Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Entfernungsprobleme mit Backdoorprogramm BDS\Sinowal.knfal....

Entfernungsprobleme mit Backdoorprogramm BDS\Sinowal.knfal....


Plagegeister aller Art und deren Bekämpfung: Entfernungsprobleme mit Backdoorprogramm BDS\Sinowal.knfal....

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 27.12.2011, 19:51   #3
Syrustheviru
 
Entfernungsprobleme mit Backdoorprogramm BDS\Sinowal.knfal.... - Standard

Entfernungsprobleme mit Backdoorprogramm BDS\Sinowal.knfal....


Hallo Kira, ich bin jetzt so vorgegangen, wie du es mir beschrieben hast (Logfiles folgen). OTL hat bei mir irgendwie nicht funktioniert bzw. welchen Text aus welcher Codebox muss ich da eintragen? Als ich dann TDSSkiller benutzt habe, gab es plötzlich die Option eines Reboots und überschreiben des Bootsektorcodes (oder so ähnlich...)dann hat das System neu gestartet und Avira hat nicht mehr gemotzt. Daraufhin habe ich den Programmablauf nach deiner Liste nochmals durchgeführt und auch das zweite Logfile gepostet. jetzt weiss ich natürlich nicht, ob der Bootsektor sauber ist oder nicht. Werde avira nochmals suchen lassen und dann das Log auch noch posten.

*[code]

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2011-12-27 12:15:33
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.FB2O
Running: ogf6mikm.exe; Driver: C:\DOKUME~1\FREDER~1\LOKALE~1\Temp\fxldypob.sys


---- Devices - GMER 1.0.15 ----

Device \Driver\iaStor \Device\Ide\iaStor0 A@J@
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 A@J@

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2011-12-27 19:10:06
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.FB2O
Running: ogf6mikm.exe; Driver: C:\DOKUME~1\FREDER~1\LOKALE~1\Temp\fxldypob.sys


---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 malicious Win32:MBRoot code @ sector 312578051

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

[\code]*

*[code]

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 5.1.2600 Disk: Hitachi_ rev.FB2O -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

---EOF---

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 5.1.2600 Disk: Hitachi_ rev.FB2O -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 312578048

[\code]*

*[code]

