Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bundespolizei Trojaner (https://www.trojaner-board.de/106344-bundespolizei-trojaner.html)

cosinus 21.12.2011 20:41
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
SRV - [2011.09.27 19:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) [Disabled | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.web.de "
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "http://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p="
[2011.12.12 14:54:26 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.11.21 19:46:40 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com
[2011.11.04 16:56:23 | 000,000,933 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\spatfka6.default\searchplugins\11-suche.xml
[2011.11.04 16:56:23 | 000,002,419 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\spatfka6.default\searchplugins\englische-ergebnisse.xml
[2011.11.04 16:56:22 | 000,010,525 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\spatfka6.default\searchplugins\gmx-suche.xml
[2011.11.04 16:56:23 | 000,002,457 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\spatfka6.default\searchplugins\lastminute.xml
[2011.10.07 11:03:27 | 000,005,508 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\spatfka6.default\searchplugins\webde-suche.xml
[2011.10.18 12:34:01 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKCU..\Run: [AdobeBridge]  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8a1ffe10-e412-11df-9884-001a802657dd}\Shell - "" = AutoRun
O33 - MountPoints2\{8a1ffe10-e412-11df-9884-001a802657dd}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O33 - MountPoints2\{eaa6a66a-e37b-11df-a29e-001a802657dd}\Shell - "" = AutoRun
O33 - MountPoints2\{eaa6a66a-e37b-11df-a29e-001a802657dd}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
[2011.12.15 18:55:07 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\AskToolbar
:Files
C:\Program Files\Ask.com
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Kim1980 21.12.2011 22:17
die neue otl-file:


Code:
All processes killed
========== OTL ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Programme\Application Updater\ApplicationUpdater.exe moved successfully.
Prefs.js: "chr-greentree_ff&type=302398&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "hxxp://www.web.de " removed from browser.startup.homepage
Prefs.js: pdfforge@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: wtxpcom@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p=" removed from keyword.URL
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-21-Nov-2011-20-50-16-GMT folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\spatfka6.default\extensions\toolbar@ask.com folder moved successfully.
C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\spatfka6.default\searchplugins\11-suche.xml moved successfully.
C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\spatfka6.default\searchplugins\englische-ergebnisse.xml moved successfully.
C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\spatfka6.default\searchplugins\gmx-suche.xml moved successfully.
C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\spatfka6.default\searchplugins\lastminute.xml moved successfully.
C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\spatfka6.default\searchplugins\webde-suche.xml moved successfully.
C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com\components_20 folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com\components folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Programme\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a1ffe10-e412-11df-9884-001a802657dd}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8a1ffe10-e412-11df-9884-001a802657dd}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a1ffe10-e412-11df-9884-001a802657dd}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8a1ffe10-e412-11df-9884-001a802657dd}\ not found.
File F:\USBAutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eaa6a66a-e37b-11df-a29e-001a802657dd}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eaa6a66a-e37b-11df-a29e-001a802657dd}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eaa6a66a-e37b-11df-a29e-001a802657dd}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eaa6a66a-e37b-11df-a29e-001a802657dd}\ not found.
File "F:\WD SmartWare.exe" autoplay=true not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\USBAutoRun.exe not found.
C:\Users\Kim\AppData\Local\AskToolbar\Downloaded Program Files\temp folder moved successfully.
C:\Users\Kim\AppData\Local\AskToolbar\Downloaded Program Files folder moved successfully.
C:\Users\Kim\AppData\Local\AskToolbar folder moved successfully.
