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
22:39:37.0305 5256        KSecDD - ok
22:39:37.0320 5256        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
22:39:37.0320 5256        KSecPkg - ok
22:39:37.0336 5256        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:39:37.0352 5256        ksthunk - ok
22:39:37.0367 5256        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:39:37.0383 5256        KtmRm - ok
22:39:37.0398 5256        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
22:39:37.0430 5256        LanmanServer - ok
22:39:37.0430 5256        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:39:37.0445 5256        LanmanWorkstation - ok
22:39:37.0461 5256        LGBusEnum      (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
22:39:37.0461 5256        LGBusEnum - ok
22:39:37.0476 5256        LGSHidFilt      (158d22b9ea55c5d7449add199015715e) C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
22:39:37.0476 5256        LGSHidFilt - ok
22:39:37.0476 5256        LGVirHid        (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
22:39:37.0476 5256        LGVirHid - ok
22:39:37.0492 5256        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:39:37.0508 5256        lltdio - ok
22:39:37.0523 5256        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:39:37.0554 5256        lltdsvc - ok
22:39:37.0554 5256        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:39:37.0570 5256        lmhosts - ok
22:39:37.0586 5256        LMS            (9ad4bee2fe76d4ca39ac969b617e94fb) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:39:37.0601 5256        LMS - ok
22:39:37.0617 5256        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:39:37.0617 5256        LSI_FC - ok
22:39:37.0632 5256        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:39:37.0632 5256        LSI_SAS - ok
22:39:37.0648 5256        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:39:37.0648 5256        LSI_SAS2 - ok
22:39:37.0664 5256        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:39:37.0664 5256        LSI_SCSI - ok
22:39:37.0679 5256        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:39:37.0695 5256        luafv - ok
22:39:37.0710 5256        MBAMProtector  (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
22:39:37.0710 5256        MBAMProtector - ok
22:39:37.0726 5256        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:39:37.0742 5256        MBAMService - ok
22:39:37.0742 5256        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:39:37.0757 5256        Mcx2Svc - ok
22:39:37.0757 5256        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:39:37.0757 5256        megasas - ok
22:39:37.0773 5256        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:39:37.0788 5256        MegaSR - ok
22:39:37.0804 5256        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
22:39:37.0804 5256        MEIx64 - ok
22:39:37.0820 5256        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:39:37.0835 5256        MMCSS - ok
22:39:37.0851 5256        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:39:37.0866 5256        Modem - ok
22:39:37.0866 5256        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:39:37.0882 5256        monitor - ok
22:39:37.0882 5256        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:39:37.0898 5256        mouclass - ok
22:39:37.0898 5256        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:39:37.0898 5256        mouhid - ok
22:39:37.0913 5256        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:39:37.0913 5256        mountmgr - ok
22:39:37.0929 5256        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:39:37.0944 5256        MozillaMaintenance - ok
22:39:37.0944 5256        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:39:37.0960 5256        mpio - ok
22:39:37.0976 5256        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:39:37.0991 5256        mpsdrv - ok
22:39:38.0007 5256        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
22:39:38.0038 5256        MpsSvc - ok
22:39:38.0054 5256        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:39:38.0054 5256        MRxDAV - ok
22:39:38.0069 5256        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:39:38.0085 5256        mrxsmb - ok
22:39:38.0100 5256        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:39:38.0116 5256        mrxsmb10 - ok
22:39:38.0116 5256        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:39:38.0132 5256        mrxsmb20 - ok
22:39:38.0132 5256        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:39:38.0132 5256        msahci - ok
22:39:38.0147 5256        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:39:38.0147 5256        msdsm - ok
22:39:38.0163 5256        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:39:38.0163 5256        MSDTC - ok
22:39:38.0178 5256        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:39:38.0194 5256        Msfs - ok
22:39:38.0194 5256        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:39:38.0210 5256        mshidkmdf - ok
22:39:38.0225 5256        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:39:38.0225 5256        msisadrv - ok
22:39:38.0241 5256        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:39:38.0256 5256        MSiSCSI - ok
22:39:38.0256 5256        msiserver - ok
22:39:38.0256 5256        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:39:38.0288 5256        MSKSSRV - ok
22:39:38.0288 5256        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:39:38.0303 5256        MSPCLOCK - ok