14:04:45.0359 3252 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
14:04:45.0546 3252 ============================================================
14:04:45.0546 3252 Current date / time: 2011/12/27 14:04:45.0546
14:04:45.0546 3252 SystemInfo:
14:04:45.0546 3252
14:04:45.0546 3252 OS Version: 5.1.2600 ServicePack: 3.0
14:04:45.0546 3252 Product type: Workstation
14:04:45.0546 3252 ComputerName:
14:04:45.0546 3252 UserName:
14:04:45.0546 3252 Windows directory: C:\WINDOWS
14:04:45.0546 3252 System windows directory: C:\WINDOWS
14:04:45.0546 3252 Processor architecture: Intel x86
14:04:45.0546 3252 Number of processors: 2
14:04:45.0546 3252 Page size: 0x1000
14:04:45.0546 3252 Boot type: Normal boot
14:04:45.0546 3252 ============================================================
14:04:46.0234 3252 Initialize success
14:06:54.0562 3780 ============================================================
14:06:54.0562 3780 Scan started
14:06:54.0562 3780 Mode: Manual;
14:06:54.0562 3780 ============================================================
14:06:55.0296 3780 Abiosdsk - ok
14:06:55.0359 3780 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:06:55.0359 3780 abp480n5 - ok
14:06:55.0390 3780 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:06:55.0406 3780 ACPI - ok
14:06:55.0421 3780 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:06:55.0421 3780 ACPIEC - ok
14:06:55.0453 3780 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:06:55.0453 3780 adpu160m - ok
14:06:55.0546 3780 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:06:55.0546 3780 aec - ok
14:06:55.0609 3780 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:06:55.0609 3780 AFD - ok
14:06:55.0671 3780 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
14:06:55.0671 3780 agp440 - ok
14:06:55.0765 3780 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:06:55.0765 3780 agpCPQ - ok
14:06:55.0812 3780 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:06:55.0812 3780 Aha154x - ok
14:06:55.0828 3780 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:06:55.0843 3780 aic78u2 - ok
14:06:55.0859 3780 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:06:55.0859 3780 aic78xx - ok
14:06:55.0906 3780 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
14:06:55.0906 3780 AliIde - ok
14:06:55.0953 3780 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:06:55.0953 3780 alim1541 - ok
14:06:56.0015 3780 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:06:56.0031 3780 amdagp - ok
14:06:56.0093 3780 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
14:06:56.0093 3780 amsint - ok
14:06:56.0218 3780 AR5416 (2774b0607acdad6e76f577ac85fa077d) C:\WINDOWS\system32\DRIVERS\athw.sys
14:06:56.0281 3780 AR5416 - ok
14:06:56.0406 3780 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
14:06:56.0406 3780 asc - ok
14:06:56.0453 3780 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:06:56.0468 3780 asc3350p - ok
14:06:56.0484 3780 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:06:56.0484 3780 asc3550 - ok
14:06:56.0531 3780 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:06:56.0531 3780 AsyncMac - ok
14:06:56.0578 3780 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:06:56.0578 3780 atapi - ok
14:06:56.0687 3780 Atdisk - ok
14:06:56.0734 3780 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:06:56.0734 3780 Atmarpc - ok
14:06:56.0796 3780 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:06:56.0796 3780 audstub - ok
14:06:56.0843 3780 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:06:56.0859 3780 avgntflt - ok
14:06:56.0984 3780 avipbb (475fbb85956534720858ae72010c0a43) C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:06:56.0984 3780 avipbb - ok
14:06:57.0000 3780 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:06:57.0000 3780 avkmgr - ok
14:06:57.0093 3780 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
14:06:57.0125 3780 BCM43XX - ok
14:06:57.0312 3780 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:06:57.0312 3780 Beep - ok
14:06:57.0406 3780 catchme - ok
14:06:57.0531 3780 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:06:57.0531 3780 cbidf - ok
14:06:57.0578 3780 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:06:57.0593 3780 cbidf2k - ok
14:06:57.0625 3780 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:06:57.0640 3780 CCDECODE - ok
14:06:57.0656 3780 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:06:57.0656 3780 cd20xrnt - ok
14:06:57.0703 3780 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:06:57.0718 3780 Cdaudio - ok
14:06:57.0765 3780 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:06:57.0781 3780 Cdfs - ok
14:06:57.0875 3780 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:06:57.0875 3780 Cdrom - ok
14:06:57.0906 3780 Changer - ok
14:06:57.0968 3780 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:06:57.0968 3780 CmBatt - ok
14:06:58.0031 3780 CmdIde (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:06:58.0031 3780 CmdIde - ok
14:06:58.0093 3780 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:06:58.0093 3780 Compbatt - ok
14:06:58.0140 3780 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:06:58.0140 3780 Cpqarray - ok
14:06:58.0187 3780 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:06:58.0203 3780 dac2w2k - ok
14:06:58.0234 3780 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:06:58.0234 3780 dac960nt - ok
14:06:58.0296 3780 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:06:58.0296 3780 Disk - ok
14:06:58.0468 3780 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
14:06:58.0484 3780 dmboot - ok
14:06:58.0609 3780 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
14:06:58.0609 3780 dmio - ok
14:06:58.0640 3780 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:06:58.0640 3780 dmload - ok
14:06:58.0687 3780 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:06:58.0687 3780 DMusic - ok
14:06:58.0750 3780 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:06:58.0750 3780 dpti2o - ok
14:06:58.0781 3780 DritekPortIO - ok
14:06:58.0890 3780 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:06:58.0890 3780 drmkaud - ok
14:06:58.0968 3780 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:06:58.0984 3780 Fastfat - ok
14:06:59.0046 3780 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:06:59.0078 3780 Fdc - ok
14:06:59.0156 3780 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
14:06:59.0171 3780 Fips - ok
14:06:59.0187 3780 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:06:59.0203 3780 Flpydisk - ok
14:06:59.0265 3780 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:06:59.0281 3780 FltMgr - ok
14:06:59.0296 3780 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:06:59.0312 3780 Fs_Rec - ok
14:06:59.0343 3780 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:06:59.0343 3780 Ftdisk - ok
14:06:59.0390 3780 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:06:59.0390 3780 Gpc - ok
14:06:59.0531 3780 GT72NDISIPXP (20a940d96e69be65f9b6e4695baac6dc) C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys
14:06:59.0531 3780 GT72NDISIPXP - ok
14:06:59.0562 3780 GT72UBUS (1678d49ea3e76ccabde89d7b26d5061c) C:\WINDOWS\system32\DRIVERS\gt72ubus.sys
14:06:59.0562 3780 GT72UBUS - ok
14:06:59.0609 3780 GTPTSER (346ddaefa04e49ad804ee12d4baa0ed3) C:\WINDOWS\system32\DRIVERS\gtptser.sys
14:06:59.0609 3780 GTPTSER - ok
14:06:59.0734 3780 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:06:59.0734 3780 HDAudBus - ok
