BOO/TDss.M im Masterbootsektor gefunden.(Antivir) Auch nach Systemrücksetzung mit Samsung Recovery

tomtom84 · 25.10.2011, 01:49

Soeben erledigt.
Antivir meckert beim Systemstart nicht mehr...
Ich lass es gleich nochmal durchlaufen.
Ich bin dir auf jeden Fall schonmal unendlich dankbar!
Bin ich nun safe?

cosinus · 25.10.2011, 11:12

Nein wir müssen noch weiter ran, poste erstmal das neue TDSS-Killer-Log nach dem Fix.

tomtom84 · 25.10.2011, 11:31

Hier die neue Logfile:

Zitat:

12:30:17.0364 3952 TDSS rootkit removing tool 2.6.12.0 Oct 21 2011 11:23:48
12:30:17.0554 3952 ============================================================
12:30:17.0554 3952 Current date / time: 2011/10/25 12:30:17.0554
12:30:17.0554 3952 SystemInfo:
12:30:17.0554 3952
12:30:17.0554 3952 OS Version: 6.1.7600 ServicePack: 0.0
12:30:17.0554 3952 Product type: Workstation
12:30:17.0554 3952 ComputerName: TOM-PC
12:30:17.0554 3952 UserName: Tom
12:30:17.0554 3952 Windows directory: C:\windows
12:30:17.0554 3952 System windows directory: C:\windows
12:30:17.0554 3952 Processor architecture: Intel x86
12:30:17.0554 3952 Number of processors: 4
12:30:17.0554 3952 Page size: 0x1000
12:30:17.0554 3952 Boot type: Normal boot
12:30:17.0554 3952 ============================================================
12:30:26.0401 3952 Initialize success
12:30:31.0612 3792 ============================================================
12:30:31.0612 3792 Scan started
12:30:31.0612 3792 Mode: Manual; SigCheck; TDLFS;
12:30:31.0612 3792 ============================================================
12:30:32.0625 3792 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
12:30:32.0690 3792 1394ohci - ok
12:30:32.0742 3792 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
12:30:32.0760 3792 ACPI - ok
12:30:32.0772 3792 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
12:30:32.0790 3792 AcpiPmi - ok
12:30:32.0837 3792 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
12:30:32.0861 3792 adp94xx - ok
12:30:32.0891 3792 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
12:30:32.0909 3792 adpahci - ok
12:30:32.0927 3792 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
12:30:32.0942 3792 adpu320 - ok
12:30:33.0000 3792 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
12:30:33.0021 3792 AFD - ok
12:30:33.0040 3792 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
12:30:33.0052 3792 agp440 - ok
12:30:33.0084 3792 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
12:30:33.0097 3792 aic78xx - ok
12:30:33.0154 3792 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
12:30:33.0167 3792 aliide - ok
12:30:33.0177 3792 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
12:30:33.0191 3792 amdagp - ok
12:30:33.0205 3792 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
12:30:33.0216 3792 amdide - ok
12:30:33.0237 3792 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
12:30:33.0254 3792 AmdK8 - ok
12:30:33.0265 3792 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
12:30:33.0281 3792 AmdPPM - ok
12:30:33.0325 3792 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
12:30:33.0340 3792 amdsata - ok
12:30:33.0365 3792 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
12:30:33.0379 3792 amdsbs - ok
12:30:33.0398 3792 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
12:30:33.0408 3792 amdxata - ok
12:30:33.0444 3792 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
12:30:33.0462 3792 AppID - ok
12:30:33.0493 3792 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
12:30:33.0505 3792 arc - ok
12:30:33.0515 3792 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
12:30:33.0528 3792 arcsas - ok
12:30:33.0544 3792 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
12:30:33.0576 3792 AsyncMac - ok
12:30:33.0605 3792 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
12:30:33.0616 3792 atapi - ok
12:30:33.0679 3792 athr (0f4b6b99d6cdc1d93df1fa690796b2f7) C:\windows\system32\DRIVERS\athr.sys
12:30:33.0756 3792 athr - ok
12:30:33.0822 3792 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\windows\system32\DRIVERS\avgntflt.sys
12:30:33.0866 3792 avgntflt - ok
12:30:33.0896 3792 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\windows\system32\DRIVERS\avipbb.sys
12:30:33.0906 3792 avipbb - ok
12:30:33.0934 3792 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\windows\system32\DRIVERS\avkmgr.sys
12:30:33.0942 3792 avkmgr - ok
12:30:34.0008 3792 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
12:30:34.0055 3792 b06bdrv - ok
12:30:34.0098 3792 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
12:30:34.0122 3792 b57nd60x - ok
12:30:34.0183 3792 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
12:30:34.0222 3792 Beep - ok
12:30:34.0263 3792 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
12:30:34.0278 3792 blbdrive - ok
12:30:34.0305 3792 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
12:30:34.0322 3792 bowser - ok
12:30:34.0345 3792 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
12:30:34.0365 3792 BrFiltLo - ok
12:30:34.0375 3792 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
12:30:34.0393 3792 BrFiltUp - ok
12:30:34.0413 3792 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
12:30:34.0453 3792 Brserid - ok
12:30:34.0464 3792 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
12:30:34.0483 3792 BrSerWdm - ok
12:30:34.0492 3792 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
12:30:34.0511 3792 BrUsbMdm - ok
12:30:34.0521 3792 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
12:30:34.0535 3792 BrUsbSer - ok
12:30:34.0597 3792 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
12:30:34.0615 3792 BthEnum - ok
12:30:34.0638 3792 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
12:30:34.0658 3792 BTHMODEM - ok
12:30:34.0703 3792 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
12:30:34.0726 3792 BthPan - ok
12:30:34.0774 3792 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys
12:30:34.0800 3792 BTHPORT - ok
12:30:34.0843 3792 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys
12:30:34.0858 3792 BTHUSB - ok
12:30:34.0908 3792 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
12:30:34.0947 3792 cdfs - ok
12:30:35.0000 3792 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
12:30:35.0031 3792 cdrom - ok
12:30:35.0051 3792 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
12:30:35.0071 3792 circlass - ok
12:30:35.0115 3792 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
12:30:35.0133 3792 CLFS - ok
12:30:35.0181 3792 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
12:30:35.0200 3792 CmBatt - ok
12:30:35.0217 3792 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
12:30:35.0232 3792 cmdide - ok
12:30:35.0257 3792 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
12:30:35.0280 3792 CNG - ok
12:30:35.0309 3792 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
12:30:35.0321 3792 Compbatt - ok
12:30:35.0343 3792 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
12:30:35.0363 3792 CompositeBus - ok
12:30:35.0387 3792 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
12:30:35.0399 3792 crcdisk - ok
12:30:35.0449 3792 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
12:30:35.0465 3792 DfsC - ok
12:30:35.0478 3792 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
12:30:35.0512 3792 discache - ok
12:30:35.0538 3792 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
12:30:35.0549 3792 Disk - ok
12:30:35.0610 3792 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
12:30:35.0628 3792 drmkaud - ok
12:30:35.0671 3792 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
12:30:35.0708 3792 DXGKrnl - ok
12:30:35.0821 3792 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
12:30:35.0935 3792 ebdrv - ok
12:30:35.0964 3792 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
12:30:35.0986 3792 elxstor - ok
12:30:36.0001 3792 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
12:30:36.0014 3792 ErrDev - ok
12:30:36.0047 3792 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
12:30:36.0081 3792 exfat - ok
12:30:36.0100 3792 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
12:30:36.0134 3792 fastfat - ok
12:30:36.0173 3792 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
12:30:36.0188 3792 fdc - ok
12:30:36.0221 3792 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
12:30:36.0233 3792 FileInfo - ok
12:30:36.0246 3792 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
12:30:36.0280 3792 Filetrace - ok
12:30:36.0306 3792 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
12:30:36.0321 3792 flpydisk - ok
12:30:36.0344 3792 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
12:30:36.0361 3792 FltMgr - ok
12:30:36.0376 3792 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
12:30:36.0389 3792 FsDepends - ok
12:30:36.0430 3792 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
12:30:36.0441 3792 fssfltr - ok
12:30:36.0459 3792 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
12:30:36.0470 3792 Fs_Rec - ok
12:30:36.0513 3792 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
12:30:36.0531 3792 fvevol - ok
12:30:36.0566 3792 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
12:30:36.0579 3792 gagp30kx - ok
12:30:36.0600 3792 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
12:30:36.0632 3792 hcw85cir - ok
12:30:36.0668 3792 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
12:30:36.0693 3792 HdAudAddService - ok
12:30:36.0725 3792 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
12:30:36.0746 3792 HDAudBus - ok
12:30:36.0761 3792 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
12:30:36.0776 3792 HidBatt - ok
12:30:36.0797 3792 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
12:30:36.0816 3792 HidBth - ok
12:30:36.0837 3792 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
12:30:36.0855 3792 HidIr - ok
12:30:36.0875 3792 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
12:30:36.0890 3792 HidUsb - ok
12:30:36.0927 3792 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
12:30:36.0939 3792 HpSAMD - ok
12:30:36.0973 3792 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
12:30:37.0026 3792 HTTP - ok
12:30:37.0047 3792 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
12:30:37.0058 3792 hwpolicy - ok
12:30:37.0092 3792 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
12:30:37.0109 3792 i8042prt - ok
12:30:37.0149 3792 iaStor (edf5ecc965faaa533d35e02f47b9132e) C:\windows\system32\DRIVERS\iaStor.sys
12:30:37.0166 3792 iaStor - ok
12:30:37.0205 3792 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
12:30:37.0226 3792 iaStorV - ok
12:30:37.0382 3792 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
12:30:37.0553 3792 igfx - ok
12:30:37.0577 3792 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
12:30:37.0589 3792 iirsp - ok
12:30:37.0650 3792 Impcd (2db41ba61d5e44d0667cf126d35dcf34) C:\windows\system32\DRIVERS\Impcd.sys
12:30:37.0676 3792 Impcd - ok
12:30:37.0813 3792 IntcAzAudAddService (0a0e3c041c20c4175e1cc6580138ca38) C:\windows\system32\drivers\RTKVHDA.sys
12:30:37.0934 3792 IntcAzAudAddService - ok
12:30:37.0961 3792 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
12:30:37.0971 3792 intelide - ok
12:30:37.0998 3792 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
12:30:38.0013 3792 intelppm - ok
12:30:38.0049 3792 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
12:30:38.0084 3792 IpFilterDriver - ok
12:30:38.0107 3792 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
12:30:38.0122 3792 IPMIDRV - ok
12:30:38.0146 3792 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
12:30:38.0179 3792 IPNAT - ok
12:30:38.0225 3792 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
12:30:38.0242 3792 IRENUM - ok
12:30:38.0261 3792 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
12:30:38.0273 3792 isapnp - ok
12:30:38.0287 3792 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
12:30:38.0303 3792 iScsiPrt - ok
12:30:38.0328 3792 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
12:30:38.0339 3792 kbdclass - ok
12:30:38.0358 3792 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
12:30:38.0374 3792 kbdhid - ok
12:30:38.0392 3792 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
12:30:38.0405 3792 KSecDD - ok
12:30:38.0433 3792 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
12:30:38.0446 3792 KSecPkg - ok
12:30:38.0489 3792 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
12:30:38.0522 3792 lltdio - ok
12:30:38.0560 3792 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
12:30:38.0573 3792 LSI_FC - ok
12:30:38.0592 3792 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
12:30:38.0606 3792 LSI_SAS - ok
12:30:38.0629 3792 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
12:30:38.0640 3792 LSI_SAS2 - ok
12:30:38.0658 3792 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
12:30:38.0671 3792 LSI_SCSI - ok
12:30:38.0709 3792 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
12:30:38.0744 3792 luafv - ok
12:30:38.0783 3792 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
12:30:38.0796 3792 megasas - ok
12:30:38.0826 3792 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
12:30:38.0846 3792 MegaSR - ok
12:30:38.0865 3792 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
12:30:38.0900 3792 Modem - ok
12:30:38.0930 3792 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
12:30:38.0947 3792 monitor - ok
12:30:38.0968 3792 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
12:30:38.0981 3792 mouclass - ok
12:30:39.0007 3792 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
12:30:39.0024 3792 mouhid - ok
12:30:39.0048 3792 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
12:30:39.0061 3792 mountmgr - ok
12:30:39.0082 3792 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
12:30:39.0098 3792 mpio - ok
12:30:39.0117 3792 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
12:30:39.0153 3792 mpsdrv - ok
12:30:39.0171 3792 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
12:30:39.0190 3792 MRxDAV - ok
12:30:39.0221 3792 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
12:30:39.0236 3792 mrxsmb - ok
12:30:39.0260 3792 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
12:30:39.0278 3792 mrxsmb10 - ok
12:30:39.0289 3792 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
12:30:39.0304 3792 mrxsmb20 - ok
12:30:39.0324 3792 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
12:30:39.0334 3792 msahci - ok
12:30:39.0355 3792 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
12:30:39.0369 3792 msdsm - ok
12:30:39.0382 3792 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
12:30:39.0413 3792 Msfs - ok
12:30:39.0428 3792 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
12:30:39.0459 3792 mshidkmdf - ok
12:30:39.0484 3792 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
12:30:39.0494 3792 msisadrv - ok
12:30:39.0526 3792 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
12:30:39.0560 3792 MSKSSRV - ok