22:39:38.0303 5256        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:39:38.0334 5256        MSPQM - ok
22:39:38.0334 5256        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:39:38.0350 5256        MsRPC - ok
22:39:38.0350 5256        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:39:38.0366 5256        mssmbios - ok
22:39:38.0366 5256        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:39:38.0381 5256        MSTEE - ok
22:39:38.0381 5256        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:39:38.0397 5256        MTConfig - ok
22:39:38.0397 5256        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:39:38.0412 5256        Mup - ok
22:39:38.0428 5256        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:39:38.0444 5256        napagent - ok
22:39:38.0459 5256        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:39:38.0475 5256        NativeWifiP - ok
22:39:38.0506 5256        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:39:38.0522 5256        NDIS - ok
22:39:38.0537 5256        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:39:38.0553 5256        NdisCap - ok
22:39:38.0553 5256        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:39:38.0568 5256        NdisTapi - ok
22:39:38.0584 5256        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:39:38.0600 5256        Ndisuio - ok
22:39:38.0615 5256        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:39:38.0631 5256        NdisWan - ok
22:39:38.0631 5256        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:39:38.0662 5256        NDProxy - ok
22:39:38.0662 5256        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:39:38.0678 5256        NetBIOS - ok
22:39:38.0693 5256        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:39:38.0709 5256        NetBT - ok
22:39:38.0724 5256        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:39:38.0724 5256        Netlogon - ok
22:39:38.0740 5256        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:39:38.0756 5256        Netman - ok
22:39:38.0787 5256        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:39:38.0802 5256        netprofm - ok
22:39:38.0818 5256        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:39:38.0818 5256        NetTcpPortSharing - ok
22:39:38.0834 5256        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:39:38.0834 5256        nfrd960 - ok
22:39:38.0849 5256        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:39:38.0880 5256        NlaSvc - ok
22:39:38.0880 5256        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:39:38.0896 5256        Npfs - ok
22:39:38.0912 5256        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:39:38.0927 5256        nsi - ok
22:39:38.0927 5256        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:39:38.0943 5256        nsiproxy - ok
22:39:38.0990 5256        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:39:39.0021 5256        Ntfs - ok
22:39:39.0068 5256        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:39:39.0099 5256        Null - ok
22:39:39.0114 5256        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:39:39.0114 5256        nvraid - ok
22:39:39.0130 5256        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:39:39.0130 5256        nvstor - ok
22:39:39.0146 5256        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:39:39.0146 5256        nv_agp - ok
22:39:39.0177 5256        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:39:39.0177 5256        odserv - ok
22:39:39.0192 5256        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:39:39.0192 5256        ohci1394 - ok
22:39:39.0208 5256        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:39:39.0208 5256        ose - ok
22:39:39.0224 5256        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:39:39.0239 5256        p2pimsvc - ok
22:39:39.0255 5256        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:39:39.0270 5256        p2psvc - ok
22:39:39.0286 5256        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:39:39.0286 5256        Parport - ok
22:39:39.0302 5256        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:39:39.0302 5256        partmgr - ok
22:39:39.0317 5256        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:39:39.0333 5256        PcaSvc - ok
22:39:39.0348 5256        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:39:39.0348 5256        pci - ok
22:39:39.0348 5256        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:39:39.0364 5256        pciide - ok
22:39:39.0380 5256        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:39:39.0380 5256        pcmcia - ok
22:39:39.0395 5256        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:39:39.0395 5256        pcw - ok
22:39:39.0411 5256        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:39:39.0442 5256        PEAUTH - ok
22:39:39.0473 5256        PeerDistSvc    (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
22:39:39.0504 5256        PeerDistSvc - ok
22:39:39.0551 5256        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:39:39.0567 5256        PerfHost - ok
22:39:39.0645 5256        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:39:39.0692 5256        pla - ok
22:39:39.0707 5256        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:39:39.0723 5256        PlugPlay - ok
22:39:39.0723 5256        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:39:39.0738 5256        PNRPAutoReg - ok
22:39:39.0754 5256        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:39:39.0754 5256        PNRPsvc - ok
