Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Internetaktivitäten langsam/werden unterbrochen (https://www.trojaner-board.de/110011-internetaktivitaeten-langsam-unterbrochen.html)

cosinus 12.03.2012 15:16
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

PropJoe 14.03.2012 21:28
Code:
21:22:18.0421 3572        TDSS rootkit removing tool 2.7.20.0 Mar  9 2012 17:10:43
21:22:20.0433 3572        ============================================================
21:22:20.0433 3572        Current date / time: 2012/03/14 21:22:20.0433
21:22:20.0433 3572        SystemInfo:
21:22:20.0433 3572       
21:22:20.0433 3572        OS Version: 6.1.7601 ServicePack: 1.0
21:22:20.0433 3572        Product type: Workstation
21:22:20.0433 3572        ComputerName: NPC
21:22:20.0433 3572        UserName: *****
21:22:20.0433 3572        Windows directory: C:\Windows
21:22:20.0433 3572        System windows directory: C:\Windows
21:22:20.0433 3572        Running under WOW64
21:22:20.0433 3572        Processor architecture: Intel x64
21:22:20.0433 3572        Number of processors: 2
21:22:20.0433 3572        Page size: 0x1000
21:22:20.0433 3572        Boot type: Normal boot
21:22:20.0433 3572        ============================================================
21:22:23.0444 3572        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:22:23.0460 3572        Drive \Device\Harddisk2\DR2 - Size: 0xFB900000 (3.93 Gb), SectorSize: 0x200, Cylinders: 0x201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:22:23.0475 3572        \Device\Harddisk0\DR0:
21:22:23.0507 3572        MBR used
21:22:23.0507 3572        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
21:22:23.0507 3572        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0xA323000
21:22:23.0522 3572        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xBD56000, BlocksNum 0x2E62F800
21:22:23.0522 3572        \Device\Harddisk2\DR2:
21:22:23.0522 3572        MBR used
21:22:23.0522 3572        \Device\Harddisk2\DR2\Partition0: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7DC7C1
21:22:23.0600 3572        Initialize success
21:22:23.0600 3572        ============================================================
21:23:06.0500 4148        ============================================================
21:23:06.0500 4148        Scan started
21:23:06.0500 4148        Mode: Manual; SigCheck; TDLFS;
21:23:06.0500 4148        ============================================================
21:23:07.0280 4148        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:23:07.0405 4148        1394ohci - ok
21:23:07.0467 4148        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:23:07.0499 4148        ACPI - ok
21:23:07.0545 4148        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:23:07.0592 4148        AcpiPmi - ok
21:23:07.0733 4148        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:23:07.0779 4148        adp94xx - ok
21:23:07.0826 4148        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:23:07.0857 4148        adpahci - ok
21:23:07.0920 4148        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:23:07.0951 4148        adpu320 - ok
21:23:08.0045 4148        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:23:08.0123 4148        AFD - ok
21:23:08.0247 4148        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:23:08.0263 4148        agp440 - ok
21:23:08.0310 4148        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:23:08.0325 4148        aliide - ok
21:23:08.0419 4148        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:23:08.0435 4148        amdide - ok
21:23:08.0481 4148        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:23:08.0528 4148        AmdK8 - ok
21:23:08.0793 4148        amdkmdag        (d3e6b2e1394d93fe9db0ba24814b0d8f) C:\Windows\system32\DRIVERS\atipmdag.sys
21:23:09.0059 4148        amdkmdag - ok
21:23:09.0152 4148        amdkmdap        (cc4d915d786d3da973b2ea9b95d59a29) C:\Windows\system32\DRIVERS\atikmpag.sys
21:23:09.0215 4148        amdkmdap - ok
21:23:09.0324 4148        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:23:09.0386 4148        AmdPPM - ok
21:23:09.0480 4148        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:23:09.0511 4148        amdsata - ok
21:23:09.0558 4148        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:23:09.0589 4148        amdsbs - ok
21:23:09.0620 4148        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:23:09.0636 4148        amdxata - ok
21:23:09.0698 4148        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:23:09.0792 4148        AppID - ok
21:23:09.0901 4148        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:23:09.0932 4148        arc - ok
21:23:09.0963 4148        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:23:09.0979 4148        arcsas - ok
21:23:10.0026 4148        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:23:10.0104 4148        AsyncMac - ok
21:23:10.0151 4148        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:23:10.0166 4148        atapi - ok
21:23:10.0307 4148        athr            (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys
21:23:10.0353 4148        athr - ok
21:23:10.0494 4148        AtiPcie        (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:23:10.0556 4148        AtiPcie - ok
21:23:10.0697 4148        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:23:10.0790 4148        b06bdrv - ok
