Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Firefox öffnet Kreditseite (https://www.trojaner-board.de/108226-firefox-oeffnet-kreditseite.html)

cetus1980 23.01.2012 19:06
Code:

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f97de7c-de07-11e0-917d-406186850599}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f97de7c-de07-11e0-917d-406186850599}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f97de7c-de07-11e0-917d-406186850599}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f97de7c-de07-11e0-917d-406186850599}\ not found.
File K:\LaunchU3.exe -a not found.
C:\Users\Florian\AppData\Local\S2PC folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Florian
->Temp folder emptied: 4244210 bytes
->Temporary Internet Files folder emptied: 9499029 bytes
->Java cache emptied: 5083585 bytes
->FireFox cache emptied: 44106501 bytes
->Flash cache emptied: 570 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4256 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 746 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 60,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 01232012_190108

Files\Folders moved on Reboot...
C:\Users\Florian\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

cosinus 23.01.2012 21:34
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

cetus1980 24.01.2012 18:41
Code:

18:38:53.0291 4644        TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
18:38:53.0650 4644        ============================================================
18:38:53.0650 4644        Current date / time: 2012/01/24 18:38:53.0650
18:38:53.0650 4644        SystemInfo:
18:38:53.0650 4644       
18:38:53.0650 4644        OS Version: 6.1.7601 ServicePack: 1.0
18:38:53.0650 4644        Product type: Workstation
18:38:53.0650 4644        ComputerName: FLORIAN-PC
18:38:53.0665 4644        UserName: Florian
18:38:53.0665 4644        Windows directory: C:\Windows
18:38:53.0665 4644        System windows directory: C:\Windows
18:38:53.0665 4644        Running under WOW64
18:38:53.0665 4644        Processor architecture: Intel x64
18:38:53.0665 4644        Number of processors: 4
18:38:53.0665 4644        Page size: 0x1000
18:38:53.0665 4644        Boot type: Normal boot
18:38:53.0665 4644        ============================================================
18:38:54.0336 4644        Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:38:54.0414 4644        Initialize success
18:39:00.0451 4732        ============================================================
18:39:00.0451 4732        Scan started
18:39:00.0451 4732        Mode: Manual; SigCheck; TDLFS;
18:39:00.0451 4732        ============================================================
18:39:00.0904 4732        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:39:01.0013 4732        1394ohci - ok
18:39:01.0044 4732        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:39:01.0060 4732        ACPI - ok
18:39:01.0091 4732        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:39:01.0107 4732        AcpiPmi - ok
18:39:01.0216 4732        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:39:01.0231 4732        adp94xx - ok
18:39:01.0263 4732        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:39:01.0278 4732        adpahci - ok
18:39:01.0309 4732        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:39:01.0309 4732        adpu320 - ok
18:39:01.0372 4732        AFD            (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
18:39:01.0403 4732        AFD - ok
18:39:01.0450 4732        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:39:01.0450 4732        agp440 - ok
18:39:01.0465 4732        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:39:01.0481 4732        aliide - ok
18:39:01.0512 4732        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:39:01.0528 4732        amdide - ok
18:39:01.0575 4732        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:39:01.0606 4732        AmdK8 - ok
18:39:01.0637 4732        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:39:01.0653 4732        AmdPPM - ok
18:39:01.0684 4732        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:39:01.0699 4732        amdsata - ok
18:39:01.0746 4732        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:39:01.0777 4732        amdsbs - ok
18:39:01.0793 4732        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:39:01.0809 4732        amdxata - ok
18:39:01.0933 4732        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:39:02.0011 4732        AppID - ok
18:39:02.0043 4732        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:39:02.0058 4732        arc - ok
18:39:02.0074 4732        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:39:02.0074 4732        arcsas - ok
18:39:02.0136 4732        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:39:02.0199 4732        AsyncMac - ok
18:39:02.0230 4732        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:39:02.0230 4732        atapi - ok
18:39:02.0261 4732        AtiHdmiService  (506934df94e3197f4a1bbe8fbeab0ccd) C:\Windows\system32\drivers\AtiHdmi.sys
18:39:02.0323 4732        AtiHdmiService - ok
18:39:02.0495 4732        atikmdag        (79ceb8d4f25cabe69f3762c90f5b06b8) C:\Windows\system32\DRIVERS\atikmdag.sys
18:39:02.0557 4732        atikmdag - ok
18:39:02.0651 4732        avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
18:39:02.0667 4732        avgntflt - ok
18:39:02.0713 4732        avipbb          (f1c9db5f7b2a56a0b29667d22ba540fc) C:\Windows\system32\DRIVERS\avipbb.sys
18:39:02.0745 4732        avipbb - ok
18:39:02.0760 4732        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
18:39:02.0776 4732        avkmgr - ok
18:39:02.0854 4732        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:39:02.0885 4732        b06bdrv - ok
18:39:02.0901 4732        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:39:02.0916 4732        b57nd60a - ok