22:39:39.0770 5256        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:39:39.0801 5256        PolicyAgent - ok
22:39:39.0816 5256        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:39:39.0848 5256        Power - ok
22:39:39.0863 5256        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:39:39.0879 5256        PptpMiniport - ok
22:39:39.0894 5256        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:39:39.0894 5256        Processor - ok
22:39:39.0910 5256        ProfSvc        (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
22:39:39.0926 5256        ProfSvc - ok
22:39:39.0926 5256        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:39:39.0941 5256        ProtectedStorage - ok
22:39:39.0957 5256        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:39:39.0972 5256        Psched - ok
22:39:40.0019 5256        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:39:40.0050 5256        ql2300 - ok
22:39:40.0082 5256        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:39:40.0097 5256        ql40xx - ok
22:39:40.0113 5256        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:39:40.0128 5256        QWAVE - ok
22:39:40.0144 5256        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:39:40.0144 5256        QWAVEdrv - ok
22:39:40.0160 5256        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:39:40.0175 5256        RasAcd - ok
22:39:40.0191 5256        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:39:40.0206 5256        RasAgileVpn - ok
22:39:40.0222 5256        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:39:40.0238 5256        RasAuto - ok
22:39:40.0253 5256        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:39:40.0269 5256        Rasl2tp - ok
22:39:40.0284 5256        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:39:40.0300 5256        RasMan - ok
22:39:40.0316 5256        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:39:40.0331 5256        RasPppoe - ok
22:39:40.0347 5256        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:39:40.0362 5256        RasSstp - ok
22:39:40.0378 5256        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:39:40.0409 5256        rdbss - ok
22:39:40.0409 5256        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:39:40.0409 5256        rdpbus - ok
22:39:40.0409 5256        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:39:40.0440 5256        RDPCDD - ok
22:39:40.0456 5256        RDPDR          (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
22:39:40.0456 5256        RDPDR - ok
22:39:40.0456 5256        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:39:40.0487 5256        RDPENCDD - ok
22:39:40.0487 5256        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:39:40.0503 5256        RDPREFMP - ok
22:39:40.0518 5256        RDPWD          (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
22:39:40.0518 5256        RDPWD - ok
22:39:40.0534 5256        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:39:40.0534 5256        rdyboost - ok
22:39:40.0550 5256        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:39:40.0565 5256        RemoteAccess - ok
22:39:40.0581 5256        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:39:40.0612 5256        RemoteRegistry - ok
22:39:40.0612 5256        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:39:40.0643 5256        RpcEptMapper - ok
22:39:40.0643 5256        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:39:40.0643 5256        RpcLocator - ok
22:39:40.0659 5256        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:39:40.0690 5256        RpcSs - ok
22:39:40.0690 5256        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:39:40.0721 5256        rspndr - ok
22:39:40.0737 5256        RTL8167        (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys
22:39:40.0737 5256        RTL8167 - ok
22:39:40.0752 5256        s3cap          (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
22:39:40.0752 5256        s3cap - ok
22:39:40.0752 5256        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:39:40.0768 5256        SamSs - ok
22:39:40.0768 5256        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:39:40.0768 5256        sbp2port - ok
22:39:40.0815 5256        SBSDWSCService  (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
22:39:40.0830 5256        SBSDWSCService - ok
22:39:40.0846 5256        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:39:40.0877 5256        SCardSvr - ok
22:39:40.0877 5256        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:39:40.0908 5256        scfilter - ok
22:39:40.0924 5256        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:39:40.0971 5256        Schedule - ok
22:39:40.0971 5256        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:39:40.0986 5256        SCPolicySvc - ok
22:39:41.0002 5256        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:39:41.0018 5256        SDRSVC - ok
22:39:41.0018 5256        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:39:41.0033 5256        secdrv - ok
22:39:41.0049 5256        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:39:41.0064 5256        seclogon - ok
22:39:41.0080 5256        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:39:41.0096 5256        SENS - ok
22:39:41.0096 5256        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:39:41.0111 5256        SensrSvc - ok
22:39:41.0111 5256        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:39:41.0111 5256        Serenum - ok
22:39:41.0127 5256        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:39:41.0142 5256        Serial - ok
