Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   browsersafesearhing.com als standardsuchmaschine nach installation von steam-download.de (https://www.trojaner-board.de/110017-browsersafesearhing-com-standardsuchmaschine-installation-steam-download-de.html)

cosinus 22.02.2012 10:02
Probier nochmal:

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Yagami 22.02.2012 20:04
Wieder "Out of memory". :(

cosinus 22.02.2012 20:52
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Yagami 02.03.2012 00:43
Hi, sry war im Urlaub und hab vergessen, dass hier zu erwähnen. :twak:
der log:
Code:
00:36:57.0421 5024        TDSS rootkit removing tool 2.7.17.0 Feb 29 2012 14:02:24
00:36:57.0721 5024        ============================================================
00:36:57.0721 5024        Current date / time: 2012/03/02 00:36:57.0721
00:36:57.0721 5024        SystemInfo:
00:36:57.0721 5024       
00:36:57.0721 5024        OS Version: 6.1.7601 ServicePack: 1.0
00:36:57.0721 5024        Product type: Workstation
00:36:57.0721 5024        ComputerName: SEBRICKLER-PC
00:36:57.0721 5024        UserName: SeBrickler
00:36:57.0721 5024        Windows directory: C:\Windows
00:36:57.0721 5024        System windows directory: C:\Windows
00:36:57.0721 5024        Running under WOW64
00:36:57.0721 5024        Processor architecture: Intel x64
00:36:57.0721 5024        Number of processors: 4
00:36:57.0721 5024        Page size: 0x1000
00:36:57.0721 5024        Boot type: Normal boot
00:36:57.0721 5024        ============================================================
00:36:58.0431 5024        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:36:58.0451 5024        \Device\Harddisk0\DR0:
00:36:58.0451 5024        MBR used
00:36:58.0451 5024        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:36:58.0451 5024        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
00:36:58.0571 5024        Initialize success
00:36:58.0571 5024        ============================================================
00:38:20.0811 6036        ============================================================
00:38:20.0811 6036        Scan started
00:38:20.0811 6036        Mode: Manual; SigCheck; TDLFS;
00:38:20.0811 6036        ============================================================
00:38:22.0201 6036        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
00:38:22.0391 6036        1394ohci - ok
00:38:22.0491 6036        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
00:38:22.0521 6036        ACPI - ok
00:38:22.0561 6036        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
00:38:22.0621 6036        AcpiPmi - ok
00:38:22.0771 6036        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
00:38:22.0791 6036        adp94xx - ok
00:38:22.0851 6036        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
00:38:22.0871 6036        adpahci - ok
00:38:22.0941 6036        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
00:38:22.0961 6036        adpu320 - ok
00:38:23.0071 6036        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
00:38:23.0141 6036        AFD - ok
00:38:23.0251 6036        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
00:38:23.0261 6036        agp440 - ok
00:38:23.0361 6036        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
00:38:23.0371 6036        aliide - ok
00:38:23.0401 6036        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
00:38:23.0431 6036        amdide - ok
00:38:23.0471 6036        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
00:38:23.0511 6036        AmdK8 - ok
00:38:23.0591 6036        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
00:38:23.0621 6036        AmdPPM - ok
00:38:23.0691 6036        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
00:38:23.0701 6036        amdsata - ok
00:38:23.0771 6036        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
00:38:23.0781 6036        amdsbs - ok
00:38:23.0841 6036        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
00:38:23.0851 6036        amdxata - ok
00:38:24.0011 6036        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
00:38:24.0261 6036        AppID - ok
00:38:24.0401 6036        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
00:38:24.0421 6036        arc - ok
00:38:24.0461 6036        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
00:38:24.0471 6036        arcsas - ok
00:38:24.0551 6036        ASMMAP64        (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
00:38:24.0651 6036        ASMMAP64 - ok
00:38:24.0771 6036        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:38:24.0911 6036        AsyncMac - ok
00:38:25.0041 6036        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
00:38:25.0061 6036        atapi - ok
00:38:25.0241 6036        ATKWMIACPIIO    (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
00:38:25.0251 6036        ATKWMIACPIIO - ok
00:38:25.0361 6036        avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
00:38:25.0371 6036        avgntflt - ok
00:38:25.0461 6036        avipbb          (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
