| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Spywaredoctor findet -Rootkit.TDSS.v3 imWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.03.2012, 16:43
| #1 |
 |  Spywaredoctor findet -Rootkit.TDSS.v3 im Name der Bedrohung - Rootkit.TDSS.v3 Typ - Unknown Risikostufe - Hoch Infektion - Kernel Objects (Kernel Treiber-Kernel Objects) Verlangt nach löschen Restart,aber beim nochmaligen suchen ist es wieda da  p.s:Superantispyware,AVG und Malewarebytes finden nix  Biite um Hilfe! Geändert von Kult (20.03.2012 um 16:53 Uhr) |
|
20.03.2012, 17:32
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Spywaredoctor findet -Rootkit.TDSS.v3 im Bitte trotzdem alle Logs von SASW Malwarebytes und AVG posten!
__________________
__________________ |
|
20.03.2012, 18:44
| #3 | |
| | Spywaredoctor findet -Rootkit.TDSS.v3 im Superantispyware
__________________Zitat:
|
|
20.03.2012, 21:13
| #4 | ||
| | Spywaredoctor findet -Rootkit.TDSS.v3 im Malewarebytesscan: Zitat:
Zitat:
|
|
21.03.2012, 15:04
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spywaredoctor findet -Rootkit.TDSS.v3 im Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt? Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.03.2012, 15:38
| #6 |
| | Spywaredoctor findet -Rootkit.TDSS.v3 im Ja,aber nicht seitdem ich das Betriebssystem vor ein paar Monaten neu aufgesetzt hab.... |
|
21.03.2012, 16:44
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spywaredoctor findet -Rootkit.TDSS.v3 im Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.03.2012, 17:51
| #8 |
| | Spywaredoctor findet -Rootkit.TDSS.v3 im Kaspersky log Code:
ATTFilter 17:48:45.0000 2376 TDSS rootkit removing tool 2.7.21.0 Mar 21 2012 09:06:51
17:48:45.0140 2376 ============================================================
17:48:45.0140 2376 Current date / time: 2012/03/21 17:48:45.0140
17:48:45.0140 2376 SystemInfo:
17:48:45.0140 2376
17:48:45.0140 2376 OS Version: 5.1.2600 ServicePack: 3.0
17:48:45.0140 2376 Product type: Workstation
17:48:45.0140 2376 ComputerName: PROPHET-D72819D
17:48:45.0140 2376 UserName: enan
17:48:45.0140 2376 Windows directory: C:\WINDOWS
17:48:45.0140 2376 System windows directory: C:\WINDOWS
17:48:45.0140 2376 Processor architecture: Intel x86
17:48:45.0140 2376 Number of processors: 2
17:48:45.0140 2376 Page size: 0x1000
17:48:45.0140 2376 Boot type: Normal boot
17:48:45.0140 2376 ============================================================
17:48:46.0515 2376 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:48:46.0515 2376 Drive \Device\Harddisk1\DR3 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:48:46.0921 2376 \Device\Harddisk0\DR0:
17:48:46.0921 2376 MBR used
17:48:46.0921 2376 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x20F57535
17:48:46.0937 2376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x20F575B3, BlocksNum 0x537AA54D
17:48:46.0937 2376 \Device\Harddisk1\DR3:
17:48:46.0937 2376 MBR used
17:48:46.0937 2376 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA87AF0
17:48:47.0046 2376 Initialize success
17:48:47.0046 2376 ============================================================
17:48:56.0328 3944 ============================================================
17:48:56.0328 3944 Scan started
17:48:56.0328 3944 Mode: Manual; SigCheck; TDLFS;
17:48:56.0328 3944 ============================================================
17:48:56.0718 3944 Abiosdsk - ok
17:48:56.0734 3944 abp480n5 - ok
17:48:56.0734 3944 Abyssus03 - ok
17:48:56.0781 3944 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:48:57.0875 3944 ACPI - ok
17:48:57.0921 3944 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:48:58.0015 3944 ACPIEC - ok
17:48:58.0031 3944 adpu160m - ok
17:48:58.0046 3944 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:48:58.0125 3944 aec - ok
17:48:58.0156 3944 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:48:58.0187 3944 AFD - ok
17:48:58.0187 3944 Aha154x - ok
17:48:58.0203 3944 aic78u2 - ok
17:48:58.0203 3944 aic78xx - ok
17:48:58.0218 3944 AliIde - ok
17:48:58.0265 3944 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
17:48:58.0343 3944 Ambfilt - ok
17:48:58.0359 3944 amsint - ok
17:48:58.0406 3944 AnyDVD (eb9a88895a822c13aa2bbc9dcd44280f) C:\WINDOWS\system32\Drivers\AnyDVD.sys
17:48:58.0421 3944 AnyDVD - ok
17:48:58.0421 3944 asc - ok
17:48:58.0421 3944 asc3350p - ok
17:48:58.0437 3944 asc3550 - ok
17:48:58.0453 3944 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:48:58.0531 3944 AsyncMac - ok
17:48:58.0562 3944 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:48:58.0640 3944 atapi - ok
17:48:58.0640 3944 Atdisk - ok
17:48:58.0656 3944 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:48:58.0734 3944 Atmarpc - ok
17:48:58.0750 3944 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:48:58.0812 3944 audstub - ok
17:48:58.0843 3944 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
17:48:58.0859 3944 AVGIDSDriver - ok
17:48:58.0875 3944 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
17:48:58.0875 3944 AVGIDSEH - ok
17:48:58.0890 3944 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
17:48:58.0890 3944 AVGIDSFilter - ok
17:48:58.0906 3944 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
17:48:58.0921 3944 AVGIDSShim - ok
17:48:58.0937 3944 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
17:48:58.0937 3944 Avgldx86 - ok
17:48:58.0953 3944 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
17:48:58.0953 3944 Avgmfx86 - ok
17:48:58.0968 3944 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
17:48:58.0968 3944 Avgrkx86 - ok
17:48:58.0984 3944 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
17:48:59.0000 3944 Avgtdix - ok
17:48:59.0015 3944 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:48:59.0078 3944 Beep - ok
17:48:59.0109 3944 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:48:59.0171 3944 cbidf2k - ok
17:48:59.0203 3944 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:48:59.0281 3944 CCDECODE - ok
17:48:59.0281 3944 cd20xrnt - ok
17:48:59.0296 3944 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:48:59.0359 3944 Cdaudio - ok
17:48:59.0390 3944 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:48:59.0468 3944 Cdfs - ok
17:48:59.0468 3944 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:48:59.0546 3944 Cdrom - ok
17:48:59.0546 3944 Changer - ok