22:39:41.0142 5256        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:39:41.0142 5256        sermouse - ok
22:39:41.0158 5256        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:39:41.0189 5256        SessionEnv - ok
22:39:41.0189 5256        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:39:41.0189 5256        sffdisk - ok
22:39:41.0205 5256        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:39:41.0205 5256        sffp_mmc - ok
22:39:41.0205 5256        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:39:41.0220 5256        sffp_sd - ok
22:39:41.0220 5256        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:39:41.0220 5256        sfloppy - ok
22:39:41.0236 5256        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:39:41.0267 5256        SharedAccess - ok
22:39:41.0283 5256        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:39:41.0298 5256        ShellHWDetection - ok
22:39:41.0314 5256        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:39:41.0314 5256        SiSRaid2 - ok
22:39:41.0330 5256        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:39:41.0330 5256        SiSRaid4 - ok
22:39:41.0345 5256        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:39:41.0361 5256        Smb - ok
22:39:41.0376 5256        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:39:41.0376 5256        SNMPTRAP - ok
22:39:41.0376 5256        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:39:41.0392 5256        spldr - ok
22:39:41.0408 5256        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:39:41.0439 5256        Spooler - ok
22:39:41.0532 5256        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:39:41.0610 5256        sppsvc - ok
22:39:41.0642 5256        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:39:41.0673 5256        sppuinotify - ok
22:39:41.0688 5256        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:39:41.0704 5256        srv - ok
22:39:41.0720 5256        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:39:41.0735 5256        srv2 - ok
22:39:41.0751 5256        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:39:41.0751 5256        srvnet - ok
22:39:41.0766 5256        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:39:41.0798 5256        SSDPSRV - ok
22:39:41.0813 5256        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:39:41.0829 5256        SstpSvc - ok
22:39:41.0844 5256        StarWindServiceAE (b1691af4a072cb674d600db16dd7308e) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
22:39:41.0860 5256        StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
22:39:41.0860 5256        StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
22:39:41.0860 5256        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:39:41.0860 5256        stexstor - ok
22:39:41.0876 5256        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:39:41.0907 5256        stisvc - ok
22:39:41.0907 5256        storflt        (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
22:39:41.0907 5256        storflt - ok
22:39:41.0907 5256        StorSvc        (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
22:39:41.0922 5256        StorSvc - ok
22:39:41.0922 5256        storvsc        (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
22:39:41.0938 5256        storvsc - ok
22:39:41.0938 5256        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:39:41.0938 5256        swenum - ok
22:39:41.0969 5256        SwitchBoard    (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:39:41.0969 5256        SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
22:39:41.0969 5256        SwitchBoard - detected UnsignedFile.Multi.Generic (1)
22:39:41.0985 5256        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:39:42.0016 5256        swprv - ok
22:39:42.0063 5256        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:39:42.0110 5256        SysMain - ok
22:39:42.0141 5256        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:39:42.0172 5256        TabletInputService - ok
22:39:42.0188 5256        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:39:42.0219 5256        TapiSrv - ok
22:39:42.0234 5256        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:39:42.0250 5256        TBS - ok
22:39:42.0312 5256        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:39:42.0344 5256        Tcpip - ok
22:39:42.0437 5256        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:39:42.0468 5256        TCPIP6 - ok
22:39:42.0500 5256        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:39:42.0531 5256        tcpipreg - ok
22:39:42.0531 5256        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:39:42.0531 5256        TDPIPE - ok
22:39:42.0546 5256        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:39:42.0546 5256        TDTCP - ok
22:39:42.0562 5256        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:39:42.0578 5256        tdx - ok
22:39:42.0593 5256        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:39:42.0593 5256        TermDD - ok
22:39:42.0609 5256        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:39:42.0640 5256        TermService - ok
22:39:42.0640 5256        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:39:42.0656 5256        Themes - ok
22:39:42.0671 5256        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:39:42.0687 5256        THREADORDER - ok
22:39:42.0702 5256        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:39:42.0718 5256        TrkWks - ok