14:06:59.0828 3780 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:06:59.0828 3780 HidUsb - ok
14:06:59.0890 3780 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
14:06:59.0890 3780 hpn - ok
14:07:00.0031 3780 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:07:00.0046 3780 HTTP - ok
14:07:00.0093 3780 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
14:07:00.0125 3780 i2omgmt - ok
14:07:00.0218 3780 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:07:00.0218 3780 i2omp - ok
14:07:00.0312 3780 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:07:00.0312 3780 i8042prt - ok
14:07:00.0703 3780 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:07:00.0937 3780 ialm - ok
14:07:01.0078 3780 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\WINDOWS\system32\drivers\iaStor.sys
14:07:01.0078 3780 iaStor - ok
14:07:01.0140 3780 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:07:01.0156 3780 Imapi - ok
14:07:01.0328 3780 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:07:01.0343 3780 ini910u - ok
14:07:01.0359 3780 int15.sys - ok
14:07:01.0687 3780 IntcAzAudAddService (662b65eeb8d070bd1162a7b63859afcf) C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:07:01.0843 3780 IntcAzAudAddService - ok
14:07:01.0953 3780 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:07:01.0953 3780 IntelIde - ok
14:07:02.0015 3780 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:07:02.0015 3780 intelppm - ok
14:07:02.0062 3780 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:07:02.0062 3780 Ip6Fw - ok
14:07:02.0093 3780 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:07:02.0093 3780 IpFilterDriver - ok
14:07:02.0125 3780 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:07:02.0125 3780 IpInIp - ok
14:07:02.0187 3780 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:07:02.0203 3780 IpNat - ok
14:07:02.0296 3780 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:07:02.0296 3780 IPSec - ok
14:07:02.0421 3780 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:07:02.0421 3780 IRENUM - ok
14:07:02.0562 3780 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:07:02.0562 3780 isapnp - ok
14:07:02.0656 3780 ISWKL - ok
14:07:02.0734 3780 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:07:02.0750 3780 Kbdclass - ok
14:07:02.0937 3780 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:07:02.0937 3780 kmixer - ok
14:07:03.0000 3780 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:07:03.0000 3780 KSecDD - ok
14:07:03.0140 3780 L1e (fa46f5d09edf93e0c71fe6500fe3f4ae) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
14:07:03.0140 3780 L1e - ok
14:07:03.0187 3780 lbrtfdc - ok
14:07:03.0328 3780 M3000Srv (b47da7eb985a6676623f378642e417b6) C:\WINDOWS\system32\Drivers\M3000KNT.sys
14:07:03.0343 3780 M3000Srv - ok
14:07:03.0375 3780 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
14:07:03.0390 3780 MBAMProtector - ok
14:07:03.0562 3780 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:07:03.0562 3780 mnmdd - ok
14:07:03.0609 3780 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
14:07:03.0625 3780 Modem - ok
14:07:03.0781 3780 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:07:03.0781 3780 Mouclass - ok
14:07:03.0843 3780 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:07:03.0843 3780 mouhid - ok
14:07:04.0015 3780 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:07:04.0031 3780 MountMgr - ok
14:07:04.0171 3780 MpKsl38376e99 - ok
14:07:04.0187 3780 MpKsl464c1e73 - ok
14:07:04.0234 3780 MpKsld7b04d02 - ok
14:07:04.0375 3780 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:07:04.0390 3780 mraid35x - ok
14:07:04.0421 3780 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:07:04.0421 3780 MRxDAV - ok
14:07:04.0531 3780 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:07:04.0531 3780 MRxSmb - ok
14:07:04.0578 3780 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:07:04.0593 3780 Msfs - ok
14:07:04.0640 3780 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:07:04.0640 3780 MSKSSRV - ok
14:07:04.0718 3780 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:07:04.0718 3780 MSPCLOCK - ok
14:07:04.0781 3780 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:07:04.0781 3780 MSPQM - ok
14:07:04.0843 3780 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:07:04.0843 3780 mssmbios - ok
14:07:04.0906 3780 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:07:04.0906 3780 MSTEE - ok
14:07:05.0000 3780 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:07:05.0046 3780 Mup - ok
14:07:05.0156 3780 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:07:05.0156 3780 NABTSFEC - ok
14:07:05.0250 3780 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:07:05.0250 3780 NDIS - ok
14:07:05.0406 3780 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:07:05.0406 3780 NdisIP - ok
14:07:05.0484 3780 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:07:05.0484 3780 NdisTapi - ok
14:07:05.0593 3780 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:07:05.0593 3780 Ndisuio - ok
14:07:05.0656 3780 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:07:05.0656 3780 NdisWan - ok
14:07:05.0750 3780 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:07:05.0765 3780 NDProxy - ok
14:07:05.0843 3780 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:07:05.0843 3780 NetBIOS - ok
14:07:05.0906 3780 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:07:05.0906 3780 NetBT - ok
14:07:06.0046 3780 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:07:06.0062 3780 Npfs - ok
14:07:06.0171 3780 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:07:06.0265 3780 Ntfs - ok
14:07:06.0421 3780 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:07:06.0421 3780 Null - ok
14:07:06.0484 3780 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:07:06.0484 3780 NwlnkFlt - ok
14:07:06.0531 3780 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:07:06.0531 3780 NwlnkFwd - ok
14:07:06.0656 3780 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
14:07:06.0671 3780 Parport - ok
14:07:06.0750 3780 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:07:06.0750 3780 PartMgr - ok
14:07:06.0875 3780 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
14:07:06.0875 3780 ParVdm - ok
14:07:06.0968 3780 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
14:07:06.0968 3780 PCI - ok
14:07:07.0031 3780 PCIDump - ok
14:07:07.0109 3780 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:07:07.0109 3780 PCIIde - ok
14:07:07.0171 3780 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:07:07.0203 3780 Pcmcia - ok
14:07:07.0343 3780 PDCOMP - ok
14:07:07.0421 3780 PDFRAME - ok
14:07:07.0484 3780 PDRELI - ok
14:07:07.0500 3780 PDRFRAME - ok
14:07:07.0562 3780 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
14:07:07.0562 3780 perc2 - ok
14:07:07.0593 3780 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:07:07.0593 3780 perc2hib - ok
14:07:07.0734 3780 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:07:07.0734 3780 PptpMiniport - ok
14:07:07.0765 3780 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:07:07.0781 3780 PSched - ok
14:07:07.0796 3780 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:07:07.0796 3780 Ptilink - ok
14:07:07.0843 3780 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:07:07.0843 3780 ql1080 - ok
14:07:07.0875 3780 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:07:07.0875 3780 Ql10wnt - ok