21:23:10.0899 4148        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:23:10.0962 4148        b57nd60a - ok
21:23:11.0071 4148        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:23:11.0180 4148        Beep - ok
21:23:11.0352 4148        BHDrvx64        (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120302.001\BHDrvx64.sys
21:23:11.0399 4148        BHDrvx64 - ok
21:23:11.0477 4148        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:23:11.0539 4148        blbdrive - ok
21:23:11.0586 4148        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:23:11.0633 4148        bowser - ok
21:23:11.0742 4148        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:23:11.0804 4148        BrFiltLo - ok
21:23:11.0913 4148        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:23:11.0945 4148        BrFiltUp - ok
21:23:11.0976 4148        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:23:12.0038 4148        Brserid - ok
21:23:12.0069 4148        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:23:12.0085 4148        BrSerWdm - ok
21:23:12.0194 4148        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:23:12.0241 4148        BrUsbMdm - ok
21:23:12.0350 4148        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:23:12.0381 4148        BrUsbSer - ok
21:23:12.0413 4148        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:23:12.0475 4148        BTHMODEM - ok
21:23:12.0553 4148        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:23:12.0631 4148        cdfs - ok
21:23:12.0709 4148        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:23:12.0771 4148        cdrom - ok
21:23:12.0896 4148        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:23:12.0943 4148        circlass - ok
21:23:12.0990 4148        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:23:13.0005 4148        CLFS - ok
21:23:13.0130 4148        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:23:13.0177 4148        CmBatt - ok
21:23:13.0224 4148        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:23:13.0239 4148        cmdide - ok
21:23:13.0286 4148        CNG            (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:23:13.0333 4148        CNG - ok
21:23:13.0427 4148        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:23:13.0458 4148        Compbatt - ok
21:23:13.0505 4148        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:23:13.0551 4148        CompositeBus - ok
21:23:13.0645 4148        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:23:13.0676 4148        crcdisk - ok
21:23:13.0739 4148        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:23:13.0817 4148        DfsC - ok
21:23:13.0926 4148        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:23:13.0973 4148        discache - ok
21:23:14.0019 4148        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:23:14.0051 4148        Disk - ok
21:23:14.0175 4148        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:23:14.0222 4148        drmkaud - ok
21:23:14.0300 4148        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:23:14.0331 4148        DXGKrnl - ok
21:23:14.0456 4148        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:23:14.0597 4148        ebdrv - ok
21:23:14.0706 4148        eeCtrl          (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:23:14.0753 4148        eeCtrl - ok
21:23:14.0893 4148        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:23:14.0940 4148        elxstor - ok
21:23:15.0049 4148        EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:23:15.0080 4148        EraserUtilRebootDrv - ok
21:23:15.0174 4148        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:23:15.0236 4148        ErrDev - ok
21:23:15.0423 4148        ewusbnet        (8adacffad67394c711698ea074ce3bab) C:\Windows\system32\DRIVERS\ewusbnet.sys
21:23:15.0455 4148        ewusbnet - ok
21:23:15.0548 4148        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:23:15.0642 4148        exfat - ok
21:23:15.0689 4148        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:23:15.0767 4148        fastfat - ok
21:23:15.0860 4148        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:23:15.0907 4148        fdc - ok
21:23:15.0938 4148        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:23:15.0954 4148        FileInfo - ok
21:23:15.0969 4148        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:23:16.0063 4148        Filetrace - ok
21:23:16.0094 4148        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:23:16.0125 4148        flpydisk - ok
21:23:16.0235 4148        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:23:16.0266 4148        FltMgr - ok
21:23:16.0313 4148        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:23:16.0328 4148        FsDepends - ok
21:23:16.0359 4148        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:23:16.0359 4148        Fs_Rec - ok
21:23:16.0422 4148        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:23:16.0437 4148        fvevol - ok
21:23:16.0484 4148        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:23:16.0515 4148        gagp30kx - ok
21:23:16.0703 4148        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:23:16.0703 4148        GEARAspiWDM - ok
21:23:16.0843 4148        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:23:16.0890 4148        hcw85cir - ok