12:30:39.0570 3792 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
12:30:39.0603 3792 MSPCLOCK - ok
12:30:39.0622 3792 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
12:30:39.0654 3792 MSPQM - ok
12:30:39.0684 3792 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
12:30:39.0698 3792 MsRPC - ok
12:30:39.0710 3792 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
12:30:39.0720 3792 mssmbios - ok
12:30:39.0741 3792 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
12:30:39.0773 3792 MSTEE - ok
12:30:39.0783 3792 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
12:30:39.0798 3792 MTConfig - ok
12:30:39.0818 3792 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
12:30:39.0830 3792 Mup - ok
12:30:39.0881 3792 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
12:30:39.0906 3792 NativeWifiP - ok
12:30:39.0939 3792 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
12:30:39.0978 3792 NDIS - ok
12:30:39.0999 3792 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
12:30:40.0032 3792 NdisCap - ok
12:30:40.0062 3792 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
12:30:40.0092 3792 NdisTapi - ok
12:30:40.0105 3792 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
12:30:40.0137 3792 Ndisuio - ok
12:30:40.0157 3792 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
12:30:40.0190 3792 NdisWan - ok
12:30:40.0216 3792 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
12:30:40.0248 3792 NDProxy - ok
12:30:40.0279 3792 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
12:30:40.0310 3792 NetBIOS - ok
12:30:40.0333 3792 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
12:30:40.0369 3792 NetBT - ok
12:30:40.0411 3792 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
12:30:40.0425 3792 nfrd960 - ok
12:30:40.0441 3792 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
12:30:40.0476 3792 Npfs - ok
12:30:40.0499 3792 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
12:30:40.0530 3792 nsiproxy - ok
12:30:40.0585 3792 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
12:30:40.0646 3792 Ntfs - ok
12:30:40.0667 3792 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
12:30:40.0702 3792 Null - ok
12:30:40.0763 3792 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys
12:30:40.0780 3792 NVHDA - ok
12:30:41.0068 3792 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys
12:30:41.0444 3792 nvlddmkm - ok
12:30:41.0519 3792 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
12:30:41.0541 3792 nvraid - ok
12:30:41.0574 3792 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
12:30:41.0589 3792 nvstor - ok
12:30:41.0618 3792 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
12:30:41.0632 3792 nv_agp - ok
12:30:41.0670 3792 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
12:30:41.0686 3792 ohci1394 - ok
12:30:41.0713 3792 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
12:30:41.0730 3792 Parport - ok
12:30:41.0752 3792 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
12:30:41.0764 3792 partmgr - ok
12:30:41.0787 3792 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
12:30:41.0804 3792 Parvdm - ok
12:30:41.0827 3792 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
12:30:41.0841 3792 pci - ok
12:30:41.0853 3792 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
12:30:41.0865 3792 pciide - ok
12:30:41.0889 3792 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
12:30:41.0904 3792 pcmcia - ok
12:30:41.0922 3792 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
12:30:41.0934 3792 pcw - ok
12:30:41.0970 3792 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
12:30:42.0029 3792 PEAUTH - ok
12:30:42.0086 3792 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
12:30:42.0120 3792 PptpMiniport - ok
12:30:42.0140 3792 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
12:30:42.0155 3792 Processor - ok
12:30:42.0193 3792 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
12:30:42.0228 3792 Psched - ok
12:30:42.0289 3792 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
12:30:42.0354 3792 ql2300 - ok
12:30:42.0367 3792 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
12:30:42.0380 3792 ql40xx - ok
12:30:42.0393 3792 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
12:30:42.0412 3792 QWAVEdrv - ok
12:30:42.0422 3792 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
12:30:42.0453 3792 RasAcd - ok
12:30:42.0500 3792 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
12:30:42.0532 3792 RasAgileVpn - ok
12:30:42.0551 3792 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
12:30:42.0583 3792 Rasl2tp - ok
12:30:42.0605 3792 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
12:30:42.0638 3792 RasPppoe - ok
12:30:42.0657 3792 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
12:30:42.0688 3792 RasSstp - ok
12:30:42.0715 3792 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
12:30:42.0752 3792 rdbss - ok
12:30:42.0770 3792 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
12:30:42.0786 3792 rdpbus - ok
12:30:42.0802 3792 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
12:30:42.0833 3792 RDPCDD - ok
12:30:42.0868 3792 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
12:30:42.0898 3792 RDPENCDD - ok
12:30:42.0921 3792 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
12:30:42.0950 3792 RDPREFMP - ok
12:30:42.0962 3792 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
12:30:42.0995 3792 RDPWD - ok
12:30:43.0035 3792 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
12:30:43.0050 3792 rdyboost - ok
12:30:43.0104 3792 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
12:30:43.0126 3792 RFCOMM - ok
12:30:43.0181 3792 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
12:30:43.0213 3792 rspndr - ok
12:30:43.0242 3792 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
12:30:43.0258 3792 RTL8167 - ok
12:30:43.0295 3792 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
12:30:43.0316 3792 SABI - ok
12:30:43.0346 3792 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
12:30:43.0363 3792 sbp2port - ok
12:30:43.0377 3792 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
12:30:43.0411 3792 scfilter - ok
12:30:43.0444 3792 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
12:30:43.0474 3792 secdrv - ok
12:30:43.0515 3792 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
12:30:43.0529 3792 Serenum - ok
12:30:43.0547 3792 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
12:30:43.0564 3792 Serial - ok
12:30:43.0588 3792 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
12:30:43.0604 3792 sermouse - ok
12:30:43.0624 3792 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
12:30:43.0640 3792 sffdisk - ok
12:30:43.0649 3792 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
12:30:43.0666 3792 sffp_mmc - ok
12:30:43.0675 3792 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
12:30:43.0691 3792 sffp_sd - ok
12:30:43.0700 3792 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
12:30:43.0714 3792 sfloppy - ok
12:30:43.0728 3792 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
12:30:43.0740 3792 sisagp - ok
12:30:43.0750 3792 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
12:30:43.0761 3792 SiSRaid2 - ok
12:30:43.0771 3792 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
12:30:43.0783 3792 SiSRaid4 - ok
12:30:43.0795 3792 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
12:30:43.0828 3792 Smb - ok
12:30:43.0869 3792 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
12:30:43.0880 3792 spldr - ok
12:30:43.0916 3792 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
12:30:43.0936 3792 srv - ok
12:30:43.0957 3792 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
12:30:43.0976 3792 srv2 - ok
12:30:43.0994 3792 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
12:30:44.0008 3792 srvnet - ok
12:30:44.0078 3792 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\windows\system32\DRIVERS\ssmdrv.sys
12:30:44.0094 3792 ssmdrv - ok
12:30:44.0134 3792 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
12:30:44.0149 3792 stexstor - ok
12:30:44.0189 3792 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
12:30:44.0202 3792 swenum - ok
12:30:44.0251 3792 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
12:30:44.0267 3792 SynTP - ok
12:30:44.0342 3792 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\drivers\tcpip.sys
12:30:44.0406 3792 Tcpip - ok
12:30:44.0446 3792 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\DRIVERS\tcpip.sys
12:30:44.0479 3792 TCPIP6 - ok
12:30:44.0508 3792 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
12:30:44.0539 3792 tcpipreg - ok
12:30:44.0557 3792 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
12:30:44.0588 3792 TDPIPE - ok
12:30:44.0598 3792 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
12:30:44.0629 3792 TDTCP - ok
12:30:44.0650 3792 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
12:30:44.0683 3792 tdx - ok
12:30:44.0700 3792 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
12:30:44.0712 3792 TermDD - ok
12:30:44.0758 3792 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
12:30:44.0790 3792 tssecsrv - ok
12:30:44.0815 3792 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
12:30:44.0848 3792 tunnel - ok
12:30:44.0868 3792 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
12:30:44.0880 3792 uagp35 - ok
12:30:44.0910 3792 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\windows\system32\DRIVERS\udfs.sys
12:30:44.0930 3792 udfs - ok
12:30:44.0955 3792 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
12:30:44.0968 3792 uliagpkx - ok
12:30:45.0006 3792 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
12:30:45.0024 3792 umbus - ok
12:30:45.0036 3792 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
12:30:45.0051 3792 UmPass - ok
12:30:45.0113 3792 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\windows\system32\drivers\usbaudio.sys
12:30:45.0134 3792 usbaudio - ok
12:30:45.0163 3792 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys
12:30:45.0179 3792 usbccgp - ok
12:30:45.0190 3792 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
12:30:45.0209 3792 usbcir - ok
12:30:45.0230 3792 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys
12:30:45.0245 3792 usbehci - ok
12:30:45.0278 3792 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys
12:30:45.0298 3792 usbhub - ok
12:30:45.0326 3792 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys
12:30:45.0341 3792 usbohci - ok
12:30:45.0361 3792 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
12:30:45.0379 3792 usbprint - ok
12:30:45.0399 3792 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\drivers\USBSTOR.SYS
12:30:45.0415 3792 USBSTOR - ok
12:30:45.0426 3792 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys
12:30:45.0442 3792 usbuhci - ok
12:30:45.0487 3792 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
12:30:45.0506 3792 usbvideo - ok
12:30:45.0541 3792 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
12:30:45.0554 3792 vdrvroot - ok
12:30:45.0578 3792 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
12:30:45.0595 3792 vga - ok
12:30:45.0614 3792 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
12:30:45.0648 3792 VgaSave - ok
12:30:45.0660 3792 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
12:30:45.0675 3792 vhdmp - ok
12:30:45.0702 3792 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
12:30:45.0714 3792 viaagp - ok
12:30:45.0731 3792 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
12:30:45.0745 3792 ViaC7 - ok
12:30:45.0755 3792 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
12:30:45.0766 3792 viaide - ok
12:30:45.0788 3792 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
12:30:45.0799 3792 volmgr - ok
12:30:45.0824 3792 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
12:30:45.0841 3792 volmgrx - ok
12:30:45.0861 3792 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
12:30:45.0877 3792 volsnap - ok
12:30:45.0913 3792 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
12:30:45.0928 3792 vsmraid - ok
12:30:45.0951 3792 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
12:30:45.0968 3792 vwifibus - ok
12:30:46.0000 3792 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
12:30:46.0018 3792 vwififlt - ok
12:30:46.0033 3792 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
12:30:46.0048 3792 WacomPen - ok
12:30:46.0076 3792 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
12:30:46.0112 3792 WANARP - ok
12:30:46.0115 3792 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
12:30:46.0147 3792 Wanarpv6 - ok
12:30:46.0165 3792 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
12:30:46.0177 3792 Wd - ok
12:30:46.0198 3792 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
12:30:46.0220 3792 Wdf01000 - ok
12:30:46.0270 3792 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
12:30:46.0301 3792 WfpLwf - ok
12:30:46.0326 3792 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
12:30:46.0337 3792 WIMMount - ok
12:30:46.0385 3792 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
12:30:46.0399 3792 WmiAcpi - ok
12:30:46.0428 3792 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
12:30:46.0459 3792 ws2ifsl - ok
12:30:46.0489 3792 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
12:30:46.0522 3792 WudfPf - ok
12:30:46.0533 3792 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
12:30:46.0566 3792 WUDFRd - ok
12:30:46.0628 3792 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\windows\system32\DRIVERS\yk62x86.sys
12:30:46.0682 3792 yukonw7 - ok
12:30:46.0719 3792 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
12:30:47.0093 3792 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:30:47.0093 3792 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:30:47.0099 3792 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR1
12:30:47.0263 3792 \Device\Harddisk1\DR1 - ok
12:30:47.0320 3792 Boot (0x1200) (9848269bb56a942df6f6ffb8dd8e6e2d) \Device\Harddisk0\DR0\Partition0
12:30:47.0322 3792 \Device\Harddisk0\DR0\Partition0 - ok
12:30:47.0335 3792 Boot (0x1200) (e39cff0c9c50a1d6cf3e71e163f4e6f5) \Device\Harddisk0\DR0\Partition1
12:30:47.0337 3792 \Device\Harddisk0\DR0\Partition1 - ok
12:30:47.0361 3792 Boot (0x1200) (0af24b553be28918e736bb764d4107c9) \Device\Harddisk0\DR0\Partition2
12:30:47.0363 3792 \Device\Harddisk0\DR0\Partition2 - ok
12:30:47.0369 3792 Boot (0x1200) (bf903338e2a477c7bd0eccd31648a168) \Device\Harddisk1\DR1\Partition0
12:30:47.0371 3792 \Device\Harddisk1\DR1\Partition0 - ok
12:30:47.0373 3792 ============================================================
12:30:47.0373 3792 Scan finished
12:30:47.0373 3792 ============================================================
12:30:47.0390 4316 Detected object count: 1
12:30:47.0390 4316 Actual detected object count: 1
12:30:56.0549 4316 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:30:56.0549 4316 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