18:39:02.0932 4732        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:39:02.0963 4732        Beep - ok
18:39:03.0041 4732        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:39:03.0072 4732        blbdrive - ok
18:39:03.0103 4732        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:39:03.0119 4732        bowser - ok
18:39:03.0135 4732        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:39:03.0150 4732        BrFiltLo - ok
18:39:03.0150 4732        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:39:03.0166 4732        BrFiltUp - ok
18:39:03.0244 4732        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:39:03.0275 4732        Brserid - ok
18:39:03.0291 4732        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:39:03.0306 4732        BrSerWdm - ok
18:39:03.0322 4732        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:39:03.0322 4732        BrUsbMdm - ok
18:39:03.0337 4732        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:39:03.0353 4732        BrUsbSer - ok
18:39:03.0384 4732        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:39:03.0400 4732        BTHMODEM - ok
18:39:03.0462 4732        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:39:03.0540 4732        cdfs - ok
18:39:03.0665 4732        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:39:03.0696 4732        cdrom - ok
18:39:03.0743 4732        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:39:03.0790 4732        circlass - ok
18:39:03.0852 4732        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:39:03.0883 4732        CLFS - ok
18:39:03.0961 4732        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:39:03.0993 4732        CmBatt - ok
18:39:04.0039 4732        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:39:04.0055 4732        cmdide - ok
18:39:04.0086 4732        CNG            (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:39:04.0117 4732        CNG - ok
18:39:04.0133 4732        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:39:04.0133 4732        Compbatt - ok
18:39:04.0164 4732        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:39:04.0180 4732        CompositeBus - ok
18:39:04.0242 4732        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:39:04.0258 4732        crcdisk - ok
18:39:04.0305 4732        CSC            (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:39:04.0336 4732        CSC - ok
18:39:04.0398 4732        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:39:04.0445 4732        DfsC - ok
18:39:04.0492 4732        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:39:04.0570 4732        discache - ok
18:39:04.0617 4732        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:39:04.0617 4732        Disk - ok
18:39:04.0663 4732        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:39:04.0679 4732        drmkaud - ok
18:39:04.0726 4732        DslMNLwf        (d52eeb224df107aad9059597f0eb95cc) C:\Windows\system32\DRIVERS\dslmnlwf.sys
18:39:04.0741 4732        DslMNLwf - ok
18:39:04.0788 4732        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:39:04.0835 4732        DXGKrnl - ok
18:39:04.0944 4732        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:39:04.0991 4732        ebdrv - ok
18:39:05.0069 4732        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:39:05.0100 4732        elxstor - ok
18:39:05.0147 4732        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:39:05.0147 4732        ErrDev - ok
18:39:05.0178 4732        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:39:05.0209 4732        exfat - ok
18:39:05.0272 4732        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:39:05.0350 4732        fastfat - ok
18:39:05.0365 4732        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:39:05.0365 4732        fdc - ok
18:39:05.0397 4732        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:39:05.0397 4732        FileInfo - ok
18:39:05.0412 4732        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:39:05.0443 4732        Filetrace - ok
18:39:05.0475 4732        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:39:05.0506 4732        flpydisk - ok
18:39:05.0553 4732        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:39:05.0568 4732        FltMgr - ok
18:39:05.0599 4732        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:39:05.0615 4732        FsDepends - ok
18:39:05.0646 4732        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:39:05.0677 4732        Fs_Rec - ok
18:39:05.0709 4732        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:39:05.0755 4732        fvevol - ok
18:39:05.0787 4732        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:39:05.0818 4732        gagp30kx - ok
18:39:05.0880 4732        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:39:05.0911 4732        hcw85cir - ok
18:39:05.0943 4732        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:39:05.0958 4732        HDAudBus - ok
18:39:05.0989 4732        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:39:06.0005 4732        HidBatt - ok
18:39:06.0021 4732        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:39:06.0036 4732        HidBth - ok
18:39:06.0052 4732        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:39:06.0067 4732        HidIr - ok
18:39:06.0114 4732        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:39:06.0145 4732        HidUsb - ok
18:39:06.0177 4732        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:39:06.0192 4732        HpSAMD - ok
18:39:06.0239 4732        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:39:06.0286 4732        HTTP - ok
18:39:06.0333 4732        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:39:06.0364 4732        hwpolicy - ok
18:39:06.0411 4732        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:39:06.0442 4732        i8042prt - ok