21:23:17.0061 4148        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:23:17.0108 4148        HdAudAddService - ok
21:23:17.0233 4148        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:23:17.0280 4148        HDAudBus - ok
21:23:17.0342 4148        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:23:17.0389 4148        HidBatt - ok
21:23:17.0561 4148        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:23:17.0623 4148        HidBth - ok
21:23:17.0763 4148        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:23:17.0810 4148        HidIr - ok
21:23:17.0935 4148        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
21:23:17.0966 4148        HidUsb - ok
21:23:18.0450 4148        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:23:18.0481 4148        HpSAMD - ok
21:23:18.0606 4148        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:23:18.0731 4148        HTTP - ok
21:23:18.0840 4148        hwdatacard      (d969d0e26c5b1e813b17066a8318d5d4) C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:23:18.0871 4148        hwdatacard - ok
21:23:18.0980 4148        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:23:19.0011 4148        hwpolicy - ok
21:23:19.0121 4148        hwusbdev        (b45b3647ba32749b94fa689175ec8c26) C:\Windows\system32\DRIVERS\ewusbdev.sys
21:23:19.0183 4148        hwusbdev - ok
21:23:19.0479 4148        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:23:19.0526 4148        i8042prt - ok
21:23:19.0573 4148        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:23:19.0604 4148        iaStorV - ok
21:23:19.0760 4148        IDSVia64        (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120310.001\IDSvia64.sys
21:23:19.0791 4148        IDSVia64 - ok
21:23:19.0901 4148        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:23:19.0916 4148        iirsp - ok
21:23:20.0057 4148        IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
21:23:20.0119 4148        IntcAzAudAddService - ok
21:23:20.0166 4148        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:23:20.0197 4148        intelide - ok
21:23:20.0244 4148        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:23:20.0291 4148        intelppm - ok
21:23:20.0337 4148        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:23:20.0400 4148        IpFilterDriver - ok
21:23:20.0447 4148        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:23:20.0493 4148        IPMIDRV - ok
21:23:20.0540 4148        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:23:20.0618 4148        IPNAT - ok
21:23:20.0712 4148        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:23:20.0774 4148        IRENUM - ok
21:23:20.0821 4148        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:23:20.0837 4148        isapnp - ok
21:23:20.0883 4148        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:23:20.0930 4148        iScsiPrt - ok
21:23:21.0055 4148        k57nd60a        (37e053a2cf8f0082b689ed74106e0cec) C:\Windows\system32\DRIVERS\k57nd60a.sys
21:23:21.0086 4148        k57nd60a - ok
21:23:21.0133 4148        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:23:21.0149 4148        kbdclass - ok
21:23:21.0195 4148        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:23:21.0242 4148        kbdhid - ok
21:23:21.0351 4148        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:23:21.0383 4148        KSecDD - ok
21:23:21.0398 4148        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:23:21.0429 4148        KSecPkg - ok
21:23:21.0476 4148        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:23:21.0554 4148        ksthunk - ok
21:23:21.0663 4148        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:23:21.0757 4148        lltdio - ok
21:23:21.0788 4148        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:23:21.0804 4148        LSI_FC - ok
21:23:21.0835 4148        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:23:21.0851 4148        LSI_SAS - ok
21:23:21.0866 4148        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:23:21.0882 4148        LSI_SAS2 - ok
21:23:21.0897 4148        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:23:21.0913 4148        LSI_SCSI - ok
21:23:21.0944 4148        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:23:22.0053 4148        luafv - ok
21:23:22.0085 4148        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:23:22.0085 4148        megasas - ok
21:23:22.0131 4148        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:23:22.0163 4148        MegaSR - ok
21:23:22.0287 4148        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:23:22.0334 4148        Modem - ok
21:23:22.0397 4148        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:23:22.0444 4148        monitor - ok
21:23:22.0568 4148        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:23:22.0584 4148        mouclass - ok
21:23:22.0662 4148        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:23:22.0709 4148        mouhid - ok
21:23:22.0787 4148        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:23:22.0802 4148        mountmgr - ok
21:23:22.0865 4148        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:23:22.0880 4148        mpio - ok
21:23:22.0943 4148        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:23:23.0005 4148        mpsdrv - ok