17:48:59.0578 3944 CLBStor (8ff465e99a6c1ffb24533b80afabdb65) C:\WINDOWS\system32\drivers\CLBStor.sys
17:48:59.0578 3944 CLBStor - ok
17:48:59.0593 3944 CLBUDF (d7795739dd59375c90ad44d11f2b52ad) C:\WINDOWS\system32\drivers\CLBUDF.sys
17:48:59.0609 3944 CLBUDF - ok
17:48:59.0609 3944 CmdIde - ok
17:48:59.0625 3944 Cpqarray - ok
17:48:59.0640 3944 dac2w2k - ok
17:48:59.0640 3944 dac960nt - ok
17:48:59.0671 3944 dc3d (91c1736e77cff029302728b431d0eedb) C:\WINDOWS\system32\DRIVERS\dc3d.sys
17:48:59.0687 3944 dc3d - ok
17:48:59.0703 3944 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\WINDOWS\system32\drivers\dgderdrv.sys
17:48:59.0718 3944 dgderdrv - ok
17:48:59.0734 3944 dg_ssudbus (d8522960163fa593694e441194a9a574) C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:48:59.0750 3944 dg_ssudbus - ok
17:48:59.0765 3944 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:48:59.0828 3944 Disk - ok
17:48:59.0843 3944 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:48:59.0937 3944 dmboot - ok
17:48:59.0937 3944 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:49:00.0000 3944 dmio - ok
17:49:00.0015 3944 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:49:00.0078 3944 dmload - ok
17:49:00.0093 3944 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:49:00.0187 3944 DMusic - ok
17:49:00.0187 3944 dpti2o - ok
17:49:00.0203 3944 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:49:00.0281 3944 drmkaud - ok
17:49:00.0312 3944 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
17:49:00.0312 3944 ElbyCDIO - ok
17:49:00.0328 3944 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:49:00.0390 3944 Fastfat - ok
17:49:00.0406 3944 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:49:00.0468 3944 Fdc - ok
17:49:00.0531 3944 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:49:00.0609 3944 Fips - ok
17:49:00.0640 3944 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:49:00.0703 3944 Flpydisk - ok
17:49:00.0734 3944 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:49:00.0812 3944 FltMgr - ok
17:49:00.0828 3944 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:49:00.0890 3944 Fs_Rec - ok
17:49:00.0906 3944 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:49:00.0968 3944 Ftdisk - ok
17:49:00.0984 3944 FXDrv32 - ok
17:49:00.0984 3944 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:49:01.0046 3944 Gpc - ok
17:49:01.0093 3944 hcw66xxx (3c7291e216f0cdb015728c2dc5e2ae60) C:\WINDOWS\system32\Drivers\hcw66xxx.sys
17:49:01.0140 3944 hcw66xxx - ok
17:49:01.0156 3944 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:49:01.0218 3944 HDAudBus - ok
17:49:01.0250 3944 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:49:01.0312 3944 hidusb - ok
17:49:01.0312 3944 hpn - ok
17:49:01.0343 3944 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:49:01.0390 3944 HTTP - ok
17:49:01.0390 3944 i2omgmt - ok
17:49:01.0406 3944 i2omp - ok
17:49:01.0406 3944 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:49:01.0484 3944 i8042prt - ok
17:49:01.0500 3944 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:49:01.0562 3944 Imapi - ok
17:49:01.0578 3944 ini910u - ok
17:49:01.0703 3944 IntcAzAudAddService (4716f7ee8fb7fd02596ece1ec70aff53) C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:49:01.0828 3944 IntcAzAudAddService - ok
17:49:01.0843 3944 IntelIde - ok
17:49:01.0843 3944 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:49:01.0906 3944 intelppm - ok
17:49:01.0921 3944 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:49:01.0984 3944 Ip6Fw - ok
17:49:02.0015 3944 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:49:02.0078 3944 IpFilterDriver - ok
17:49:02.0093 3944 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:49:02.0156 3944 IpInIp - ok
17:49:02.0171 3944 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:49:02.0234 3944 IpNat - ok
17:49:02.0265 3944 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:49:02.0328 3944 IPSec - ok
17:49:02.0343 3944 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
17:49:02.0375 3944 irda - ok
17:49:02.0375 3944 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:49:02.0421 3944 IRENUM - ok
17:49:02.0453 3944 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
17:49:02.0500 3944 irsir - ok
17:49:02.0546 3944 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:49:02.0609 3944 isapnp - ok
17:49:02.0625 3944 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:49:02.0687 3944 Kbdclass - ok
17:49:02.0703 3944 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:49:02.0765 3944 kbdhid - ok
17:49:02.0781 3944 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:49:02.0859 3944 kmixer - ok
17:49:02.0859 3944 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:49:02.0890 3944 KSecDD - ok
17:49:02.0906 3944 lbrtfdc - ok
17:49:02.0921 3944 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:49:02.0984 3944 mnmdd - ok
17:49:03.0000 3944 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:49:03.0062 3944 Modem - ok
17:49:03.0109 3944 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
17:49:03.0171 3944 Monfilt - ok
17:49:03.0171 3944 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:49:03.0234 3944 Mouclass - ok
17:49:03.0250 3944 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:49:03.0328 3944 mouhid - ok
17:49:03.0328 3944 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:49:03.0390 3944 MountMgr - ok
17:49:03.0421 3944 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
17:49:03.0484 3944 MPE - ok
17:49:03.0515 3944 mraid35x - ok
17:49:03.0531 3944 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:49:03.0593 3944 MRxDAV - ok
17:49:03.0640 3944 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:49:03.0671 3944 MRxSmb - ok
17:49:03.0703 3944 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:49:03.0765 3944 Msfs - ok
17:49:03.0781 3944 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:49:03.0859 3944 MSKSSRV - ok
17:49:03.0875 3944 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:49:03.0937 3944 MSPCLOCK - ok
17:49:03.0953 3944 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:49:04.0015 3944 MSPQM - ok
17:49:04.0046 3944 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:49:04.0109 3944 mssmbios - ok
17:49:04.0125 3944 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:49:04.0187 3944 MSTEE - ok