22:39:42.0734 5256        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:39:42.0749 5256        TrustedInstaller - ok
22:39:42.0765 5256        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:39:42.0780 5256        tssecsrv - ok
22:39:42.0780 5256        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:39:42.0796 5256        TsUsbFlt - ok
22:39:42.0796 5256        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:39:42.0812 5256        tunnel - ok
22:39:42.0827 5256        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:39:42.0827 5256        uagp35 - ok
22:39:42.0843 5256        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:39:42.0874 5256        udfs - ok
22:39:42.0874 5256        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:39:42.0890 5256        UI0Detect - ok
22:39:42.0890 5256        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:39:42.0905 5256        uliagpkx - ok
22:39:42.0905 5256        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:39:42.0921 5256        umbus - ok
22:39:42.0921 5256        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:39:42.0921 5256        UmPass - ok
22:39:42.0936 5256        UmRdpService    (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
22:39:42.0936 5256        UmRdpService - ok
22:39:43.0030 5256        UNS            (cd114ce02a10fa79c229770788106842) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:39:43.0077 5256        UNS - ok
22:39:43.0124 5256        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:39:43.0170 5256        upnphost - ok
22:39:43.0186 5256        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:39:43.0202 5256        usbccgp - ok
22:39:43.0202 5256        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:39:43.0217 5256        usbcir - ok
22:39:43.0217 5256        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
22:39:43.0217 5256        usbehci - ok
22:39:43.0233 5256        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:39:43.0248 5256        usbhub - ok
22:39:43.0248 5256        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:39:43.0248 5256        usbohci - ok
22:39:43.0264 5256        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:39:43.0264 5256        usbprint - ok
22:39:43.0280 5256        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:39:43.0280 5256        usbscan - ok
22:39:43.0295 5256        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:39:43.0295 5256        USBSTOR - ok
22:39:43.0311 5256        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:39:43.0311 5256        usbuhci - ok
22:39:43.0311 5256        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:39:43.0342 5256        UxSms - ok
22:39:43.0342 5256        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:39:43.0342 5256        VaultSvc - ok
22:39:43.0358 5256        VClone          (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
22:39:43.0358 5256        VClone - ok
22:39:43.0358 5256        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:39:43.0373 5256        vdrvroot - ok
22:39:43.0389 5256        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:39:43.0420 5256        vds - ok
22:39:43.0420 5256        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:39:43.0436 5256        vga - ok
22:39:43.0436 5256        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:39:43.0451 5256        VgaSave - ok
22:39:43.0467 5256        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:39:43.0467 5256        vhdmp - ok
22:39:43.0467 5256        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:39:43.0482 5256        viaide - ok
22:39:43.0482 5256        vmbus          (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
22:39:43.0498 5256        vmbus - ok
22:39:43.0498 5256        VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
22:39:43.0498 5256        VMBusHID - ok
22:39:43.0514 5256        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:39:43.0514 5256        volmgr - ok
22:39:43.0529 5256        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:39:43.0545 5256        volmgrx - ok
22:39:43.0545 5256        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:39:43.0560 5256        volsnap - ok
22:39:43.0576 5256        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:39:43.0576 5256        vsmraid - ok
22:39:43.0623 5256        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:39:43.0670 5256        VSS - ok
22:39:43.0701 5256        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:39:43.0716 5256        vwifibus - ok
22:39:43.0716 5256        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:39:43.0732 5256        vwififlt - ok
22:39:43.0748 5256        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:39:43.0779 5256        W32Time - ok
22:39:43.0779 5256        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:39:43.0794 5256        WacomPen - ok
22:39:43.0794 5256        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:39:43.0810 5256        WANARP - ok
22:39:43.0810 5256        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:39:43.0826 5256        Wanarpv6 - ok
22:39:43.0872 5256        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:39:43.0919 5256        wbengine - ok
22:39:43.0966 5256        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:39:43.0982 5256        WbioSrvc - ok
22:39:43.0997 5256        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:39:44.0013 5256        wcncsvc - ok
22:39:44.0013 5256        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:39:44.0028 5256        WcsPlugInService - ok