21:23:23.0052 4148        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:23:23.0099 4148        MRxDAV - ok
21:23:23.0146 4148        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:23:23.0177 4148        mrxsmb - ok
21:23:23.0286 4148        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:23:23.0333 4148        mrxsmb10 - ok
21:23:23.0380 4148        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:23:23.0411 4148        mrxsmb20 - ok
21:23:23.0770 4148        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:23:23.0785 4148        msahci - ok
21:23:23.0816 4148        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:23:23.0848 4148        msdsm - ok
21:23:23.0910 4148        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:23:23.0957 4148        Msfs - ok
21:23:23.0972 4148        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:23:24.0035 4148        mshidkmdf - ok
21:23:24.0082 4148        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:23:24.0097 4148        msisadrv - ok
21:23:24.0206 4148        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:23:24.0284 4148        MSKSSRV - ok
21:23:24.0331 4148        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:23:24.0409 4148        MSPCLOCK - ok
21:23:24.0518 4148        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:23:24.0628 4148        MSPQM - ok
21:23:24.0737 4148        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:23:24.0784 4148        MsRPC - ok
21:23:24.0830 4148        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:23:24.0846 4148        mssmbios - ok
21:23:24.0940 4148        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:23:25.0033 4148        MSTEE - ok
21:23:25.0064 4148        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:23:25.0080 4148        MTConfig - ok
21:23:25.0127 4148        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:23:25.0127 4148        Mup - ok
21:23:25.0252 4148        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:23:25.0298 4148        NativeWifiP - ok
21:23:25.0486 4148        NAVENG          (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120313.002\ENG64.SYS
21:23:25.0517 4148        NAVENG - ok
21:23:25.0751 4148        NAVEX15        (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120313.002\EX64.SYS
21:23:25.0844 4148        NAVEX15 - ok
21:23:25.0985 4148        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:23:26.0032 4148        NDIS - ok
21:23:26.0094 4148        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:23:26.0172 4148        NdisCap - ok
21:23:26.0250 4148        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:23:26.0328 4148        NdisTapi - ok
21:23:26.0437 4148        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:23:26.0500 4148        Ndisuio - ok
21:23:26.0546 4148        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:23:26.0624 4148        NdisWan - ok
21:23:26.0718 4148        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:23:26.0780 4148        NDProxy - ok
21:23:26.0905 4148        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:23:26.0983 4148        NetBIOS - ok
21:23:27.0030 4148        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:23:27.0108 4148        NetBT - ok
21:23:27.0217 4148        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:23:27.0248 4148        nfrd960 - ok
21:23:27.0295 4148        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:23:27.0342 4148        Npfs - ok
21:23:27.0436 4148        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:23:27.0498 4148        nsiproxy - ok
21:23:27.0576 4148        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:23:27.0654 4148        Ntfs - ok
21:23:27.0748 4148        NTIDrvr        (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
21:23:27.0763 4148        NTIDrvr - ok
21:23:27.0779 4148        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:23:27.0841 4148        Null - ok
21:23:27.0950 4148        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:23:27.0982 4148        nvraid - ok
21:23:28.0013 4148        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:23:28.0028 4148        nvstor - ok
21:23:28.0060 4148        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:23:28.0091 4148        nv_agp - ok
21:23:28.0138 4148        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:23:28.0169 4148        ohci1394 - ok
21:23:28.0325 4148        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:23:28.0372 4148        Parport - ok
21:23:28.0418 4148        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:23:28.0450 4148        partmgr - ok
21:23:28.0574 4148        PCDSRVC{EDD8E36B-5B151F0E-06020101}_0 - ok
21:23:28.0684 4148        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:23:28.0715 4148        pci - ok
21:23:28.0855 4148        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:23:28.0871 4148        pciide - ok
21:23:28.0902 4148        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:23:28.0933 4148        pcmcia - ok
21:23:28.0964 4148        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:23:28.0980 4148        pcw - ok
21:23:29.0011 4148        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:23:29.0074 4148        PEAUTH - ok
21:23:29.0214 4148        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:23:29.0292 4148        PptpMiniport - ok