17:49:04.0203 3944 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:49:04.0218 3944 Mup - ok
17:49:04.0234 3944 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:49:04.0296 3944 NABTSFEC - ok
17:49:04.0312 3944 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:49:04.0390 3944 NDIS - ok
17:49:04.0390 3944 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:49:04.0453 3944 NdisIP - ok
17:49:04.0500 3944 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:49:04.0500 3944 NdisTapi - ok
17:49:04.0531 3944 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:49:04.0593 3944 Ndisuio - ok
17:49:04.0625 3944 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:49:04.0703 3944 NdisWan - ok
17:49:04.0734 3944 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:49:04.0750 3944 NDProxy - ok
17:49:04.0765 3944 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:49:04.0828 3944 NetBIOS - ok
17:49:04.0843 3944 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:49:04.0921 3944 NetBT - ok
17:49:04.0953 3944 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:49:05.0015 3944 Npfs - ok
17:49:05.0031 3944 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:49:05.0109 3944 Ntfs - ok
17:49:05.0125 3944 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:49:05.0187 3944 Null - ok
17:49:05.0406 3944 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:49:05.0859 3944 nv - ok
17:49:05.0906 3944 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:49:05.0968 3944 NwlnkFlt - ok
17:49:05.0968 3944 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:49:06.0046 3944 NwlnkFwd - ok
17:49:06.0062 3944 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:49:06.0125 3944 Parport - ok
17:49:06.0156 3944 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:49:06.0218 3944 PartMgr - ok
17:49:06.0234 3944 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:49:06.0296 3944 ParVdm - ok
17:49:06.0328 3944 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:49:06.0359 3944 pccsmcfd - ok
17:49:06.0375 3944 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:49:06.0453 3944 PCI - ok
17:49:06.0453 3944 PCIDump - ok
17:49:06.0500 3944 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:49:06.0593 3944 PCIIde - ok
17:49:06.0609 3944 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:49:06.0687 3944 Pcmcia - ok
17:49:06.0687 3944 PDCOMP - ok
17:49:06.0703 3944 PDFRAME - ok
17:49:06.0703 3944 PDRELI - ok
17:49:06.0718 3944 PDRFRAME - ok
17:49:06.0718 3944 perc2 - ok
17:49:06.0734 3944 perc2hib - ok
17:49:06.0750 3944 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:49:06.0828 3944 PptpMiniport - ok
17:49:06.0828 3944 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:49:06.0890 3944 PSched - ok
17:49:06.0921 3944 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:49:06.0984 3944 Ptilink - ok
17:49:07.0015 3944 ql1080 - ok
17:49:07.0015 3944 Ql10wnt - ok
17:49:07.0015 3944 ql12160 - ok
17:49:07.0031 3944 ql1240 - ok
17:49:07.0031 3944 ql1280 - ok
17:49:07.0046 3944 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:49:07.0109 3944 RasAcd - ok
17:49:07.0140 3944 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
17:49:07.0171 3944 Rasirda - ok
17:49:07.0187 3944 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:49:07.0250 3944 Rasl2tp - ok
17:49:07.0250 3944 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:49:07.0312 3944 RasPppoe - ok
17:49:07.0343 3944 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:49:07.0421 3944 Raspti - ok
17:49:07.0437 3944 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:49:07.0500 3944 Rdbss - ok
17:49:07.0515 3944 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:49:07.0593 3944 RDPCDD - ok
17:49:07.0593 3944 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:49:07.0671 3944 rdpdr - ok
17:49:07.0703 3944 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:49:07.0734 3944 RDPWD - ok
17:49:07.0734 3944 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:49:07.0796 3944 redbook - ok
17:49:07.0843 3944 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:49:07.0875 3944 RTLE8023xp - ok
17:49:07.0921 3944 RTLWUSB (c3880bf1bad0b8eb69efb07a9c3fa7d9) C:\WINDOWS\system32\DRIVERS\wg111v2.sys
17:49:07.0953 3944 RTLWUSB - ok
17:49:07.0984 3944 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:49:08.0000 3944 SASDIFSV - ok
17:49:08.0031 3944 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:49:08.0031 3944 SASKUTIL - ok
17:49:08.0062 3944 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:49:08.0093 3944 Secdrv - ok
17:49:08.0109 3944 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:49:08.0171 3944 serenum - ok
17:49:08.0187 3944 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:49:08.0250 3944 Serial - ok
17:49:08.0281 3944 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:49:08.0343 3944 Sfloppy - ok
17:49:08.0359 3944 Simbad - ok
17:49:08.0390 3944 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:49:08.0453 3944 SLIP - ok
17:49:08.0468 3944 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
17:49:08.0531 3944 SONYPVU1 - ok
17:49:08.0546 3944 Sparrow - ok
17:49:08.0562 3944 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:49:08.0656 3944 splitter - ok
17:49:08.0703 3944 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
17:49:08.0703 3944 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
17:49:08.0703 3944 sptd ( LockedFile.Multi.Generic ) - warning
17:49:08.0703 3944 sptd - detected LockedFile.Multi.Generic (1)
17:49:08.0718 3944 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:49:08.0750 3944 sr - ok
17:49:08.0781 3944 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:49:08.0843 3944 Srv - ok
17:49:08.0875 3944 ssudmdm (1b4052f016ba5e087689aba536a0a927) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:49:08.0875 3944 ssudmdm - ok
17:49:08.0906 3944 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
17:49:08.0937 3944 StarOpen ( UnsignedFile.Multi.Generic ) - warning
17:49:08.0937 3944 StarOpen - detected UnsignedFile.Multi.Generic (1)
17:49:08.0968 3944 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:49:09.0031 3944 streamip - ok
17:49:09.0031 3944 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:49:09.0093 3944 swenum - ok
17:49:09.0125 3944 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:49:09.0187 3944 swmidi - ok
17:49:09.0187 3944 symc810 - ok