22:39:44.0028 5256        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:39:44.0044 5256        Wd - ok
22:39:44.0060 5256        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:39:44.0075 5256        Wdf01000 - ok
22:39:44.0091 5256        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:39:44.0106 5256        WdiServiceHost - ok
22:39:44.0106 5256        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:39:44.0106 5256        WdiSystemHost - ok
22:39:44.0122 5256        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:39:44.0138 5256        WebClient - ok
22:39:44.0138 5256        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:39:44.0169 5256        Wecsvc - ok
22:39:44.0184 5256        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:39:44.0200 5256        wercplsupport - ok
22:39:44.0216 5256        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:39:44.0231 5256        WerSvc - ok
22:39:44.0247 5256        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:39:44.0262 5256        WfpLwf - ok
22:39:44.0262 5256        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:39:44.0278 5256        WIMMount - ok
22:39:44.0278 5256        WinDefend - ok
22:39:44.0278 5256        WinHttpAutoProxySvc - ok
22:39:44.0294 5256        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:39:44.0309 5256        Winmgmt - ok
22:39:44.0372 5256        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:39:44.0418 5256        WinRM - ok
22:39:44.0481 5256        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:39:44.0496 5256        Wlansvc - ok
22:39:44.0512 5256        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:39:44.0512 5256        WmiAcpi - ok
22:39:44.0543 5256        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:39:44.0543 5256        wmiApSrv - ok
22:39:44.0543 5256        WMPNetworkSvc - ok
22:39:44.0559 5256        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:39:44.0559 5256        WPCSvc - ok
22:39:44.0574 5256        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:39:44.0574 5256        WPDBusEnum - ok
22:39:44.0574 5256        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:39:44.0606 5256        ws2ifsl - ok
22:39:44.0621 5256        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
22:39:44.0621 5256        wscsvc - ok
22:39:44.0621 5256        WSearch - ok
22:39:44.0699 5256        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
22:39:44.0746 5256        wuauserv - ok
22:39:44.0793 5256        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:39:44.0808 5256        WudfPf - ok
22:39:44.0824 5256        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:39:44.0855 5256        WUDFRd - ok
22:39:44.0871 5256        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:39:44.0886 5256        wudfsvc - ok
22:39:44.0902 5256        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:39:44.0918 5256        WwanSvc - ok
22:39:44.0918 5256        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:39:45.0042 5256        \Device\Harddisk0\DR0 - ok
22:39:45.0042 5256        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
22:39:45.0510 5256        \Device\Harddisk1\DR1 - ok
22:39:45.0510 5256        Boot (0x1200)  (3861f9930ddf7e6d750b32dc792d7780) \Device\Harddisk0\DR0\Partition0
22:39:45.0510 5256        \Device\Harddisk0\DR0\Partition0 - ok
22:39:45.0526 5256        Boot (0x1200)  (9749c4f7ad4716c0da0c16e09186ec7c) \Device\Harddisk0\DR0\Partition1
22:39:45.0526 5256        \Device\Harddisk0\DR0\Partition1 - ok
22:39:45.0526 5256        Boot (0x1200)  (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk1\DR1\Partition0
22:39:45.0526 5256        \Device\Harddisk1\DR1\Partition0 - ok
22:39:45.0526 5256        Boot (0x1200)  (e438f11ef70cd677f66a3b656b12f195) \Device\Harddisk1\DR1\Partition1
22:39:45.0526 5256        \Device\Harddisk1\DR1\Partition1 - ok
22:39:45.0526 5256        Boot (0x1200)  (3e9b87f4d0a51e122513201ca262f0cf) \Device\Harddisk1\DR1\Partition2
22:39:45.0526 5256        \Device\Harddisk1\DR1\Partition2 - ok
22:39:45.0542 5256        Boot (0x1200)  (e7baf98192e63f3b2b691b12ef9cbed9) \Device\Harddisk1\DR1\Partition3
22:39:45.0542 5256        \Device\Harddisk1\DR1\Partition3 - ok
22:39:45.0542 5256        Boot (0x1200)  (9c20a74263925ec75cb85ed8b94f1777) \Device\Harddisk1\DR1\Partition4
22:39:45.0542 5256        \Device\Harddisk1\DR1\Partition4 - ok
22:39:45.0542 5256        Boot (0x1200)  (a7bd39d4cedf0caf48bf5253c1a8c224) \Device\Harddisk1\DR1\Partition5
22:39:45.0542 5256        \Device\Harddisk1\DR1\Partition5 - ok
22:39:45.0542 5256        ============================================================
22:39:45.0542 5256        Scan finished
22:39:45.0542 5256        ============================================================
22:39:45.0557 5248        Detected object count: 2
22:39:45.0557 5248        Actual detected object count: 2
22:40:01.0656 5248        StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
22:40:01.0656 5248        StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:40:01.0656 5248        SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
22:40:01.0656 5248        SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:40:25.0245 3164        Deinitialize success

cosinus 23.05.2012 21:43
Nein das ist ok

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Trox 23.05.2012 22:10
Code:
ComboFix 12-05-23.05 - Kutti 23.05.2012  23:00:04.1.4 - x64
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.8105.6209 [GMT 2:00]
ausgeführt von:: c:\users\Kutti\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-04-23 bis 2012-05-23  ))))))))))))))))))))))))))))))
.