00:38:25.0471 6036        avipbb - ok
00:38:25.0541 6036        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
00:38:25.0551 6036        avkmgr - ok
00:38:25.0661 6036        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
00:38:25.0711 6036        b06bdrv - ok
00:38:25.0811 6036        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:38:25.0851 6036        b57nd60a - ok
00:38:25.0931 6036        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:38:25.0991 6036        Beep - ok
00:38:26.0131 6036        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
00:38:26.0161 6036        blbdrive - ok
00:38:26.0251 6036        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
00:38:26.0321 6036        bowser - ok
00:38:26.0431 6036        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
00:38:26.0471 6036        BrFiltLo - ok
00:38:26.0521 6036        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
00:38:26.0541 6036        BrFiltUp - ok
00:38:26.0611 6036        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:38:26.0671 6036        Brserid - ok
00:38:26.0731 6036        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:38:26.0761 6036        BrSerWdm - ok
00:38:26.0831 6036        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:38:26.0861 6036        BrUsbMdm - ok
00:38:26.0881 6036        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:38:26.0921 6036        BrUsbSer - ok
00:38:27.0021 6036        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
00:38:27.0071 6036        BTHMODEM - ok
00:38:27.0181 6036        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:38:27.0231 6036        cdfs - ok
00:38:27.0291 6036        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
00:38:27.0321 6036        cdrom - ok
00:38:27.0441 6036        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
00:38:27.0481 6036        circlass - ok
00:38:27.0521 6036        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:38:27.0541 6036        CLFS - ok
00:38:27.0641 6036        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
00:38:27.0671 6036        CmBatt - ok
00:38:27.0721 6036        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
00:38:27.0731 6036        cmdide - ok
00:38:27.0781 6036        CNG            (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
00:38:27.0821 6036        CNG - ok
00:38:27.0921 6036        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
00:38:27.0941 6036        Compbatt - ok
00:38:27.0991 6036        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
00:38:28.0021 6036        CompositeBus - ok
00:38:28.0091 6036        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
00:38:28.0111 6036        crcdisk - ok
00:38:28.0181 6036        CSC            (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
00:38:28.0231 6036        CSC - ok
00:38:28.0331 6036        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
00:38:28.0391 6036        DfsC - ok
00:38:28.0451 6036        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:38:28.0511 6036        discache - ok
00:38:28.0591 6036        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
00:38:28.0601 6036        Disk - ok
00:38:28.0661 6036        dmvsc          (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
00:38:28.0711 6036        dmvsc - ok
00:38:28.0811 6036        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:38:28.0851 6036        drmkaud - ok
00:38:28.0941 6036        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
00:38:28.0991 6036        DXGKrnl - ok
00:38:29.0111 6036        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
00:38:29.0211 6036        ebdrv - ok
00:38:29.0291 6036        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
00:38:29.0321 6036        elxstor - ok
00:38:29.0381 6036        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
00:38:29.0401 6036        ErrDev - ok
00:38:29.0441 6036        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:38:29.0471 6036        exfat - ok
00:38:29.0521 6036        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:38:29.0561 6036        fastfat - ok
00:38:29.0631 6036        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
00:38:29.0661 6036        fdc - ok
00:38:29.0731 6036        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:38:29.0741 6036        FileInfo - ok
00:38:29.0781 6036        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:38:29.0831 6036        Filetrace - ok
00:38:29.0861 6036        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
00:38:29.0881 6036        flpydisk - ok
00:38:29.0911 6036        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
00:38:29.0921 6036        FltMgr - ok
00:38:29.0971 6036        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:38:29.0971 6036        FsDepends - ok
00:38:30.0011 6036        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
00:38:30.0021 6036        Fs_Rec - ok
00:38:30.0071 6036        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:38:30.0081 6036        fvevol - ok