17:49:09.0203 3944 symc8xx - ok
17:49:09.0203 3944 sym_hi - ok
17:49:09.0218 3944 sym_u3 - ok
17:49:09.0218 3944 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:49:09.0296 3944 sysaudio - ok
17:49:09.0343 3944 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:49:09.0390 3944 Tcpip - ok
17:49:09.0406 3944 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:49:09.0468 3944 TDPIPE - ok
17:49:09.0484 3944 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:49:09.0546 3944 TDTCP - ok
17:49:09.0578 3944 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:49:09.0656 3944 TermDD - ok
17:49:09.0671 3944 TosIde - ok
17:49:09.0671 3944 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:49:09.0734 3944 Udfs - ok
17:49:09.0750 3944 ultra - ok
17:49:09.0781 3944 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:49:09.0859 3944 Update - ok
17:49:09.0890 3944 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:49:09.0921 3944 USBAAPL - ok
17:49:09.0953 3944 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:49:10.0031 3944 usbaudio - ok
17:49:10.0031 3944 usbbus - ok
17:49:10.0046 3944 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:49:10.0125 3944 usbccgp - ok
17:49:10.0125 3944 UsbDiag - ok
17:49:10.0156 3944 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:49:10.0218 3944 usbehci - ok
17:49:10.0234 3944 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:49:10.0296 3944 usbhub - ok
17:49:10.0312 3944 USBModem - ok
17:49:10.0343 3944 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:49:10.0406 3944 usbprint - ok
17:49:10.0421 3944 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:49:10.0484 3944 usbscan - ok
17:49:10.0500 3944 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:49:10.0562 3944 usbstor - ok
17:49:10.0578 3944 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:49:10.0656 3944 usbuhci - ok
17:49:10.0656 3944 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:49:10.0718 3944 VgaSave - ok
17:49:10.0734 3944 ViaIde - ok
17:49:10.0734 3944 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:49:10.0796 3944 VolSnap - ok
17:49:10.0828 3944 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:49:10.0890 3944 Wanarp - ok
17:49:10.0921 3944 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
17:49:10.0937 3944 Wdf01000 - ok
17:49:10.0937 3944 WDICA - ok
17:49:10.0984 3944 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:49:11.0046 3944 wdmaud - ok
17:49:11.0078 3944 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
17:49:11.0093 3944 WinUSB - ok
17:49:11.0125 3944 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:49:11.0156 3944 WpdUsb - ok
17:49:11.0187 3944 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:49:11.0250 3944 WS2IFSL - ok
17:49:11.0281 3944 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:49:11.0359 3944 WSTCODEC - ok
17:49:11.0390 3944 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:49:11.0421 3944 WudfPf - ok
17:49:11.0437 3944 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:49:11.0453 3944 WudfRd - ok
17:49:11.0468 3944 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
17:49:11.0609 3944 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:49:11.0609 3944 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:49:11.0609 3944 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR3
17:49:12.0078 3944 \Device\Harddisk1\DR3 - ok
17:49:12.0078 3944 Boot (0x1200) (0e829e8e5a4fab901c1b2c7c63c874f5) \Device\Harddisk0\DR0\Partition0
17:49:12.0078 3944 \Device\Harddisk0\DR0\Partition0 - ok
17:49:12.0093 3944 Boot (0x1200) (9b6ad40cb8348fa926397d5b54ccf1e1) \Device\Harddisk0\DR0\Partition1
17:49:12.0093 3944 \Device\Harddisk0\DR0\Partition1 - ok
17:49:12.0109 3944 Boot (0x1200) (6d3cfbc5a1b752d6df6ae8a1ee3af623) \Device\Harddisk1\DR3\Partition0
17:49:12.0109 3944 \Device\Harddisk1\DR3\Partition0 - ok
17:49:12.0109 3944 ============================================================
17:49:12.0109 3944 Scan finished
17:49:12.0109 3944 ============================================================
17:49:12.0218 1612 Detected object count: 3
17:49:12.0218 1612 Actual detected object count: 3
17:49:29.0078 1612 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:49:29.0078 1612 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:49:29.0078 1612 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
17:49:29.0078 1612 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:49:29.0078 1612 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:49:29.0078 1612 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
21.03.2012, 18:16
| #9 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spywaredoctor findet -Rootkit.TDSS.v3 imZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.03.2012, 18:36
| #10 |
| | Spywaredoctor findet -Rootkit.TDSS.v3 im neuer Log P.s:Nach Löschen schrieb er 1 neutralized und 5 in Quarantäne. Code:
ATTFilter 18:34:47.0078 1252 TDSS rootkit removing tool 2.7.21.0 Mar 21 2012 09:06:51
18:34:47.0156 1252 ============================================================
18:34:47.0156 1252 Current date / time: 2012/03/21 18:34:47.0156
18:34:47.0156 1252 SystemInfo:
18:34:47.0156 1252
18:34:47.0156 1252 OS Version: 5.1.2600 ServicePack: 3.0
18:34:47.0156 1252 Product type: Workstation
18:34:47.0156 1252 ComputerName: PROPHET-D72819D
18:34:47.0156 1252 UserName: enan
18:34:47.0156 1252 Windows directory: C:\WINDOWS
18:34:47.0156 1252 System windows directory: C:\WINDOWS
18:34:47.0156 1252 Processor architecture: Intel x86
18:34:47.0156 1252 Number of processors: 2
18:34:47.0156 1252 Page size: 0x1000
18:34:47.0156 1252 Boot type: Normal boot
18:34:47.0156 1252 ============================================================
18:34:48.0093 1252 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:34:48.0093 1252 Drive \Device\Harddisk1\DR3 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:48.0484 1252 \Device\Harddisk0\DR0:
18:34:48.0484 1252 MBR used
18:34:48.0484 1252 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x20F57535
18:34:48.0484 1252 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x20F575B3, BlocksNum 0x537AA54D
18:34:48.0484 1252 \Device\Harddisk1\DR3:
18:34:48.0484 1252 MBR used
18:34:48.0484 1252 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA87AF0
18:34:48.0531 1252 Initialize success
