|
SystemCheck - falsches Tools - Virus oder Malware?? Hallo Trojaner-Board-Team, ich habe mir da einen Schädling eingefangen. Er meldet sich als Systemcheck. Er gibt an, dass es Fehler mit RAM und Festplatte gibt. Könnt Ihr da helfen? VG, Robibor |
Hallo, der Taskmanager geht auch nicht auf. Wenn man msconfig aufruft, dann stehen die beiden Dateien (pEmGJfPLIOhOo.exe und mZ49sP985las5s.exe) in der StystemStart Liste. Ich habe die Einstellung deaktiviert. Ich konnte die Dateien pEmGJfPLIOhOo.exe und mZ49sP985las5s.exe im Verzeichnis C:\ProgramData umbenennen und nach dem Reboot löschen. Die Meldungen über System-Probleme werden z.Z. nicht angezeigt. Die Liste der Programme wird in der Taskleiste wird nicht (mehr) angezeigt. Ich habe mit MalwareBytes das System gescannt und konnte die Infektionen beseitigen. Ich schicke noch mal eine aktuelle olt.txt mit. Vielleicht gibt es noch was, was sich versteckt. VG, Robibor |
:hallo: Mein Name ist Marius und ich werde dir bei deinem Problem helfen. Eines vorneweg: Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass du clean bist. Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Schritt 1: Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung. Schritt 2: Scan mit aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Schritt 3: Scan mit TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
Hallo Marius, hier die aswMBR.txt. Kann ich den TDSS-Killer schon laufen lassen? VG, robibor Sorry. aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software Run date: 2012-03-05 10:40:21 ----------------------------- 10:40:21.080 OS Version: Windows x64 6.1.7601 Service Pack 1 10:40:21.080 Number of processors: 4 586 0x402 10:40:21.080 ComputerName: ATHOS UserName: uwe 10:40:21.595 Initialize success 10:42:01.676 AVAST engine defs: 12030500 10:42:10.459 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000090 10:42:10.459 Disk 0 Vendor: AMD_____ 1.10 Size: 1907611MB BusType: 8 10:42:10.475 Disk 0 MBR read successfully 10:42:10.475 Disk 0 MBR scan 10:42:10.475 Disk 0 Windows 7 default MBR code 10:42:10.490 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 10:42:10.506 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 204798 MB offset 206848 10:42:10.506 Disk 0 Partition - 00 0F Extended LBA 1088310 MB offset 1677926400 10:42:10.522 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 512000 MB offset 1677928448 10:42:10.522 Disk 0 Partition - 00 05 Extended 409601 MB offset 2726504448 10:42:10.553 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 409600 MB offset 2726506496 10:42:10.553 Disk 0 Partition - 00 05 Extended 166708 MB offset 4613945344 10:42:10.568 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 166707 MB offset 3565369344 10:42:10.678 Disk 0 scanning C:\Windows\system32\drivers 10:42:32.034 Service scanning 10:43:02.454 Modules scanning 10:43:02.454 Disk 0 trace - called modules: 10:43:02.485 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll amdsbs.sys 10:43:02.501 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800816a060] 10:43:02.501 3 CLASSPNP.SYS[fffff8800144243f] -> nt!IofCallDriver -> [0xfffffa8007111e40] 10:43:02.501 5 ACPI.sys[fffff88000f237a1] -> nt!IofCallDriver -> \Device\00000090[0xfffffa800710a060] 10:43:03.250 AVAST engine scan C:\Windows 10:43:10.285 AVAST engine scan C:\Windows\system32 10:48:34.095 AVAST engine scan C:\Windows\system32\drivers 10:48:53.065 AVAST engine scan C:\Users\uwe 10:49:39.834 File: C:\Users\uwe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23TT1W18\3[1].exe **INFECTED** Win32:Sirefef-OW [Trj] 10:54:13.528 AVAST engine scan C:\ProgramData 11:01:40.281 Scan finished successfully 11:02:08.016 Disk 0 MBR has been saved successfully to "C:\Users\uwe\Desktop\MBR.dat" 11:02:08.021 The log file has been saved successfully to "C:\Users\uwe\Desktop\aswMBR.txt" |
Hallo Uwe, ja, arbeite stets alle Punkte ab, bevor du antwortest! :) |
Hallo Marius, hier das Ergebnis von TDSS-Killer. VG, robibor 11:26:26.0197 1212 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39 11:26:26.0323 1212 ============================================================ 11:26:26.0323 1212 Current date / time: 2012/03/05 11:26:26.0323 11:26:26.0324 1212 SystemInfo: 11:26:26.0324 1212 11:26:26.0324 1212 OS Version: 6.1.7601 ServicePack: 1.0 11:26:26.0324 1212 Product type: Workstation 11:26:26.0324 1212 ComputerName: ATHOS 11:26:26.0324 1212 UserName: uwe 11:26:26.0324 1212 Windows directory: C:\Windows 11:26:26.0324 1212 System windows directory: C:\Windows 11:26:26.0324 1212 Running under WOW64 11:26:26.0324 1212 Processor architecture: Intel x64 11:26:26.0324 1212 Number of processors: 4 11:26:26.0324 1212 Page size: 0x1000 11:26:26.0324 1212 Boot type: Normal boot 11:26:26.0324 1212 ============================================================ 11:26:27.0175 1212 Drive \Device\Harddisk0\DR0 - Size: 0x1D1B9B60000 (1862.90 Gb), SectorSize: 0x200, Cylinders: 0x3B5F2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:26:27.0216 1212 \Device\Harddisk0\DR0: 11:26:27.0216 1212 MBR used 11:26:27.0216 1212 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 11:26:27.0216 1212 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x18FFF2C9 11:26:27.0232 1212 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64032800, BlocksNum 0x3E800000 11:26:27.0249 1212 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA2833000, BlocksNum 0x32000000 11:26:27.0263 1212 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xD4833800, BlocksNum 0x14599800 11:26:27.0424 1212 Initialize success 