00:38:30.0131 6036        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
00:38:30.0151 6036        gagp30kx - ok
00:38:30.0201 6036        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:38:30.0241 6036        hcw85cir - ok
00:38:30.0321 6036        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
00:38:30.0361 6036        HdAudAddService - ok
00:38:30.0441 6036        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:38:30.0461 6036        HDAudBus - ok
00:38:30.0531 6036        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
00:38:30.0611 6036        HidBatt - ok
00:38:30.0651 6036        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
00:38:30.0671 6036        HidBth - ok
00:38:30.0721 6036        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
00:38:30.0731 6036        HidIr - ok
00:38:30.0821 6036        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
00:38:30.0851 6036        HidUsb - ok
00:38:30.0901 6036        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
00:38:30.0911 6036        HpSAMD - ok
00:38:30.0961 6036        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
00:38:31.0051 6036        HTTP - ok
00:38:31.0141 6036        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
00:38:31.0161 6036        hwpolicy - ok
00:38:31.0201 6036        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
00:38:31.0221 6036        i8042prt - ok
00:38:31.0301 6036        iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
00:38:31.0321 6036        iaStor - ok
00:38:31.0381 6036        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
00:38:31.0421 6036        iaStorV - ok
00:38:31.0711 6036        igfx            (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys
00:38:32.0081 6036        igfx - ok
00:38:32.0161 6036        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
00:38:32.0191 6036        iirsp - ok
00:38:32.0311 6036        IntcAzAudAddService (c15a21b1e2291952424f361093734f95) C:\Windows\system32\drivers\RTKVHD64.sys
00:38:32.0391 6036        IntcAzAudAddService - ok
00:38:32.0481 6036        IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
00:38:32.0521 6036        IntcDAud - ok
00:38:32.0591 6036        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
00:38:32.0601 6036        intelide - ok
00:38:32.0661 6036        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
00:38:32.0691 6036        intelppm - ok
00:38:32.0741 6036        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:38:32.0781 6036        IpFilterDriver - ok
00:38:32.0821 6036        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
00:38:32.0841 6036        IPMIDRV - ok
00:38:32.0921 6036        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:38:32.0971 6036        IPNAT - ok
00:38:33.0071 6036        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:38:33.0161 6036        IRENUM - ok
00:38:33.0261 6036        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
00:38:33.0271 6036        isapnp - ok
00:38:33.0311 6036        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
00:38:33.0331 6036        iScsiPrt - ok
00:38:33.0371 6036        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
00:38:33.0381 6036        kbdclass - ok
00:38:33.0421 6036        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
00:38:33.0441 6036        kbdhid - ok
00:38:33.0511 6036        kbfiltr        (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
00:38:33.0531 6036        kbfiltr - ok
00:38:33.0591 6036        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
00:38:33.0601 6036        KSecDD - ok
00:38:33.0611 6036        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
00:38:33.0631 6036        KSecPkg - ok
00:38:33.0651 6036        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:38:33.0691 6036        ksthunk - ok
00:38:33.0751 6036        L1C            (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys
00:38:33.0761 6036        L1C - ok
00:38:33.0821 6036        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:38:33.0861 6036        lltdio - ok
00:38:33.0991 6036        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
00:38:34.0011 6036        LSI_FC - ok
00:38:34.0041 6036        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
00:38:34.0051 6036        LSI_SAS - ok
00:38:34.0101 6036        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
00:38:34.0111 6036        LSI_SAS2 - ok
00:38:34.0171 6036        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
00:38:34.0191 6036        LSI_SCSI - ok
00:38:34.0231 6036        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:38:34.0271 6036        luafv - ok
00:38:34.0291 6036        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
00:38:34.0301 6036        megasas - ok
00:38:34.0421 6036        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
00:38:34.0441 6036        MegaSR - ok
00:38:34.0491 6036        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
00:38:34.0501 6036        MEIx64 - ok