.
2012-05-23 20:07 . 2012-05-23 20:07        --------        d-----w-        C:\_OTL
2012-05-22 14:25 . 2012-05-22 14:25        283200        ----a-w-        c:\windows\system32\drivers\dtsoftbus01.sys
2012-05-22 14:25 . 2012-05-22 14:25        --------        d-----w-        c:\program files (x86)\DAEMON Tools Lite
2012-05-13 23:14 . 2012-05-13 23:14        --------        d-----w-        c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-05-13 21:19 . 2012-05-13 21:19        --------        d-----w-        c:\users\Kutti\AppData\Roaming\Malwarebytes
2012-05-13 21:19 . 2012-05-13 23:07        --------        d-----w-        c:\programdata\Malwarebytes
2012-05-13 21:19 . 2012-05-13 21:19        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-13 21:19 . 2012-04-04 13:56        24904        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-05-13 20:34 . 2012-05-13 20:34        --------        d-----w-        c:\program files (x86)\ESET
2012-05-11 21:40 . 2012-03-30 11:35        1918320        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2012-05-11 21:40 . 2012-03-31 06:05        5559664        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-05-11 21:40 . 2012-03-31 04:39        3968368        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2012-05-11 21:40 . 2012-03-31 04:39        3913072        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2012-05-11 21:40 . 2012-03-31 03:10        3146240        ----a-w-        c:\windows\system32\win32k.sys
2012-05-11 21:39 . 2012-03-03 06:35        1544704        ----a-w-        c:\windows\system32\DWrite.dll
2012-05-11 21:39 . 2012-03-03 05:31        1077248        ----a-w-        c:\windows\SysWow64\DWrite.dll
2012-05-11 21:39 . 2012-03-31 05:42        1732096        ----a-w-        c:\program files\Windows Journal\NBDoc.DLL
2012-05-11 21:39 . 2012-03-31 05:40        1402880        ----a-w-        c:\program files\Windows Journal\JNWDRV.dll
2012-05-11 21:39 . 2012-03-31 05:40        1367552        ----a-w-        c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 21:39 . 2012-03-31 05:40        1393664        ----a-w-        c:\program files\Windows Journal\JNTFiltr.dll
2012-05-11 21:39 . 2012-03-31 04:29        936960        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 21:39 . 2012-03-17 07:58        75120        ----a-w-        c:\windows\system32\drivers\partmgr.sys
2012-04-26 13:34 . 2012-04-26 13:43        --------        d-----w-        c:\users\Kutti\AppData\Local\Songbird2
2012-04-26 13:34 . 2012-04-26 13:34        --------        d-----w-        c:\users\Kutti\AppData\Roaming\Songbird2
2012-04-26 13:34 . 2012-01-19 11:21        15664        ----a-w-        c:\windows\SysWow64\drivers\GEARAspiWDM.sys
2012-04-26 13:34 . 2012-01-19 11:21        109360        ----a-w-        c:\windows\SysWow64\GEARAspi.dll
2012-04-26 13:34 . 2012-04-26 13:34        --------        d-----w-        c:\program files (x86)\Songbird
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-10 23:35 . 2012-03-30 05:32        419488        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-10 23:35 . 2011-06-08 10:56        70304        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-01 06:46 . 2012-04-17 06:36        23408        ----a-w-        c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-17 06:36        220672        ----a-w-        c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-17 06:36        81408        ----a-w-        c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-17 06:36        5120        ----a-w-        c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-17 06:36        172544        ----a-w-        c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-17 06:36        159232        ----a-w-        c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-17 06:36        5120        ----a-w-        c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-17 06:36        2311168        ----a-w-        c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-17 06:36        1390080        ----a-w-        c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-17 06:36        1493504        ----a-w-        c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-17 06:36        2382848        ----a-w-        c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-17 