cosinus · 25.10.2011, 12:54

Zitat:

12:30:56.0549 4316 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:30:56.0549 4316 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Du solltest das entfernen und nicht auf skip klicken!!

tomtom84 · 25.10.2011, 12:58

Jo, das habe ich beim ersten mal auch getan.
Ich dachte du wolltest danach wieder eine Log-File ohne Aktion von mir.

cosinus · 25.10.2011, 14:40

Nein!! Ich hab doch geschrieben, die von mir erwähnten Einträge fixen.
Darauf hin sagtest du das hättest du erledigt! Aber irgendwie nicht vollständig!

tomtom84 · 25.10.2011, 23:01

Okay, ich habe es nun noch einmal versucht.
Hier die Log:

Zitat:

23:59:52.0140 4632 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21
23:59:52.0265 4632 ============================================================
23:59:52.0265 4632 Current date / time: 2011/10/25 23:59:52.0265
23:59:52.0265 4632 SystemInfo:
23:59:52.0265 4632
23:59:52.0265 4632 OS Version: 6.1.7600 ServicePack: 0.0
23:59:52.0265 4632 Product type: Workstation
23:59:52.0265 4632 ComputerName: TOM-PC
23:59:52.0265 4632 UserName: Tom
23:59:52.0265 4632 Windows directory: C:\windows
23:59:52.0265 4632 System windows directory: C:\windows
23:59:52.0265 4632 Processor architecture: Intel x86
23:59:52.0265 4632 Number of processors: 4
23:59:52.0265 4632 Page size: 0x1000
23:59:52.0265 4632 Boot type: Normal boot
23:59:52.0265 4632 ============================================================
23:59:54.0418 4632 Initialize success
00:00:01.0812 4712 ============================================================
00:00:01.0812 4712 Scan started
00:00:01.0812 4712 Mode: Manual; SigCheck; TDLFS;
00:00:01.0812 4712 ============================================================
00:00:02.0702 4712 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
00:00:02.0826 4712 1394ohci - ok
00:00:02.0936 4712 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
00:00:02.0951 4712 ACPI - ok
00:00:03.0060 4712 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
00:00:03.0123 4712 AcpiPmi - ok
00:00:03.0232 4712 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
00:00:03.0263 4712 adp94xx - ok
00:00:03.0357 4712 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
00:00:03.0404 4712 adpahci - ok
00:00:03.0497 4712 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
00:00:03.0528 4712 adpu320 - ok
00:00:03.0638 4712 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
00:00:03.0700 4712 AFD - ok
00:00:03.0778 4712 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
00:00:03.0794 4712 agp440 - ok
00:00:03.0856 4712 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
00:00:03.0887 4712 aic78xx - ok
00:00:03.0981 4712 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
00:00:03.0996 4712 aliide - ok
00:00:03.0996 4712 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
00:00:04.0028 4712 amdagp - ok
00:00:04.0043 4712 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
00:00:04.0059 4712 amdide - ok
00:00:04.0090 4712 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
00:00:04.0168 4712 AmdK8 - ok
00:00:04.0246 4712 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
00:00:04.0308 4712 AmdPPM - ok
00:00:04.0371 4712 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
00:00:04.0402 4712 amdsata - ok
00:00:04.0449 4712 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
00:00:04.0464 4712 amdsbs - ok
00:00:04.0496 4712 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
00:00:04.0511 4712 amdxata - ok
00:00:04.0574 4712 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
00:00:04.0636 4712 AppID - ok
00:00:04.0745 4712 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
00:00:04.0761 4712 arc - ok
00:00:04.0808 4712 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
00:00:04.0839 4712 arcsas - ok
00:00:04.0870 4712 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
00:00:04.0995 4712 AsyncMac - ok
00:00:05.0088 4712 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
00:00:05.0120 4712 atapi - ok
00:00:05.0213 4712 athr (0f4b6b99d6cdc1d93df1fa690796b2f7) C:\windows\system32\DRIVERS\athr.sys
00:00:05.0354 4712 athr - ok
00:00:05.0416 4712 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\windows\system32\DRIVERS\avgntflt.sys
00:00:05.0478 4712 avgntflt - ok
00:00:05.0510 4712 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\windows\system32\DRIVERS\avipbb.sys
00:00:05.0525 4712 avipbb - ok
00:00:05.0541 4712 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\windows\system32\DRIVERS\avkmgr.sys
00:00:05.0556 4712 avkmgr - ok
00:00:05.0634 4712 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
00:00:05.0744 4712 b06bdrv - ok
00:00:05.0759 4712 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
00:00:05.0837 4712 b57nd60x - ok
00:00:05.0868 4712 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
00:00:05.0931 4712 Beep - ok
00:00:05.0978 4712 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
00:00:06.0009 4712 blbdrive - ok
00:00:06.0040 4712 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
00:00:06.0087 4712 bowser - ok
00:00:06.0102 4712 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
00:00:06.0134 4712 BrFiltLo - ok
00:00:06.0149 4712 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
00:00:06.0196 4712 BrFiltUp - ok
00:00:06.0258 4712 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
00:00:06.0321 4712 Brserid - ok
00:00:06.0336 4712 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
00:00:06.0383 4712 BrSerWdm - ok
00:00:06.0383 4712 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
00:00:06.0430 4712 BrUsbMdm - ok
00:00:06.0446 4712 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
00:00:06.0477 4712 BrUsbSer - ok
00:00:06.0539 4712 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
00:00:06.0586 4712 BthEnum - ok
00:00:06.0617 4712 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
00:00:06.0664 4712 BTHMODEM - ok
00:00:06.0711 4712 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
00:00:06.0758 4712 BthPan - ok
00:00:06.0804 4712 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys
00:00:06.0898 4712 BTHPORT - ok
00:00:06.0960 4712 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys
00:00:06.0992 4712 BTHUSB - ok
00:00:07.0038 4712 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
00:00:07.0085 4712 cdfs - ok
00:00:07.0132 4712 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
00:00:07.0163 4712 cdrom - ok
00:00:07.0194 4712 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
00:00:07.0226 4712 circlass - ok
00:00:07.0272 4712 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
00:00:07.0288 4712 CLFS - ok
00:00:07.0382 4712 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
00:00:07.0413 4712 CmBatt - ok
00:00:07.0428 4712 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
00:00:07.0444 4712 cmdide - ok
00:00:07.0475 4712 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
00:00:07.0553 4712 CNG - ok
00:00:07.0569 4712 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
00:00:07.0584 4712 Compbatt - ok
00:00:07.0631 4712 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
00:00:07.0662 4712 CompositeBus - ok
00:00:07.0694 4712 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
00:00:07.0709 4712 crcdisk - ok
00:00:07.0756 4712 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
00:00:07.0803 4712 DfsC - ok
00:00:07.0834 4712 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
00:00:07.0865 4712 discache - ok
00:00:07.0928 4712 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
00:00:07.0943 4712 Disk - ok
00:00:08.0006 4712 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
00:00:08.0037 4712 drmkaud - ok
00:00:08.0084 4712 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
00:00:08.0115 4712 DXGKrnl - ok
00:00:08.0208 4712 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
00:00:08.0364 4712 ebdrv - ok
00:00:08.0396 4712 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
00:00:08.0427 4712 elxstor - ok
00:00:08.0458 4712 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
00:00:08.0489 4712 ErrDev - ok
00:00:08.0536 4712 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
00:00:08.0583 4712 exfat - ok
00:00:08.0614 4712 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
00:00:08.0708 4712 fastfat - ok
00:00:08.0739 4712 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
00:00:08.0770 4712 fdc - ok
00:00:08.0801 4712 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
00:00:08.0832 4712 FileInfo - ok
00:00:08.0848 4712 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
00:00:08.0942 4712 Filetrace - ok
00:00:08.0973 4712 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
00:00:09.0004 4712 flpydisk - ok
00:00:09.0035 4712 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
00:00:09.0066 4712 FltMgr - ok
00:00:09.0098 4712 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
00:00:09.0129 4712 FsDepends - ok
00:00:09.0176 4712 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
00:00:09.0191 4712 fssfltr - ok
00:00:09.0207 4712 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
00:00:09.0222 4712 Fs_Rec - ok
00:00:09.0269 4712 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
00:00:09.0285 4712 fvevol - ok
00:00:09.0332 4712 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
00:00:09.0347 4712 gagp30kx - ok
00:00:09.0378 4712 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
00:00:09.0425 4712 hcw85cir - ok
00:00:09.0456 4712 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
00:00:09.0534 4712 HdAudAddService - ok
00:00:09.0566 4712 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
00:00:09.0597 4712 HDAudBus - ok
00:00:09.0628 4712 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
00:00:09.0659 4712 HidBatt - ok
00:00:09.0675 4712 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
00:00:09.0737 4712 HidBth - ok
00:00:09.0768 4712 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
00:00:09.0800 4712 HidIr - ok
00:00:09.0831 4712 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
00:00:09.0940 4712 HidUsb - ok
00:00:09.0987 4712 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
00:00:10.0002 4712 HpSAMD - ok
00:00:10.0034 4712 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
00:00:10.0112 4712 HTTP - ok
00:00:10.0127 4712 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
00:00:10.0143 4712 hwpolicy - ok
00:00:10.0174 4712 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
00:00:10.0221 4712 i8042prt - ok
00:00:10.0252 4712 iaStor (edf5ecc965faaa533d35e02f47b9132e) C:\windows\system32\DRIVERS\iaStor.sys
00:00:10.0283 4712 iaStor - ok
00:00:10.0330 4712 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
00:00:10.0361 4712 iaStorV - ok
00:00:10.0517 4712 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
00:00:10.0689 4712 igfx - ok
00:00:10.0767 4712 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
00:00:10.0782 4712 iirsp - ok
00:00:10.0845 4712 Impcd (2db41ba61d5e44d0667cf126d35dcf34) C:\windows\system32\DRIVERS\Impcd.sys
00:00:10.0892 4712 Impcd - ok
00:00:11.0016 4712 IntcAzAudAddService (0a0e3c041c20c4175e1cc6580138ca38) C:\windows\system32\drivers\RTKVHDA.sys
00:00:11.0079 4712 IntcAzAudAddService - ok
00:00:11.0110 4712 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
00:00:11.0126 4712 intelide - ok
00:00:11.0157 4712 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
00:00:11.0172 4712 intelppm - ok
00:00:11.0188 4712 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
00:00:11.0235 4712 IpFilterDriver - ok
00:00:11.0250 4712 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
00:00:11.0297 4712 IPMIDRV - ok
00:00:11.0313 4712 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
00:00:11.0375 4712 IPNAT - ok
00:00:11.0406 4712 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
00:00:11.0438 4712 IRENUM - ok
00:00:11.0469 4712 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
00:00:11.0484 4712 isapnp - ok
00:00:11.0500 4712 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
00:00:11.0531 4712 iScsiPrt - ok
00:00:11.0562 4712 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
00:00:11.0578 4712 kbdclass - ok
00:00:11.0594 4712 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
00:00:11.0625 4712 kbdhid - ok
00:00:11.0656 4712 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
00:00:11.0672 4712 KSecDD - ok
00:00:11.0703 4712 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
00:00:11.0750 4712 KSecPkg - ok
00:00:11.0796 4712 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
00:00:11.0843 4712 lltdio - ok
00:00:11.0890 4712 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
00:00:11.0906 4712 LSI_FC - ok
00:00:11.0921 4712 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
00:00:11.0937 4712 LSI_SAS - ok
00:00:11.0952 4712 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
00:00:11.0968 4712 LSI_SAS2 - ok
00:00:11.0984 4712 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
00:00:11.0999 4712 LSI_SCSI - ok
00:00:12.0030 4712 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
00:00:12.0108 4712 luafv - ok
00:00:12.0186 4712 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
00:00:12.0186 4712 megasas - ok
00:00:12.0218 4712 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
00:00:12.0249 4712 MegaSR - ok
00:00:12.0264 4712 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
00:00:12.0311 4712 Modem - ok
00:00:12.0342 4712 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
00:00:12.0374 4712 monitor - ok
00:00:12.0405 4712 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
00:00:12.0420 4712 mouclass - ok
00:00:12.0452 4712 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
00:00:12.0483 4712 mouhid - ok
00:00:12.0514 4712 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
00:00:12.0530 4712 mountmgr - ok
00:00:12.0545 4712 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
00:00:12.0561 4712 mpio - ok
00:00:12.0576 4712 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
00:00:12.0732 4712 mpsdrv - ok
00:00:12.0779 4712 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
00:00:12.0810 4712 MRxDAV - ok
00:00:12.0873 4712 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
00:00:12.0935 4712 mrxsmb - ok
00:00:12.0966 4712 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
00:00:13.0029 4712 mrxsmb10 - ok
00:00:13.0029 4712 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
00:00:13.0076 4712 mrxsmb20 - ok
00:00:13.0107 4712 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
00:00:13.0138 4712 msahci - ok
00:00:13.0169 4712 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
00:00:13.0200 4712 msdsm - ok
00:00:13.0216 4712 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
00:00:13.0247 4712 Msfs - ok
00:00:13.0263 4712 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
00:00:13.0294 4712 mshidkmdf - ok
00:00:13.0325 4712 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
00:00:13.0341 4712 msisadrv - ok