18:39:06.0473 4732        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:39:06.0504 4732        iaStorV - ok
18:39:06.0598 4732        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:39:06.0629 4732        iirsp - ok
18:39:06.0723 4732        IntcAzAudAddService (ee64207f2f5c20bfe5f73db2566c4601) C:\Windows\system32\drivers\RTKVHD64.sys
18:39:06.0769 4732        IntcAzAudAddService - ok
18:39:06.0816 4732        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:39:06.0847 4732        intelide - ok
18:39:06.0879 4732        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:39:06.0894 4732        intelppm - ok
18:39:06.0925 4732        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:39:06.0957 4732        IpFilterDriver - ok
18:39:06.0988 4732        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:39:06.0988 4732        IPMIDRV - ok
18:39:07.0050 4732        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:39:07.0128 4732        IPNAT - ok
18:39:07.0144 4732        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:39:07.0159 4732        IRENUM - ok
18:39:07.0175 4732        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:39:07.0191 4732        isapnp - ok
18:39:07.0237 4732        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:39:07.0269 4732        iScsiPrt - ok
18:39:07.0300 4732        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:39:07.0300 4732        kbdclass - ok
18:39:07.0315 4732        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:39:07.0331 4732        kbdhid - ok
18:39:07.0347 4732        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:39:07.0362 4732        KSecDD - ok
18:39:07.0409 4732        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:39:07.0440 4732        KSecPkg - ok
18:39:07.0471 4732        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:39:07.0503 4732        ksthunk - ok
18:39:07.0534 4732        L8042mou        (e78b48ba32e4f623cc8ebe80ead9fa89) C:\Windows\system32\DRIVERS\L8042mou.Sys
18:39:07.0549 4732        L8042mou - ok
18:39:07.0627 4732        LHidFilt        (0a7d6ed578d85f0c35353424ee3f5245) C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:39:07.0643 4732        LHidFilt - ok
18:39:07.0674 4732        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:39:07.0721 4732        lltdio - ok
18:39:07.0752 4732        LMouFilt        (6542e2e6db58118fbb1b82a68ce3aff9) C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:39:07.0752 4732        LMouFilt - ok
18:39:07.0830 4732        LMouKE          (a4a7e16a35e895f46095644f54aa4ef8) C:\Windows\system32\DRIVERS\LMouKE.Sys
18:39:07.0846 4732        LMouKE - ok
18:39:07.0893 4732        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:39:07.0908 4732        LSI_FC - ok
18:39:07.0924 4732        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:39:07.0924 4732        LSI_SAS - ok
18:39:07.0939 4732        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:39:07.0955 4732        LSI_SAS2 - ok
18:39:08.0002 4732        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:39:08.0033 4732        LSI_SCSI - ok
18:39:08.0064 4732        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:39:08.0095 4732        luafv - ok
18:39:08.0127 4732        LUsbFilt        (da3494df01c62d821911ed91ce5e1642) C:\Windows\system32\Drivers\LUsbFilt.Sys
18:39:08.0142 4732        LUsbFilt - ok
18:39:08.0205 4732        LVPr2M64        (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:39:08.0220 4732        LVPr2M64 - ok
18:39:08.0236 4732        LVPr2Mon        (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:39:08.0251 4732        LVPr2Mon - ok
18:39:08.0267 4732        LVRS64          (a43a6cbea073990a784603ef065a281b) C:\Windows\system32\DRIVERS\lvrs64.sys
18:39:08.0283 4732        LVRS64 - ok
18:39:08.0407 4732        LVUVC64        (4350876ab0d0c77d0b40a1c85935c96b) C:\Windows\system32\DRIVERS\lvuvc64.sys
18:39:08.0501 4732        LVUVC64 - ok
18:39:08.0563 4732        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:39:08.0579 4732        megasas - ok
18:39:08.0595 4732        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:39:08.0641 4732        MegaSR - ok
18:39:08.0657 4732        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:39:08.0688 4732        Modem - ok
18:39:08.0704 4732        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:39:08.0719 4732        monitor - ok
18:39:08.0782 4732        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:39:08.0813 4732        mouclass - ok
18:39:08.0844 4732        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:39:08.0875 4732        mouhid - ok
18:39:08.0891 4732        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:39:08.0907 4732        mountmgr - ok
18:39:08.0938 4732        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:39:08.0953 4732        mpio - ok
18:39:09.0000 4732        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:39:09.0063 4732        mpsdrv - ok
18:39:09.0078 4732        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:39:09.0094 4732        MRxDAV - ok
18:39:09.0125 4732        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:39:09.0125 4732        mrxsmb - ok
18:39:09.0156 4732        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:39:09.0156 4732        mrxsmb10 - ok
18:39:09.0219 4732        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:39:09.0250 4732        mrxsmb20 - ok
18:39:09.0281 4732        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:39:09.0297 4732        msahci - ok
18:39:09.0312 4732        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:39:09.0328 4732        msdsm - ok
18:39:09.0359 4732        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:39:09.0375 4732        Msfs - ok
18:39:09.0437 4732        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:39:09.0484 4732        mshidkmdf - ok