06:36        1799168        ----a-w-        c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-17 06:36        1427456        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-17 06:36        1127424        ----a-w-        c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-17 06:36        2382848        ----a-w-        c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-09-30 203928]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"XFastUsb"="c:\program files (x86)\XFastUsb\XFastUsb.exe" [2011-06-08 4942336]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Duden Korrektor SysTray"="c:\program files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe" [2011-07-14 332432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute        REG_MULTI_SZ          autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-02-14 276248]
R3 cpuz130;cpuz130;c:\users\Kutti\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\6de2ed6f-0b56-4d57-b0f0-551ec8cbb27f]
2011-07-01 10:38        153232        ---ha-w-        c:\programdata\Duden\DKReg.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 110360]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-14 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-14 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-14 440600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.linkury.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Kutti\AppData\Roaming\Mozilla\Firefox\Profiles\8q14n56l.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-ASRockXTU - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-05-23  23:03:52 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-05-23 21:03
.
Vor Suchlauf: 11 Verzeichnis(se), 52.140.462.080 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 51.964.043.264 Bytes frei
.
- - End Of File - - B42A70BB510B8080B6B1C34281BDF088

cosinus 24.05.2012 20:18
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Trox 24.05.2012 23:21
Also hier noch das Logfile von aswMBR:
Aber wonach suchen wir denn eigentlich so genau? :wtf: Dass das Problem nicht mehr besteht, seit ich meinen Firefox neu installiert habe, hast Du noch im Hinterkopf?

Trotzdem schon mal danke für Deine Gründlichkeit

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-25 00:01:35
-----------------------------
00:01:35.218    OS Version: Windows x64 6.1.7601 Service Pack 1
00:01:35.218    Number of processors: 4 586 0x2A07
00:01:35.218    ComputerName: KUTTINAT0R  UserName: Kutti
00:01:35.389    Initialize success
00:03:05.971    AVAST engine defs: 12052401
00:08:46.426    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
00:08:46.426    Disk 0 Vendor: INTEL_SSDSA2CW120G3 4PC10302 Size: 114473MB BusType: 11
00:08:46.426    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
00:08:46.426    Disk 1 Vendor: WDC_WD20EARS-00MVWB0 51.0AB51 Size: 1907729MB BusType: 11
00:08:46.426    Disk 0 MBR read successfully
00:08:46.442    Disk 0 MBR scan
00:08:46.442    Disk 0 Windows 7 default MBR code
00:08:46.442    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
00:08:46.442    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      114371 MB offset 206848
00:08:46.457    Disk 0 scanning C:\Windows\system32\drivers
00:08:48.641    Service scanning
00:08:53.977    Modules scanning
00:08:53.977    Disk 0 trace - called modules:
00:08:53.992    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
00:08:53.992    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800786c060]
00:08:53.992    3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8007658060]
00:08:54.164    AVAST engine scan C:\Windows
00:08:54.663    AVAST engine scan C:\Windows\system32
00:09:45.457    AVAST engine scan C:\Windows\system32\drivers
00:09:48.000    AVAST engine scan C:\Users\Kutti
00:10:16.298    AVAST engine scan C:\ProgramData
00:10:26.516    Scan finished successfully
00:14:08.005    Disk 0 MBR has been saved successfully to "C:\Users\Kutti\Desktop\MBR.dat"
00:14:08.005    The log file has been saved successfully to "C:\Users\Kutti\Desktop\aswMBR.txt"

cosinus 25.05.2012 10:56
Das sind Routinechecks, beu den heutigen Schädlingen muss man schon immer auf Root- und Bootkits prüfen!

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:32 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131