21:23:29.0323 4148        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:23:29.0354 4148        Processor - ok
21:23:29.0479 4148        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:23:29.0542 4148        Psched - ok
21:23:29.0573 4148        PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
21:23:29.0588 4148        PxHlpa64 - ok
21:23:29.0682 4148        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:23:29.0776 4148        ql2300 - ok
21:23:29.0822 4148        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:23:29.0854 4148        ql40xx - ok
21:23:29.0885 4148        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:23:29.0916 4148        QWAVEdrv - ok
21:23:29.0947 4148        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:23:29.0978 4148        RasAcd - ok
21:23:30.0025 4148        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:23:30.0072 4148        RasAgileVpn - ok
21:23:30.0119 4148        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:23:30.0181 4148        Rasl2tp - ok
21:23:30.0212 4148        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:23:30.0290 4148        RasPppoe - ok
21:23:30.0400 4148        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:23:30.0462 4148        RasSstp - ok
21:23:30.0524 4148        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:23:30.0618 4148        rdbss - ok
21:23:30.0665 4148        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:23:30.0696 4148        rdpbus - ok
21:23:30.0727 4148        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:23:30.0774 4148        RDPCDD - ok
21:23:30.0852 4148        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:23:30.0930 4148        RDPENCDD - ok
21:23:30.0961 4148        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:23:30.0992 4148        RDPREFMP - ok
21:23:31.0039 4148        RDPWD          (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
21:23:31.0070 4148        RDPWD - ok
21:23:31.0195 4148        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:23:31.0226 4148        rdyboost - ok
21:23:31.0367 4148        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:23:31.0460 4148        rspndr - ok
21:23:31.0585 4148        RSUSBSTOR      (763ae0c6d9df4c24b7e2c26036a8188a) C:\Windows\System32\Drivers\RtsUStor.sys
21:23:31.0616 4148        RSUSBSTOR - ok
21:23:31.0663 4148        RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys
21:23:31.0694 4148        RTHDMIAzAudService - ok
21:23:31.0741 4148        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:23:31.0757 4148        sbp2port - ok
21:23:31.0804 4148        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:23:31.0850 4148        scfilter - ok
21:23:31.0960 4148        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:23:32.0053 4148        secdrv - ok
21:23:32.0116 4148        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:23:32.0162 4148        Serenum - ok
21:23:32.0178 4148        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:23:32.0225 4148        Serial - ok
21:23:32.0272 4148        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:23:32.0287 4148        sermouse - ok
21:23:32.0350 4148        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:23:32.0381 4148        sffdisk - ok
21:23:32.0428 4148        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:23:32.0443 4148        sffp_mmc - ok
21:23:32.0474 4148        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:23:32.0506 4148        sffp_sd - ok
21:23:32.0552 4148        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:23:32.0584 4148        sfloppy - ok
21:23:32.0646 4148        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:23:32.0662 4148        SiSRaid2 - ok
21:23:32.0708 4148        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:23:32.0724 4148        SiSRaid4 - ok
21:23:32.0771 4148        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:23:32.0818 4148        Smb - ok
21:23:32.0880 4148        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:23:32.0896 4148        spldr - ok
21:23:33.0036 4148        SRTSP          (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS
21:23:33.0067 4148        SRTSP - ok
21:23:33.0208 4148        SRTSPX          (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS
21:23:33.0223 4148        SRTSPX - ok
21:23:33.0348 4148        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:23:33.0410 4148        srv - ok
21:23:33.0457 4148        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:23:33.0504 4148        srv2 - ok
21:23:33.0613 4148        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:23:33.0660 4148        srvnet - ok
21:23:33.0785 4148        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:23:33.0800 4148        stexstor - ok
21:23:33.0863 4148        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:23:33.0878 4148        swenum - ok
21:23:34.0050 4148        SymDS          (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS
21:23:34.0097 4148        SymDS - ok
21:23:34.0253 4148        SymEFA          (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS
21:23:34.0315 4148        SymEFA - ok
21:23:34.0440 4148        SymEvent        (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:23:34.0456 4148        SymEvent - ok
21:23:34.0565 4148        SymIRON        (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS
21:23:34.0580 4148        SymIRON - ok
21:23:34.0721 4148        SymNetS        (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS
21:23:34.0752 4148        SymNetS - ok
21:23:34.0861 4148        SynTP          (064a2530a4a7c7cec1be6a1945645be4) C:\Windows\system32\DRIVERS\SynTP.sys
21:23:34.0892 4148        SynTP - ok
21:23:35.0002 4148        Tcpip          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:23:35.0111 4148        Tcpip - ok
21:23:35.0204 4148        TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:23:35.0267 4148        TCPIP6 - ok
21:23:35.0392 4148        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:23:35.0454 4148        tcpipreg - ok
21:23:35.0548 4148        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:23:35.0579 4148        TDPIPE - ok
21:23:35.0610 4148        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:23:35.0657 4148        TDTCP - ok
21:23:35.0782 4148        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:23:35.0875 4148        tdx - ok
21:23:35.0922 4148        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:23:35.0938 4148        TermDD - ok
21:23:35.0984 4148        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:23:36.0078 4148        tssecsrv - ok
21:23:36.0187 4148        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:23:36.0234 4148        TsUsbFlt - ok
21:23:36.0359 4148        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:23:36.0437 4148        tunnel - ok
21:23:36.0530 4148        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:23:36.0562 4148        uagp35 - ok
21:23:36.0593 4148        UBHelper        (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
21:23:36.0608 4148        UBHelper - ok
21:23:36.0640 4148        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:23:36.0733 4148        udfs - ok
21:23:36.0842 4148        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:23:36.0874 4148        uliagpkx - ok
21:23:36.0905 4148        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:23:36.0936 4148        umbus - ok
21:23:37.0030 4148        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:23:37.0076 4148        UmPass - ok
21:23:37.0139 4148        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:23:37.0201 4148        usbccgp - ok
21:23:37.0310 4148        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:23:37.0342 4148        usbcir - ok
21:23:37.0404 4148        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:23:37.0435 4148        usbehci - ok
21:23:37.0544 4148        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:23:37.0591 4148        usbhub - ok
21:23:37.0700 4148        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
21:23:37.0763 4148        usbohci - ok
21:23:37.0810 4148        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:23:37.0841 4148        usbprint - ok
21:23:37.0919 4148        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:23:37.0966 4148        USBSTOR - ok
21:23:38.0044 4148        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:23:38.0075 4148        usbuhci - ok
21:23:38.0200 4148        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
21:23:38.0262 4148        usbvideo - ok
21:23:38.0387 4148        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:23:38.0402 4148        vdrvroot - ok
21:23:38.0465 4148        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:23:38.0496 4148        vga - ok
21:23:38.0512 4148        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:23:38.0574 4148        VgaSave - ok
21:23:38.0621 4148        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:23:38.0652 4148        vhdmp - ok
21:23:38.0699 4148        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:23:38.0730 4148        viaide - ok
21:23:38.0777 4148        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:23:38.0792 4148        volmgr - ok
21:23:38.0839 4148        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:23:38.0855 4148        volmgrx - ok
21:23:38.0902 4148        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:23:38.0933 4148        volsnap - ok
21:23:38.0980 4148        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:23:38.0995 4148        vsmraid - ok
21:23:39.0042 4148        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:23:39.0058 4148        vwifibus - ok
21:23:39.0089 4148        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:23:39.0136 4148        vwififlt - ok
21:23:39.0260 4148        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:23:39.0292 4148        vwifimp - ok
21:23:39.0323 4148        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:23:39.0370 4148        WacomPen - ok
21:23:39.0494 4148        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:23:39.0588 4148        WANARP - ok
21:23:39.0604 4148        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:23:39.0650 4148        Wanarpv6 - ok
21:23:39.0728 4148        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:23:39.0760 4148        Wd - ok
21:23:39.0806 4148        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:23:39.0838 4148        Wdf01000 - ok
21:23:39.0978 4148        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:23:40.0056 4148        WfpLwf - ok
21:23:40.0072 4148        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:23:40.0087 4148        WIMMount - ok