00:38:34.0521 6036        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:38:34.0561 6036        Modem - ok
00:38:34.0601 6036        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:38:34.0621 6036        monitor - ok
00:38:34.0721 6036        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
00:38:34.0731 6036        mouclass - ok
00:38:34.0771 6036        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
00:38:34.0801 6036        mouhid - ok
00:38:34.0831 6036        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
00:38:34.0841 6036        mountmgr - ok
00:38:34.0871 6036        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
00:38:34.0881 6036        mpio - ok
00:38:34.0901 6036        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:38:34.0941 6036        mpsdrv - ok
00:38:34.0971 6036        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
00:38:34.0991 6036        MRxDAV - ok
00:38:35.0081 6036        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:38:35.0131 6036        mrxsmb - ok
00:38:35.0231 6036        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:38:35.0261 6036        mrxsmb10 - ok
00:38:35.0301 6036        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:38:35.0311 6036        mrxsmb20 - ok
00:38:35.0331 6036        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
00:38:35.0341 6036        msahci - ok
00:38:35.0371 6036        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
00:38:35.0381 6036        msdsm - ok
00:38:35.0401 6036        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:38:35.0451 6036        Msfs - ok
00:38:35.0471 6036        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:38:35.0521 6036        mshidkmdf - ok
00:38:35.0591 6036        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
00:38:35.0601 6036        msisadrv - ok
00:38:35.0661 6036        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:38:35.0711 6036        MSKSSRV - ok
00:38:35.0731 6036        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:38:35.0771 6036        MSPCLOCK - ok
00:38:35.0791 6036        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:38:35.0821 6036        MSPQM - ok
00:38:35.0851 6036        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
00:38:35.0871 6036        MsRPC - ok
00:38:35.0881 6036        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
00:38:35.0891 6036        mssmbios - ok
00:38:35.0931 6036        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:38:35.0961 6036        MSTEE - ok
00:38:35.0981 6036        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
00:38:36.0001 6036        MTConfig - ok
00:38:36.0021 6036        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:38:36.0031 6036        Mup - ok
00:38:36.0081 6036        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:38:36.0111 6036        NativeWifiP - ok
00:38:36.0201 6036        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
00:38:36.0271 6036        NDIS - ok
00:38:36.0351 6036        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:38:36.0391 6036        NdisCap - ok
00:38:36.0481 6036        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:38:36.0541 6036        NdisTapi - ok
00:38:36.0581 6036        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
00:38:36.0621 6036        Ndisuio - ok
00:38:36.0691 6036        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
00:38:36.0731 6036        NdisWan - ok
00:38:36.0751 6036        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
00:38:36.0791 6036        NDProxy - ok
00:38:36.0881 6036        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:38:36.0931 6036        NetBIOS - ok
00:38:36.0971 6036        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
00:38:37.0001 6036        NetBT - ok
00:38:37.0151 6036        netr28x        (f1814e62eb6e50472afc9903525ecec1) C:\Windows\system32\DRIVERS\netr28x.sys
00:38:37.0221 6036        netr28x - ok
00:38:37.0291 6036        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
00:38:37.0301 6036        nfrd960 - ok
00:38:37.0381 6036        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:38:37.0431 6036        Npfs - ok
00:38:37.0461 6036        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:38:37.0501 6036        nsiproxy - ok
00:38:37.0621 6036        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
00:38:37.0671 6036        Ntfs - ok
00:38:37.0751 6036        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:38:37.0821 6036        Null - ok
00:38:38.0231 6036        nvlddmkm        (41a7c6ed2bab4c304633b785c884a912) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:38:38.0591 6036        nvlddmkm - ok
00:38:38.0661 6036        nvpciflt        (d542153cb23459b8aad88cf17e36b670) C:\Windows\system32\DRIVERS\nvpciflt.sys
00:38:38.0671 6036        nvpciflt - ok
00:38:38.0731 6036        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
00:38:38.0751 6036        nvraid - ok
00:38:38.0781 6036        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
00:38:38.0791 6036        nvstor - ok