========== FILES ==========
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Kim
->Temp folder emptied: 2407828725 bytes
->Temporary Internet Files folder emptied: 56300516 bytes
->Java cache emptied: 3108911 bytes
->FireFox cache emptied: 680317796 bytes
->Flash cache emptied: 191341 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 45222413 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 3.045,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 12212011_220327

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus 21.12.2011 22:21
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Kim1980 21.12.2011 22:43
tdsskiller-file:

Code:
22:39:25.0588 3460        TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
22:39:26.0136 3460        ============================================================
22:39:26.0136 3460        Current date / time: 2011/12/21 22:39:26.0136
22:39:26.0137 3460        SystemInfo:
22:39:26.0137 3460       
22:39:26.0137 3460        OS Version: 6.0.6002 ServicePack: 2.0
22:39:26.0137 3460        Product type: Workstation
22:39:26.0137 3460        ComputerName: KIM-PC
22:39:26.0137 3460        UserName: Kim
22:39:26.0137 3460        Windows directory: C:\Windows
22:39:26.0137 3460        System windows directory: C:\Windows
22:39:26.0137 3460        Processor architecture: Intel x86
22:39:26.0137 3460        Number of processors: 2
22:39:26.0137 3460        Page size: 0x1000
22:39:26.0137 3460        Boot type: Normal boot
22:39:26.0137 3460        ============================================================
22:39:30.0302 3460        Initialize success
22:40:11.0921 2184        ============================================================
22:40:11.0921 2184        Scan started
22:40:11.0921 2184        Mode: Manual; SigCheck; TDLFS;
22:40:11.0921 2184        ============================================================
22:40:28.0294 2184        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:40:28.0408 2184        ACPI - ok
22:40:28.0861 2184        adfs            (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
22:40:28.0876 2184        adfs - ok
22:40:29.0327 2184        adp94xx        (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
22:40:29.0412 2184        adp94xx - ok
22:40:29.0836 2184        adpahci        (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
22:40:29.0858 2184        adpahci - ok
22:40:30.0138 2184        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
22:40:30.0181 2184        adpu160m - ok
22:40:30.0517 2184        adpu320        (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
22:40:30.0555 2184        adpu320 - ok
22:40:30.0871 2184        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:40:31.0027 2184        AFD - ok
22:40:31.0376 2184        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
22:40:31.0415 2184        agp440 - ok
22:40:31.0702 2184        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:40:31.0741 2184        aic78xx - ok
22:40:32.0017 2184        aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
22:40:32.0061 2184        aliide - ok
22:40:32.0318 2184        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
22:40:32.0358 2184        amdagp - ok
22:40:32.0851 2184        amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
22:40:32.0864 2184        amdide - ok
22:40:33.0073 2184        AmdK7          (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
22:40:33.0782 2184        AmdK7 - ok
22:40:34.0041 2184        AmdK8          (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
22:40:34.0132 2184        AmdK8 - ok
22:40:34.0527 2184        arc            (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
22:40:34.0561 2184        arc - ok
22:40:34.0819 2184        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
22:40:34.0853 2184        arcsas - ok
22:40:35.0096 2184        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:40:36.0624 2184        AsyncMac - ok
22:40:36.0975 2184        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:40:36.0985 2184        atapi - ok
22:40:37.0316 2184        avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
22:40:37.0874 2184        avgntflt - ok
22:40:38.0180 2184        avipbb          (475fbb85956534720858ae72010c0a43) C:\Windows\system32\DRIVERS\avipbb.sys
22:40:38.0252 2184        avipbb - ok
22:40:38.0502 2184        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
22:40:38.0542 2184        avkmgr - ok
22:40:38.0945 2184        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:40:39.0060 2184        Beep - ok
22:40:39.0288 2184        blbdrive - ok
22:40:39.0624 2184        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:40:39.0721 2184        bowser - ok
22:40:39.0961 2184        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:40:40.0976 2184        BrFiltLo - ok
22:40:41.0181 2184        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:40:41.0265 2184        BrFiltUp - ok
22:40:41.0521 2184        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:40:41.0641 2184        Brserid - ok
22:40:41.0868 2184        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:40:42.0005 2184        BrSerWdm - ok
22:40:42.0256 2184        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:40:42.0378 2184        BrUsbMdm - ok
22:40:42.0628 2184        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:40:42.0738 2184        BrUsbSer - ok
22:40:43.0258 2184        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:40:43.0348 2184        BTHMODEM - ok
22:40:43.0633 2184        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:40:43.0740 2184        cdfs - ok
22:40:44.0091 2184        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:40:44.0163 2184        cdrom - ok
22:40:44.0434 2184        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
22:40:44.0554 2184        circlass - ok
22:40:44.0838 2184        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:40:44.0878 2184        CLFS - ok
22:40:45.0224 2184        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