21:23:40.0196 4148        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:23:40.0306 4148        WmiAcpi - ok
21:23:40.0415 4148        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:23:40.0493 4148        ws2ifsl - ok
21:23:40.0540 4148        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:23:40.0586 4148        WudfPf - ok
21:23:40.0602 4148        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:23:40.0664 4148        WUDFRd - ok
21:23:40.0758 4148        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:23:40.0992 4148        \Device\Harddisk0\DR0 - ok
21:23:41.0008 4148        MBR (0x1B8)    (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk2\DR2
21:23:47.0731 4148        \Device\Harddisk2\DR2 - ok
21:23:47.0731 4148        Boot (0x1200)  (eae31c0f8cb36874a952a243be97fb8b) \Device\Harddisk0\DR0\Partition0
21:23:47.0731 4148        \Device\Harddisk0\DR0\Partition0 - ok
21:23:47.0747 4148        Boot (0x1200)  (dbf621bcc68ae68050b2804c36e45f8a) \Device\Harddisk0\DR0\Partition1
21:23:47.0747 4148        \Device\Harddisk0\DR0\Partition1 - ok
21:23:47.0778 4148        Boot (0x1200)  (e1569c0ac76db41e1f16365263e8188e) \Device\Harddisk0\DR0\Partition2
21:23:47.0778 4148        \Device\Harddisk0\DR0\Partition2 - ok
21:23:47.0778 4148        Boot (0x1200)  (62029afef553a5a2f49f76b8fe530acf) \Device\Harddisk2\DR2\Partition0
21:23:47.0778 4148        \Device\Harddisk2\DR2\Partition0 - ok
21:23:47.0778 4148        ============================================================
21:23:47.0778 4148        Scan finished
21:23:47.0778 4148        ============================================================
21:23:47.0794 2300        Detected object count: 0
21:23:47.0794 2300        Actual detected object count: 0

cosinus 14.03.2012 22:01
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

PropJoe 23.03.2012 23:59
Code:
ComboFix 12-03-17.01 - ***** 18.03.2012  23:22:27.2.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4091.2527 [GMT 1:00]
ausgeführt von:: c:\users\*****\Desktop\ComboFix.exe
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\chrome\autocompleteprochrome.crx
c:\program files (x86)\AutocompletePro\FireFoxExtension.exe
c:\program files (x86)\AutocompletePro\InstTracker.exe
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome.manifest
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.js
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\utils.js
c:\program files (x86)\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js
c:\program files (x86)\AutocompletePro\support@predictad.com\install.rdf
c:\program files (x86)\AutocompletePro\unins000.dat
c:\program files (x86)\AutocompletePro\unins000.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-02-18 bis 2012-03-18  ))))))))))))))))))))))))))))))
.
.
2012-03-18 23:03 . 2012-03-18 23:03        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-03-14 21:57 . 2011-11-19 15:20        5559152        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-03-14 21:57 . 2011-11-19 14:50        3968368        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 21:57 . 2011-11-19 14:50        3913584        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 20:43 . 2012-02-03 04:34        3145728        ----a-w-        c:\windows\system32\win32k.sys
2012-03-14 20:43 . 2012-02-10 06:36        1544192        ----a-w-        c:\windows\system32\DWrite.dll
2012-03-14 20:43 . 2012-02-10 05:38        1077248        ----a-w-        c:\windows\SysWow64\DWrite.dll
2012-03-13 21:03 . 2012-02-17 06:38        1031680        ----a-w-        c:\windows\system32\rdpcore.dll
2012-03-13 21:03 . 2012-02-17 05:34        826880        ----a-w-        c:\windows\SysWow64\rdpcore.dll
2012-03-13 21:03 . 2012-02-17 04:58        210944        ----a-w-        c:\windows\system32\drivers\rdpwd.sys
2012-03-13 21:03 . 2012-02-17 04:57        23552        ----a-w-        c:\windows\system32\drivers\tdtcp.sys
2012-03-13 21:02 . 2012-01-25 06:38        77312        ----a-w-        c:\windows\system32\rdpwsx.dll
2012-03-13 21:02 . 2012-01-25 06:38        149504        ----a-w-        c:\windows\system32\rdpcorekmts.dll
2012-03-13 21:02 . 2012-01-25 06:33        9216        ----a-w-        c:\windows\system32\rdrmemptylst.exe
2012-03-10 13:01 . 2012-03-10 13:01        --------        d-----w-        C:\_OTL
2012-02-26 19:43 . 2012-02-26 19:43        --------        d-----w-        c:\program files (x86)\Veetle
2012-02-21 20:29 . 2012-02-21 20:29        --------        d-----w-        c:\program files (x86)\ESET
2012-02-19 20:44 . 2012-02-19 20:44        --------        d-----w-        c:\users\****\AppData\Roaming\Malwarebytes
2012-02-19 20:44 . 2012-02-19 20:44        --------        d-----w-        c:\programdata\Malwarebytes
2012-02-18 22:53 . 2012-02-19 20:47        --------        d-----w-        c:\users\*****\AppData\Local\NPE
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-10 10:12 . 2011-09-25 12:06        414368        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-08 21:20 . 2012-02-08 21:20        174200        ----a-w-        c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-01-26 23:52 . 2011-01-29 17:13        279656        ------w-        c:\windows\system32\MpSigStub.exe
2012-01-17 03:39 . 2012-02-08 20:40        8602168        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{5E157E2B-89A1-4939-B6D2-8D14AC8E4446}\mpengine.dll