00:38:38.0841 6036        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
00:38:38.0851 6036        nv_agp - ok
00:38:38.0871 6036        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
00:38:38.0891 6036        ohci1394 - ok
00:38:38.0911 6036        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
00:38:38.0931 6036        Parport - ok
00:38:38.0991 6036        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
00:38:39.0011 6036        partmgr - ok
00:38:39.0041 6036        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
00:38:39.0051 6036        pci - ok
00:38:39.0081 6036        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
00:38:39.0091 6036        pciide - ok
00:38:39.0111 6036        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
00:38:39.0121 6036        pcmcia - ok
00:38:39.0151 6036        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:38:39.0151 6036        pcw - ok
00:38:39.0181 6036        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:38:39.0231 6036        PEAUTH - ok
00:38:39.0381 6036        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
00:38:39.0451 6036        PptpMiniport - ok
00:38:39.0481 6036        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
00:38:39.0501 6036        Processor - ok
00:38:39.0591 6036        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
00:38:39.0631 6036        Psched - ok
00:38:39.0711 6036        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
00:38:39.0771 6036        ql2300 - ok
00:38:39.0841 6036        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
00:38:39.0851 6036        ql40xx - ok
00:38:39.0901 6036        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:38:39.0921 6036        QWAVEdrv - ok
00:38:39.0961 6036        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
00:38:39.0991 6036        RasAcd - ok
00:38:40.0081 6036        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:38:40.0121 6036        RasAgileVpn - ok
00:38:40.0161 6036        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:38:40.0201 6036        Rasl2tp - ok
00:38:40.0231 6036        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
00:38:40.0271 6036        RasPppoe - ok
00:38:40.0371 6036        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
00:38:40.0431 6036        RasSstp - ok
00:38:40.0481 6036        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
00:38:40.0541 6036        rdbss - ok
00:38:40.0631 6036        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
00:38:40.0671 6036        rdpbus - ok
00:38:40.0711 6036        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:38:40.0741 6036        RDPCDD - ok
00:38:40.0771 6036        RDPDR          (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
00:38:40.0821 6036        RDPDR - ok
00:38:40.0921 6036        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
00:38:40.0991 6036        RDPENCDD - ok
00:38:41.0021 6036        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
00:38:41.0051 6036        RDPREFMP - ok
00:38:41.0081 6036        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
00:38:41.0111 6036        RDPWD - ok
00:38:41.0191 6036        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
00:38:41.0201 6036        rdyboost - ok
00:38:41.0301 6036        RsFx0103        (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
00:38:41.0311 6036        RsFx0103 - ok
00:38:41.0361 6036        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
00:38:41.0401 6036        rspndr - ok
00:38:41.0441 6036        s3cap          (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
00:38:41.0461 6036        s3cap - ok
00:38:41.0561 6036        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
00:38:41.0581 6036        sbp2port - ok
00:38:41.0641 6036        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
00:38:41.0691 6036        scfilter - ok
00:38:41.0751 6036        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
00:38:41.0791 6036        secdrv - ok
00:38:41.0831 6036        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
00:38:41.0851 6036        Serenum - ok
00:38:41.0921 6036        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
00:38:41.0961 6036        Serial - ok
00:38:42.0061 6036        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
00:38:42.0091 6036        sermouse - ok
00:38:42.0131 6036        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
00:38:42.0141 6036        sffdisk - ok
00:38:42.0181 6036        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
00:38:42.0211 6036        sffp_mmc - ok
00:38:42.0251 6036        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
00:38:42.0271 6036        sffp_sd - ok
00:38:42.0321 6036        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
00:38:42.0341 6036        sfloppy - ok
00:38:42.0421 6036        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
00:38:42.0431 6036        SiSRaid2 - ok
00:38:42.0461 6036        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
00:38:42.0471 6036        SiSRaid4 - ok