22:40:45.0265 2184        CmBatt - ok
22:40:45.0577 2184        cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
22:40:45.0608 2184        cmdide - ok
22:40:45.0809 2184        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
22:40:45.0844 2184        Compbatt - ok
22:40:46.0088 2184        crcdisk        (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
22:40:46.0130 2184        crcdisk - ok
22:40:46.0496 2184        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
22:40:46.0564 2184        Crusoe - ok
22:40:46.0851 2184        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:40:46.0948 2184        DfsC - ok
22:40:47.0371 2184        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:40:47.0417 2184        disk - ok
22:40:47.0678 2184        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:40:47.0759 2184        drmkaud - ok
22:40:48.0035 2184        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:40:48.0085 2184        DXGKrnl - ok
22:40:48.0355 2184        E1G60          (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:40:48.0489 2184        E1G60 - ok
22:40:48.0788 2184        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:40:48.0811 2184        Ecache - ok
22:40:49.0076 2184        elxstor        (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
22:40:49.0119 2184        elxstor - ok
22:40:49.0392 2184        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:40:49.0486 2184        exfat - ok
22:40:49.0731 2184        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:40:49.0790 2184        fastfat - ok
22:40:50.0063 2184        fdc            (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
22:40:50.0150 2184        fdc - ok
22:40:50.0747 2184        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:40:50.0784 2184        FileInfo - ok
22:40:51.0018 2184        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:40:51.0101 2184        Filetrace - ok
22:40:51.0358 2184        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
22:40:51.0544 2184        flpydisk - ok
22:40:51.0838 2184        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:40:51.0887 2184        FltMgr - ok
22:40:52.0071 2184        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
22:40:52.0143 2184        Fs_Rec - ok
22:40:52.0395 2184        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
22:40:52.0411 2184        gagp30kx - ok
22:40:52.0669 2184        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:40:52.0712 2184        GEARAspiWDM - ok
22:40:52.0937 2184        HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
22:40:53.0026 2184        HdAudAddService - ok
22:40:53.0250 2184        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:40:53.0330 2184        HDAudBus - ok
22:40:53.0637 2184        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:40:53.0701 2184        HidBth - ok
22:40:53.0962 2184        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:40:54.0081 2184        HidIr - ok
22:40:54.0274 2184        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:40:54.0374 2184        HidUsb - ok
22:40:54.0618 2184        HpCISSs        (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
22:40:54.0661 2184        HpCISSs - ok
22:40:54.0905 2184        HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:40:54.0988 2184        HSFHWAZL - ok
22:40:55.0285 2184        HSF_DPV        (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:40:55.0497 2184        HSF_DPV - ok
22:40:55.0762 2184        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
22:40:55.0885 2184        HTTP - ok
22:40:56.0384 2184        i2omp          (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
22:40:56.0432 2184        i2omp - ok
22:40:56.0716 2184        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:40:56.0769 2184        i8042prt - ok
22:40:57.0337 2184        iaStorV        (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
22:40:57.0383 2184        iaStorV - ok
22:40:57.0768 2184        igfx            (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
22:40:58.0346 2184        igfx - ok
22:40:58.0803 2184        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:40:58.0818 2184        iirsp - ok
22:40:59.0151 2184        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
22:40:59.0165 2184        intelide - ok
22:40:59.0322 2184        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:40:59.0373 2184        intelppm - ok
22:40:59.0444 2184        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:40:59.0516 2184        IpFilterDriver - ok
22:40:59.0529 2184        IpInIp - ok
22:40:59.0571 2184        IPMIDRV        (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
22:40:59.0668 2184        IPMIDRV - ok
22:40:59.0776 2184        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:40:59.0852 2184        IPNAT - ok
22:41:00.0145 2184        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:41:00.0261 2184        IRENUM - ok
22:41:00.0442 2184        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
22:41:00.0482 2184        isapnp - ok
22:41:00.0721 2184        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:41:00.0734 2184        iScsiPrt - ok
22:41:00.0997 2184        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:41:01.0011 2184        iteatapi - ok
22:41:01.0317 2184        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:41:01.0332 2184        iteraid - ok
22:41:01.0634 2184        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:41:01.0672 2184        kbdclass - ok
22:41:01.0883 2184        kbdhid          (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
22:41:01.0941 2184        kbdhid - ok
22:41:02.0178 2184        KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
22:41:02.0241 2184        KSecDD - ok
22:41:02.0485 2184        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:41:02.0564 2184        lltdio - ok
22:41:02.0838 2184        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