18:34:48.0531 1252 ============================================================
18:34:53.0750 1224 ============================================================
18:34:53.0750 1224 Scan started
18:34:53.0750 1224 Mode: Manual; SigCheck; TDLFS;
18:34:53.0750 1224 ============================================================
18:34:54.0515 1224 Abiosdsk - ok
18:34:54.0531 1224 abp480n5 - ok
18:34:54.0546 1224 Abyssus03 - ok
18:34:54.0578 1224 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:34:56.0781 1224 ACPI - ok
18:34:56.0906 1224 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:34:57.0031 1224 ACPIEC - ok
18:34:57.0093 1224 adpu160m - ok
18:34:57.0171 1224 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:34:57.0281 1224 aec - ok
18:34:57.0343 1224 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:34:57.0453 1224 AFD - ok
18:34:57.0500 1224 Aha154x - ok
18:34:57.0515 1224 aic78u2 - ok
18:34:57.0546 1224 aic78xx - ok
18:34:57.0562 1224 AliIde - ok
18:34:57.0812 1224 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
18:34:58.0046 1224 Ambfilt - ok
18:34:58.0140 1224 amsint - ok
18:34:58.0250 1224 AnyDVD (eb9a88895a822c13aa2bbc9dcd44280f) C:\WINDOWS\system32\Drivers\AnyDVD.sys
18:34:58.0250 1224 AnyDVD - ok
18:34:58.0281 1224 asc - ok
18:34:58.0312 1224 asc3350p - ok
18:34:58.0312 1224 asc3550 - ok
18:34:58.0375 1224 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:34:58.0468 1224 AsyncMac - ok
18:34:58.0500 1224 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:34:58.0593 1224 atapi - ok
18:34:58.0640 1224 Atdisk - ok
18:34:58.0671 1224 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:34:58.0765 1224 Atmarpc - ok
18:34:59.0140 1224 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:34:59.0250 1224 audstub - ok
18:34:59.0453 1224 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
18:34:59.0468 1224 AVGIDSDriver - ok
18:34:59.0500 1224 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
18:34:59.0500 1224 AVGIDSEH - ok
18:34:59.0515 1224 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
18:34:59.0531 1224 AVGIDSFilter - ok
18:34:59.0546 1224 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
18:34:59.0546 1224 AVGIDSShim - ok
18:34:59.0562 1224 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
18:34:59.0578 1224 Avgldx86 - ok
18:34:59.0578 1224 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
18:34:59.0593 1224 Avgmfx86 - ok
18:34:59.0593 1224 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
18:34:59.0609 1224 Avgrkx86 - ok
18:34:59.0765 1224 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
18:34:59.0781 1224 Avgtdix - ok
18:34:59.0812 1224 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:34:59.0937 1224 Beep - ok
18:34:59.0953 1224 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:35:00.0046 1224 cbidf2k - ok
18:35:00.0281 1224 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:35:00.0359 1224 CCDECODE - ok
18:35:00.0375 1224 cd20xrnt - ok
18:35:00.0375 1224 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:35:00.0484 1224 Cdaudio - ok
18:35:00.0500 1224 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:35:00.0593 1224 Cdfs - ok
18:35:00.0609 1224 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:35:00.0703 1224 Cdrom - ok
18:35:00.0703 1224 Changer - ok
18:35:00.0734 1224 CLBStor (8ff465e99a6c1ffb24533b80afabdb65) C:\WINDOWS\system32\drivers\CLBStor.sys
18:35:00.0750 1224 CLBStor - ok
18:35:00.0765 1224 CLBUDF (d7795739dd59375c90ad44d11f2b52ad) C:\WINDOWS\system32\drivers\CLBUDF.sys
18:35:00.0765 1224 CLBUDF - ok
18:35:00.0781 1224 CmdIde - ok
18:35:00.0796 1224 Cpqarray - ok
18:35:00.0796 1224 dac2w2k - ok
18:35:00.0796 1224 dac960nt - ok
18:35:00.0812 1224 dc3d (91c1736e77cff029302728b431d0eedb) C:\WINDOWS\system32\DRIVERS\dc3d.sys
18:35:00.0828 1224 dc3d - ok
18:35:00.0859 1224 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\WINDOWS\system32\drivers\dgderdrv.sys
18:35:00.0859 1224 dgderdrv - ok
18:35:00.0890 1224 dg_ssudbus (d8522960163fa593694e441194a9a574) C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:35:00.0890 1224 dg_ssudbus - ok
18:35:00.0937 1224 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:35:01.0062 1224 Disk - ok
18:35:01.0093 1224 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
18:35:01.0187 1224 dmboot - ok
18:35:01.0203 1224 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
18:35:01.0265 1224 dmio - ok
18:35:01.0281 1224 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:35:01.0375 1224 dmload - ok
18:35:01.0406 1224 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:35:01.0515 1224 DMusic - ok
18:35:01.0546 1224 dpti2o - ok
18:35:01.0578 1224 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:35:01.0656 1224 drmkaud - ok
18:35:01.0687 1224 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
18:35:01.0703 1224 ElbyCDIO - ok
18:35:01.0718 1224 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:35:01.0796 1224 Fastfat - ok
18:35:01.0828 1224 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:35:01.0890 1224 Fdc - ok
18:35:01.0906 1224 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
18:35:02.0468 1224 Fips - ok
18:35:02.0500 1224 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:35:02.0578 1224 Flpydisk - ok
18:35:02.0625 1224 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:35:02.0687 1224 FltMgr - ok
18:35:02.0750 1224 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:35:02.0812 1224 Fs_Rec - ok
18:35:02.0828 1224 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:35:02.0906 1224 Ftdisk - ok
18:35:02.0906 1224 FXDrv32 - ok
18:35:02.0937 1224 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:35:03.0046 1224 Gpc - ok
18:35:03.0109 1224 hcw66xxx (3c7291e216f0cdb015728c2dc5e2ae60) C:\WINDOWS\system32\Drivers\hcw66xxx.sys
18:35:03.0171 1224 hcw66xxx - ok
18:35:03.0218 1224 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:35:03.0296 1224 HDAudBus - ok
18:35:03.0359 1224 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:35:03.0437 1224 hidusb - ok
18:35:03.0468 1224 hpn - ok
18:35:03.0515 1224 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:35:03.0593 1224 HTTP - ok
18:35:03.0593 1224 i2omgmt - ok
18:35:03.0625 1224 i2omp - ok
18:35:03.0671 1224 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:35:03.0750 1224 i8042prt - ok
18:35:03.0796 1224 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:35:03.0890 1224 Imapi - ok