00:38:42.0511 6036        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
00:38:42.0551 6036        Smb - ok
00:38:42.0661 6036        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
00:38:42.0671 6036        spldr - ok
00:38:42.0771 6036        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
00:38:42.0811 6036        srv - ok
00:38:42.0871 6036        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
00:38:42.0921 6036        srv2 - ok
00:38:42.0991 6036        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
00:38:43.0021 6036        srvnet - ok
00:38:43.0151 6036        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
00:38:43.0161 6036        stexstor - ok
00:38:43.0211 6036        storflt        (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
00:38:43.0231 6036        storflt - ok
00:38:43.0261 6036        storvsc        (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
00:38:43.0271 6036        storvsc - ok
00:38:43.0301 6036        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
00:38:43.0311 6036        swenum - ok
00:38:43.0381 6036        SynTP          (f0d7c68cda9784689caa72c17af393b2) C:\Windows\system32\DRIVERS\SynTP.sys
00:38:43.0441 6036        SynTP - ok
00:38:43.0581 6036        Tcpip          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
00:38:43.0661 6036        Tcpip - ok
00:38:43.0741 6036        TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
00:38:43.0771 6036        TCPIP6 - ok
00:38:43.0811 6036        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
00:38:43.0851 6036        tcpipreg - ok
00:38:43.0871 6036        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
00:38:43.0911 6036        TDPIPE - ok
00:38:43.0921 6036        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
00:38:43.0941 6036        TDTCP - ok
00:38:43.0971 6036        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
00:38:43.0991 6036        tdx - ok
00:38:44.0121 6036        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
00:38:44.0131 6036        TermDD - ok
00:38:44.0201 6036        tmactmon        (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
00:38:44.0211 6036        tmactmon - ok
00:38:44.0251 6036        tmcomm          (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
00:38:44.0261 6036        tmcomm - ok
00:38:44.0281 6036        tmevtmgr        (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
00:38:44.0291 6036        tmevtmgr - ok
00:38:44.0331 6036        tmtdi          (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
00:38:44.0341 6036        tmtdi - ok
00:38:44.0371 6036        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:38:44.0411 6036        tssecsrv - ok
00:38:44.0441 6036        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
00:38:44.0491 6036        TsUsbFlt - ok
00:38:44.0531 6036        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
00:38:44.0551 6036        TsUsbGD - ok
00:38:44.0651 6036        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
00:38:44.0691 6036        tunnel - ok
00:38:44.0751 6036        TurboB          (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
00:38:44.0761 6036        TurboB - ok
00:38:44.0801 6036        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
00:38:44.0811 6036        uagp35 - ok
00:38:44.0841 6036        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
00:38:44.0881 6036        udfs - ok
00:38:44.0951 6036        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
00:38:44.0961 6036        uliagpkx - ok
00:38:45.0011 6036        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
00:38:45.0051 6036        umbus - ok
00:38:45.0111 6036        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
00:38:45.0131 6036        UmPass - ok
00:38:45.0191 6036        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
00:38:45.0231 6036        usbccgp - ok
00:38:45.0301 6036        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
00:38:45.0341 6036        usbcir - ok
00:38:45.0381 6036        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
00:38:45.0401 6036        usbehci - ok
00:38:45.0461 6036        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
00:38:45.0491 6036        usbhub - ok
00:38:45.0531 6036        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
00:38:45.0561 6036        usbohci - ok
00:38:45.0601 6036        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
00:38:45.0621 6036        usbprint - ok
00:38:45.0641 6036        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:38:45.0701 6036        USBSTOR - ok
00:38:45.0791 6036        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
00:38:45.0831 6036        usbuhci - ok
00:38:45.0891 6036        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
00:38:45.0941 6036        usbvideo - ok
00:38:46.0041 6036        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
00:38:46.0051 6036        vdrvroot - ok
00:38:46.0101 6036        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
00:38:46.0121 6036        vga - ok
00:38:46.0171 6036        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