11:26:27.0424 1212 ============================================================ 11:26:32.0937 4612 ============================================================ 11:26:32.0937 4612 Scan started 11:26:32.0937 4612 Mode: Manual; 11:26:32.0937 4612 ============================================================ 11:26:34.0506 4612 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 11:26:34.0511 4612 1394ohci - ok 11:26:34.0552 4612 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys 11:26:34.0554 4612 61883 - ok 11:26:34.0649 4612 acedrv11 (6ce02d42183cdf31315f208ae35f153f) C:\Windows\system32\drivers\acedrv11.sys 11:26:34.0674 4612 acedrv11 - ok 11:26:34.0744 4612 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 11:26:34.0747 4612 ACPI - ok 11:26:34.0763 4612 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 11:26:34.0763 4612 AcpiPmi - ok 11:26:34.0841 4612 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 11:26:34.0850 4612 adp94xx - ok 11:26:34.0869 4612 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 11:26:34.0872 4612 adpahci - ok 11:26:34.0884 4612 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 11:26:34.0885 4612 adpu320 - ok 11:26:34.0916 4612 afcdp (d9a76e6e541e2e61c78140b65db63e6a) C:\Windows\system32\DRIVERS\afcdp.sys 11:26:34.0918 4612 afcdp - ok 11:26:34.0964 4612 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 11:26:34.0968 4612 AFD - ok 11:26:34.0986 4612 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 11:26:34.0987 4612 agp440 - ok 11:26:35.0037 4612 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 11:26:35.0039 4612 aliide - ok 11:26:35.0116 4612 ALSysIO - ok 11:26:35.0131 4612 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 11:26:35.0132 4612 amdide - ok 11:26:35.0156 4612 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 11:26:35.0158 4612 AmdK8 - ok 11:26:35.0177 4612 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 11:26:35.0178 4612 AmdPPM - ok 11:26:35.0195 4612 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 11:26:35.0196 4612 amdsata - ok 11:26:35.0207 4612 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 11:26:35.0208 4612 amdsbs - ok 11:26:35.0224 4612 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 11:26:35.0224 4612 amdxata - ok 11:26:35.0258 4612 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys 11:26:35.0260 4612 androidusb - ok 11:26:35.0313 4612 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 11:26:35.0315 4612 AppID - ok 11:26:35.0353 4612 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 11:26:35.0355 4612 arc - ok 11:26:35.0373 4612 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 11:26:35.0374 4612 arcsas - ok 11:26:35.0393 4612 Aspi32 - ok 11:26:35.0409 4612 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 11:26:35.0410 4612 AsyncMac - ok 11:26:35.0420 4612 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 11:26:35.0420 4612 atapi - ok 11:26:35.0449 4612 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys 11:26:35.0450 4612 Avc - ok 11:26:35.0477 4612 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys 11:26:35.0478 4612 avgntflt - ok 11:26:35.0516 4612 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys 11:26:35.0517 4612 avipbb - ok 11:26:35.0558 4612 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 11:26:35.0562 4612 b06bdrv - ok 11:26:35.0575 4612 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 11:26:35.0577 4612 b57nd60a - ok 11:26:35.0590 4612 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 11:26:35.0591 4612 Beep - ok 11:26:35.0602 4612 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 11:26:35.0602 4612 blbdrive - ok 11:26:35.0625 4612 BlueletAudio (44582f5543fd48afbe20e9d9287db0c0) C:\Windows\system32\DRIVERS\blueletaudio.sys 11:26:35.0625 4612 BlueletAudio - ok 11:26:35.0640 4612 BlueletSCOAudio (7e40dfb0cb6dd07eb63cf6f8c67c0962) C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys 11:26:35.0640 4612 BlueletSCOAudio - ok 11:26:35.0694 4612 bmdrvr (4d6eee6f8dde33ac7818308335175385) C:\Windows\SysWOW64\drivers\bmdrvr.sys 11:26:35.0694 4612 bmdrvr - ok 11:26:35.0747 4612 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 11:26:35.0750 4612 bowser - ok 11:26:35.0765 4612 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 11:26:35.0767 4612 BrFiltLo - ok 11:26:35.0780 4612 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 11:26:35.0782 4612 BrFiltUp - ok 11:26:35.0803 4612 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 11:26:35.0804 4612 BridgeMP - ok 11:26:35.0834 4612 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 11:26:35.0836 4612 Brserid - ok 11:26:35.0857 4612 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 11:26:35.0858 4612 BrSerWdm - ok 11:26:35.0875 4612 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 11:26:35.0877 4612 BrUsbMdm - ok 11:26:35.0895 4612 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 11:26:35.0897 4612 BrUsbSer - ok 11:26:35.0921 4612 BT (0f890e854fcbe98f4574acc6423fccef) C:\Windows\system32\DRIVERS\btnetdrv.sys 11:26:35.0922 4612 BT - ok 11:26:35.0940 4612 Btcsrusb (e0c1e6b70e0c626b37e643b799e434f3) C:\Windows\system32\Drivers\btcusb.sys 11:26:35.0940 4612 Btcsrusb - ok 11:26:35.0971 4612 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 11:26:35.0971 4612 BthEnum - ok 11:26:35.0985 4612 BTHidEnum (e49a371185d5e79c103765da93856ee1) C:\Windows\system32\Drivers\vbtenum.sys 11:26:35.0986 4612 BTHidEnum - ok 11:26:36.0012 4612 BTHidMgr (8fa060b557c7de309d2d5c16c3da2ef6) C:\Windows\system32\Drivers\BTHidMgr.sys 11:26:36.0014 