00:00:13.0372 4712 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
00:00:13.0419 4712 MSKSSRV - ok
00:00:13.0434 4712 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
00:00:13.0481 4712 MSPCLOCK - ok
00:00:13.0512 4712 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
00:00:13.0544 4712 MSPQM - ok
00:00:13.0559 4712 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
00:00:13.0575 4712 MsRPC - ok
00:00:13.0590 4712 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
00:00:13.0606 4712 mssmbios - ok
00:00:13.0622 4712 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
00:00:13.0653 4712 MSTEE - ok
00:00:13.0668 4712 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
00:00:13.0700 4712 MTConfig - ok
00:00:13.0731 4712 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
00:00:13.0746 4712 Mup - ok
00:00:13.0793 4712 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
00:00:13.0856 4712 NativeWifiP - ok
00:00:13.0934 4712 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
00:00:13.0980 4712 NDIS - ok
00:00:14.0012 4712 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
00:00:14.0074 4712 NdisCap - ok
00:00:14.0105 4712 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
00:00:14.0152 4712 NdisTapi - ok
00:00:14.0168 4712 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
00:00:14.0214 4712 Ndisuio - ok
00:00:14.0246 4712 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
00:00:14.0292 4712 NdisWan - ok
00:00:14.0324 4712 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
00:00:14.0370 4712 NDProxy - ok
00:00:14.0402 4712 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
00:00:14.0433 4712 NetBIOS - ok
00:00:14.0464 4712 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
00:00:14.0511 4712 NetBT - ok
00:00:14.0558 4712 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
00:00:14.0573 4712 nfrd960 - ok
00:00:14.0604 4712 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
00:00:14.0667 4712 Npfs - ok
00:00:14.0698 4712 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
00:00:14.0745 4712 nsiproxy - ok
00:00:14.0792 4712 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
00:00:14.0870 4712 Ntfs - ok
00:00:14.0901 4712 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
00:00:14.0979 4712 Null - ok
00:00:15.0041 4712 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys
00:00:15.0057 4712 NVHDA - ok
00:00:15.0338 4712 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys
00:00:15.0525 4712 nvlddmkm - ok
00:00:15.0618 4712 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
00:00:15.0650 4712 nvraid - ok
00:00:15.0696 4712 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
00:00:15.0712 4712 nvstor - ok
00:00:15.0743 4712 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
00:00:15.0774 4712 nv_agp - ok
00:00:15.0790 4712 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
00:00:15.0821 4712 ohci1394 - ok
00:00:15.0837 4712 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
00:00:15.0868 4712 Parport - ok
00:00:15.0899 4712 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
00:00:15.0915 4712 partmgr - ok
00:00:15.0930 4712 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
00:00:15.0946 4712 Parvdm - ok
00:00:15.0962 4712 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
00:00:16.0008 4712 pci - ok
00:00:16.0008 4712 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
00:00:16.0024 4712 pciide - ok
00:00:16.0055 4712 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
00:00:16.0071 4712 pcmcia - ok
00:00:16.0102 4712 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
00:00:16.0118 4712 pcw - ok
00:00:16.0149 4712 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
00:00:16.0227 4712 PEAUTH - ok
00:00:16.0289 4712 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
00:00:16.0320 4712 PptpMiniport - ok
00:00:16.0352 4712 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
00:00:16.0367 4712 Processor - ok
00:00:16.0430 4712 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
00:00:16.0492 4712 Psched - ok
00:00:16.0554 4712 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
00:00:16.0664 4712 ql2300 - ok
00:00:16.0695 4712 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
00:00:16.0710 4712 ql40xx - ok
00:00:16.0726 4712 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
00:00:16.0742 4712 QWAVEdrv - ok
00:00:16.0757 4712 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
00:00:16.0788 4712 RasAcd - ok
00:00:16.0835 4712 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
00:00:16.0913 4712 RasAgileVpn - ok
00:00:16.0929 4712 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
00:00:16.0991 4712 Rasl2tp - ok
00:00:17.0007 4712 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
00:00:17.0054 4712 RasPppoe - ok
00:00:17.0069 4712 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
00:00:17.0116 4712 RasSstp - ok
00:00:17.0163 4712 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
00:00:17.0225 4712 rdbss - ok
00:00:17.0256 4712 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
00:00:17.0303 4712 rdpbus - ok
00:00:17.0319 4712 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
00:00:17.0366 4712 RDPCDD - ok
00:00:17.0412 4712 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
00:00:17.0475 4712 RDPENCDD - ok
00:00:17.0522 4712 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
00:00:17.0631 4712 RDPREFMP - ok
00:00:17.0678 4712 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
00:00:17.0756 4712 RDPWD - ok
00:00:17.0802 4712 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
00:00:17.0865 4712 rdyboost - ok
00:00:17.0912 4712 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
00:00:17.0943 4712 RFCOMM - ok
00:00:18.0005 4712 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
00:00:18.0083 4712 rspndr - ok
00:00:18.0114 4712 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
00:00:18.0146 4712 RTL8167 - ok
00:00:18.0177 4712 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
00:00:18.0224 4712 SABI - ok
00:00:18.0270 4712 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
00:00:18.0302 4712 sbp2port - ok
00:00:18.0317 4712 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
00:00:18.0348 4712 scfilter - ok
00:00:18.0380 4712 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
00:00:18.0426 4712 secdrv - ok
00:00:18.0458 4712 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
00:00:18.0473 4712 Serenum - ok
00:00:18.0489 4712 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
00:00:18.0520 4712 Serial - ok
00:00:18.0536 4712 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
00:00:18.0551 4712 sermouse - ok
00:00:18.0567 4712 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
00:00:18.0598 4712 sffdisk - ok
00:00:18.0614 4712 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
00:00:18.0645 4712 sffp_mmc - ok
00:00:18.0645 4712 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
00:00:18.0676 4712 sffp_sd - ok
00:00:18.0692 4712 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
00:00:18.0723 4712 sfloppy - ok
00:00:18.0738 4712 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
00:00:18.0754 4712 sisagp - ok
00:00:18.0770 4712 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
00:00:18.0785 4712 SiSRaid2 - ok
00:00:18.0801 4712 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
00:00:18.0816 4712 SiSRaid4 - ok
00:00:18.0863 4712 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
00:00:18.0910 4712 Smb - ok
00:00:18.0957 4712 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
00:00:18.0972 4712 spldr - ok
00:00:19.0019 4712 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
00:00:19.0082 4712 srv - ok
00:00:19.0113 4712 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
00:00:19.0160 4712 srv2 - ok
00:00:19.0175 4712 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
00:00:19.0222 4712 srvnet - ok
00:00:19.0269 4712 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\windows\system32\DRIVERS\ssmdrv.sys
00:00:19.0284 4712 ssmdrv - ok
00:00:19.0316 4712 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
00:00:19.0331 4712 stexstor - ok
00:00:19.0362 4712 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
00:00:19.0378 4712 swenum - ok
00:00:19.0425 4712 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
00:00:19.0440 4712 SynTP - ok
00:00:19.0518 4712 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\drivers\tcpip.sys
00:00:19.0565 4712 Tcpip - ok
00:00:19.0628 4712 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\DRIVERS\tcpip.sys
00:00:19.0674 4712 TCPIP6 - ok
00:00:19.0690 4712 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
00:00:19.0752 4712 tcpipreg - ok
00:00:19.0784 4712 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
00:00:19.0830 4712 TDPIPE - ok
00:00:19.0830 4712 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
00:00:19.0877 4712 TDTCP - ok
00:00:19.0893 4712 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
00:00:19.0924 4712 tdx - ok
00:00:19.0940 4712 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
00:00:19.0955 4712 TermDD - ok
00:00:20.0002 4712 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
00:00:20.0049 4712 tssecsrv - ok
00:00:20.0111 4712 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
00:00:20.0158 4712 tunnel - ok
00:00:20.0205 4712 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
00:00:20.0267 4712 uagp35 - ok
00:00:20.0392 4712 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\windows\system32\DRIVERS\udfs.sys
00:00:20.0579 4712 udfs - ok
00:00:20.0704 4712 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
00:00:20.0751 4712 uliagpkx - ok
00:00:20.0798 4712 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
00:00:20.0860 4712 umbus - ok
00:00:20.0891 4712 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
00:00:20.0985 4712 UmPass - ok
00:00:21.0141 4712 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\windows\system32\drivers\usbaudio.sys
00:00:21.0188 4712 usbaudio - ok
00:00:21.0234 4712 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys
00:00:21.0266 4712 usbccgp - ok
00:00:21.0312 4712 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
00:00:21.0344 4712 usbcir - ok
00:00:21.0375 4712 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys
00:00:21.0390 4712 usbehci - ok
00:00:21.0500 4712 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys
00:00:21.0562 4712 usbhub - ok
00:00:21.0702 4712 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys
00:00:21.0734 4712 usbohci - ok
00:00:21.0765 4712 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
00:00:21.0780 4712 usbprint - ok
00:00:21.0812 4712 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\drivers\USBSTOR.SYS
00:00:21.0844 4712 USBSTOR - ok
00:00:21.0859 4712 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys
00:00:21.0875 4712 usbuhci - ok
00:00:21.0922 4712 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
00:00:21.0953 4712 usbvideo - ok
00:00:22.0000 4712 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
00:00:22.0015 4712 vdrvroot - ok
00:00:22.0047 4712 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
00:00:22.0078 4712 vga - ok
00:00:22.0140 4712 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
00:00:22.0171 4712 VgaSave - ok
00:00:22.0187 4712 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
00:00:22.0203 4712 vhdmp - ok
00:00:22.0234 4712 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
00:00:22.0249 4712 viaagp - ok
00:00:22.0281 4712 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
00:00:22.0312 4712 ViaC7 - ok
00:00:22.0327 4712 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
00:00:22.0343 4712 viaide - ok
00:00:22.0359 4712 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
00:00:22.0374 4712 volmgr - ok
00:00:22.0405 4712 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
00:00:22.0421 4712 volmgrx - ok
00:00:22.0437 4712 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
00:00:22.0468 4712 volsnap - ok
00:00:22.0515 4712 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
00:00:22.0530 4712 vsmraid - ok
00:00:22.0561 4712 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
00:00:22.0593 4712 vwifibus - ok
00:00:22.0624 4712 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
00:00:22.0717 4712 vwififlt - ok
00:00:22.0795 4712 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
00:00:22.0811 4712 WacomPen - ok
00:00:22.0842 4712 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
00:00:22.0889 4712 WANARP - ok
00:00:22.0905 4712 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
00:00:22.0936 4712 Wanarpv6 - ok
00:00:22.0951 4712 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
00:00:22.0967 4712 Wd - ok
00:00:22.0998 4712 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
00:00:23.0014 4712 Wdf01000 - ok
00:00:23.0061 4712 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
00:00:23.0107 4712 WfpLwf - ok
00:00:23.0123 4712 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
00:00:23.0139 4712 WIMMount - ok
00:00:23.0201 4712 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
00:00:23.0232 4712 WmiAcpi - ok
00:00:23.0279 4712 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
00:00:23.0326 4712 ws2ifsl - ok
00:00:23.0357 4712 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
00:00:23.0419 4712 WudfPf - ok
00:00:23.0419 4712 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
00:00:23.0482 4712 WUDFRd - ok
00:00:23.0544 4712 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\windows\system32\DRIVERS\yk62x86.sys
00:00:23.0591 4712 yukonw7 - ok
00:00:23.0622 4712 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
00:00:24.0028 4712 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
00:00:24.0028 4712 \Device\Harddisk0\DR0 - detected TDSS File System (1)
00:00:24.0043 4712 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR1
00:00:24.0199 4712 \Device\Harddisk1\DR1 - ok
00:00:24.0246 4712 Boot (0x1200) (9848269bb56a942df6f6ffb8dd8e6e2d) \Device\Harddisk0\DR0\Partition0
00:00:24.0246 4712 \Device\Harddisk0\DR0\Partition0 - ok
00:00:24.0293 4712 Boot (0x1200) (e39cff0c9c50a1d6cf3e71e163f4e6f5) \Device\Harddisk0\DR0\Partition1
00:00:24.0293 4712 \Device\Harddisk0\DR0\Partition1 - ok
00:00:24.0309 4712 Boot (0x1200) (0af24b553be28918e736bb764d4107c9) \Device\Harddisk0\DR0\Partition2
00:00:24.0324 4712 \Device\Harddisk0\DR0\Partition2 - ok
00:00:24.0324 4712 Boot (0x1200) (bf903338e2a477c7bd0eccd31648a168) \Device\Harddisk1\DR1\Partition0
00:00:24.0324 4712 \Device\Harddisk1\DR1\Partition0 - ok
00:00:24.0324 4712 ============================================================
00:00:24.0324 4712 Scan finished
00:00:24.0324 4712 ============================================================
00:00:24.0355 4704 Detected object count: 1
00:00:24.0355 4704 Actual detected object count: 1
00:00:50.0535 4704 \Device\Harddisk0\DR0\TDLFS - deleted
00:00:50.0535 4704 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