18:39:09.0499 4732        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:39:09.0499 4732        msisadrv - ok
18:39:09.0531 4732        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:39:09.0562 4732        MSKSSRV - ok
18:39:09.0562 4732        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:39:09.0593 4732        MSPCLOCK - ok
18:39:09.0624 4732        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:39:09.0640 4732        MSPQM - ok
18:39:09.0718 4732        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:39:09.0749 4732        MsRPC - ok
18:39:09.0780 4732        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:39:09.0796 4732        mssmbios - ok
18:39:09.0811 4732        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:39:09.0858 4732        MSTEE - ok
18:39:09.0874 4732        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:39:09.0889 4732        MTConfig - ok
18:39:09.0952 4732        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:39:09.0967 4732        Mup - ok
18:39:09.0999 4732        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:39:10.0030 4732        NativeWifiP - ok
18:39:10.0061 4732        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:39:10.0077 4732        NDIS - ok
18:39:10.0155 4732        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:39:10.0217 4732        NdisCap - ok
18:39:10.0233 4732        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:39:10.0264 4732        NdisTapi - ok
18:39:10.0295 4732        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:39:10.0326 4732        Ndisuio - ok
18:39:10.0342 4732        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:39:10.0373 4732        NdisWan - ok
18:39:10.0435 4732        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:39:10.0498 4732        NDProxy - ok
18:39:10.0545 4732        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:39:10.0591 4732        NetBIOS - ok
18:39:10.0654 4732        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:39:10.0716 4732        NetBT - ok
18:39:10.0747 4732        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:39:10.0763 4732        nfrd960 - ok
18:39:10.0794 4732        nmwcd          (88f2f2cb9faee2e14bccf384f4c88061) C:\Windows\system32\drivers\ccdcmbx64.sys
18:39:10.0810 4732        nmwcd - ok
18:39:10.0888 4732        nmwcdc          (31c1fac4ae14fb2f8771c59ba3f90bad) C:\Windows\system32\drivers\ccdcmbox64.sys
18:39:10.0919 4732        nmwcdc - ok
18:39:10.0950 4732        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:39:10.0981 4732        Npfs - ok
18:39:11.0013 4732        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:39:11.0044 4732        nsiproxy - ok
18:39:11.0075 4732        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:39:11.0106 4732        Ntfs - ok
18:39:11.0153 4732        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:39:11.0200 4732        Null - ok
18:39:11.0247 4732        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:39:11.0278 4732        nvraid - ok
18:39:11.0293 4732        nvsmu          (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\DRIVERS\nvsmu.sys
18:39:11.0309 4732        nvsmu - ok
18:39:11.0356 4732        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:39:11.0371 4732        nvstor - ok
18:39:11.0403 4732        nvstor64        (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
18:39:11.0418 4732        nvstor64 - ok
18:39:11.0449 4732        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:39:11.0449 4732        nv_agp - ok
18:39:11.0512 4732        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:39:11.0543 4732        ohci1394 - ok
18:39:11.0590 4732        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:39:11.0590 4732        Parport - ok
18:39:11.0621 4732        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:39:11.0621 4732        partmgr - ok
18:39:11.0715 4732        pccsmcfd        (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
18:39:11.0746 4732        pccsmcfd - ok
18:39:11.0777 4732        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:39:11.0793 4732        pci - ok
18:39:11.0793 4732        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:39:11.0808 4732        pciide - ok
18:39:11.0839 4732        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:39:11.0839 4732        pcmcia - ok
18:39:11.0902 4732        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:39:11.0917 4732        pcw - ok
18:39:11.0949 4732        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:39:11.0980 4732        PEAUTH - ok
18:39:12.0151 4732        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:39:12.0198 4732        PptpMiniport - ok
18:39:12.0229 4732        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:39:12.0245 4732        Processor - ok
18:39:12.0276 4732        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:39:12.0307 4732        Psched - ok
18:39:12.0385 4732        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:39:12.0417 4732        ql2300 - ok
18:39:12.0448 4732        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:39:12.0448 4732        ql40xx - ok
18:39:12.0479 4732        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:39:12.0479 4732        QWAVEdrv - ok
18:39:12.0495 4732        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:39:12.0526 4732        RasAcd - ok
18:39:12.0588 4732        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:39:12.0666 4732        RasAgileVpn - ok
18:39:12.0697 4732        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:39:12.0729 4732        Rasl2tp - ok
18:39:12.0744 4732        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:39:12.0760 4732        RasPppoe - ok
18:39:12.0775 4732        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:39:12.0807 4732        RasSstp - ok