4612 BTHidMgr - ok 11:26:36.0042 4612 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 11:26:36.0044 4612 BTHMODEM - ok 11:26:36.0075 4612 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 11:26:36.0078 4612 BthPan - ok 11:26:36.0119 4612 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 11:26:36.0129 4612 BTHPORT - ok 11:26:36.0157 4612 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 11:26:36.0158 4612 BTHUSB - ok 11:26:36.0174 4612 catchme - ok 11:26:36.0200 4612 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 11:26:36.0201 4612 cdfs - ok 11:26:36.0234 4612 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 11:26:36.0235 4612 cdrom - ok 11:26:36.0263 4612 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 11:26:36.0264 4612 circlass - ok 11:26:36.0293 4612 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 11:26:36.0297 4612 CLFS - ok 11:26:36.0340 4612 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 11:26:36.0341 4612 CmBatt - ok 11:26:36.0358 4612 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 11:26:36.0359 4612 cmdide - ok 11:26:36.0383 4612 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 11:26:36.0387 4612 CNG - ok 11:26:36.0396 4612 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 11:26:36.0397 4612 Compbatt - ok 11:26:36.0421 4612 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 11:26:36.0422 4612 CompositeBus - ok 11:26:36.0429 4612 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 11:26:36.0429 4612 crcdisk - ok 11:26:36.0464 4612 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 11:26:36.0469 4612 CSC - ok 11:26:36.0548 4612 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 11:26:36.0549 4612 DfsC - ok 11:26:36.0594 4612 dgderdrv (867fa8b9e9e3078f68c4089904bbf4b0) C:\Windows\system32\drivers\dgderdrv.sys 11:26:36.0596 4612 dgderdrv - ok 11:26:36.0633 4612 DgiVecp (2d589a2c024b2fb238535db9f7b3597d) C:\Windows\system32\Drivers\DgiVecp.sys 11:26:36.0635 4612 DgiVecp - ok 11:26:36.0658 4612 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 11:26:36.0659 4612 discache - ok 11:26:36.0687 4612 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 11:26:36.0688 4612 Disk - ok 11:26:36.0742 4612 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys 11:26:36.0743 4612 Dot4 - ok 11:26:36.0767 4612 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys 11:26:36.0768 4612 Dot4Print - ok 11:26:36.0786 4612 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys 11:26:36.0787 4612 dot4usb - ok 11:26:36.0825 4612 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 11:26:36.0826 4612 drmkaud - ok 11:26:36.0876 4612 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 11:26:36.0893 4612 DXGKrnl - ok 11:26:36.0951 4612 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 11:26:36.0974 4612 ebdrv - ok 11:26:36.0997 4612 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 11:26:37.0000 4612 elxstor - ok 11:26:37.0021 4612 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 11:26:37.0023 4612 ErrDev - ok 11:26:37.0060 4612 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 11:26:37.0062 4612 exfat - ok 11:26:37.0084 4612 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 11:26:37.0087 4612 fastfat - ok 11:26:37.0110 4612 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 11:26:37.0111 4612 fdc - ok 11:26:37.0123 4612 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 11:26:37.0124 4612 FileInfo - ok 11:26:37.0138 4612 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 11:26:37.0138 4612 Filetrace - ok 11:26:37.0159 4612 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 11:26:37.0160 4612 flpydisk - ok 11:26:37.0193 4612 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 11:26:37.0197 4612 FltMgr - ok 11:26:37.0279 4612 FreshIO (caac750e6d27866c28494e0de9fa802a) D:\tools\system\FreshDiagnose\FreshIO.sys 11:26:37.0280 4612 FreshIO - ok 11:26:37.0330 4612 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 11:26:37.0332 4612 FsDepends - ok 11:26:37.0390 4612 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys 11:26:37.0392 4612 fssfltr - ok 11:26:37.0420 4612 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 11:26:37.0422 4612 Fs_Rec - ok 11:26:37.0452 4612 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 11:26:37.0458 4612 fvevol - ok 11:26:37.0479 4612 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 11:26:37.0480 4612 gagp30kx - ok 11:26:37.0524 4612 hcmon (edb09f2df76c352b7af56d0b473049d6) C:\Windows\system32\drivers\hcmon.sys 11:26:37.0525 4612 hcmon - ok 11:26:37.0537 4612 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 11:26:37.0538 4612 hcw85cir - ok 11:26:37.0587 4612 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 11:26:37.0593 4612 HdAudAddService - ok 11:26:37.0632 4612 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 11:26:37.0635 4612 HDAudBus - ok 11:26:37.0661 4612 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 11:26:37.0662 4612 HidBatt - ok 11:26:37.0681 4612 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 11:26:37.0682 4612 HidBth - ok 11:26:37.0706 4612 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 11:26:37.0707 4612 HidIr - ok 11:26:37.0741 4612 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 11:26:37.0742 4612 HidUsb - ok 11:26:37.0771 4612 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 11:26:37.0772 4612 HpSAMD - ok 11:26:37.0808 4612 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 11:26:37.0815 4612 HTTP - ok 11:26:37.0842 4612 hwdatacard (c8f3119ad72a507d12ef389df4c266ef) C:\Windows\system32\DRIVERS\ewusbmdm.sys 11:26:37.0843 4612 hwdatacard - ok 11:26:37.0869 4612 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 11:26:37.0870 4612 hwpolicy - ok 11:26:37.0888 4612 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 11:26:37.0890 4612 i8042prt - ok 11:26:37.0913 4612 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 11:26:37.0917 4612 iaStorV - ok 11:26:37.0941 4612 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 11:26:37.0941 4612 iirsp - ok 11:26:37.0963 4612 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 11:26:37.0964 4612 intelide - ok 11:26:37.0989 4612 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 11:26:37.0990 4612 intelppm - ok 11:26:38.0018 4612 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:26:38.0019 4612 IpFilterDriver - ok 11:26:38.0034 4612 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 11:26:38.0035 4612 IPMIDRV - ok 11:26:38.0051 4612 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 11:26:38.0052 4612 IPNAT - ok 11:26:38.0057 4612 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 11:26:38.0058 4612 IRENUM - ok 11:26:38.0073 4612 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 11:26:38.0074 4612 isapnp - ok 11:26:38.0091 4612 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 11:26:38.0093 4612 iScsiPrt - ok 11:26:38.0126 4612 ISWKL - ok 11:26:38.0160 4612 ivusb (bd5bf20ec242e003a2f570b8754a56d1) C:\Windows\system32\DRIVERS\ivusb.sys 11:26:38.0162 4612 ivusb - ok 11:26:38.0203 4612 JakNDis (9a0e8f5cd93ad955f2325b10d6e85fd2) C:\Windows\system32\DRIVERS\JakNDis.sys 11:26:38.0205 4612 JakNDis - ok 11:26:38.0214 4612 JakNDisMP (9a0e8f5cd93ad955f2325b10d6e85fd2) C:\Windows\system32\DRIVERS\JakNDis.sys 11:26:38.0215 4612 JakNDisMP - ok 11:26:38.0236 4612 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 11:26:38.0237 4612 kbdclass - ok 11:26:38.0251 4612 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 11:26:38.0252 4612 kbdhid - ok 11:26:38.0270 4612 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 11:26:38.0271 4612 KSecDD - ok 11:26:38.0292 4612 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 11:26:38.0294 4612 KSecPkg - ok 11:26:38.0312 4612 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 11:26:38.0313 4612 ksthunk - ok 11:26:38.0357 4612 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 11:26:38.0358 4612 lltdio - ok 11:26:38.0377 4612 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 11:26:38.0378 4612 LSI_FC - ok 11:26:38.0392 4612 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 11:26:38.0393 4612 LSI_SAS - ok 11:26:38.0407 4612 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 11:26:38.0408 4612 LSI_SAS2 - ok 11:26:38.0419 4612 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 11:26:38.0420 4612 LSI_SCSI - ok 11:26:38.0434 4612 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 11:26:38.0435 4612 luafv - ok 11:26:38.0472 4612 lvpepf64 (4cb64d7458abd8396bcd389a69c8fc80) C:\Windows\system32\DRIVERS\lv302a64.sys 11:26:38.0472 4612 lvpepf64 - ok 11:26:38.0494 4612 LVUSBS64 (0034f69d0007d3f77f6b96fa51228e85) C:\Windows\system32\drivers\LVUSBS64.sys 11:26:38.0495 4612 LVUSBS64 - ok 11:26:38.0520 4612 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 11:26:38.0522 4612 MBAMProtector - ok 11:26:38.0558 4612 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 11:26:38.0560 4612 megasas - ok 11:26:38.0584 4612 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 11:26:38.0586 4612 MegaSR - ok 11:26:38.0604 4612 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 11:26:38.0605 4612 Modem - ok 11:26:38.0620 4612 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 11:26:38.0620 4612 monitor - ok 11:26:38.0638 4612 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 11:26:38.0639 4612 mouclass - ok 11:26:38.0670 4612 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 11:26:38.0671 4612 mouhid - ok 11:26:38.0676 4612 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 11:26:38.0677 4612 mountmgr - ok 11:26:38.0693 4612 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 11:26:38.0695 4612 mpio - ok 11:26:38.0705 4612 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 11:26:38.0706 4612 mpsdrv - ok 11:26:38.0724 4612 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 11:26:38.0725 4612 MRxDAV - ok 11:26:38.0748 4612 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:26:38.0750 4612 mrxsmb - ok 11:26:38.0775 4612 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:26:38.0778 4612 mrxsmb10 - ok 11:26:38.0797 4612 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:26:38.0798 4612 mrxsmb20 - ok 11:26:38.0983 4612 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 11:26:38.0984 4612 msahci - ok 11:26:38.0999 4612 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 11:26:39.0000 4612 msdsm - ok 11:26:39.0041 4612 MSDV (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys 11:26:39.0042 4612 MSDV - ok 11:26:39.0058 4612 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 11:26:39.0059 4612 Msfs - ok 11:26:39.0067 4612 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 11:26:39.0068 4612 mshidkmdf - ok 11:26:39.0083 4612 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 11:26:39.0084 4612 msisadrv - ok 11:26:39.0107 4612 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 11:26:39.0108 4612 MSKSSRV - ok 11:26:39.0128 4612 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 11:26:39.0129 4612 MSPCLOCK - ok 11:26:39.0134 4612 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 