18:35:03.0906 1224 ini910u - ok
18:35:04.0187 1224 IntcAzAudAddService (4716f7ee8fb7fd02596ece1ec70aff53) C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:35:04.0437 1224 IntcAzAudAddService - ok
18:35:04.0500 1224 IntelIde - ok
18:35:04.0531 1224 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:35:04.0609 1224 intelppm - ok
18:35:04.0656 1224 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:35:04.0734 1224 Ip6Fw - ok
18:35:04.0781 1224 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:35:04.0859 1224 IpFilterDriver - ok
18:35:04.0906 1224 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:35:05.0000 1224 IpInIp - ok
18:35:05.0031 1224 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:35:05.0109 1224 IpNat - ok
18:35:05.0156 1224 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:35:05.0234 1224 IPSec - ok
18:35:05.0296 1224 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
18:35:05.0343 1224 irda - ok
18:35:05.0390 1224 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:35:05.0437 1224 IRENUM - ok
18:35:05.0500 1224 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
18:35:05.0546 1224 irsir - ok
18:35:05.0671 1224 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:35:05.0765 1224 isapnp - ok
18:35:05.0796 1224 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:35:05.0875 1224 Kbdclass - ok
18:35:05.0890 1224 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:35:05.0968 1224 kbdhid - ok
18:35:06.0000 1224 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:35:06.0093 1224 kmixer - ok
18:35:06.0140 1224 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:35:06.0203 1224 KSecDD - ok
18:35:06.0218 1224 lbrtfdc - ok
18:35:06.0265 1224 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:35:06.0343 1224 mnmdd - ok
18:35:06.0390 1224 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
18:35:06.0484 1224 Modem - ok
18:35:06.0531 1224 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
18:35:06.0609 1224 Monfilt - ok
18:35:06.0640 1224 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:35:06.0734 1224 Mouclass - ok
18:35:06.0750 1224 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:35:06.0843 1224 mouhid - ok
18:35:06.0859 1224 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:35:06.0953 1224 MountMgr - ok
18:35:06.0984 1224 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
18:35:07.0078 1224 MPE - ok
18:35:07.0078 1224 mraid35x - ok
18:35:07.0093 1224 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:35:07.0171 1224 MRxDAV - ok
18:35:07.0203 1224 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:35:07.0265 1224 MRxSmb - ok
18:35:07.0296 1224 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:35:07.0375 1224 Msfs - ok
18:35:07.0390 1224 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:35:07.0453 1224 MSKSSRV - ok
18:35:07.0468 1224 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:35:07.0546 1224 MSPCLOCK - ok
18:35:07.0546 1224 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:35:07.0656 1224 MSPQM - ok
18:35:07.0687 1224 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:35:07.0765 1224 mssmbios - ok
18:35:07.0781 1224 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:35:07.0843 1224 MSTEE - ok
18:35:07.0859 1224 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:35:07.0890 1224 Mup - ok
18:35:07.0906 1224 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:35:07.0968 1224 NABTSFEC - ok
18:35:08.0031 1224 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:35:08.0203 1224 NDIS - ok
18:35:08.0218 1224 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:35:08.0281 1224 NdisIP - ok
18:35:08.0312 1224 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:35:08.0343 1224 NdisTapi - ok
18:35:08.0359 1224 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:35:08.0437 1224 Ndisuio - ok
18:35:08.0453 1224 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:35:08.0515 1224 NdisWan - ok
18:35:08.0562 1224 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:35:08.0593 1224 NDProxy - ok
18:35:08.0593 1224 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:35:08.0671 1224 NetBIOS - ok
18:35:08.0703 1224 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:35:08.0781 1224 NetBT - ok
18:35:08.0796 1224 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:35:08.0875 1224 Npfs - ok
18:35:08.0906 1224 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:35:08.0984 1224 Ntfs - ok
18:35:09.0000 1224 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:35:09.0062 1224 Null - ok
18:35:09.0281 1224 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:35:09.0750 1224 nv - ok
18:35:09.0781 1224 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:35:09.0843 1224 NwlnkFlt - ok
18:35:09.0843 1224 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:35:09.0937 1224 NwlnkFwd - ok
18:35:09.0953 1224 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
18:35:10.0031 1224 Parport - ok
18:35:10.0031 1224 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:35:10.0109 1224 PartMgr - ok
18:35:10.0125 1224 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:35:10.0187 1224 ParVdm - ok
18:35:10.0218 1224 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
18:35:10.0234 1224 pccsmcfd - ok
18:35:10.0250 1224 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
18:35:10.0328 1224 PCI - ok
18:35:10.0343 1224 PCIDump - ok
18:35:10.0359 1224 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:35:10.0437 1224 PCIIde - ok
18:35:10.0453 1224 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:35:10.0531 1224 Pcmcia - ok
18:35:10.0531 1224 PDCOMP - ok
18:35:10.0546 1224 PDFRAME - ok
18:35:10.0546 1224 PDRELI - ok
18:35:10.0562 1224 PDRFRAME - ok
18:35:10.0562 1224 perc2 - ok
18:35:10.0578 1224 perc2hib - ok
18:35:10.0593 1224 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:35:10.0718 1224 PptpMiniport - ok
18:35:10.0734 1224 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:35:10.0812 1224 PSched - ok
18:35:10.0843 1224 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:35:10.0906 1224 Ptilink - ok
18:35:10.0921 1224 ql1080 - ok
18:35:10.0937 1224 Ql10wnt - ok
18:35:10.0937 1224 ql12160 - ok
18:35:10.0953 1224 ql1240 - ok
18:35:10.0953 1224 ql1280 - ok
18:35:10.0968 1224 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:35:11.0046 1224 RasAcd - ok