18:39:12.0869 4732        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:39:12.0916 4732        rdbss - ok
18:39:12.0931 4732        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:39:12.0947 4732        rdpbus - ok
18:39:12.0963 4732        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:39:12.0994 4732        RDPCDD - ok
18:39:13.0009 4732        RDPDR          (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:39:13.0025 4732        RDPDR - ok
18:39:13.0041 4732        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:39:13.0056 4732        RDPENCDD - ok
18:39:13.0072 4732        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:39:13.0103 4732        RDPREFMP - ok
18:39:13.0181 4732        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
18:39:13.0228 4732        RDPWD - ok
18:39:13.0243 4732        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:39:13.0259 4732        rdyboost - ok
18:39:13.0290 4732        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:39:13.0321 4732        rspndr - ok
18:39:13.0399 4732        RTL8167        (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:39:13.0431 4732        RTL8167 - ok
18:39:13.0446 4732        s3cap          (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:39:13.0462 4732        s3cap - ok
18:39:13.0477 4732        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:39:13.0493 4732        sbp2port - ok
18:39:13.0524 4732        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:39:13.0555 4732        scfilter - ok
18:39:13.0618 4732        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:39:13.0649 4732        secdrv - ok
18:39:13.0665 4732        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:39:13.0680 4732        Serenum - ok
18:39:13.0680 4732        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:39:13.0696 4732        Serial - ok
18:39:13.0727 4732        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:39:13.0743 4732        sermouse - ok
18:39:13.0836 4732        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:39:13.0867 4732        sffdisk - ok
18:39:13.0883 4732        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:39:13.0899 4732        sffp_mmc - ok
18:39:13.0914 4732        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:39:13.0930 4732        sffp_sd - ok
18:39:13.0945 4732        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:39:13.0961 4732        sfloppy - ok
18:39:14.0023 4732        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:39:14.0023 4732        SiSRaid2 - ok
18:39:14.0039 4732        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:39:14.0055 4732        SiSRaid4 - ok
18:39:14.0070 4732        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:39:14.0101 4732        Smb - ok
18:39:14.0133 4732        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:39:14.0133 4732        spldr - ok
18:39:14.0211 4732        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:39:14.0242 4732        srv - ok
18:39:14.0257 4732        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:39:14.0273 4732        srv2 - ok
18:39:14.0289 4732        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:39:14.0304 4732        srvnet - ok
18:39:14.0367 4732        SSPORT          (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
18:39:14.0398 4732        SSPORT - ok
18:39:14.0429 4732        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:39:14.0429 4732        stexstor - ok
18:39:14.0476 4732        storflt        (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
18:39:14.0476 4732        storflt - ok
18:39:14.0491 4732        storvsc        (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:39:14.0507 4732        storvsc - ok
18:39:14.0554 4732        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:39:14.0585 4732        swenum - ok
18:39:14.0647 4732        Tcpip          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
18:39:14.0679 4732        Tcpip - ok
18:39:14.0757 4732        TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
18:39:14.0788 4732        TCPIP6 - ok
18:39:14.0819 4732        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:39:14.0850 4732        tcpipreg - ok
18:39:14.0881 4732        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:39:14.0913 4732        TDPIPE - ok
18:39:14.0928 4732        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:39:14.0959 4732        TDTCP - ok
18:39:15.0037 4732        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:39:15.0084 4732        tdx - ok
18:39:15.0100 4732        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:39:15.0115 4732        TermDD - ok
18:39:15.0225 4732        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:39:15.0256 4732        tssecsrv - ok
18:39:15.0287 4732        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:39:15.0287 4732        TsUsbFlt - ok
18:39:15.0381 4732        TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
18:39:15.0396 4732        TuneUpUtilitiesDrv - ok
18:39:15.0459 4732        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:39:15.0490 4732        tunnel - ok
18:39:15.0505 4732        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:39:15.0505 4732        uagp35 - ok
18:39:15.0537 4732        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:39:15.0568 4732        udfs - ok
18:39:15.0615 4732        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:39:15.0615 4732        uliagpkx - ok
18:39:15.0677 4732        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:39:15.0708 4732        umbus - ok
18:39:15.0739 4732        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:39:15.0739 4732        UmPass - ok
18:39:15.0786 4732        upperdev        (fbd861e69e1f583bec906fcd04e4f84e) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