14:07:07.0906 3780 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:07:07.0906 3780 ql12160 - ok
14:07:07.0937 3780 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:07:07.0937 3780 ql1240 - ok
14:07:08.0000 3780 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:07:08.0000 3780 ql1280 - ok
14:07:08.0046 3780 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:07:08.0046 3780 RasAcd - ok
14:07:08.0156 3780 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:07:08.0156 3780 Rasl2tp - ok
14:07:08.0312 3780 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:07:08.0312 3780 RasPppoe - ok
14:07:08.0390 3780 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:07:08.0390 3780 Raspti - ok
14:07:08.0437 3780 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:07:08.0453 3780 Rdbss - ok
14:07:08.0531 3780 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:07:08.0531 3780 RDPCDD - ok
14:07:08.0609 3780 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:07:08.0609 3780 rdpdr - ok
14:07:08.0781 3780 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
14:07:08.0812 3780 RDPWD - ok
14:07:08.0968 3780 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:07:08.0968 3780 redbook - ok
14:07:09.0046 3780 RSUSBSTOR - ok
14:07:09.0078 3780 Rts516xIR - ok
14:07:09.0171 3780 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:07:09.0171 3780 Secdrv - ok
14:07:09.0296 3780 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
14:07:09.0312 3780 Serial - ok
14:07:09.0390 3780 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:07:09.0390 3780 Sfloppy - ok
14:07:09.0453 3780 Simbad - ok
14:07:09.0515 3780 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:07:09.0515 3780 sisagp - ok
14:07:09.0656 3780 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:07:09.0656 3780 SLIP - ok
14:07:09.0734 3780 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:07:09.0734 3780 Sparrow - ok
14:07:09.0828 3780 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:07:09.0828 3780 splitter - ok
14:07:09.0875 3780 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
14:07:09.0875 3780 sr - ok
14:07:09.0937 3780 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:07:09.0953 3780 Srv - ok
14:07:10.0015 3780 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:07:10.0015 3780 ssmdrv - ok
14:07:10.0171 3780 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:07:10.0171 3780 streamip - ok
14:07:10.0218 3780 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:07:10.0218 3780 swenum - ok
14:07:10.0296 3780 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:07:10.0296 3780 swmidi - ok
14:07:10.0687 3780 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
14:07:10.0687 3780 symc810 - ok
14:07:10.0906 3780 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:07:10.0921 3780 symc8xx - ok
14:07:11.0078 3780 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:07:11.0093 3780 sym_hi - ok
14:07:11.0140 3780 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:07:11.0140 3780 sym_u3 - ok
14:07:11.0328 3780 SynTP (5c3e900f41426a372de60675afc8aa07) C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:07:11.0375 3780 SynTP - ok
14:07:11.0562 3780 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:07:11.0562 3780 sysaudio - ok
14:07:11.0703 3780 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:07:11.0750 3780 Tcpip - ok
14:07:11.0906 3780 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:07:11.0921 3780 TDPIPE - ok
14:07:12.0015 3780 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:07:12.0015 3780 TDTCP - ok
14:07:12.0156 3780 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:07:12.0171 3780 TermDD - ok
14:07:12.0265 3780 TosIde (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys
14:07:12.0265 3780 TosIde - ok
14:07:12.0453 3780 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:07:12.0484 3780 Udfs - ok
14:07:12.0546 3780 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
14:07:12.0546 3780 ultra - ok
14:07:12.0750 3780 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:07:12.0812 3780 Update - ok
14:07:13.0015 3780 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:07:13.0062 3780 usbccgp - ok
14:07:13.0265 3780 USBCCID - ok
14:07:13.0359 3780 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:07:13.0375 3780 usbehci - ok
14:07:13.0515 3780 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:07:13.0531 3780 usbhub - ok
14:07:13.0578 3780 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:07:13.0593 3780 usbscan - ok
14:07:13.0656 3780 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:07:13.0656 3780 USBSTOR - ok
14:07:13.0750 3780 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:07:13.0750 3780 usbuhci - ok
14:07:13.0937 3780 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
14:07:13.0937 3780 usbvideo - ok
14:07:14.0078 3780 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:07:14.0078 3780 VgaSave - ok
14:07:14.0140 3780 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:07:14.0140 3780 viaagp - ok
14:07:14.0203 3780 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
14:07:14.0203 3780 ViaIde - ok
14:07:14.0234 3780 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
14:07:14.0250 3780 VolSnap - ok
14:07:14.0328 3780 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:07:14.0328 3780 Wanarp - ok
14:07:14.0421 3780 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
14:07:14.0437 3780 Wdf01000 - ok
14:07:14.0515 3780 WDICA - ok
14:07:14.0562 3780 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:07:14.0562 3780 wdmaud - ok
14:07:14.0703 3780 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:07:14.0703 3780 WmiAcpi - ok
14:07:14.0828 3780 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:07:14.0828 3780 WS2IFSL - ok
14:07:14.0953 3780 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:07:14.0953 3780 WSTCODEC - ok
14:07:15.0031 3780 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:07:15.0046 3780 WudfPf - ok
14:07:15.0187 3780 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:07:15.0203 3780 WudfRd - ok
14:07:15.0328 3780 xcpip - ok
14:07:15.0359 3780 xpsec - ok
14:07:15.0437 3780 MBR (0x1B8) (199d66d15be31321331253788f490d3d) \Device\Harddisk0\DR0
14:07:15.0437 3780 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - infected
14:07:15.0437 3780 \Device\Harddisk0\DR0 - detected Backdoor.Win32.Sinowal.knf (0)
14:07:15.0484 3780 Boot (0x1200) (a222be48cc4d90c662a35fb795ffa98a) \Device\Harddisk0\DR0\Partition0
14:07:15.0484 3780 \Device\Harddisk0\DR0\Partition0 - ok
14:07:15.0484 3780 ============================================================
14:07:15.0484 3780 Scan finished
14:07:15.0484 3780 ============================================================
14:07:15.0531 0604 Detected object count: 1
14:07:15.0531 0604 Actual detected object count: 1
14:08:13.0062 0604 \Device\Harddisk0\DR0 - copied to quarantine
14:08:13.0078 0604 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - User select action: Quarantine
14:08:54.0187 2460 ============================================================
14:08:54.0187 2460 Scan started
14:08:54.0187 2460 Mode: Manual; SigCheck; TDLFS;
14:08:54.0187 2460 ============================================================
14:08:54.0546 2460 Abiosdsk - ok
14:08:54.0609 2460 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:08:55.0187 2460 abp480n5 - ok
14:08:55.0296 2460 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys




--EOF--

19:34:48.0250 2792 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
19:34:48.0500 2792 ============================================================
19:34:48.0500 2792 Current date / time: 2011/12/27 19:34:48.0500
19:34:48.0515 2792 SystemInfo:
19:34:48.0515 2792
19:34:48.0515 2792 OS Version: 5.1.2600 ServicePack: 3.0
19:34:48.0515 2792 Product type: Workstation
19:34:48.0515 2792 ComputerName:
19:34:48.0515 2792 UserName:
19:34:48.0515 2792 Windows directory: C:\WINDOWS
19:34:48.0515 2792 System windows directory: C:\WINDOWS
19:34:48.0515 2792 Processor architecture: Intel x86
19:34:48.0515 2792 Number of processors: 2
19:34:48.0515 2792 Page size: 0x1000
19:34:48.0515 2792 Boot type: Normal boot
19:34:48.0515 2792 ============================================================
19:34:48.0968 2792 Initialize success
19:34:51.0328 2596 ============================================================
19:34:51.0328 2596 Scan started
19:34:51.0328 2596 Mode: Manual;
19:34:51.0328 2596 ============================================================
19:34:51.0859 2596 Abiosdsk - ok
19:34:51.0906 2596 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:34:51.0921 2596 abp480n5 - ok
19:34:51.0953 2596 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:34:51.0968 2596 ACPI - ok
19:34:51.0968 2596 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:34:51.0968 2596 ACPIEC - ok
19:34:52.0000 2596 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:34:52.0000 2596 adpu160m - ok
19:34:52.0031 2596 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:34:52.0046 2596 aec - ok
19:34:52.0156 2596 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:34:52.0171 2596 AFD - ok
19:34:52.0187 2596 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:34:52.0187 2596 agp440 - ok
19:34:52.0218 2596 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:34:52.0218 2596 agpCPQ - ok
19:34:52.0234 2596 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:34:52.0250 2596 Aha154x - ok
19:34:52.0265 2596 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:34:52.0265 2596 aic78u2 - ok
19:34:52.0281 2596 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:34:52.0281 2596 aic78xx - ok
19:34:52.0328 2596 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:34:52.0328 2596 AliIde - ok
19:34:52.0421 2596 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:34:52.0421 2596 alim1541 - ok
19:34:52.0468 2596 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:34:52.0468 2596 amdagp - ok
19:34:52.0500 2596 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
19:34:52.0500 2596 amsint - ok
19:34:52.0625 2596 AR5416 (2774b0607acdad6e76f577ac85fa077d) C:\WINDOWS\system32\DRIVERS\athw.sys
19:34:52.0656 2596 AR5416 - ok
19:34:52.0781 2596 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
19:34:52.0781 2596 asc - ok
19:34:52.0812 2596 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
19:34:52.0812 2596 asc3350p - ok
19:34:52.0843 2596 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
19:34:52.0843 2596 asc3550 - ok
19:34:52.0890 2596 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:34:52.0890 2596 AsyncMac - ok
19:34:52.0906 2596 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:34:52.0906 2596 atapi - ok
19:34:52.0921 2596 Atdisk - ok
19:34:52.0968 2596 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:34:52.0968 2596 Atmarpc - ok
19:34:53.0093 2596 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:34:53.0093 2596 audstub - ok
19:34:53.0125 2596 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:34:53.0125 2596 avgntflt - ok
19:34:53.0156 2596 avipbb (475fbb85956534720858ae72010c0a43) C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:34:53.0156 2596 avipbb - ok
19:34:53.0265 2596 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:34:53.0265 2596 avkmgr - ok
19:34:53.0343 2596 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
19:34:53.0375 2596 BCM43XX - ok
19:34:53.0500 2596 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:34:53.0500 2596 Beep - ok
19:34:53.0562 2596 catchme - ok
19:34:53.0609 2596 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
19:34:53.0609 2596 cbidf - ok
19:34:53.0703 2596 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:34:53.0703 2596 cbidf2k - ok
19:34:53.0750 2596 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:34:53.0750 2596 CCDECODE - ok
19:34:53.0765 2596 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
19:34:53.0765 2596 cd20xrnt - ok
19:34:53.0796 2596 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:34:53.0796 2596 Cdaudio - ok
19:34:53.0843 2596 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:34:53.0890 2596 Cdfs - ok
19:34:54.0015 2596 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:34:54.0015 2596 Cdrom - ok
19:34:54.0031 2596 Changer - ok
19:34:54.0093 2596 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:34:54.0109 2596 CmBatt - ok
19:34:54.0156 2596 CmdIde (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
19:34:54.0156 2596 CmdIde - ok
19:34:54.0234 2596 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:34:54.0234 2596 Compbatt - ok
19:34:54.0265 2596 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
19:34:54.0265 2596 Cpqarray - ok
19:34:54.0296 2596 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
19:34:54.0296 2596 dac2w2k - ok
19:34:54.0312 2596 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
19:34:54.0312 2596 dac960nt - ok
19:34:54.0343 2596 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:34:54.0359 2596 Disk - ok
19:34:54.0421 2596 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
19:34:54.0453 2596 dmboot - ok
19:34:54.0562 2596 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
19:34:54.0562 2596 dmio - ok
19:34:54.0593 2596 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:34:54.0593 2596 dmload - ok
19:34:54.0640 2596 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:34:54.0640 2596 DMusic - ok
19:34:54.0703 2596 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
19:34:54.0703 2596 dpti2o - ok
19:34:54.0750 2596 DritekPortIO - ok
19:34:54.0859 2596 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:34:54.0859 2596 drmkaud - ok
19:34:54.0906 2596 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:34:54.0921 2596 Fastfat - ok
19:34:54.0984 2596 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
19:34:54.0984 2596 Fdc - ok
19:34:55.0046 2596 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
19:34:55.0062 2596 Fips - ok
19:34:55.0093 2596 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:34:55.0109 2596 Flpydisk - ok
19:34:55.0140 2596 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:34:55.0140 2596 FltMgr - ok
19:34:55.0156 2596 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:34:55.0171 2596 Fs_Rec - ok
19:34:55.0203 2596 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:34:55.0203 2596 Ftdisk - ok
19:34:55.0234 2596 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:34:55.0250 2596 Gpc - ok
19:34:55.0312 2596 GT72NDISIPXP (20a940d96e69be65f9b6e4695baac6dc) C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys
19:34:55.0312 2596 GT72NDISIPXP - ok
19:34:55.0390 2596 GT72UBUS (1678d49ea3e76ccabde89d7b26d5061c) C:\WINDOWS\system32\DRIVERS\gt72ubus.sys
19:34:55.0390 2596 GT72UBUS - ok
19:34:55.0421 2596 GTPTSER (346ddaefa04e49ad804ee12d4baa0ed3) C:\WINDOWS\system32\DRIVERS\gtptser.sys
19:34:55.0421 2596 GTPTSER - ok
19:34:55.0515 2596 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:34:55.0515 2596 HDAudBus - ok
19:34:55.0609 2596 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:34:55.0609 2596 HidUsb - ok
19:34:55.0656 2596 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
19:34:55.0671 2596 hpn - ok
19:34:55.0734 2596 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:34:55.0750 2596 HTTP - ok
19:34:55.0843 2596 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:34:55.0843 2596 i2omgmt - ok
19:34:55.0890 2596 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
19:34:55.0890 2596 i2omp - ok
19:34:55.0953 2596 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:34:55.0968 2596 i8042prt - ok
19:34:56.0187 2596 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:34:56.0343 2596 ialm - ok
19:34:56.0484 2596 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\WINDOWS\system32\drivers\iaStor.sys
19:34:56.0484 2596 iaStor - ok
19:34:56.0546 2596 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:34:56.0562 2596 Imapi - ok
19:34:56.0593 2596 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
19:34:56.0609 2596 ini910u - ok
19:34:56.0625 2596 int15.sys - ok
19:34:56.0796 2596 IntcAzAudAddService (662b65eeb8d070bd1162a7b63859afcf) C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:34:56.0937 2596 IntcAzAudAddService - ok
19:34:57.0062 2596 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:34:57.0062 2596 IntelIde - ok
19:34:57.0109 2596 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:34:57.0109 2596 intelppm - ok
19:34:57.0156 2596 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:34:57.0156 2596 Ip6Fw - ok
19:34:57.0250 2596 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:34:57.0250 2596 IpFilterDriver - ok
19:34:57.0296 2596 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:34:57.0296 2596 IpInIp - ok
19:34:57.0328 2596 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:34:57.0328 2596 IpNat - ok
19:34:57.0359 2596 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:34:57.0359 2596 IPSec - ok
19:34:57.0468 2596 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:34:57.0468 2596 IRENUM - ok
19:34:57.0515 2596 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:34:57.0515 2596 isapnp - ok
19:34:57.0578 2596 ISWKL - ok
19:34:57.0687 2596 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:34:57.0687 2596 Kbdclass - ok
19:34:57.0734 2596 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:34:57.0734 2596 kmixer - ok
19:34:57.0796 2596 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:34:57.0796 2596 KSecDD - ok
19:34:57.0859 2596 L1e (fa46f5d09edf93e0c71fe6500fe3f4ae) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
19:34:57.0859 2596 L1e - ok
19:34:57.0890 2596 lbrtfdc - ok
19:34:57.0968 2596 M3000Srv (b47da7eb985a6676623f378642e417b6) C:\WINDOWS\system32\Drivers\M3000KNT.sys
19:34:57.0968 2596 M3000Srv - ok
19:34:58.0031 2596 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
19:34:58.0031 2596 MBAMProtector - ok
19:34:58.0125 2596 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:34:58.0125 2596 mnmdd - ok
19:34:58.0171 2596 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
19:34:58.0203 2596 Modem - ok
19:34:58.0281 2596 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:34:58.0281 2596 Mouclass - ok
19:34:58.0343 2596 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:34:58.0343 2596 mouhid - ok