11:26:39.0135 4612 MSPQM - ok 11:26:39.0167 4612 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 11:26:39.0170 4612 MsRPC - ok 11:26:39.0188 4612 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 11:26:39.0189 4612 mssmbios - ok 11:26:39.0205 4612 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 11:26:39.0206 4612 MSTEE - ok 11:26:39.0216 4612 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 11:26:39.0218 4612 MTConfig - ok 11:26:39.0232 4612 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 11:26:39.0233 4612 Mup - ok 11:26:39.0272 4612 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 11:26:39.0279 4612 NativeWifiP - ok 11:26:39.0349 4612 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 11:26:39.0366 4612 NDIS - ok 11:26:39.0383 4612 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 11:26:39.0385 4612 NdisCap - ok 11:26:39.0395 4612 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 11:26:39.0396 4612 NdisTapi - ok 11:26:39.0420 4612 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 11:26:39.0421 4612 Ndisuio - ok 11:26:39.0439 4612 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 11:26:39.0441 4612 NdisWan - ok 11:26:39.0458 4612 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 11:26:39.0459 4612 NDProxy - ok 11:26:39.0473 4612 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 11:26:39.0474 4612 NetBIOS - ok 11:26:39.0491 4612 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 11:26:39.0494 4612 NetBT - ok 11:26:39.0536 4612 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 11:26:39.0537 4612 nfrd960 - ok 11:26:39.0565 4612 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 11:26:39.0566 4612 Npfs - ok 11:26:39.0577 4612 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 11:26:39.0578 4612 nsiproxy - ok 11:26:39.0615 4612 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 11:26:39.0630 4612 Ntfs - ok 11:26:39.0644 4612 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 11:26:39.0645 4612 Null - ok 11:26:39.0847 4612 nvlddmkm (ac8cbe9a0663e88f6429ee5530d5e32b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 11:26:39.0933 4612 nvlddmkm - ok 11:26:39.0950 4612 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 11:26:39.0952 4612 nvraid - ok 11:26:39.0963 4612 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 11:26:39.0964 4612 nvstor - ok 11:26:40.0004 4612 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 11:26:40.0005 4612 nv_agp - ok 11:26:40.0019 4612 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 11:26:40.0019 4612 ohci1394 - ok 11:26:40.0058 4612 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 11:26:40.0060 4612 Parport - ok 11:26:40.0080 4612 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 11:26:40.0081 4612 partmgr - ok 11:26:40.0100 4612 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 11:26:40.0101 4612 pci - ok 11:26:40.0110 4612 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 11:26:40.0111 4612 pciide - ok 11:26:40.0129 4612 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 11:26:40.0131 4612 pcmcia - ok 11:26:40.0151 4612 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 11:26:40.0152 4612 pcw - ok 11:26:40.0171 4612 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 11:26:40.0177 4612 PEAUTH - ok 11:26:40.0234 4612 PID_PEPI (37ea62238e17ae88e4713d9246ca1c1c) C:\Windows\system32\DRIVERS\LV302V64.SYS 11:26:40.0244 4612 PID_PEPI - ok 11:26:40.0308 4612 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 11:26:40.0309 4612 PptpMiniport - ok 11:26:40.0329 4612 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 11:26:40.0330 4612 Processor - ok 11:26:40.0352 4612 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 11:26:40.0354 4612 Psched - ok 11:26:40.0389 4612 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 11:26:40.0402 4612 ql2300 - ok 11:26:40.0414 4612 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 11:26:40.0416 4612 ql40xx - ok 11:26:40.0432 4612 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 11:26:40.0433 4612 QWAVEdrv - ok 11:26:40.0448 4612 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 11:26:40.0449 4612 RasAcd - ok 11:26:40.0483 4612 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 11:26:40.0484 4612 RasAgileVpn - ok 11:26:40.0504 4612 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:26:40.0505 4612 Rasl2tp - ok 11:26:40.0532 4612 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 11:26:40.0533 4612 RasPppoe - ok 11:26:40.0548 4612 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 11:26:40.0550 4612 RasSstp - ok 11:26:40.0570 4612 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 11:26:40.0572 4612 rdbss - ok 11:26:40.0590 4612 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 11:26:40.0590 4612 rdpbus - ok 11:26:40.0607 4612 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:26:40.0608 4612 RDPCDD - ok 11:26:40.0634 4612 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 11:26:40.0635 4612 RDPDR - ok 11:26:40.0666 4612 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 11:26:40.0667 4612 RDPENCDD - ok 11:26:40.0679 4612 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 11:26:40.0680 4612 RDPREFMP - ok 11:26:40.0722 4612 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 11:26:40.0724 4612 RdpVideoMiniport - ok 11:26:40.0755 4612 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 11:26:40.0760 4612 RDPWD - ok 11:26:40.0788 4612 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 11:26:40.0793 4612 rdyboost - ok 11:26:40.0837 4612 