18:39:15.0817 4732        upperdev - ok
18:39:15.0880 4732        usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
18:39:15.0927 4732        usbaudio - ok
18:39:15.0942 4732        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:39:15.0958 4732        usbccgp - ok
18:39:15.0973 4732        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:39:15.0989 4732        usbcir - ok
18:39:16.0051 4732        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:39:16.0067 4732        usbehci - ok
18:39:16.0098 4732        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:39:16.0114 4732        usbhub - ok
18:39:16.0129 4732        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
18:39:16.0145 4732        usbohci - ok
18:39:16.0161 4732        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:39:16.0176 4732        usbprint - ok
18:39:16.0223 4732        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
18:39:16.0254 4732        usbscan - ok
18:39:16.0285 4732        usbser          (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
18:39:16.0301 4732        usbser - ok
18:39:16.0317 4732        UsbserFilt      (0fbb0080b287bbcbf5c7076e3d74a35c) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
18:39:16.0332 4732        UsbserFilt - ok
18:39:16.0363 4732        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:39:16.0363 4732        USBSTOR - ok
18:39:16.0395 4732        usbuhci        (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
18:39:16.0395 4732        usbuhci - ok
18:39:16.0457 4732        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
18:39:16.0488 4732        usbvideo - ok
18:39:16.0582 4732        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:39:16.0613 4732        vdrvroot - ok
18:39:16.0644 4732        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:39:16.0660 4732        vga - ok
18:39:16.0675 4732        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:39:16.0707 4732        VgaSave - ok
18:39:16.0722 4732        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:39:16.0738 4732        vhdmp - ok
18:39:16.0785 4732        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:39:16.0800 4732        viaide - ok
18:39:16.0816 4732        vmbus          (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
18:39:16.0816 4732        vmbus - ok
18:39:16.0831 4732        VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:39:16.0847 4732        VMBusHID - ok
18:39:16.0847 4732        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:39:16.0863 4732        volmgr - ok
18:39:16.0878 4732        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:39:16.0894 4732        volmgrx - ok
18:39:16.0972 4732        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:39:17.0003 4732        volsnap - ok
18:39:17.0034 4732        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:39:17.0065 4732        vsmraid - ok
18:39:17.0081 4732        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
18:39:17.0097 4732        vwifibus - ok
18:39:17.0112 4732        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:39:17.0128 4732        WacomPen - ok
18:39:17.0190 4732        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:39:17.0253 4732        WANARP - ok
18:39:17.0253 4732        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:39:17.0284 4732        Wanarpv6 - ok
18:39:17.0362 4732        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:39:17.0393 4732        Wd - ok
18:39:17.0471 4732        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:39:17.0502 4732        Wdf01000 - ok
18:39:17.0580 4732        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:39:17.0596 4732        WfpLwf - ok
18:39:17.0611 4732        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:39:17.0627 4732        WIMMount - ok
18:39:17.0658 4732        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:39:17.0674 4732        WmiAcpi - ok
18:39:17.0721 4732        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:39:17.0736 4732        ws2ifsl - ok
18:39:17.0814 4732        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:39:17.0845 4732        WudfPf - ok
18:39:17.0861 4732        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:39:17.0892 4732        WUDFRd - ok
18:39:17.0908 4732        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:39:17.0986 4732        \Device\Harddisk0\DR0 - ok
18:39:17.0986 4732        Boot (0x1200)  (61fcaa32fae9db380baea9444aab20d4) \Device\Harddisk0\DR0\Partition0
18:39:17.0986 4732        \Device\Harddisk0\DR0\Partition0 - ok
18:39:18.0017 4732        Boot (0x1200)  (e3e5a808c463d0a55c6b7228acf8a29f) \Device\Harddisk0\DR0\Partition1
18:39:18.0017 4732        \Device\Harddisk0\DR0\Partition1 - ok
18:39:18.0033 4732        Boot (0x1200)  (1f10faef5e6f85087f1ef77fdf23d506) \Device\Harddisk0\DR0\Partition2
18:39:18.0033 4732        \Device\Harddisk0\DR0\Partition2 - ok
18:39:18.0048 4732        Boot (0x1200)  (653eae94600ef7885e13b8a44a825a4b) \Device\Harddisk0\DR0\Partition3
18:39:18.0048 4732        \Device\Harddisk0\DR0\Partition3 - ok
18:39:18.0048 4732        ============================================================
18:39:18.0048 4732        Scan finished
18:39:18.0048 4732        ============================================================
18:39:18.0079 4744        Detected object count: 0
18:39:18.0079 4744        Actual detected object count: 0

cosinus 24.01.2012 20:35
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

cetus1980 03.02.2012 13:56
[code]
Combofix Logfile:
Code:
ComboFix 12-01-23.02 - Florian 03.02.2012  13:42:09.1.4 - x64
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.4095.2781 [GMT 1:00]
ausgeführt von:: c:\users\Florian\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\system32\java.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-01-03 bis 2012-02-03  ))))))))))))))))))))))))))))))
.