19:34:58.0390 2596 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:34:58.0390 2596 MountMgr - ok
19:34:58.0468 2596 MpKsl38376e99 - ok
19:34:58.0484 2596 MpKsl464c1e73 - ok
19:34:58.0500 2596 MpKsld7b04d02 - ok
19:34:58.0546 2596 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
19:34:58.0546 2596 mraid35x - ok
19:34:58.0625 2596 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:34:58.0625 2596 MRxDAV - ok
19:34:58.0718 2596 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:34:58.0734 2596 MRxSmb - ok
19:34:58.0859 2596 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:34:58.0859 2596 Msfs - ok
19:34:58.0921 2596 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:34:58.0921 2596 MSKSSRV - ok
19:34:58.0953 2596 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:34:58.0953 2596 MSPCLOCK - ok
19:34:59.0031 2596 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:34:59.0031 2596 MSPQM - ok
19:34:59.0109 2596 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:34:59.0109 2596 mssmbios - ok
19:34:59.0156 2596 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:34:59.0156 2596 MSTEE - ok
19:34:59.0218 2596 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:34:59.0218 2596 Mup - ok
19:34:59.0312 2596 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:34:59.0312 2596 NABTSFEC - ok
19:34:59.0390 2596 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:34:59.0406 2596 NDIS - ok
19:34:59.0421 2596 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:34:59.0421 2596 NdisIP - ok
19:34:59.0500 2596 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:34:59.0500 2596 NdisTapi - ok
19:34:59.0562 2596 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:34:59.0562 2596 Ndisuio - ok
19:34:59.0593 2596 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:34:59.0593 2596 NdisWan - ok
19:34:59.0625 2596 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:34:59.0640 2596 NDProxy - ok
19:34:59.0718 2596 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:34:59.0718 2596 NetBIOS - ok
19:34:59.0781 2596 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:34:59.0781 2596 NetBT - ok
19:34:59.0828 2596 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:34:59.0843 2596 Npfs - ok
19:34:59.0906 2596 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:34:59.0921 2596 Ntfs - ok
19:35:00.0046 2596 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:35:00.0046 2596 Null - ok
19:35:00.0078 2596 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:35:00.0078 2596 NwlnkFlt - ok
19:35:00.0109 2596 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:35:00.0109 2596 NwlnkFwd - ok
19:35:00.0171 2596 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
19:35:00.0171 2596 Parport - ok
19:35:00.0281 2596 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:35:00.0281 2596 PartMgr - ok
19:35:00.0312 2596 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
19:35:00.0343 2596 ParVdm - ok
19:35:00.0375 2596 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
19:35:00.0375 2596 PCI - ok
19:35:00.0390 2596 PCIDump - ok
19:35:00.0421 2596 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:35:00.0421 2596 PCIIde - ok
19:35:00.0468 2596 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:35:00.0500 2596 Pcmcia - ok
19:35:00.0593 2596 PDCOMP - ok
19:35:00.0609 2596 PDFRAME - ok
19:35:00.0625 2596 PDRELI - ok
19:35:00.0640 2596 PDRFRAME - ok
19:35:00.0687 2596 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
19:35:00.0687 2596 perc2 - ok
19:35:00.0765 2596 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
19:35:00.0765 2596 perc2hib - ok
19:35:00.0875 2596 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:35:00.0875 2596 PptpMiniport - ok
19:35:00.0890 2596 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:35:00.0906 2596 PSched - ok
19:35:00.0921 2596 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:35:00.0921 2596 Ptilink - ok
19:35:00.0937 2596 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
19:35:00.0937 2596 ql1080 - ok
19:35:00.0968 2596 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
19:35:00.0968 2596 Ql10wnt - ok
19:35:00.0984 2596 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
19:35:00.0984 2596 ql12160 - ok
19:35:01.0000 2596 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
19:35:01.0000 2596 ql1240 - ok
19:35:01.0015 2596 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
19:35:01.0031 2596 ql1280 - ok
19:35:01.0062 2596 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:35:01.0062 2596 RasAcd - ok
19:35:01.0078 2596 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:35:01.0078 2596 Rasl2tp - ok
19:35:01.0171 2596 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:35:01.0187 2596 RasPppoe - ok
19:35:01.0234 2596 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:35:01.0250 2596 Raspti - ok
19:35:01.0265 2596 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:35:01.0281 2596 Rdbss - ok
19:35:01.0296 2596 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:35:01.0296 2596 RDPCDD - ok
19:35:01.0421 2596 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:35:01.0437 2596 rdpdr - ok
19:35:01.0500 2596 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
19:35:01.0500 2596 RDPWD - ok
19:35:01.0562 2596 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:35:01.0562 2596 redbook - ok
19:35:01.0671 2596 RSUSBSTOR - ok
19:35:01.0687 2596 Rts516xIR - ok
19:35:01.0750 2596 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:35:01.0750 2596 Secdrv - ok
19:35:01.0906 2596 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
19:35:01.0906 2596 Serial - ok
19:35:01.0937 2596 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:35:01.0953 2596 Sfloppy - ok
19:35:01.0968 2596 Simbad - ok
19:35:02.0031 2596 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:35:02.0031 2596 sisagp - ok
19:35:02.0156 2596 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:35:02.0156 2596 SLIP - ok
19:35:02.0187 2596 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
19:35:02.0187 2596 Sparrow - ok
19:35:02.0234 2596 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:35:02.0234 2596 splitter - ok
19:35:02.0265 2596 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
19:35:02.0265 2596 sr - ok
19:35:02.0390 2596 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:35:02.0390 2596 Srv - ok
19:35:02.0437 2596 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:35:02.0437 2596 ssmdrv - ok
19:35:02.0468 2596 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:35:02.0468 2596 streamip - ok
19:35:02.0515 2596 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:35:02.0515 2596 swenum - ok
19:35:02.0640 2596 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:35:02.0640 2596 swmidi - ok
19:35:02.0671 2596 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
19:35:02.0671 2596 symc810 - ok
19:35:02.0718 2596 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
19:35:02.0718 2596 symc8xx - ok
19:35:02.0750 2596 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
19:35:02.0765 2596 sym_hi - ok
19:35:02.0781 2596 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
19:35:02.0781 2596 sym_u3 - ok
19:35:02.0828 2596 SynTP (5c3e900f41426a372de60675afc8aa07) C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:35:02.0828 2596 SynTP - ok
19:35:02.0875 2596 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:35:02.0890 2596 sysaudio - ok
19:35:02.0984 2596 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:35:02.0984 2596 Tcpip - ok
19:35:03.0109 2596 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:35:03.0140 2596 TDPIPE - ok
19:35:03.0156 2596 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:35:03.0156 2596 TDTCP - ok
19:35:03.0203 2596 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:35:03.0218 2596 TermDD - ok
19:35:03.0343 2596 TosIde (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys
19:35:03.0343 2596 TosIde - ok
19:35:03.0406 2596 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:35:03.0453 2596 Udfs - ok
19:35:03.0546 2596 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
19:35:03.0562 2596 ultra - ok
19:35:03.0625 2596 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:35:03.0640 2596 Update - ok
19:35:03.0765 2596 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:35:03.0765 2596 usbccgp - ok
19:35:03.0781 2596 USBCCID - ok
19:35:03.0843 2596 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:35:03.0843 2596 usbehci - ok
19:35:03.0890 2596 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:35:03.0890 2596 usbhub - ok
19:35:03.0937 2596 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:35:03.0937 2596 usbscan - ok
19:35:04.0062 2596 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:35:04.0062 2596 USBSTOR - ok
19:35:04.0125 2596 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:35:04.0125 2596 usbuhci - ok
19:35:04.0187 2596 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
19:35:04.0187 2596 usbvideo - ok
19:35:04.0296 2596 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:35:04.0296 2596 VgaSave - ok
19:35:04.0359 2596 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
19:35:04.0359 2596 viaagp - ok
19:35:04.0390 2596 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:35:04.0390 2596 ViaIde - ok
19:35:04.0453 2596 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
19:35:04.0453 2596 VolSnap - ok
19:35:04.0500 2596 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:35:04.0500 2596 Wanarp - ok
19:35:04.0562 2596 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
19:35:04.0578 2596 Wdf01000 - ok
19:35:04.0593 2596 WDICA - ok
19:35:04.0625 2596 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:35:04.0625 2596 wdmaud - ok
19:35:04.0765 2596 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:35:04.0765 2596 WmiAcpi - ok
19:35:04.0843 2596 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:35:04.0843 2596 WS2IFSL - ok
19:35:04.0890 2596 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:35:04.0890 2596 WSTCODEC - ok
19:35:05.0046 2596 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:35:05.0046 2596 WudfPf - ok
19:35:05.0109 2596 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:35:05.0109 2596 WudfRd - ok
19:35:05.0125 2596 xcpip - ok
19:35:05.0140 2596 xpsec - ok
19:35:05.0187 2596 MBR (0x1B8) (7c733682f68536c7604cc415181ad466) \Device\Harddisk0\DR0
19:35:07.0187 2596 \Device\Harddisk0\DR0 - ok
19:35:07.0218 2596 Boot (0x1200) (a222be48cc4d90c662a35fb795ffa98a) \Device\Harddisk0\DR0\Partition0
19:35:07.0218 2596 \Device\Harddisk0\DR0\Partition0 - ok
19:35:07.0218 2596 ============================================================
19:35:07.0218 2596 Scan finished
19:35:07.0218 2596 ============================================================
19:35:07.0250 2320 Detected object count: 0
19:35:07.0250 2320 Actual detected object count: 0