cosinus · 26.10.2011, 11:54

Zitat:

00:00:50.0535 4704 \Device\Harddisk0\DR0\TDLFS - deleted
00:00:50.0535 4704 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

Ok. Starte Windows neu und mach bitte ein neues Kontroll-Log mit dem TDSS-Killer

tomtom84 · 26.10.2011, 13:25

Hier der Kontroll-Log

Zitat:

14:24:28.0082 2892 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21
14:24:28.0394 2892 ============================================================
14:24:28.0394 2892 Current date / time: 2011/10/26 14:24:28.0394
14:24:28.0394 2892 SystemInfo:
14:24:28.0394 2892
14:24:28.0394 2892 OS Version: 6.1.7600 ServicePack: 0.0
14:24:28.0394 2892 Product type: Workstation
14:24:28.0394 2892 ComputerName: TOM-PC
14:24:28.0394 2892 UserName: Tom
14:24:28.0394 2892 Windows directory: C:\windows
14:24:28.0394 2892 System windows directory: C:\windows
14:24:28.0394 2892 Processor architecture: Intel x86
14:24:28.0394 2892 Number of processors: 4
14:24:28.0394 2892 Page size: 0x1000
14:24:28.0394 2892 Boot type: Normal boot
14:24:28.0394 2892 ============================================================
14:24:31.0732 2892 Initialize success
14:24:36.0288 3400 ============================================================
14:24:36.0288 3400 Scan started
14:24:36.0288 3400 Mode: Manual; SigCheck; TDLFS;
14:24:36.0288 3400 ============================================================
14:24:37.0099 3400 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
14:24:37.0239 3400 1394ohci - ok
14:24:37.0395 3400 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
14:24:37.0411 3400 ACPI - ok
14:24:37.0504 3400 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
14:24:37.0582 3400 AcpiPmi - ok
14:24:37.0692 3400 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
14:24:37.0738 3400 adp94xx - ok
14:24:37.0848 3400 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
14:24:37.0879 3400 adpahci - ok
14:24:37.0972 3400 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
14:24:37.0988 3400 adpu320 - ok
14:24:38.0222 3400 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
14:24:38.0300 3400 AFD - ok
14:24:38.0394 3400 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
14:24:38.0409 3400 agp440 - ok
14:24:38.0503 3400 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
14:24:38.0518 3400 aic78xx - ok
14:24:38.0628 3400 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
14:24:38.0628 3400 aliide - ok
14:24:38.0752 3400 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
14:24:38.0768 3400 amdagp - ok
14:24:38.0893 3400 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
14:24:38.0908 3400 amdide - ok
14:24:39.0018 3400 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
14:24:39.0049 3400 AmdK8 - ok
14:24:39.0158 3400 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
14:24:39.0205 3400 AmdPPM - ok
14:24:39.0486 3400 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
14:24:39.0501 3400 amdsata - ok
14:24:39.0844 3400 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
14:24:39.0876 3400 amdsbs - ok
14:24:39.0985 3400 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
14:24:40.0000 3400 amdxata - ok
14:24:40.0234 3400 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
14:24:40.0328 3400 AppID - ok
14:24:40.0468 3400 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
14:24:40.0531 3400 arc - ok
14:24:40.0609 3400 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
14:24:40.0656 3400 arcsas - ok
14:24:40.0749 3400 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
14:24:40.0921 3400 AsyncMac - ok
14:24:41.0046 3400 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
14:24:41.0077 3400 atapi - ok
14:24:41.0280 3400 athr (0f4b6b99d6cdc1d93df1fa690796b2f7) C:\windows\system32\DRIVERS\athr.sys
14:24:41.0420 3400 athr - ok
14:24:41.0560 3400 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\windows\system32\DRIVERS\avgntflt.sys
14:24:41.0623 3400 avgntflt - ok
14:24:41.0732 3400 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\windows\system32\DRIVERS\avipbb.sys
14:24:41.0763 3400 avipbb - ok
14:24:41.0841 3400 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\windows\system32\DRIVERS\avkmgr.sys
14:24:41.0857 3400 avkmgr - ok
14:24:41.0982 3400 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
14:24:42.0075 3400 b06bdrv - ok
14:24:42.0231 3400 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
14:24:42.0309 3400 b57nd60x - ok
14:24:42.0403 3400 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
14:24:42.0481 3400 Beep - ok
14:24:42.0528 3400 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
14:24:42.0574 3400 blbdrive - ok
14:24:42.0606 3400 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
14:24:42.0668 3400 bowser - ok
14:24:42.0699 3400 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
14:24:42.0762 3400 BrFiltLo - ok
14:24:42.0762 3400 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
14:24:42.0824 3400 BrFiltUp - ok
14:24:42.0871 3400 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
14:24:42.0918 3400 Brserid - ok
14:24:42.0933 3400 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
14:24:43.0011 3400 BrSerWdm - ok
14:24:43.0042 3400 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
14:24:43.0074 3400 BrUsbMdm - ok
14:24:43.0089 3400 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
14:24:43.0120 3400 BrUsbSer - ok
14:24:43.0167 3400 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
14:24:43.0230 3400 BthEnum - ok
14:24:43.0276 3400 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
14:24:43.0323 3400 BTHMODEM - ok
14:24:43.0386 3400 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
14:24:43.0448 3400 BthPan - ok
14:24:43.0510 3400 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys
14:24:43.0604 3400 BTHPORT - ok
14:24:43.0651 3400 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys
14:24:43.0698 3400 BTHUSB - ok
14:24:43.0729 3400 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
14:24:43.0807 3400 cdfs - ok
14:24:43.0854 3400 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
14:24:43.0885 3400 cdrom - ok
14:24:43.0916 3400 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
14:24:43.0947 3400 circlass - ok
14:24:43.0994 3400 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
14:24:44.0010 3400 CLFS - ok
14:24:44.0103 3400 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
14:24:44.0150 3400 CmBatt - ok
14:24:44.0181 3400 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
14:24:44.0197 3400 cmdide - ok
14:24:44.0228 3400 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
14:24:44.0275 3400 CNG - ok
14:24:44.0322 3400 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
14:24:44.0322 3400 Compbatt - ok
14:24:44.0353 3400 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
14:24:44.0384 3400 CompositeBus - ok
14:24:44.0415 3400 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
14:24:44.0431 3400 crcdisk - ok
14:24:44.0493 3400 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
14:24:44.0540 3400 DfsC - ok
14:24:44.0556 3400 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
14:24:44.0602 3400 discache - ok
14:24:44.0649 3400 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
14:24:44.0665 3400 Disk - ok
14:24:44.0712 3400 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
14:24:44.0727 3400 drmkaud - ok
14:24:44.0790 3400 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
14:24:44.0852 3400 DXGKrnl - ok
14:24:44.0977 3400 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
14:24:45.0117 3400 ebdrv - ok
14:24:45.0242 3400 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
14:24:45.0289 3400 elxstor - ok
14:24:45.0304 3400 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
14:24:45.0351 3400 ErrDev - ok
14:24:45.0382 3400 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
14:24:45.0429 3400 exfat - ok
14:24:45.0445 3400 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
14:24:45.0492 3400 fastfat - ok
14:24:45.0538 3400 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
14:24:45.0554 3400 fdc - ok
14:24:45.0601 3400 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
14:24:45.0616 3400 FileInfo - ok
14:24:45.0632 3400 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
14:24:45.0694 3400 Filetrace - ok
14:24:45.0726 3400 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
14:24:45.0757 3400 flpydisk - ok
14:24:45.0788 3400 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
14:24:45.0804 3400 FltMgr - ok
14:24:45.0850 3400 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
14:24:45.0866 3400 FsDepends - ok
14:24:45.0913 3400 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
14:24:45.0928 3400 fssfltr - ok
14:24:45.0960 3400 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
14:24:45.0975 3400 Fs_Rec - ok
14:24:45.0991 3400 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
14:24:46.0006 3400 fvevol - ok
14:24:46.0038 3400 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
14:24:46.0053 3400 gagp30kx - ok
14:24:46.0069 3400 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
14:24:46.0116 3400 hcw85cir - ok
14:24:46.0147 3400 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
14:24:46.0209 3400 HdAudAddService - ok
14:24:46.0256 3400 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
14:24:46.0303 3400 HDAudBus - ok
14:24:46.0318 3400 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
14:24:46.0350 3400 HidBatt - ok
14:24:46.0381 3400 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
14:24:46.0412 3400 HidBth - ok
14:24:46.0443 3400 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
14:24:46.0490 3400 HidIr - ok
14:24:46.0521 3400 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
14:24:46.0552 3400 HidUsb - ok
14:24:46.0599 3400 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
14:24:46.0615 3400 HpSAMD - ok
14:24:46.0646 3400 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
14:24:46.0708 3400 HTTP - ok
14:24:46.0740 3400 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
14:24:46.0755 3400 hwpolicy - ok
14:24:46.0786 3400 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
14:24:46.0833 3400 i8042prt - ok
14:24:46.0864 3400 iaStor (edf5ecc965faaa533d35e02f47b9132e) C:\windows\system32\DRIVERS\iaStor.sys
14:24:46.0896 3400 iaStor - ok
14:24:46.0958 3400 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
14:24:46.0989 3400 iaStorV - ok
14:24:47.0161 3400 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
14:24:47.0410 3400 igfx - ok
14:24:47.0832 3400 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
14:24:47.0863 3400 iirsp - ok
14:24:48.0019 3400 Impcd (2db41ba61d5e44d0667cf126d35dcf34) C:\windows\system32\DRIVERS\Impcd.sys
14:24:48.0097 3400 Impcd - ok
14:24:48.0378 3400 IntcAzAudAddService (0a0e3c041c20c4175e1cc6580138ca38) C:\windows\system32\drivers\RTKVHDA.sys
14:24:48.0456 3400 IntcAzAudAddService - ok
14:24:48.0518 3400 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
14:24:48.0549 3400 intelide - ok
14:24:48.0580 3400 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
14:24:48.0627 3400 intelppm - ok
14:24:48.0643 3400 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:24:48.0690 3400 IpFilterDriver - ok
14:24:48.0705 3400 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
14:24:48.0736 3400 IPMIDRV - ok
14:24:48.0768 3400 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
14:24:48.0814 3400 IPNAT - ok
14:24:48.0846 3400 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
14:24:48.0877 3400 IRENUM - ok
14:24:48.0908 3400 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
14:24:48.0924 3400 isapnp - ok
14:24:48.0955 3400 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
14:24:48.0970 3400 iScsiPrt - ok
14:24:48.0986 3400 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
14:24:49.0002 3400 kbdclass - ok
14:24:49.0033 3400 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
14:24:49.0064 3400 kbdhid - ok
14:24:49.0095 3400 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
14:24:49.0111 3400 KSecDD - ok
14:24:49.0142 3400 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
14:24:49.0158 3400 KSecPkg - ok
14:24:49.0204 3400 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
14:24:49.0251 3400 lltdio - ok
14:24:49.0314 3400 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
14:24:49.0329 3400 LSI_FC - ok
14:24:49.0345 3400 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
14:24:49.0360 3400 LSI_SAS - ok
14:24:49.0376 3400 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
14:24:49.0392 3400 LSI_SAS2 - ok
14:24:49.0423 3400 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
14:24:49.0438 3400 LSI_SCSI - ok
14:24:49.0470 3400 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
14:24:49.0532 3400 luafv - ok
14:24:49.0594 3400 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
14:24:49.0610 3400 megasas - ok
14:24:49.0626 3400 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
14:24:49.0657 3400 MegaSR - ok
14:24:49.0688 3400 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
14:24:49.0750 3400 Modem - ok
14:24:49.0766 3400 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
14:24:49.0797 3400 monitor - ok
14:24:49.0813 3400 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
14:24:49.0828 3400 mouclass - ok
14:24:49.0860 3400 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
14:24:49.0906 3400 mouhid - ok
14:24:49.0938 3400 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
14:24:49.0953 3400 mountmgr - ok
14:24:49.0969 3400 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
14:24:49.0984 3400 mpio - ok
14:24:50.0016 3400 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
14:24:50.0172 3400 mpsdrv - ok
14:24:50.0187 3400 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
14:24:50.0234 3400 MRxDAV - ok
14:24:50.0265 3400 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
14:24:50.0343 3400 mrxsmb - ok
14:24:50.0359 3400 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:24:50.0437 3400 mrxsmb10 - ok
14:24:50.0452 3400 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:24:50.0484 3400 mrxsmb20 - ok
14:24:50.0515 3400 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
14:24:50.0515 3400 msahci - ok
14:24:50.0577 3400 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
14:24:50.0608 3400 msdsm - ok
14:24:50.0624 3400 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
14:24:50.0671 3400 Msfs - ok
14:24:50.0686 3400 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
14:24:50.0718 3400 mshidkmdf - ok
14:24:50.0749 3400 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
14:24:50.0764 3400 msisadrv - ok
14:24:50.0780 3400 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