22:41:02.0885 2184        LSI_FC - ok
22:41:03.0074 2184        LSI_SAS        (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
22:41:03.0090 2184        LSI_SAS - ok
22:41:03.0315 2184        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
22:41:03.0354 2184        LSI_SCSI - ok
22:41:03.0605 2184        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:41:03.0682 2184        luafv - ok
22:41:03.0919 2184        MBAMSwissArmy - ok
22:41:04.0187 2184        megasas        (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
22:41:04.0235 2184        megasas - ok
22:41:04.0446 2184        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:41:04.0528 2184        Modem - ok
22:41:04.0757 2184        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:41:04.0781 2184        monitor - ok
22:41:04.0967 2184        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:41:05.0019 2184        mouclass - ok
22:41:05.0233 2184        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:41:05.0302 2184        mouhid - ok
22:41:05.0485 2184        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:41:05.0526 2184        MountMgr - ok
22:41:05.0756 2184        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
22:41:05.0773 2184        mpio - ok
22:41:05.0996 2184        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:41:06.0058 2184        mpsdrv - ok
22:41:06.0314 2184        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:41:06.0345 2184        Mraid35x - ok
22:41:06.0848 2184        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:41:07.0024 2184        MRxDAV - ok
22:41:07.0243 2184        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:41:07.0337 2184        mrxsmb - ok
22:41:07.0616 2184        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:41:07.0679 2184        mrxsmb10 - ok
22:41:07.0941 2184        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:41:07.0998 2184        mrxsmb20 - ok
22:41:08.0244 2184        msahci          (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
22:41:08.0288 2184        msahci - ok
22:41:08.0531 2184        msdsm          (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
22:41:08.0564 2184        msdsm - ok
22:41:08.0853 2184        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:41:08.0937 2184        Msfs - ok
22:41:09.0188 2184        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:41:09.0229 2184        msisadrv - ok
22:41:09.0840 2184        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:41:09.0916 2184        MSKSSRV - ok
22:41:10.0028 2184        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:41:10.0074 2184        MSPCLOCK - ok
22:41:10.0352 2184        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:41:10.0400 2184        MSPQM - ok
22:41:10.0641 2184        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:41:10.0680 2184        MsRPC - ok
22:41:10.0891 2184        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:41:10.0900 2184        mssmbios - ok
22:41:11.0139 2184        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:41:11.0220 2184        MSTEE - ok
22:41:11.0537 2184        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:41:11.0573 2184        Mup - ok
22:41:11.0752 2184        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:41:11.0811 2184        NativeWifiP - ok
22:41:12.0270 2184        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:41:12.0317 2184        NDIS - ok
22:41:12.0575 2184        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:41:12.0655 2184        NdisTapi - ok
22:41:12.0909 2184        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:41:12.0978 2184        Ndisuio - ok
22:41:13.0216 2184        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:41:13.0285 2184        NdisWan - ok
22:41:13.0809 2184        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:41:13.0882 2184        NDProxy - ok
22:41:14.0180 2184        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:41:14.0225 2184        NetBIOS - ok
22:41:14.0633 2184        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:41:14.0694 2184        netbt - ok
22:41:15.0336 2184        NETw3v32        (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
22:41:16.0423 2184        NETw3v32 - ok
22:41:16.0872 2184        NETw4v32        (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
22:41:17.0616 2184        NETw4v32 - ok
22:41:17.0831 2184        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:41:17.0867 2184        nfrd960 - ok
22:41:18.0093 2184        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:41:18.0159 2184        Npfs - ok
22:41:18.0391 2184        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:41:18.0504 2184        nsiproxy - ok
22:41:18.0751 2184        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:41:19.0274 2184        Ntfs - ok
22:41:19.0547 2184        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:41:19.0642 2184        ntrigdigi - ok
22:41:19.0897 2184        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:41:19.0964 2184        Null - ok
22:41:20.0181 2184        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
22:41:20.0231 2184        nvraid - ok
22:41:20.0428 2184        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
22:41:20.0461 2184        nvstor - ok
22:41:20.0688 2184        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
22:41:20.0730 2184        nv_agp - ok
22:41:20.0963 2184        NwlnkFlt - ok
22:41:21.0173 2184        NwlnkFwd - ok
22:41:21.0483 2184        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
22:41:21.0519 2184        ohci1394 - ok
22:41:21.0979 2184        PAC7302        (81a0921e2a3fdcf840e43af64bf96ea2) C:\Windows\system32\DRIVERS\PAC7302.SYS
22:41:22.0429 2184        PAC7302 - ok
22:41:22.0887 2184        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:41:22.0981 2184        Parport - ok
22:41:23.0251 2184        partmgr        (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:41:23.0291 2184        partmgr - ok