--EOF--

[\code]*

*[code]

Logfile of HijackThis v1.99.1
Scan saved at 13:59:07, on 27.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\Polar\Daemon\polard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Dokumente und Einstellungen\\Desktop\OTL.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Dokumente und Einstellungen\\Desktop\OTL.exe
C:\Programme\WinRAR\WinRAR.exe
C:\DOKUME~1\FREDER~1\LOKALE~1\Temp\Rar$EX00.421\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=xph&d=0711&m=aspire_one
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=xph&d=0711&m=aspire_one
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = hxxp://go.microsoft.com/fwlink/?LinkId=74005
R3 - URLSearchHook: ZoneAlarm-Sicherheit Toolbar - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\prxtbZone.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (file missing)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ZoneAlarm-Sicherheit - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\prxtbZone.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ZoneAlarm-Sicherheit Toolbar - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\prxtbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (file missing)
O4 - HKLM\..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [ACSW14DE] "C:\Programme\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe" /pid ACSW14DE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ProductReg] C:\Programme\Acer\WR_PopUp\ProductReg.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Frederick Hein\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\programme\avira\antivir desktop\avsda.dll
O10 - Unknown file in Winsock LSP: c:\programme\avira\antivir desktop\avsda.dll
O10 - Unknown file in Winsock LSP: c:\programme\avira\antivir desktop\avsda.dll
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Browser Schutz (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Unknown owner - C:\Programme\CheckPoint\ZAForceField\IswSvc.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Polar Daemon - Unknown owner - C:\Programme\Polar\Daemon\polard.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