14:24:50.0842 3400 MSKSSRV - ok
14:24:50.0858 3400 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
14:24:50.0889 3400 MSPCLOCK - ok
14:24:50.0920 3400 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
14:24:50.0952 3400 MSPQM - ok
14:24:50.0967 3400 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
14:24:50.0983 3400 MsRPC - ok
14:24:51.0014 3400 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
14:24:51.0014 3400 mssmbios - ok
14:24:51.0030 3400 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
14:24:51.0092 3400 MSTEE - ok
14:24:51.0092 3400 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
14:24:51.0123 3400 MTConfig - ok
14:24:51.0154 3400 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
14:24:51.0170 3400 Mup - ok
14:24:51.0217 3400 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
14:24:51.0264 3400 NativeWifiP - ok
14:24:51.0310 3400 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
14:24:51.0357 3400 NDIS - ok
14:24:51.0388 3400 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
14:24:51.0451 3400 NdisCap - ok
14:24:51.0482 3400 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
14:24:51.0513 3400 NdisTapi - ok
14:24:51.0544 3400 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
14:24:51.0607 3400 Ndisuio - ok
14:24:51.0638 3400 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
14:24:51.0700 3400 NdisWan - ok
14:24:51.0716 3400 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
14:24:51.0763 3400 NDProxy - ok
14:24:51.0778 3400 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
14:24:51.0825 3400 NetBIOS - ok
14:24:51.0856 3400 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
14:24:51.0903 3400 NetBT - ok
14:24:51.0966 3400 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
14:24:51.0981 3400 nfrd960 - ok
14:24:52.0012 3400 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
14:24:52.0059 3400 Npfs - ok
14:24:52.0090 3400 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
14:24:52.0137 3400 nsiproxy - ok
14:24:52.0200 3400 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
14:24:52.0293 3400 Ntfs - ok
14:24:52.0402 3400 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
14:24:52.0496 3400 Null - ok
14:24:52.0590 3400 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys
14:24:52.0621 3400 NVHDA - ok
14:24:52.0870 3400 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys
14:24:53.0073 3400 nvlddmkm - ok
14:24:53.0214 3400 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
14:24:53.0245 3400 nvraid - ok
14:24:53.0276 3400 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
14:24:53.0292 3400 nvstor - ok
14:24:53.0338 3400 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
14:24:53.0354 3400 nv_agp - ok
14:24:53.0385 3400 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
14:24:53.0401 3400 ohci1394 - ok
14:24:53.0432 3400 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
14:24:53.0463 3400 Parport - ok
14:24:53.0494 3400 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
14:24:53.0510 3400 partmgr - ok
14:24:53.0557 3400 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
14:24:53.0572 3400 Parvdm - ok
14:24:53.0619 3400 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
14:24:53.0650 3400 pci - ok
14:24:53.0666 3400 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
14:24:53.0666 3400 pciide - ok
14:24:53.0697 3400 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
14:24:53.0713 3400 pcmcia - ok
14:24:53.0744 3400 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
14:24:53.0760 3400 pcw - ok
14:24:53.0806 3400 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
14:24:53.0884 3400 PEAUTH - ok
14:24:53.0978 3400 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
14:24:54.0040 3400 PptpMiniport - ok
14:24:54.0072 3400 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
14:24:54.0087 3400 Processor - ok
14:24:54.0134 3400 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
14:24:54.0181 3400 Psched - ok
14:24:54.0259 3400 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
14:24:54.0399 3400 ql2300 - ok
14:24:54.0462 3400 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
14:24:54.0477 3400 ql40xx - ok
14:24:54.0493 3400 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
14:24:54.0508 3400 QWAVEdrv - ok
14:24:54.0524 3400 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
14:24:54.0571 3400 RasAcd - ok
14:24:54.0618 3400 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
14:24:54.0664 3400 RasAgileVpn - ok
14:24:54.0696 3400 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
14:24:54.0742 3400 Rasl2tp - ok
14:24:54.0774 3400 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
14:24:54.0836 3400 RasPppoe - ok
14:24:54.0852 3400 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
14:24:54.0898 3400 RasSstp - ok
14:24:54.0930 3400 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
14:24:55.0008 3400 rdbss - ok
14:24:55.0023 3400 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
14:24:55.0054 3400 rdpbus - ok
14:24:55.0070 3400 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
14:24:55.0117 3400 RDPCDD - ok
14:24:55.0148 3400 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
14:24:55.0195 3400 RDPENCDD - ok
14:24:55.0210 3400 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
14:24:55.0257 3400 RDPREFMP - ok
14:24:55.0273 3400 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
14:24:55.0320 3400 RDPWD - ok
14:24:55.0366 3400 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
14:24:55.0398 3400 rdyboost - ok
14:24:55.0444 3400 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
14:24:55.0460 3400 RFCOMM - ok
14:24:55.0507 3400 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
14:24:55.0569 3400 rspndr - ok
14:24:55.0616 3400 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
14:24:55.0663 3400 RTL8167 - ok
14:24:55.0710 3400 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
14:24:55.0741 3400 SABI - ok
14:24:55.0756 3400 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
14:24:55.0788 3400 sbp2port - ok
14:24:55.0819 3400 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
14:24:55.0881 3400 scfilter - ok
14:24:55.0912 3400 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
14:24:55.0959 3400 secdrv - ok
14:24:56.0006 3400 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
14:24:56.0022 3400 Serenum - ok
14:24:56.0037 3400 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
14:24:56.0068 3400 Serial - ok
14:24:56.0100 3400 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
14:24:56.0115 3400 sermouse - ok
14:24:56.0131 3400 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
14:24:56.0178 3400 sffdisk - ok
14:24:56.0178 3400 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
14:24:56.0209 3400 sffp_mmc - ok
14:24:56.0209 3400 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
14:24:56.0240 3400 sffp_sd - ok
14:24:56.0256 3400 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
14:24:56.0287 3400 sfloppy - ok
14:24:56.0349 3400 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
14:24:56.0380 3400 sisagp - ok
14:24:56.0412 3400 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
14:24:56.0427 3400 SiSRaid2 - ok
14:24:56.0443 3400 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
14:24:56.0458 3400 SiSRaid4 - ok
14:24:56.0474 3400 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
14:24:56.0521 3400 Smb - ok
14:24:56.0568 3400 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
14:24:56.0583 3400 spldr - ok
14:24:56.0630 3400 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
14:24:56.0693 3400 srv - ok
14:24:56.0724 3400 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
14:24:56.0771 3400 srv2 - ok
14:24:56.0802 3400 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
14:24:56.0817 3400 srvnet - ok
14:24:56.0911 3400 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\windows\system32\DRIVERS\ssmdrv.sys
14:24:56.0927 3400 ssmdrv - ok
14:24:56.0973 3400 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
14:24:56.0989 3400 stexstor - ok
14:24:57.0036 3400 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
14:24:57.0036 3400 swenum - ok
14:24:57.0083 3400 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
14:24:57.0098 3400 SynTP - ok
14:24:57.0161 3400 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\drivers\tcpip.sys
14:24:57.0332 3400 Tcpip - ok
14:24:57.0395 3400 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\DRIVERS\tcpip.sys
14:24:57.0426 3400 TCPIP6 - ok
14:24:57.0488 3400 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
14:24:57.0519 3400 tcpipreg - ok
14:24:57.0551 3400 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
14:24:57.0597 3400 TDPIPE - ok
14:24:57.0629 3400 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
14:24:57.0675 3400 TDTCP - ok
14:24:57.0691 3400 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
14:24:57.0722 3400 tdx - ok
14:24:57.0769 3400 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
14:24:57.0785 3400 TermDD - ok
14:24:57.0816 3400 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
14:24:57.0878 3400 tssecsrv - ok
14:24:57.0909 3400 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
14:24:57.0972 3400 tunnel - ok
14:24:57.0972 3400 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
14:24:57.0987 3400 uagp35 - ok
14:24:58.0019 3400 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\windows\system32\DRIVERS\udfs.sys
14:24:58.0097 3400 udfs - ok
14:24:58.0128 3400 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
14:24:58.0143 3400 uliagpkx - ok
14:24:58.0175 3400 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
14:24:58.0190 3400 umbus - ok
14:24:58.0206 3400 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
14:24:58.0237 3400 UmPass - ok
14:24:58.0299 3400 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\windows\system32\drivers\usbaudio.sys
14:24:58.0362 3400 usbaudio - ok
14:24:58.0409 3400 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys
14:24:58.0455 3400 usbccgp - ok
14:24:58.0518 3400 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
14:24:58.0580 3400 usbcir - ok
14:24:58.0643 3400 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys
14:24:58.0674 3400 usbehci - ok
14:24:58.0721 3400 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys
14:24:58.0767 3400 usbhub - ok
14:24:58.0783 3400 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys
14:24:58.0814 3400 usbohci - ok
14:24:58.0845 3400 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
14:24:58.0892 3400 usbprint - ok
14:24:58.0908 3400 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\drivers\USBSTOR.SYS
14:24:58.0939 3400 USBSTOR - ok
14:24:58.0955 3400 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys
14:24:58.0970 3400 usbuhci - ok
14:24:59.0017 3400 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
14:24:59.0064 3400 usbvideo - ok
14:24:59.0111 3400 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
14:24:59.0142 3400 vdrvroot - ok
14:24:59.0157 3400 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
14:24:59.0204 3400 vga - ok
14:24:59.0220 3400 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
14:24:59.0313 3400 VgaSave - ok
14:24:59.0329 3400 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
14:24:59.0345 3400 vhdmp - ok
14:24:59.0360 3400 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
14:24:59.0376 3400 viaagp - ok
14:24:59.0391 3400 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
14:24:59.0423 3400 ViaC7 - ok
14:24:59.0423 3400 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
14:24:59.0438 3400 viaide - ok
14:24:59.0469 3400 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
14:24:59.0485 3400 volmgr - ok
14:24:59.0516 3400 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
14:24:59.0532 3400 volmgrx - ok
14:24:59.0563 3400 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
14:24:59.0610 3400 volsnap - ok
14:24:59.0657 3400 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
14:24:59.0688 3400 vsmraid - ok
14:24:59.0719 3400 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
14:24:59.0750 3400 vwifibus - ok
14:24:59.0766 3400 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
14:24:59.0828 3400 vwififlt - ok
14:24:59.0844 3400 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
14:24:59.0859 3400 WacomPen - ok
14:24:59.0891 3400 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
14:24:59.0953 3400 WANARP - ok
14:24:59.0953 3400 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
14:24:59.0984 3400 Wanarpv6 - ok
14:25:00.0015 3400 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
14:25:00.0031 3400 Wd - ok
14:25:00.0062 3400 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
14:25:00.0093 3400 Wdf01000 - ok
14:25:00.0156 3400 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
14:25:00.0203 3400 WfpLwf - ok
14:25:00.0234 3400 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
14:25:00.0249 3400 WIMMount - ok
14:25:00.0281 3400 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
14:25:00.0312 3400 WmiAcpi - ok
14:25:00.0327 3400 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
14:25:00.0359 3400 ws2ifsl - ok
14:25:00.0390 3400 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
14:25:00.0483 3400 WudfPf - ok
14:25:00.0499 3400 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
14:25:00.0561 3400 WUDFRd - ok
14:25:00.0608 3400 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\windows\system32\DRIVERS\yk62x86.sys
14:25:00.0671 3400 yukonw7 - ok
14:25:00.0717 3400 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
14:25:01.0248 3400 \Device\Harddisk0\DR0 - ok
14:25:01.0248 3400 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR1
14:25:01.0841 3400 \Device\Harddisk1\DR1 - ok
14:25:01.0856 3400 Boot (0x1200) (9848269bb56a942df6f6ffb8dd8e6e2d) \Device\Harddisk0\DR0\Partition0
14:25:01.0856 3400 \Device\Harddisk0\DR0\Partition0 - ok
14:25:01.0872 3400 Boot (0x1200) (e39cff0c9c50a1d6cf3e71e163f4e6f5) \Device\Harddisk0\DR0\Partition1
14:25:01.0872 3400 \Device\Harddisk0\DR0\Partition1 - ok
14:25:01.0887 3400 Boot (0x1200) (0af24b553be28918e736bb764d4107c9) \Device\Harddisk0\DR0\Partition2
14:25:01.0887 3400 \Device\Harddisk0\DR0\Partition2 - ok
14:25:01.0887 3400 Boot (0x1200) (bf903338e2a477c7bd0eccd31648a168) \Device\Harddisk1\DR1\Partition0
14:25:01.0887 3400 \Device\Harddisk1\DR1\Partition0 - ok
14:25:01.0887 3400 ============================================================
14:25:01.0887 3400 Scan finished
14:25:01.0887 3400 ============================================================
14:25:01.0919 3416 Detected object count: 0
14:25:01.0919 3416 Actual detected object count: 0