.
2012-02-03 12:46 . 2012-02-03 12:46        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-01-25 17:43 . 2012-01-25 17:43        --------        d-----w-        c:\users\Florian\AppData\Roaming\Avira
2012-01-25 17:41 . 2011-12-15 14:00        27760        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2012-01-25 17:41 . 2011-12-15 13:59        97312        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2012-01-25 17:41 . 2011-12-15 13:59        130760        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-01-25 17:41 . 2012-01-25 17:41        --------        d-----w-        c:\program files (x86)\Avira
2012-01-24 20:11 . 2012-01-24 20:11        --------        d-----w-        c:\program files (x86)\Ask.com
2012-01-23 18:01 . 2012-01-23 18:01        --------        d-----w-        C:\_OTL
2012-01-22 18:58 . 2012-01-22 18:58        --------        d-----w-        c:\users\Florian\dwhelper
2012-01-15 20:12 . 2012-01-15 20:12        --------        d-----w-        c:\users\Florian\AppData\Roaming\Malwarebytes
2012-01-15 20:12 . 2012-01-15 20:12        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-15 20:12 . 2012-01-15 20:12        --------        d-----w-        c:\programdata\Malwarebytes
2012-01-15 20:12 . 2011-12-10 14:24        23152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-01-14 18:03 . 2012-01-24 19:57        414368        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-12 21:29 . 2012-01-14 18:29        --------        d-----w-        c:\users\Florian\AppData\Local\Opera
2012-01-12 21:29 . 2012-01-14 18:29        --------        d-----w-        c:\program files (x86)\Opera
2012-01-12 19:24 . 2012-01-12 19:24        --------        d-----w-        c:\program files\Java
2012-01-11 22:43 . 2012-01-12 20:23        --------        d-----w-        c:\program files\Microsoft Silverlight
2012-01-11 16:48 . 2011-10-26 05:25        1572864        ----a-w-        c:\windows\system32\quartz.dll
2012-01-11 16:48 . 2011-10-26 05:25        366592        ----a-w-        c:\windows\system32\qdvd.dll
2012-01-11 16:48 . 2011-10-26 04:32        514560        ----a-w-        c:\windows\SysWow64\qdvd.dll
2012-01-11 16:48 . 2011-10-26 04:32        1328128        ----a-w-        c:\windows\SysWow64\quartz.dll
2012-01-11 16:47 . 2011-11-17 06:41        1731920        ----a-w-        c:\windows\system32\ntdll.dll
2012-01-11 16:47 . 2011-11-17 05:38        1292080        ----a-w-        c:\windows\SysWow64\ntdll.dll
2012-01-11 16:47 . 2011-11-19 14:58        77312        ----a-w-        c:\windows\system32\packager.dll
2012-01-11 16:47 . 2011-11-19 14:01        67072        ----a-w-        c:\windows\SysWow64\packager.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-12 20:31 . 2010-05-13 20:40        472808        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2012-01-12 20:11 . 2011-11-08 19:54        525544        ----a-w-        c:\windows\system32\deployJava1.dll
2011-12-21 00:02 . 2011-12-21 00:02        4448256        ----a-w-        c:\windows\SysWow64\GPhotos.scr
2011-11-24 04:52 . 2011-12-13 19:32        3145216        ----a-w-        c:\windows\system32\win32k.sys
2006-05-03 10:06        163328        --sha-r-        c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47        31232        --sha-r-        c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30        216064        --sha-r-        c:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00        107520        --sha-r-        c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-07-27 21:41        1493160        ----a-w-        c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-07-27 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="d:\programme\ICQ7.6\ICQ.exe" [2011-10-16 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-18 98304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2011-07-06 688128]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-07-27 397992]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - d:\programme\DSL-Manager\DslMgr.exe [2010-5-13 1085440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"LWS"=c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