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 11:26:40.0841 4612 RFCOMM - ok 11:26:40.0887 4612 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys 11:26:40.0889 4612 ROOTMODEM - ok 11:26:40.0941 4612 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys 11:26:40.0944 4612 RsFx0103 - ok 11:26:40.0957 4612 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 11:26:40.0959 4612 rspndr - ok 11:26:40.0978 4612 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys 11:26:40.0980 4612 RTL8167 - ok 11:26:40.0992 4612 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 11:26:40.0993 4612 s3cap - ok 11:26:41.0006 4612 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 11:26:41.0007 4612 sbp2port - ok 11:26:41.0029 4612 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 11:26:41.0029 4612 scfilter - ok 11:26:41.0071 4612 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 11:26:41.0073 4612 secdrv - ok 11:26:41.0103 4612 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 11:26:41.0103 4612 Serenum - ok 11:26:41.0119 4612 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 11:26:41.0120 4612 Serial - ok 11:26:41.0139 4612 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 11:26:41.0140 4612 sermouse - ok 11:26:41.0171 4612 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 11:26:41.0172 4612 sffdisk - ok 11:26:41.0187 4612 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 11:26:41.0189 4612 sffp_mmc - ok 11:26:41.0206 4612 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 11:26:41.0209 4612 sffp_sd - ok 11:26:41.0227 4612 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 11:26:41.0228 4612 sfloppy - ok 11:26:41.0255 4612 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 11:26:41.0255 4612 SiSRaid2 - ok 11:26:41.0269 4612 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 11:26:41.0270 4612 SiSRaid4 - ok 11:26:41.0294 4612 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 11:26:41.0295 4612 Smb - ok 11:26:41.0338 4612 snapman (0775cb5147953cce129bc3414740d109) C:\Windows\system32\DRIVERS\snapman.sys 11:26:41.0341 4612 snapman - ok 11:26:41.0352 4612 speedfan - ok 11:26:41.0371 4612 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 11:26:41.0371 4612 spldr - ok 11:26:41.0417 4612 sptd (602884696850c86434530790b110e8eb) C:\Windows\System32\Drivers\sptd.sys 11:26:41.0424 4612 sptd - ok 11:26:41.0458 4612 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 11:26:41.0462 4612 srv - ok 11:26:41.0487 4612 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 11:26:41.0491 4612 srv2 - ok 11:26:41.0509 4612 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 11:26:41.0510 4612 srvnet - ok 11:26:41.0553 4612 ssadbus (d52282225d5bd73a9cbf420699d1a0fe) C:\Windows\system32\DRIVERS\ssadbus.sys 11:26:41.0557 4612 ssadbus - ok 11:26:41.0580 4612 ssadmdfl (f7936ac6e8437e10e1ae488ce21f3086) C:\Windows\system32\DRIVERS\ssadmdfl.sys 11:26:41.0582 4612 ssadmdfl - ok 11:26:41.0605 4612 ssadmdm (1fe033372a58c67b3ecca903fc637b36) C:\Windows\system32\DRIVERS\ssadmdm.sys 11:26:41.0606 4612 ssadmdm - ok 11:26:41.0619 4612 ssadserd (5eb7da2f72b90c8398df9d7a82e43fcb) C:\Windows\system32\DRIVERS\ssadserd.sys 11:26:41.0620 4612 ssadserd - ok 11:26:41.0656 4612 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys 11:26:41.0657 4612 SSPORT - ok 11:26:41.0668 4612 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 11:26:41.0669 4612 stexstor - ok 11:26:41.0685 4612 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 11:26:41.0685 4612 storflt - ok 11:26:41.0702 4612 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 11:26:41.0703 4612 storvsc - ok 11:26:41.0722 4612 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 11:26:41.0723 4612 swenum - ok 11:26:41.0730 4612 Synth3dVsc - ok 11:26:41.0791 4612 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 11:26:41.0807 4612 Tcpip - ok 11:26:41.0834 4612 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 11:26:41.0842 4612 TCPIP6 - ok 11:26:41.0863 4612 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 11:26:41.0864 4612 tcpipreg - ok 11:26:41.0892 4612 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 11:26:41.0894 4612 TDPIPE - ok 11:26:41.0958 4612 tdrpman258 (bf7ac81df6fbe09438d9dc7188178ea9) C:\Windows\system32\DRIVERS\tdrpm258.sys 11:26:41.0973 4612 tdrpman258 - ok 11:26:41.0989 4612 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 11:26:41.0990 4612 TDTCP - ok 11:26:42.0013 4612 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 11:26:42.0014 4612 tdx - ok 11:26:42.0030 4612 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 11:26:42.0031 4612 TermDD - ok 11:26:42.0059 4612 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys 11:26:42.0060 4612 TFsExDisk - ok 11:26:42.0086 4612 timounter (2c1caf5563548a15515eab07d2a069c6) C:\Windows\system32\DRIVERS\timntr.sys 11:26:42.0094 4612 timounter - ok 11:26:42.0103 4612 truecrypt - ok 11:26:42.0133 4612 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:26:42.0134 4612 tssecsrv - ok 11:26:42.0147 4612 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 11:26:42.0149 4612 TsUsbFlt - ok 11:26:42.0154 4612 tsusbhub - ok 11:26:42.0189 4612 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 11:26:42.0191 4612 tunnel - ok 11:26:42.0208 4612 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 11:26:42.0209 4612 uagp35 - ok 11:26:42.0235 4612 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 11:26:42.0242 4612 udfs - ok 11:26:42.0283 4612 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 11:26:42.0284 4612 uliagpkx - ok 11:26:42.0312 4612 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 11:26:42.0312 4612 umbus - ok 11:26:42.0328 4612 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 11:26:42.0328 4612 UmPass - ok 11:26:42.0350 4612 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 11:26:42.0351 4612 usbaudio - ok 11:26:42.0376 4612 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 11:26:42.0390 4612 usbccgp - ok 11:26:42.0442 4612 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 11:26:42.0443 4612 usbcir - ok 11:26:42.0469 4612 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 11:26:42.0470 4612 usbehci - ok 11:26:42.0543 4612 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 11:26:42.0550 4612 usbhub - ok 11:26:42.0589 4612 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 11:26:42.0591 4612 usbohci - ok 11:26:42.0607 4612 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 11:26:42.0608 4612 usbprint - ok 11:26:42.0643 4612 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 11:26:42.0645 4612 usbscan - ok 11:26:42.0669 4612 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:26:42.0671 4612 USBSTOR - ok 11:26:42.0693 4612 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 11:26:42.0694 4612 usbuhci - ok 11:26:42.0721 4612 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys 11:26:42.0723 4612 usb_rndisx - ok 11:26:42.0766 4612 VComm (b9b0a0b9232a51bbde9f28ca41716d61) C:\Windows\system32\DRIVERS\VComm.sys 11:26:42.0767 4612 VComm - ok 11:26:42.0797 4612 VcommMgr (f1b2d9ac422f8b72bf417c8d77c85a3b) C:\Windows\system32\Drivers\VcommMgr.sys 11:26:42.0798 4612 VcommMgr - ok 11:26:42.0812 4612 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 11:26:42.0814 4612 vdrvroot - ok 11:26:42.0840 4612 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 11:26:42.0842 4612 vga - ok 11:26:42.0864 4612 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 11:26:42.0866 4612 VgaSave - ok 11:26:42.0885 4612 VGPU - ok 11:26:42.0913 4612 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 11:26:42.0918 4612 vhdmp - ok 11:26:42.0938 4612 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 11:26:42.0939 4612 viaide - ok 11:26:42.0956 4612 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 11:26:42.0958 4612 vmbus - ok 11:26:42.0974 4612 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 11:26:42.0975 4612 VMBusHID - ok 11:26:43.0014 4612 vmci (69f38919ff1510560d67f9a0b2375b01) C:\Windows\system32\drivers\vmci.sys 11:26:43.0015 4612 vmci - ok 11:26:43.0034 4612 VMnetAdapter (3c37a81c995aee1802c9d8dd9ea0e835) C:\Windows\system32\DRIVERS\vmnetadapter.sys 11:26:43.0034 4612 VMnetAdapter - ok 11:26:43.0074 4612 VMnetBridge (d3b25ed3a6796fe3078475d8cfcd6024) C:\Windows\system32\DRIVERS\vmnetbridge.sys 11:26:43.0075 4612 VMnetBridge - ok 11:26:43.0122 4612 VMnetuserif (ea48bef5bc53d6cb5fec8f9be088b337) C:\Windows\system32\drivers\vmnetuserif.sys 11:26:43.0125 4612 VMnetuserif - ok 11:26:43.0150 4612 VMparport (53b7f021f489649fe30733913fa4f3fc) C:\Windows\system32\drivers\VMparport.sys 11:26:43.0152 4612 VMparport - ok 11:26:43.0211 4612 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 11:26:43.0212 4612 volmgr - ok 11:26:43.0234 4612 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 11:26:43.0237 4612 volmgrx - ok 11:26:43.0255 4612 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 11:26:43.0257 4612 volsnap - ok 11:26:43.0272 4612 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys 11:26:43.0274 4612 vpcbus - ok 11:26:43.0288 4612 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys 11:26:43.0289 4612 vpcnfltr - ok 11:26:43.0310 4612 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys 11:26:43.0311 4612 vpcusb - ok 11:26:43.0349 4612 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys 11:26:43.0356 4612 vpcvmm - ok 11:26:43.0394 4612 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 11:26:43.0398 4612 vsmraid - ok 11:26:43.0496 4612 vstor2-mntapi10 (e755434912834b96b77a58867acaf279) D:\tools\virtualisierung\VMware\VMware vCenter Converter Standalone\vstor2-mntapi10.sys 11:26:43.0498 4612 vstor2-mntapi10 - ok 11:26:43.0508 4612 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 11:26:43.0510 4612 vwifibus - ok 11:26:43.0529 4612 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 11:26:43.0530 4612 WacomPen - ok 11:26:43.0576 4612 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:26:43.0579 4612 WANARP - ok 11:26:43.0586 4612 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:26:43.0589 4612 Wanarpv6 - ok 11:26:43.0624 4612 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 11:26:43.0625 4612 Wd - ok 11:26:43.0649 4612 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 11:26:43.0655 4612 Wdf01000 - ok 11:26:43.0686 4612 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 11:26:43.0687 4612 WfpLwf - ok 11:26:43.0705 4612 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 11:26:43.0706 4612 WIMMount - ok 11:26:43.0771 4612 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 11:26:43.0771 4612 WmiAcpi - ok 11:26:43.0798 4612 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 11:26:43.0798 4612 ws2ifsl - ok 11:26:43.0832 4612 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 11:26:43.0833 4612 WudfPf - ok 11:26:43.0853 4612 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:26:43.0855 4612 WUDFRd - ok 11:26:43.0936 4612 X6va005 - ok 11:26:43.0966 4612 X6va006 - ok 11:26:44.0009 4612 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 11:26:44.0053 4612 \Device\Harddisk0\DR0 - ok 