cosinus · 26.10.2011, 14:37

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

tomtom84 · 26.10.2011, 23:16

Hier die Log
Combofix Logfile:

Code:

ATTFilter

ComboFix 11-10-26.08 - Tom 27.10.2011   0:08.1.4 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3061.2118 [GMT 2:00]
ausgeführt von:: c:\users\Tom\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-09-26 bis 2011-10-26  ))))))))))))))))))))))))))))))
.
.
2011-10-26 22:12 . 2011-10-26 22:13	--------	d-----w-	c:\users\Tom\AppData\Local\temp
2011-10-26 22:12 . 2011-10-26 22:12	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-10-26 12:23 . 2011-10-26 22:00	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F00DEC09-73C5-45DB-B5CB-0062C1B0E4C4}\offreg.dll
2011-10-25 22:09 . 2011-10-18 00:28	6668624	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F00DEC09-73C5-45DB-B5CB-0062C1B0E4C4}\mpengine.dll
2011-10-25 22:09 . 2011-08-15 04:25	6144	----a-w-	c:\program files\Internet Explorer\iecompat.dll
2011-10-25 02:21 . 2011-10-25 11:41	--------	d-----w-	c:\users\Tom\AppData\Roaming\vlc
2011-10-25 02:20 . 2011-10-25 02:20	--------	d-----w-	c:\program files\VideoLAN
2011-10-25 01:00 . 2011-10-25 01:00	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-22 10:23 . 2011-05-24 17:14	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-10-21 22:23 . 2011-10-21 22:23	--------	d-----w-	c:\users\Tom\AppData\Local\Mozilla
2011-10-21 22:20 . 2011-10-21 22:20	--------	d-----w-	c:\users\Tom\AppData\Roaming\Avira
2011-10-21 22:19 . 2011-10-11 13:00	74640	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-10-21 22:19 . 2011-10-11 13:00	36000	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2011-10-21 22:19 . 2011-10-11 13:00	134344	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-10-21 22:19 . 2011-10-21 22:19	--------	d-----w-	c:\programdata\Avira
2011-10-21 22:19 . 2011-10-21 22:19	--------	d-----w-	c:\program files\Avira
2011-10-21 17:24 . 2011-10-21 17:24	--------	d-----w-	c:\program files\ESET
2011-10-20 23:42 . 2011-10-23 20:29	--------	d-----w-	c:\users\Tom\AppData\Local\Microsoft Games
2011-10-20 23:36 . 2011-10-20 23:36	--------	d-----w-	c:\users\Tom\AppData\Roaming\Malwarebytes
2011-10-20 23:36 . 2011-10-20 23:36	--------	d-----w-	c:\programdata\Malwarebytes
2011-10-20 23:36 . 2011-10-20 23:36	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-10-20 23:36 . 2011-08-31 15:00	22216	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-10-20 02:35 . 2009-09-10 05:52	257024	----a-w-	c:\windows\system32\msv1_0.dll
2011-10-20 02:22 . 2009-11-25 10:47	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2011-10-20 02:22 . 2009-11-25 10:47	49472	----a-w-	c:\windows\system32\netfxperf.dll
2011-10-20 02:22 . 2009-11-25 10:47	297808	----a-w-	c:\windows\system32\mscoree.dll
2011-10-20 02:22 . 2009-11-25 10:47	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2011-10-20 02:22 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\system32\dfshim.dll
2011-10-20 01:33 . 2010-02-11 07:10	293376	----a-w-	c:\windows\system32\browserchoice.exe
2011-10-20 01:18 . 2010-03-04 04:04	146304	----a-w-	c:\windows\system32\drivers\usbvideo.sys
2011-10-20 01:18 . 2010-03-04 03:57	190976	----a-w-	c:\windows\system32\drivers\ks.sys
2011-10-20 01:15 . 2010-09-14 06:07	276992	----a-w-	c:\windows\system32\wcncsvc.dll
2011-10-19 22:32 . 2011-10-19 22:32	--------	d-----w-	c:\users\Tom\AppData\Local\Google
2011-10-19 21:49 . 2010-11-02 04:41	351232	----a-w-	c:\windows\system32\wmicmiplugin.dll
2011-10-19 21:48 . 2011-07-16 04:37	169984	----a-w-	c:\windows\system32\winsrv.dll
2011-10-19 21:47 . 2009-08-29 06:57	34816	----a-w-	c:\windows\system32\msasn1.dll
2011-10-19 21:47 . 2009-10-19 14:10	70656	----a-w-	c:\windows\system32\fontsub.dll
2011-10-19 21:47 . 2009-12-08 11:32	292864	----a-w-	c:\windows\system32\apphelp.dll
2011-10-19 21:47 . 2009-12-19 09:02	12288	----a-w-	c:\windows\system32\tsbyuv.dll
2011-10-19 21:47 . 2009-12-19 09:02	1328640	----a-w-	c:\windows\system32\quartz.dll
2011-10-19 21:47 . 2009-12-19 09:02	22016	----a-w-	c:\windows\system32\msyuv.dll
2011-10-19 21:47 . 2009-12-19 09:02	31744	----a-w-	c:\windows\system32\msvidc32.dll
2011-10-19 21:47 . 2009-12-19 09:02	13312	----a-w-	c:\windows\system32\msrle32.dll
2011-10-19 21:47 . 2009-12-19 09:02	84480	----a-w-	c:\windows\system32\mciavi32.dll
2011-10-19 21:47 . 2009-12-19 09:02	50176	----a-w-	c:\windows\system32\iyuv_32.dll
2011-10-19 21:47 . 2009-12-19 09:02	91648	----a-w-	c:\windows\system32\avifil32.dll
2011-10-19 21:43 . 2010-01-18 23:29	365568	----a-w-	c:\windows\system32\secproc_isv.dll
2011-10-19 21:43 . 2010-01-18 23:29	369152	----a-w-	c:\windows\system32\secproc.dll
2011-10-19 21:43 . 2010-01-18 23:28	324608	----a-w-	c:\windows\system32\RMActivate_isv.exe
2011-10-19 21:43 . 2010-01-18 23:29	85504	----a-w-	c:\windows\system32\secproc_ssp_isv.dll
2011-10-19 21:43 . 2010-01-18 23:29	85504	----a-w-	c:\windows\system32\secproc_ssp.dll
2011-10-19 21:43 . 2010-01-18 23:28	277504	----a-w-	c:\windows\system32\RMActivate_ssp_isv.exe
2011-10-19 21:43 . 2010-01-18 23:28	320512	----a-w-	c:\windows\system32\RMActivate.exe
2011-10-19 21:43 . 2010-01-18 23:28	280064	----a-w-	c:\windows\system32\RMActivate_ssp.exe
2011-10-19 21:39 . 2009-12-29 06:55	172032	----a-w-	c:\windows\system32\wintrust.dll
2011-10-19 21:39 . 2010-01-09 06:52	132608	----a-w-	c:\windows\system32\cabview.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 07:09 . 2011-10-21 22:22	134104	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-10-29 7862816]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-10-10 1578280]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]
"APLangApp"="c:\program files\AnyPC Client\APLangApp.exe" [2009-10-20 13312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-04 13830760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"fsi"="c:\program files\Phoenix Technologies Ltd\FailSafe\FailSafeLauncher.exe" [2009-09-09 9728]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [2009-08-13 44312]
S2 Rezip;Rezip;c:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-06-27 66080]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\gq8vyvu9.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-10-27  00:15:05
ComboFix-quarantined-files.txt  2011-10-26 22:15
.
Vor Suchlauf: 6 Verzeichnis(se), 59.477.852.160 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 60.789.518.336 Bytes frei
.
- - End Of File - - BFB88E929B7316F9EF2CE922F8F3AF60