00:38:46.0221 6036        VgaSave - ok
00:38:46.0261 6036        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
00:38:46.0271 6036        vhdmp - ok
00:38:46.0301 6036        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
00:38:46.0311 6036        viaide - ok
00:38:46.0361 6036        vmbus          (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
00:38:46.0381 6036        vmbus - ok
00:38:46.0401 6036        VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
00:38:46.0421 6036        VMBusHID - ok
00:38:46.0441 6036        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
00:38:46.0451 6036        volmgr - ok
00:38:46.0471 6036        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
00:38:46.0491 6036        volmgrx - ok
00:38:46.0511 6036        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
00:38:46.0541 6036        volsnap - ok
00:38:46.0571 6036        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
00:38:46.0591 6036        vsmraid - ok
00:38:46.0611 6036        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
00:38:46.0631 6036        vwifibus - ok
00:38:46.0671 6036        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
00:38:46.0691 6036        vwififlt - ok
00:38:46.0711 6036        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
00:38:46.0731 6036        WacomPen - ok
00:38:46.0821 6036        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:38:46.0861 6036        WANARP - ok
00:38:46.0871 6036        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:38:46.0891 6036        Wanarpv6 - ok
00:38:46.0941 6036        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
00:38:46.0951 6036        Wd - ok
00:38:47.0001 6036        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
00:38:47.0021 6036        Wdf01000 - ok
00:38:47.0081 6036        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
00:38:47.0111 6036        WfpLwf - ok
00:38:47.0171 6036        WimFltr        (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
00:38:47.0181 6036        WimFltr - ok
00:38:47.0221 6036        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
00:38:47.0231 6036        WIMMount - ok
00:38:47.0291 6036        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:38:47.0311 6036        WmiAcpi - ok
00:38:47.0351 6036        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
00:38:47.0381 6036        ws2ifsl - ok
00:38:47.0431 6036        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
00:38:47.0471 6036        WudfPf - ok
00:38:47.0531 6036        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:38:47.0581 6036        WUDFRd - ok
00:38:47.0611 6036        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
00:38:47.0781 6036        \Device\Harddisk0\DR0 - ok
00:38:47.0781 6036        Boot (0x1200)  (32f4cb882f7b00b213d89318686e8458) \Device\Harddisk0\DR0\Partition0
00:38:47.0781 6036        \Device\Harddisk0\DR0\Partition0 - ok
00:38:47.0821 6036        Boot (0x1200)  (dfa30819b7d002198067f4e7de0a97a2) \Device\Harddisk0\DR0\Partition1
00:38:47.0831 6036        \Device\Harddisk0\DR0\Partition1 - ok
00:38:47.0831 6036        ============================================================
00:38:47.0831 6036        Scan finished
00:38:47.0831 6036        ============================================================
00:38:47.0841 4384        Detected object count: 0
00:38:47.0841 4384        Actual detected object count: 0
00:39:24.0921 5872        Deinitialize success
Grüße Yagami

cosinus 02.03.2012 13:41
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Yagami 02.03.2012 18:36
So, von Update kam nichts und es hat auch irgendwie statt den angegebenen 10 Minuten ne knappe Stunde gedauert, aber hier ist das Log.
Combofix Logfile:
Code:
ComboFix 12-03-01.02 - *** 02.03.2012  16:34:55.2.4 - x64
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.4008.2675 [GMT 1:00]
ausgeführt von:: c:\users\***\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Trend Micro Titanium Internet Security *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Trend Micro Titanium Internet Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-02-02 bis 2012-03-02  ))))))))))))))))))))))))))))))
.
.
2012-03-02 17:14 . 2012-03-02 17:14        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2012-03-02 17:14 . 2012-03-02 17:14        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-02-28 12:02 . 2012-02-08 07:13        8643640        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{5A397408-80F2-4CB0-8FC5-EAB649402B18}\mpengine.dll
2012-02-25 10:03 . 2012-02-25 10:03        --------        d-----w-        c:\program files (x86)\Common Files\Java
2012-02-25 10:01 . 2012-02-25 10:01        --------        d-----w-        c:\program files (x86)\Oracle
2012-02-25 10:01 . 2012-01-10 12:57        637848        ----a-w-        c:\windows\SysWow64\npdeployJava1.dll
2012-02-25 10:01 . 2012-02-25 10:01        --------        d-----w-        c:\program files (x86)\Java
2012-02-21 21:38 . 2012-02-21 21:38        --------        d-----w-        C:\_OTL