2012-01-04 10:44 . 2012-02-14 20:54        509952        ----a-w-        c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-14 20:54        442880        ----a-w-        c:\windows\SysWow64\ntshrui.dll
2012-01-04 00:48 . 2012-01-04 00:48        354176        ----a-w-        c:\windows\SysWow64\DivXControlPanelApplet.cpl
2011-12-30 06:26 . 2012-02-14 20:54        515584        ----a-w-        c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-14 20:54        478720        ----a-w-        c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-14 20:54        498688        ----a-w-        c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-21 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2010-05-26 1545568]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2010-06-17 370176]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 136176]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 136176]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 PCDSRVC{EDD8E36B-5B151F0E-06020101}_0;PCDSRVC{EDD8E36B-5B151F0E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\users\*****\appdata\local\temp\xesc82lluhdr\pcdrdiag\bin\pcdsrvc_x64.pkms [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [2012-03-02 1157240]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120316.005\IDSvia64.sys [2012-02-07 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe [2011-04-17 130008]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-28 255744]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-08 138360]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 23:09]
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 23:09]
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1164433500-2484290119-350120935-1000Core.job
- c:\users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-25 12:24]
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1164433500-2484290119-350120935-1000UA.job
- c:\users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-25 12:24]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mStart Page =
mLocal Page =
IE: Free YouTube to MP3 Converter - c:\users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: youtube.com\www
TCP: Interfaces\{31656834-DE9A-4E04-8AF6-810737781926}: NameServer = 193.189.244.206 193.189.244.225
TCP: Interfaces\{B49A345D-43BE-4FAB-A924-F0E2C4A265EB}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{C783F711-25D9-43D6-8BE9-8A4FAC52DB9D}: NameServer = 193.189.244.225 193.189.244.206
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-AutocompletePro3_is1 - c:\program files (x86)\AutocompletePro\unins000.exe
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\*****\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\5.2.0.13\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{EDD8E36B-5B151F0E-06020101}_0]
"ImagePath"="\??\c:\users\*****\appdata\local\temp\xesc82lluhdr\pcdrdiag\bin\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-03-19  00:10:41 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-03-18 23:10
.
Vor Suchlauf: 8 Verzeichnis(se), 44.030.808.064 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 43.517.771.776 Bytes frei
.
- - End Of File - - 3BE1BEBF4589CEB00778B3009C94CC9F

cosinus 24.03.2012 18:18
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

PropJoe 24.03.2012 23:37
Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-24 21:21:48
-----------------------------
21:21:48.467    OS Version: Windows x64 6.1.7601 Service Pack 1
21:21:48.467    Number of processors: 2 586 0x603
21:21:48.467    ComputerName: NPC  UserName:
21:21:50.667    Initialize success
21:25:46.539    AVAST engine defs: 12032400
21:36:22.245    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:36:22.245    Disk 0 Vendor: ST9500325AS 0001SDM1 Size: 476940MB BusType: 11
21:36:22.261    Disk 0 MBR read successfully
21:36:22.277    Disk 0 MBR scan
21:36:22.308    Disk 0 Windows 7 default MBR code
21:36:22.323    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        13312 MB offset 2048
21:36:22.339    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 27265024
21:36:22.355    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS        83526 MB offset 27469824
21:36:22.370    Disk 0 Partition - 00    0F Extended LBA            380000 MB offset 198531072
21:36:22.401    Disk 0 Partition 4 00    07    HPFS/NTFS NTFS      379999 MB offset 198533120
21:36:22.448    Disk 0 scanning C:\Windows\system32\drivers
21:36:38.938    Service scanning
21:37:08.858    Modules scanning
21:37:08.874    Disk 0 trace - called modules:
21:37:08.890    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:37:08.905    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800460e060]
21:37:08.905    3 CLASSPNP.SYS[fffff88001b7443f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004598060]
21:37:09.872    AVAST engine scan C:\Windows
21:37:13.024    AVAST engine scan C:\Windows\system32
21:41:13.420    AVAST engine scan C:\Windows\system32\drivers
21:41:32.499    AVAST engine scan C:\Users\F
21:50:10.607    AVAST engine scan C:\ProgramData
21:53:16.590    Scan finished successfully
21:57:01.792    Disk 0 MBR has been saved successfully to "C:\Users\*****\Desktop\MBR.dat"
21:57:01.808    The log file has been saved successfully to "C:\Users\*****\Desktop\aswMBR.txt"

cosinus 25.03.2012 14:49
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:12 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130