18:35:11.0078 1224 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
18:35:11.0109 1224 Rasirda - ok
18:35:11.0125 1224 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:35:11.0187 1224 Rasl2tp - ok
18:35:11.0203 1224 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:35:11.0265 1224 RasPppoe - ok
18:35:11.0265 1224 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:35:11.0343 1224 Raspti - ok
18:35:11.0375 1224 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:35:11.0437 1224 Rdbss - ok
18:35:11.0453 1224 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:35:11.0515 1224 RDPCDD - ok
18:35:11.0531 1224 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:35:11.0593 1224 rdpdr - ok
18:35:11.0625 1224 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
18:35:11.0656 1224 RDPWD - ok
18:35:11.0671 1224 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:35:11.0734 1224 redbook - ok
18:35:11.0765 1224 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:35:11.0781 1224 RTLE8023xp - ok
18:35:11.0812 1224 RTLWUSB (c3880bf1bad0b8eb69efb07a9c3fa7d9) C:\WINDOWS\system32\DRIVERS\wg111v2.sys
18:35:11.0843 1224 RTLWUSB - ok
18:35:11.0875 1224 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:35:11.0890 1224 SASDIFSV - ok
18:35:11.0906 1224 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:35:11.0921 1224 SASKUTIL - ok
18:35:11.0937 1224 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:35:11.0968 1224 Secdrv - ok
18:35:11.0984 1224 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:35:12.0062 1224 serenum - ok
18:35:12.0062 1224 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
18:35:12.0125 1224 Serial - ok
18:35:12.0171 1224 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:35:12.0250 1224 Sfloppy - ok
18:35:12.0250 1224 Simbad - ok
18:35:12.0281 1224 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:35:12.0359 1224 SLIP - ok
18:35:12.0390 1224 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
18:35:12.0468 1224 SONYPVU1 - ok
18:35:12.0468 1224 Sparrow - ok
18:35:12.0500 1224 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:35:12.0578 1224 splitter - ok
18:35:12.0625 1224 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
18:35:12.0625 1224 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
18:35:12.0625 1224 sptd ( LockedFile.Multi.Generic ) - warning
18:35:12.0625 1224 sptd - detected LockedFile.Multi.Generic (1)
18:35:12.0625 1224 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
18:35:12.0671 1224 sr - ok
18:35:12.0687 1224 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:35:12.0718 1224 Srv - ok
18:35:12.0750 1224 ssudmdm (1b4052f016ba5e087689aba536a0a927) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
18:35:12.0750 1224 ssudmdm - ok
18:35:12.0796 1224 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
18:35:12.0812 1224 StarOpen ( UnsignedFile.Multi.Generic ) - warning
18:35:12.0812 1224 StarOpen - detected UnsignedFile.Multi.Generic (1)
18:35:12.0843 1224 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:35:12.0906 1224 streamip - ok
18:35:12.0937 1224 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:35:13.0000 1224 swenum - ok
18:35:13.0031 1224 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:35:13.0093 1224 swmidi - ok
18:35:13.0109 1224 symc810 - ok
18:35:13.0109 1224 symc8xx - ok
18:35:13.0125 1224 sym_hi - ok
18:35:13.0125 1224 sym_u3 - ok
18:35:13.0140 1224 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:35:13.0218 1224 sysaudio - ok
18:35:13.0265 1224 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:35:13.0296 1224 Tcpip - ok
18:35:13.0312 1224 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:35:13.0375 1224 TDPIPE - ok
18:35:13.0390 1224 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:35:13.0453 1224 TDTCP - ok
18:35:13.0468 1224 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:35:13.0531 1224 TermDD - ok
18:35:13.0546 1224 TosIde - ok
18:35:13.0562 1224 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:35:13.0625 1224 Udfs - ok
18:35:13.0640 1224 ultra - ok
18:35:13.0671 1224 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:35:13.0750 1224 Update - ok
18:35:13.0765 1224 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
18:35:13.0796 1224 USBAAPL - ok
18:35:13.0828 1224 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
18:35:13.0890 1224 usbaudio - ok
18:35:13.0890 1224 usbbus - ok
18:35:13.0937 1224 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:35:14.0000 1224 usbccgp - ok
18:35:14.0000 1224 UsbDiag - ok
18:35:14.0031 1224 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:35:14.0093 1224 usbehci - ok
18:35:14.0109 1224 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:35:14.0171 1224 usbhub - ok
18:35:14.0187 1224 USBModem - ok
18:35:14.0218 1224 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:35:14.0281 1224 usbprint - ok
18:35:14.0296 1224 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:35:14.0359 1224 usbscan - ok
18:35:14.0390 1224 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:35:14.0468 1224 usbstor - ok
18:35:14.0484 1224 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:35:14.0546 1224 usbuhci - ok
18:35:14.0562 1224 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:35:14.0625 1224 VgaSave - ok
18:35:14.0640 1224 ViaIde - ok
18:35:14.0640 1224 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
18:35:14.0718 1224 VolSnap - ok
18:35:14.0734 1224 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:35:14.0796 1224 Wanarp - ok
18:35:14.0843 1224 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
18:35:14.0859 1224 Wdf01000 - ok
18:35:14.0875 1224 WDICA - ok
18:35:14.0906 1224 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:35:15.0046 1224 wdmaud - ok
18:35:15.0250 1224 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
18:35:15.0265 1224 WinUSB - ok
18:35:15.0484 1224 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:35:15.0593 1224 WpdUsb - ok
18:35:15.0640 1224 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:35:15.0718 1224 WS2IFSL - ok
18:35:15.0781 1224 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:35:15.0859 1224 WSTCODEC - ok
18:35:16.0000 1224 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:35:16.0015 1224 WudfPf - ok
18:35:16.0046 1224 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:35:16.0062 1224 WudfRd - ok