2012-02-21 01:47 . 2012-02-21 01:48        --------        d-----w-        c:\users\***\AppData\Local\Axialis
2012-02-15 13:36 . 2012-01-04 10:44        509952        ----a-w-        c:\windows\system32\ntshrui.dll
2012-02-15 13:36 . 2012-01-04 08:58        442880        ----a-w-        c:\windows\SysWow64\ntshrui.dll
2012-02-15 13:36 . 2011-12-30 06:26        515584        ----a-w-        c:\windows\system32\timedate.cpl
2012-02-15 13:36 . 2011-12-30 05:27        478720        ----a-w-        c:\windows\SysWow64\timedate.cpl
2012-02-15 13:36 . 2012-01-14 04:06        3145728        ----a-w-        c:\windows\system32\win32k.sys
2012-02-15 13:36 . 2011-12-28 03:59        498688        ----a-w-        c:\windows\system32\drivers\afd.sys
2012-02-15 13:36 . 2011-12-16 08:46        634880        ----a-w-        c:\windows\system32\msvcrt.dll
2012-02-15 13:36 . 2011-12-16 07:52        690688        ----a-w-        c:\windows\SysWow64\msvcrt.dll
2012-02-15 02:39 . 2012-02-15 02:39        --------        d-----w-        c:\program files (x86)\ESET
2012-02-15 01:07 . 2012-02-15 01:07        388096        ----a-r-        c:\users\***\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-02-14 02:29 . 2012-02-14 02:29        --------        d-----w-        c:\users\***\AppData\Local\ElevatedDiagnostics
2012-02-12 13:26 . 2012-02-12 13:26        --------        d-----w-        c:\users\***\AppData\Roaming\Malwarebytes
2012-02-12 13:26 . 2012-02-12 13:26        --------        d-----w-        c:\programdata\Malwarebytes
2012-02-12 13:26 . 2012-02-12 13:26        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-12 13:26 . 2011-12-10 14:24        23152        ----a-w-        c:\windows\system32\drivers\mbam.sys
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-02 17:15 . 2011-11-20 13:57        45056        ----a-w-        c:\windows\system32\acovcnt.exe
2012-02-15 19:52 . 2011-11-17 18:16        132320        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-01-29 04:10 . 2010-11-21 03:27        279656        ------w-        c:\windows\system32\MpSigStub.exe
2012-01-20 00:19 . 2011-11-17 18:23        414368        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 12:57 . 2011-11-20 04:13        567696        ----a-w-        c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2011-12-08 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-19 258512]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-11-19 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-21 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-19 86224]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-02-08 2009704]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-13 2984832]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-08 1111568]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 197152]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-31 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Web-Suche - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bmh2japt.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://www.browsersafesearching.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-instplugin - c:\users\SEBRIC~1\AppData\Local\Temp\WZSE3.TMP\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-03-02  18:19:47 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-03-02 17:19
.
Vor Suchlauf: 14 Verzeichnis(se), 442.903.855.104 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 442.367.512.576 Bytes frei
.
- - End Of File - - 705E823B165F163813ECA02D4175A143
--- --- ---

Grüße Yagami

cosinus 02.03.2012 19:29
Zitat:
AV: Trend Micro Titanium Internet Security *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
Sind noch beide Programme installiert? Wenn ja umgehend TrenMicro deinstallieren, Suites sind kontraproduktiv!

Yagami 02.03.2012 19:57
Trend Micro ist noch installiert, kann ich aber löschen. Etwas anderes ...
Ich spiel ja nebenbei noch ein bisschen und nach dem Ausführen von ComboFix ist meine Performance tierisch in den Keller gegangen. Woran kann das liegen? (stört mich schon ziemlich)
Grüße Yagami

cosinus 05.03.2012 10:33
Wieso musst du denn jetzt spielen wenn wir mitten in der Bereinigung sind?! Das hat doch nun gar keine Priorität das Zocken!
Und ja deinstallier TrendMicro bitte erstmal.

Yagami 06.03.2012 12:29
Trend micro ist deinstalliert. Hat ja nicht nur das Zocken betroffen. Das Booten war auch DEUTLICH langsamer und sämtliche anderen Prozesse auch, z.B. Firefox hat erst einmal 1-2 Sekunden ein weißes Fenster ohne Rahmen gezeigt, wo es vorher doch instant offen war. Hoffe du bist mir nicht böse, aber ich will ja hier mein System bereinigen und nicht runterslowen / verschlechtern. Hab deshalb den Systemwiederherstellungspunkt von vor dem Scan aktiviert. Jetzt läuft alles wieder wie vorher. (Das Zocken hab ich getestet, weil alles andere schon langsamer war und ich wollte die Auswirkung bei Prozessen sehen, die ein bisschen mehr Auslastung erforden)
Grüße Yagami

cosinus 06.03.2012 13:45
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:11 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130