--- --- ---

cosinus · 27.10.2011, 08:15

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

tomtom84 · 27.10.2011, 12:19

Hier der GMER Log:
GMER Logfile:

Code:

ATTFilter

GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-10-27 13:18:42
Windows 6.1.7600  Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0
Running: 4wjq39i5.exe; Driver: C:\Users\Tom\AppData\Local\Temp\uwldipow.sys


---- System - GMER 1.0.15 ----

SSDT            90688516                                                                                         ZwCreateSection
SSDT            90688520                                                                                         ZwRequestWaitReplyPort
SSDT            9068851B                                                                                         ZwSetContextThread
SSDT            90688525                                                                                         ZwSetSecurityObject
SSDT            9068852A                                                                                         ZwSystemDebugControl
SSDT            906884B7                                                                                         ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwSaveKeyEx + 13AD                                                                  83254539 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                           83279092 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           ntkrnlpa.exe!RtlSidHashLookup + 350                                                              832809B0 4 Bytes  [16, 85, 68, 90] {PUSH SS; TEST [EAX-0x70], EBP}
.text           ntkrnlpa.exe!RtlSidHashLookup + 6AC                                                              83280D0C 4 Bytes  [20, 85, 68, 90]
.text           ntkrnlpa.exe!RtlSidHashLookup + 6F0                                                              83280D50 4 Bytes  [1B, 85, 68, 90]
.text           ntkrnlpa.exe!RtlSidHashLookup + 76C                                                              83280DCC 4 Bytes  [25, 85, 68, 90]
.text           ntkrnlpa.exe!RtlSidHashLookup + 7C0                                                              83280E20 4 Bytes  [2A, 85, 68, 90]
.text           ...                                                                                              
.text           autochk.exe                                                                                      002A1204 4 Bytes  [00, 00, 00, 00] {ADD [EAX], AL; ADD [EAX], AL}
.text           autochk.exe                                                                                      002A120C 1 Byte  [00]
.text           autochk.exe                                                                                      002A1210 1 Byte  [00]
.text           autochk.exe                                                                                      002A1214 2 Bytes  [00, 00] {ADD [EAX], AL}
.text           autochk.exe                                                                                      002A1218 2 Bytes  [00, 00] {ADD [EAX], AL}
.text           ...                                                                                              

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] USER32.dll!GetWindowInfo             76B66A82 5 Bytes  JMP 60A789A7 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] USER32.dll!TrackPopupMenu            76B84B3B 5 Bytes  JMP 60A78F65 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4716] ntdll.dll!LdrLoadDll                          7758F5B5 5 Bytes  JMP 608FFAE0 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                          Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                           fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                           fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                           fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                           fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume5                                                           fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076fedf8b                      
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076fedf8b (not active ControlSet)  

---- EOF - GMER 1.0.15 ----

--- --- ---

Ich bin mir nicht sicher, ob ich bei OSAM alles richtig gemacht habe:
OSAM Logfile:

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 13:22:58 on 27.10.2011

OS: Windows 7 Home Premium Edition (Build 7600), 32-bit
Default Browser: Mozilla Corporation Firefox 7.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\windows\system32\FlashPlayerCPLApp.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\windows\system32\nvcpl.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\Users\Tom\AppData\Local\Temp\catchme.sys  (File not found)
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\windows\System32\DRIVERS\fssfltr.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\windows\System32\DRIVERS\ssmdrv.sys
"uwldipow" (uwldipow) - ? - C:\Users\Tom\AppData\Local\Temp\uwldipow.sys  (Hidden registry entry, rootkit activity | File not found)

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\windows\system32\nvcpl.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\windows\system32\nvshext.dll
{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\windows\system32\nvcpl.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~1\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -   (File not found | COM-object registry key not found)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"APLangApp" - "DoctorSoft" - "C:\Program Files\AnyPC Client\APLangApp.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"CLMLServer" - "CyberLink" - "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
"fsi" - ? - C:\Program Files\Phoenix Technologies Ltd\FailSafe\FailSafeLauncher.exe
"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
"PDVD8LanguageShortcut" - "CyberLink Corp." - "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
"RemoteControl8" - "CyberLink Corp." - "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
"UCam_Menu" - "CyberLink Corp." - "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
"UpdateLBPShortCut" - "CyberLink Corp." - "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
"UpdateP2GoShortCut" - "CyberLink Corp." - "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
"UpdatePDRShortCut" - "CyberLink Corp." - "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
"UpdatePPShortCut" - "CyberLink Corp." - "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
"UpdatePSTShortCut" - "CyberLink Corp." - "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared files\RichVideo.exe
"McAfee SiteAdvisor Service" (McAfee SiteAdvisor Service) - ? - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe  (File not found)
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\windows\system32\nvvsvc.exe
"Oberon Media Game Console service" (OberonGameConsoleService) - ? - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Rezip" (Rezip) - ? - C:\windows\SYSTEM32\Rezip.exe
"Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/QUOTE]

Zitat:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-27 13:24:54
-----------------------------
13:24:54.272 OS Version: Windows 6.1.7600
13:24:54.272 Number of processors: 4 586 0x2502
13:24:54.273 ComputerName: TOM-PC UserName: Tom
13:24:54.878 Initialize success
13:27:11.226 AVAST engine defs: 11102600
13:29:27.023 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:29:27.025 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
13:29:27.129 Disk 0 MBR read successfully
13:29:27.134 Disk 0 MBR scan
13:29:27.156 Disk 0 unknown MBR code
13:29:27.210 Disk 0 scanning sectors +625139712
13:29:27.613 Disk 0 scanning C:\windows\system32\drivers
13:30:51.656 Service scanning
13:30:52.759 Modules scanning
13:31:10.510 Disk 0 trace - called modules:
13:31:10.529 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
13:31:10.534 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8657c030]
13:31:10.539 3 CLASSPNP.SYS[8b59159e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x864b5028]
13:31:11.160 AVAST engine scan C:\windows
13:31:21.279 AVAST engine scan C:\windows\system32
13:32:55.862 AVAST engine scan C:\windows\system32\drivers
13:33:02.619 AVAST engine scan C:\Users\Tom
13:35:04.589 AVAST engine scan C:\ProgramData
13:35:17.547 Scan finished successfully
13:52:18.475 Disk 0 MBR has been saved successfully to "C:\Users\Tom\Downloads\MBR.dat"
13:52:18.481 The log file has been saved successfully to "C:\Users\Tom\Downloads\aswMBR.txt"

cosinus · 27.10.2011, 13:47

Zitat:

"Rezip" (Rezip) - ? - C:\windows\SYSTEM32\Rezip.exe

Bitte mit OSAM deaktivieren und löschen

Wir sollten danach den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht.
Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR.
Anschließend Windows neu starten und ein neues Log mit aswMBR machen.

tomtom84 · 27.10.2011, 14:30

Wahrscheinlich stelle ich mich gerade reichlich dämlich an, aber ich habe es leider weder hinbekommen die rezip.exe mit osam zu deaktivieren noch zu löschen...

Ich finde den Eintrag zwar, weiß dann aber nicht wie ich vorgehen muss.

25.10.2011, 11:12	#17
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	BOO/TDss.M im Masterbootsektor gefunden.(Antivir) Auch nach Systemrücksetzung mit Samsung Recovery Nein wir müssen noch weiter ran, poste erstmal das neue TDSS-Killer-Log nach dem Fix. __________________ __________________

25.10.2011, 14:40	#21
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	BOO/TDss.M im Masterbootsektor gefunden.(Antivir) Auch nach Systemrücksetzung mit Samsung Recovery Nein!! Ich hab doch geschrieben, die von mir erwähnten Einträge fixen. Darauf hin sagtest du das hättest du erledigt! Aber irgendwie nicht vollständig! __________________ --> BOO/TDss.M im Masterbootsektor gefunden.(Antivir) Auch nach Systemrücksetzung mit Samsung Recovery

BOO/TDss.M im Masterbootsektor gefunden.(Antivir) Auch nach Systemrücksetzung mit Samsung Recovery

Plagegeister aller Art und deren Bekämpfung: BOO/TDss.M im Masterbootsektor gefunden.(Antivir) Auch nach Systemrücksetzung mit Samsung Recovery