11:26:44.0056 4612 Boot (0x1200) (1fe89318b417ead26e3867eb8d47b7f9) \Device\Harddisk0\DR0\Partition0 11:26:44.0057 4612 \Device\Harddisk0\DR0\Partition0 - ok 11:26:44.0064 4612 Boot (0x1200) (a3813defb94f524cc52d9d243cbb7593) \Device\Harddisk0\DR0\Partition1 11:26:44.0065 4612 \Device\Harddisk0\DR0\Partition1 - ok 11:26:44.0079 4612 Boot (0x1200) (0b6f2c743b70167daef7b258f61f72f2) \Device\Harddisk0\DR0\Partition2 11:26:44.0080 4612 \Device\Harddisk0\DR0\Partition2 - ok 11:26:44.0094 4612 Boot (0x1200) (93faec31df714ce9c44a49eaf76e2c79) \Device\Harddisk0\DR0\Partition3 11:26:44.0095 4612 \Device\Harddisk0\DR0\Partition3 - ok 11:26:44.0112 4612 Boot (0x1200) (c986a3428c21cdba370e8072651a2967) \Device\Harddisk0\DR0\Partition4 11:26:44.0112 4612 \Device\Harddisk0\DR0\Partition4 - ok 11:26:44.0113 4612 ============================================================ 11:26:44.0113 4612 Scan finished 11:26:44.0113 4612 ============================================================ 11:26:44.0121 4560 Detected object count: 0 11:26:44.0121 4560 Actual detected object count: 0 11:27:18.0656 3108 Deinitialize success |
Combofix Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
|
Hallo Marius, das combofix Log. vg, robibor Combofix Logfile: Code: ComboFix 12-03-04.02 - uwe 05.03.2012 11:58:40.2.4 - x64 |
Schritt 1: Software deinstallieren Klicke auf Start-->Systemsteuerung, wähle Programme und Funktionen. Suche und deinstalliere folgende Software: Code: Conduit engineSchritt 2: CF-Script Hinweis für Mitleser: Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von einem der folgenden Download-Spiegel neu herunter: BleepingComputer.com - ForoSpyware.comund speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)! Drücke die Windows + R Taste --> Notepad (hinein schreiben) --> OK Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument. Code: DirLook::Wichtig:
Schritt 3: Neues OTL-Log Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)
|
Hallo Marius, Combofix Logfile: Code: ComboFix 12-03-04.02 - uwe 05.03.2012 14:54:14.3.4 - x64VG, robibor Schei.. habe was vermasselt. Habe den Schritt 1 nicht erledigt. Ist noch was zu retten?? |
und wo sind die beiden OTL-Dateien? ;) |
So hier die 2 Files. OTL.Txt:OTL Logfile: Code: OTL logfile created on: 05.03.2012 16:27:16 - Run 6Extras.Txt:OTL Logfile: Code: OTL Extras logfile created on: 05.03.2012 16:27:16 - Run 6VG, robibor |
So hier die 2 Files. OTL.Txt: Code: OTL logfile created on: 05.03.2012 16:27:16 - Run 6Extras.Txt: Code: OTL Extras logfile created on: 05.03.2012 16:27:16 - Run 6VG, robibor |
Schritt 1: OTL-Fix
Code: :OTL
Schritt 2: MBAM Downloade Dir bitte Malwarebytes
Frage: Du hast mehrere uralte Versionen von Java und Firefox am System - ist das Absicht, weil du sie zur Entwicklung benötigst oder können wir das beheben? |
Hallo, All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename Prefs.js: "Winload Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627" removed from browser.search.defaulturl Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1 Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q=" removed from keyword.URL Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. C:\Users\uwe\AppData\Roaming\Amkaa folder moved successfully. ADS C:\ProgramData\TEMP:ECF54A0E deleted successfully. ADS C:\ProgramData\TEMP:05D195EC deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: admin ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: AppData ->Temp folder emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: frauke ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 670819018 bytes ->Flash cache emptied: 2347 bytes User: ggehrau ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 186413655 bytes ->Google Chrome cache emptied: 244449723 bytes ->Flash cache emptied: 1870 bytes User: mathis ->Temp folder emptied: 35969 bytes ->Temporary Internet Files folder emptied: 1172142 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 401991562 bytes ->Flash cache emptied: 1051 bytes User: Public ->Temp folder emptied: 0 bytes User: ugehrau ->Temp folder emptied: 705 bytes ->Temporary Internet Files folder emptied: 367868 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 157005852 bytes ->Flash cache emptied: 8348 bytes User: uwe ->Temp folder emptied: 5226877 bytes ->Temporary Internet Files folder emptied: 2429249 bytes ->Java cache emptied: 497170 bytes ->FireFox cache emptied: 632349471 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 10202 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 11988 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes RecycleBin emptied: 584704 bytes Total Files Cleaned = 2.197,00 mb OTL by OldTimer - Version 3.2.35.1 log created on 03052012_203840 Files\Folders moved on Reboot... C:\Users\uwe\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... ######################################################### Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.05.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 uwe :: ATHOS [Administrator] Schutz: Aktiviert 05.03.2012 20:47:11 mbam-log-2012-03-05 (20-47-11).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 286596 Laufzeit: 4 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) ######################################################## Ich habe bei den Java-Files schon etwas aufgeräumt. Den Rest würde ich gern behalten. Beim FF brauche ich nur den aktuellsten FF. Ihr könnt also etwas putzen. Danke. VG, robibor |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 02:31 Uhr. |
Copyright ©2000-2026, Trojaner-Board