22:41:23.0510 2184        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:41:23.0616 2184        Parvdm - ok
22:41:23.0944 2184        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:41:23.0959 2184        pci - ok
22:41:24.0159 2184        pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
22:41:24.0199 2184        pciide - ok
22:41:24.0439 2184        pcmcia          (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
22:41:24.0504 2184        pcmcia - ok
22:41:24.0799 2184        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:41:25.0068 2184        PEAUTH - ok
22:41:25.0320 2184        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:41:25.0375 2184        PptpMiniport - ok
22:41:25.0610 2184        Processor      (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
22:41:25.0696 2184        Processor - ok
22:41:25.0899 2184        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:41:25.0949 2184        PSched - ok
22:41:26.0434 2184        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
22:41:26.0877 2184        ql2300 - ok
22:41:27.0220 2184        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:41:27.0264 2184        ql40xx - ok
22:41:27.0472 2184        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:41:27.0556 2184        QWAVEdrv - ok
22:41:27.0721 2184        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:41:27.0805 2184        RasAcd - ok
22:41:27.0992 2184        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:41:28.0043 2184        Rasl2tp - ok
22:41:28.0291 2184        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:41:28.0351 2184        RasPppoe - ok
22:41:28.0613 2184        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:41:28.0660 2184        RasSstp - ok
22:41:29.0197 2184        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:41:29.0275 2184        rdbss - ok
22:41:29.0430 2184        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:41:29.0456 2184        RDPCDD - ok
22:41:29.0705 2184        rdpdr          (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
22:41:29.0775 2184        rdpdr - ok
22:41:29.0965 2184        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:41:30.0044 2184        RDPENCDD - ok
22:41:30.0249 2184        RDPWD          (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
22:41:30.0299 2184        RDPWD - ok
22:41:30.0529 2184        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:41:30.0611 2184        rspndr - ok
22:41:30.0875 2184        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:41:31.0039 2184        sbp2port - ok
22:41:31.0220 2184        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:41:31.0308 2184        secdrv - ok
22:41:31.0552 2184        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:41:31.0635 2184        Serenum - ok
22:41:31.0904 2184        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:41:31.0987 2184        Serial - ok
22:41:32.0214 2184        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:41:32.0293 2184        sermouse - ok
22:41:32.0541 2184        sffdisk        (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
22:41:32.0638 2184        sffdisk - ok
22:41:32.0821 2184        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
22:41:32.0915 2184        sffp_mmc - ok
22:41:33.0241 2184        sffp_sd        (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
22:41:33.0336 2184        sffp_sd - ok
22:41:33.0637 2184        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:41:33.0717 2184        sfloppy - ok
22:41:33.0912 2184        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
22:41:33.0956 2184        sisagp - ok
22:41:34.0145 2184        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
22:41:34.0182 2184        SiSRaid2 - ok
22:41:34.0423 2184        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
22:41:34.0466 2184        SiSRaid4 - ok
22:41:34.0699 2184        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:41:34.0744 2184        Smb - ok
22:41:35.0008 2184        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:41:35.0042 2184        spldr - ok
22:41:35.0326 2184        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:41:35.0390 2184        srv - ok
22:41:35.0687 2184        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:41:35.0778 2184        srv2 - ok
22:41:36.0018 2184        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:41:36.0082 2184        srvnet - ok
22:41:36.0287 2184        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
22:41:36.0354 2184        ssmdrv - ok
22:41:36.0844 2184        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:41:36.0857 2184        swenum - ok
22:41:37.0117 2184        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:41:37.0156 2184        Symc8xx - ok
22:41:37.0331 2184        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:41:37.0365 2184        Sym_hi - ok
22:41:37.0625 2184        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:41:37.0673 2184        Sym_u3 - ok
22:41:37.0981 2184        Tcpip          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
22:41:38.0145 2184        Tcpip - ok
22:41:38.0359 2184        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
22:41:38.0500 2184        Tcpip6 - ok
22:41:38.0844 2184        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
22:41:38.0936 2184        tcpipreg - ok
22:41:39.0116 2184        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:41:39.0227 2184        TDPIPE - ok
22:41:39.0463 2184        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:41:39.0579 2184        TDTCP - ok
22:41:39.0787 2184        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:41:39.0833 2184        tdx - ok
22:41:40.0067 2184        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:41:40.0085 2184        TermDD - ok
22:41:40.0301 2184        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:41:40.0363 2184        tssecsrv - ok