18:35:16.0078 1224 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
18:35:16.0515 1224 \Device\Harddisk0\DR0 - ok
18:35:16.0515 1224 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR3
18:35:17.0000 1224 \Device\Harddisk1\DR3 - ok
18:35:17.0000 1224 Boot (0x1200) (0e829e8e5a4fab901c1b2c7c63c874f5) \Device\Harddisk0\DR0\Partition0
18:35:17.0000 1224 \Device\Harddisk0\DR0\Partition0 - ok
18:35:17.0000 1224 Boot (0x1200) (9b6ad40cb8348fa926397d5b54ccf1e1) \Device\Harddisk0\DR0\Partition1
18:35:17.0000 1224 \Device\Harddisk0\DR0\Partition1 - ok
18:35:17.0000 1224 Boot (0x1200) (6d3cfbc5a1b752d6df6ae8a1ee3af623) \Device\Harddisk1\DR3\Partition0
18:35:17.0000 1224 \Device\Harddisk1\DR3\Partition0 - ok
18:35:17.0000 1224 ============================================================
18:35:17.0000 1224 Scan finished
18:35:17.0000 1224 ============================================================
18:35:17.0109 0464 Detected object count: 2
18:35:17.0109 0464 Actual detected object count: 2
18:35:20.0546 0464 sptd ( LockedFile.Multi.Generic ) - skipped by user
18:35:20.0546 0464 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
18:35:20.0546 0464 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
18:35:20.0546 0464 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
21.03.2012, 20:49
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spywaredoctor findet -Rootkit.TDSS.v3 im Da du neu aufgesetzt hast vor Kurzem sollte es das gewesen sein Lass mich bitte wissen wie genau du neu aufgesetzt hast. Hast du alles formatiert also manuell gemacht oder hattest du per Recovery neu aufgesetzt?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.03.2012, 23:16
| #12 |
| | Spywaredoctor findet -Rootkit.TDSS.v3 im Hab alles manuell aufgesetzt,also ganz gründlich(langes formatieren,partitionieren,etc..)... Die zwei anderen Einträge beim Kasperskylog bedeuten nichts? Kann ich das Kaspersky wieda löschen und was passiert dann mit den 5 Files in der Quarantäne? Aber schonmal Vielen Dank!  Hmmm.Spywaredoctor zeigte noch immer ROOTKID TDSS.3???Kann es sein,dass er das anzeigt,weils bei Kaspersky in Quarantäne is? Kaspersky mit Update listet folgendes auf: Code:
ATTFilter 23:06:51.0890 5720 Detected object count: 4
23:06:51.0890 5720 Actual detected object count: 4
23:07:15.0546 5720 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:07:15.0546 5720 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:07:15.0546 5720 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:07:15.0546 5720 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:07:15.0546 5720 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:07:15.0546 5720 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:07:15.0546 5720 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
23:07:15.0546 5720 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
22.03.2012, 12:21
| #13 | |||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spywaredoctor findet -Rootkit.TDSS.v3 imZitat:
Wichtiger ist, dass man sich bei einer "gründlichen" Neuinstallation auch um den MBR kümmert. Eigentlich sollte das Windows-Setup den MBR neu schreiben, hat's aber nicht getan.  Zitat:
Zitat:
Also poste das Log und mach auch noch einen Check mit aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.03.2012, 17:36
| #14 |
| | Spywaredoctor findet -Rootkit.TDSS.v3 im aswMBRlog Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-22 15:11:32
-----------------------------
15:11:32.453 OS Version: Windows 5.1.2600 Service Pack 3
15:11:32.453 Number of processors: 2 586 0x170A
15:11:32.453 ComputerName: PROPHET-D72819D UserName: enan
15:11:36.437 Initialize success
15:12:17.437 AVAST engine defs: 12032000
15:12:34.109 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-5
15:12:34.109 Disk 0 Vendor: ST31000333AS CC1H Size: 953869MB BusType: 3
15:12:34.140 Disk 0 MBR read successfully
15:12:34.140 Disk 0 MBR scan
15:12:34.171 Disk 0 Windows XP default MBR code
15:12:34.171 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 269998 MB offset 63
15:12:34.171 Disk 0 Partition - 00 0F Extended LBA 683860 MB offset 552957300
15:12:34.187 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 683860 MB offset 552957363
15:12:34.187 Disk 0 scanning sectors +1953504000
15:12:34.265 Disk 0 scanning C:\WINDOWS\system32\drivers
15:12:42.515 Service scanning
15:12:45.937 Service FXDrv32 I:\FXDrv32.sys **LOCKED** 21
15:12:52.406 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
15:12:55.109 Modules scanning
15:12:58.953 Disk 0 trace - called modules:
15:12:58.968 ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys ACPI.sys hal.dll atapi.sys spoe.sys >>UNKNOWN [0x8aef7938]<<
15:12:58.968 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ae01ab8]
15:12:58.968 3 CLASSPNP.SYS[b80e8fd7] -> nt!IofCallDriver -> [0x8ae9b920]
15:12:58.984 5 PCTCore.sys[b7d37407] -> nt!IofCallDriver -> \Device\00000077[0x8aeb99e8]
15:12:58.984 7 ACPI.sys[b7e54620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-5[0x8ae06940]
15:13:01.531 AVAST engine scan C:\
16:39:27.750 File: C:\TDSSKiller_Quarantine\21.03.2012_18.30.08\tdlfs0000\tsk0004.dta **INFECTED** Win32:DNSChanger-VJ [Trj]
17:30:43.312 Scan finished successfully
17:32:48.812 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\enan\Desktop\MBR.dat"
17:32:48.812 The log file has been saved successfully to "C:\Documents and Settings\enan\Desktop\aswMBR.txt"
Code:
ATTFilter 22.03.2012 15:00:12:78
Scan gestartet
Scantyp - Intelli-Scan
22.03.2012 15:03:21:609
Infektion wurde auf diesem Computer gefunden
Name der Bedrohung - Rootkit.TDSS.v3
Typ - Unknown
Risikostufe - Hoch
Infektion - Kernel Objects
22.03.2012 15:03:21:906
Scan beendet
Scantyp - Intelli-Scan
Bearbeitete Elemente - 498905
Gefundene Bedrohungen - 1
Gefundene Infektionen - 1
Erbarmennnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn Dieser Scan hat 5 Stunden lang gedauert,jetzt hab ich Computer seitdem ncith mehr ausgeschlatet,weil wegen Entfernung der Infektionen.  |
|
23.03.2012, 20:46
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spywaredoctor findet -Rootkit.TDSS.v3 imZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Spywaredoctor findet -Rootkit.TDSS.v3 im |
| avg, bedrohung, kernel, löschen, malewarebytes, nochmalige, restart, suche, superantispyware, unknow |
NSChanger-VJ [Trj]
Linear-Darstellung