"QuickTime Task"="d:\multimediaprogramme\QuickTime\QTTask.exe" -atboottime
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech Webcam 500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 TDslMgrService;DSL-Manager;d:\programme\DSL-Manager\DslMgrSvc.exe [2008-10-23 307200]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 DslMNLwf;DSL-Manager NDIS LightWeight Filter;c:\windows\system32\DRIVERS\dslmnlwf.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-12-15 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-12-15 463824]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-09-30 1403200]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2010-02-24 11856]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-06 8158240]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - d:\programme\ICQ7.6\ICQ.exe
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\d3kcebxe.default\
FF - prefs.js: browser.search.selectedEngine - Amazon.de
FF - prefs.js: browser.startup.homepage - hxxp://www.t-online.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2977951965-3881512990-2941591932-1001\Software\SecuROM\License information*]
"datasecu"=hex:d7,da,69,2d,c0,09,f5,9e,68,4d,41,87,a9,e1,a5,3b,1c,12,5f,c5,a1,
  bb,f0,50,42,f6,67,ba,0d,d2,c0,a8,b5,9a,a1,4a,97,da,bd,af,e6,3c,fe,93,d2,27,\
"rkeysecu"=hex:ac,e6,a9,fc,63,7e,ea,61,fb,9c,1d,60,75,0d,6c,cd
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-02-03  13:47:44
ComboFix-quarantined-files.txt  2012-02-03 12:47
.
Vor Suchlauf: 8 Verzeichnis(se), 365.211.897.856 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 364.718.915.584 Bytes frei
.
- - End Of File - - 19AC753D3955A7A95A3D1298B870830B
--- --- ---

cosinus 03.02.2012 14:41
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

cetus1980 09.02.2012 18:21
Code:


aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software
Run date: 2012-02-09 17:25:23
-----------------------------
17:25:23.989    OS Version: Windows x64 6.1.7601 Service Pack 1
17:25:23.989    Number of processors: 4 586 0x502
17:25:23.989    ComputerName: FLORIAN-PC  UserName: Florian
17:25:24.722    Initialize success
17:44:23.790    AVAST engine defs: 12020902
18:05:32.164    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
18:05:32.180    Disk 0 Vendor: Hitachi_ ST6O Size: 953869MB BusType: 3
18:05:32.195    Disk 0 MBR read successfully
18:05:32.211    Disk 0 MBR scan
18:05:32.320    Disk 0 Windows 7 default MBR code
18:05:32.320    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
18:05:32.367    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      399900 MB offset 206848
18:05:32.383    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      270000 MB offset 819202048
18:05:32.414    Disk 0 Partition 4 00    07    HPFS/NTFS NTFS      283867 MB offset 1372162048
18:05:32.429    Service scanning
18:05:41.181    Modules scanning
18:05:41.181    Disk 0 trace - called modules:
18:05:41.212    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
18:05:41.228    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d1c060]
18:05:41.228    3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004a95710]
18:05:41.228    5 ACPI.sys[fffff88000f6d7a1] -> nt!IofCallDriver -> \Device\0000005d[0xfffffa8004a95060]
18:05:46.501    AVAST engine scan C:\Windows
18:05:57.280    AVAST engine scan C:\Windows\system32
18:10:59.667    AVAST engine scan C:\Windows\system32\drivers
18:11:28.917    AVAST engine scan C:\Users\Florian
18:16:52.664    AVAST engine scan C:\ProgramData
18:18:13.176    Scan finished successfully
18:19:15.170    Disk 0 MBR has been saved successfully to "C:\Users\Florian\MBR.dat"
18:19:15.186    The log file has been saved successfully to "C:\Users\Florian\aswMBR.txt"

cetus1980 09.02.2012 18:22
Die Weiterleitung auf diese kreditseite ist mittlerweile weg

cosinus 09.02.2012 21:13
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:33 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27