22:41:40.0540 2184        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:41:40.0608 2184        tunmp - ok
22:41:40.0846 2184        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:41:40.0896 2184        tunnel - ok
22:41:41.0131 2184        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
22:41:41.0165 2184        uagp35 - ok
22:41:41.0445 2184        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:41:41.0475 2184        udfs - ok
22:41:41.0679 2184        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
22:41:41.0714 2184        uliagpkx - ok
22:41:41.0924 2184        uliahci        (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
22:41:41.0970 2184        uliahci - ok
22:41:42.0250 2184        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:41:42.0295 2184        UlSata - ok
22:41:42.0537 2184        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:41:42.0570 2184        ulsata2 - ok
22:41:42.0765 2184        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:41:42.0855 2184        umbus - ok
22:41:43.0170 2184        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
22:41:43.0280 2184        USBAAPL - ok
22:41:43.0512 2184        usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
22:41:43.0585 2184        usbaudio - ok
22:41:43.0776 2184        usbbus          (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
22:41:43.0861 2184        usbbus - ok
22:41:44.0059 2184        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:41:44.0107 2184        usbccgp - ok
22:41:44.0329 2184        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:41:44.0404 2184        usbcir - ok
22:41:45.0133 2184        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:41:45.0194 2184        usbehci - ok
22:41:45.0435 2184        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:41:45.0509 2184        usbhub - ok
22:41:45.0769 2184        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
22:41:45.0848 2184        usbohci - ok
22:41:46.0036 2184        usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
22:41:46.0096 2184        usbprint - ok
22:41:46.0302 2184        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:41:46.0359 2184        USBSTOR - ok
22:41:46.0558 2184        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:41:46.0623 2184        usbuhci - ok
22:41:46.0862 2184        vga            (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
22:41:46.0938 2184        vga - ok
22:41:47.0089 2184        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:41:47.0153 2184        VgaSave - ok
22:41:47.0346 2184        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
22:41:47.0387 2184        viaagp - ok
22:41:47.0689 2184        ViaC7          (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
22:41:47.0778 2184        ViaC7 - ok
22:41:48.0009 2184        viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
22:41:48.0049 2184        viaide - ok
22:41:48.0254 2184        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:41:48.0289 2184        volmgr - ok
22:41:48.0545 2184        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:41:48.0606 2184        volmgrx - ok
22:41:48.0894 2184        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:41:48.0917 2184        volsnap - ok
22:41:49.0174 2184        vsmraid        (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
22:41:49.0214 2184        vsmraid - ok
22:41:49.0458 2184        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:41:49.0552 2184        WacomPen - ok
22:41:49.0763 2184        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:41:49.0838 2184        Wanarp - ok
22:41:49.0866 2184        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:41:49.0886 2184        Wanarpv6 - ok
22:41:50.0448 2184        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
22:41:50.0590 2184        Wd - ok
22:41:50.0876 2184        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
22:41:50.0910 2184        Wdf01000 - ok
22:41:51.0256 2184        winachsf        (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:41:51.0333 2184        winachsf - ok
22:41:51.0678 2184        WmiAcpi        (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
22:41:51.0736 2184        WmiAcpi - ok
22:41:52.0224 2184        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
22:41:52.0261 2184        WpdUsb - ok
22:41:52.0648 2184        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:41:52.0743 2184        ws2ifsl - ok
22:41:53.0262 2184        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:41:53.0314 2184        WUDFRd - ok
22:41:53.0642 2184        yukonwlh        (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
22:41:53.0734 2184        yukonwlh - ok
22:41:53.0763 2184        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
22:42:02.0586 2184        \Device\Harddisk0\DR0 - ok
22:42:02.0629 2184        Boot (0x1200)  (09ea3d54355b545f7aab8f372c1a4004) \Device\Harddisk0\DR0\Partition0
22:42:02.0631 2184        \Device\Harddisk0\DR0\Partition0 - ok
22:42:02.0659 2184        Boot (0x1200)  (d3d31ab35cd3af9bcf203671b977501b) \Device\Harddisk0\DR0\Partition1
22:42:02.0661 2184        \Device\Harddisk0\DR0\Partition1 - ok
22:42:02.0661 2184        ============================================================
22:42:02.0661 2184        Scan finished
22:42:02.0661 2184        ============================================================
22:42:02.0682 3336        Detected object count: 0
22:42:02.0682 3336        Actual detected object count: 0

cosinus 22.12.2011 08:50
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Kim1980 22.12.2011 16:00
combofix konnte die datei nicht schreiben?!?!? eigentlich hat sich das prozedere so gestaltet, wie du es beschrieben hast (update...), nur die datei konnte eben nicht geschrieben werden.
soll ich es nochmal versuchen?

cosinus 22.12.2011 18:22
Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und probier es bitte nochmal.


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:24 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19