[\code]*

*[code]

ACDSee 14 ACD Systems International Inc. 19.12.2011 166,2MB 14.1.137
Acer eRecovery Management Acer Incorporated 21.07.2011 4.00.3002
Acer Product Registration Acer Incorporated 21.07.2011 3.0.0.10
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 27.12.2011 10.0.12.36
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 27.12.2011 11.1.102.55
Adobe Reader 9.4.7 - Deutsch Adobe Systems Incorporated 20.12.2011 166,7MB 9.4.7
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver Atheros Communications Inc. 20.01.2009 1.0.0.30
Avira Free Antivirus Avira 27.12.2011 12.0.0.872
Avira SearchFree Toolbar plus Web Protection Ask.com 26.11.2011 3,40MB 1.13.2.0
Broadcom Driver v4.170.25.12_Foxconn Installation Program Broadcom 21.07.2011 4.170.25.12
CCleaner Piriform 27.12.2011 3.14
ClipGrab 3.1.0.2 Philipp Schmieder Medien 08.11.2011
Compatibility Pack für 2007 Office System Microsoft Corporation 14.12.2011 67,4MB 12.0.6425.1000
Free YouTube to MP3 Converter version 3.10.815 DVDVideoSoft Ltd.. 29.08.2011
Google Chrome Google Inc. 14.12.2011 16.0.912.63
Google Earth Google 18.11.2011 92,8MB 6.1.0.5001
Intel(R) Graphics Media Accelerator Driver 27.12.2011
Intel(R) Matrix Storage Manager Intel Corporation 27.12.2011
Java(TM) 6 Update 29 Oracle 19.11.2011 95,0MB 6.0.290
Malwarebytes' Anti-Malware Version 1.51.2.1300 Malwarebytes Corporation 19.11.2011 1.51.2.1300
Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 13.10.2011 422MB 2.2.30729
Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 22.07.2011 209MB 3.2.30729
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 22.07.2011
Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation 23.07.2011 1
Microsoft Office 2003 Web Components Microsoft Corporation 13.11.2011 37,2MB 11.0.8173.0
Microsoft Office File Validation Add-In Microsoft Corporation 15.11.2011 7,95MB 14.0.5130.5003
Microsoft Office Home and Student 2007 Microsoft Corporation 14.12.2011 12.0.6425.1000
Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 14.12.2011 21,1MB 12.0.6425.1000
Microsoft Office Professional Edition 2003 Microsoft Corporation 14.12.2011 754MB 11.0.8173.0
Microsoft Office XP Web Components Microsoft Corporation 13.11.2011 28,1MB 11.0.8173.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 20.01.2009 1,74MB 3.1.0000
Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Corporation 23.07.2011
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 22.07.2011 9,64MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 21.07.2011 10,2MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 12.11.2011 10,2MB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 12.11.2011 16,5MB 10.0.40219
Microsoft Works Microsoft Corporation 12.11.2011 716MB 9.7.0621
Mozilla Firefox 8.0.1 (x86 de) Mozilla 27.12.2011 8.0.1
MSN 27.12.2011
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 20.01.2009 2,67MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 22.07.2011 2,77MB 4.20.9876.0
MSXML 6.0 Parser Microsoft Corporation 09.11.2011 1,42MB 6.00.3883.15
Nero 6 Ultra Edition 27.12.2011
PDFCreator Frank Heindörfer, Philip Chinery 24.07.2011 1.2.1
Polar Daemon Polar Electro Oy 22.07.2011 4,66MB 2.1.00014
Polar WebSync Polar Electro Oy 22.07.2011 23,0MB 2.3.00016
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 20.01.2009 5.10.0.5767
Skype Click to Call Skype Technologies S.A. 01.11.2011 12,7MB 5.6.8442
Skype™ 5.6 Skype Technologies S.A. 01.11.2011 19,5MB 5.6.110
Spybot - Search & Destroy Safer Networking Limited 23.07.2011 1.6.2
Synaptics Pointing Device Driver Synaptics Incorporated 27.12.2011 12.2.2.0
TuneUp Utilities 2008 TuneUp Software 26.11.2011 41,0MB 7.0.7986
USB2.0 Card Reader Software Realtek 20.01.2009 6.0.6000.75
Webcam ALi 21.07.2011 1.00.000
Winamp (remove only) 27.12.2011
Windows Defender Microsoft Corporation 10.11.2011 8,80MB 1.1.1593.21
Windows Internet Explorer 7 Microsoft Corporation 20.01.2009 20070813.185237
Windows Live Anmelde-Assistent Microsoft Corporation 12.11.2011 1,93MB 5.000.818.6
Windows Live Essentials Microsoft Corporation 20.01.2009 14.0.8050.1202
Windows Live Sync Microsoft Corporation 20.01.2009 2,80MB 14.0.8050.1202
Windows Live-Uploadtool Microsoft Corporation 20.01.2009 0,22MB 14.0.8014.1029
Windows Media Format 11 runtime 27.12.2011
Windows Media Player 11 27.12.2011
WinRAR Archivierer 27.12.2011
ZoneAlarm-Sicherheit Toolbar ZoneAlarm-Sicherheit 27.12.2011

[\code]*
__________________
 

Themen zu Entfernungsprobleme mit Backdoorprogramm BDS\Sinowal.knfal....
0x00000001, antivir, avg, avira, black, checkpoint, combofix, converter, desktop, einstellungen, excel, firefox, google, helper, home, installation, internet, internet explorer, mozilla, nicht möglich, norman, nt.dll, popup, realtek, registry, rundll, software, system, updates, verweise


« Trojaner "TR/bafi.A.2 Im Windows System32 Ordner | BKA Trojaner »


Ähnliche Themen: Entfernungsprobleme mit Backdoorprogramm BDS\Sinowal.knfal....


  1. Bundespolizei Trojaner und Entfernungsprobleme bei BOO/TDss.M
    Plagegeister aller Art und deren Bekämpfung - 22.03.2012 (4)
  2. Wie entferne ich BDS/Sinowal.knfal oder generell Sinowal?
    Plagegeister aller Art und deren Bekämpfung - 31.12.2011 (17)
  3. BDS/Sinowal.knfal von Avira Antivirus Premium 2012 gefunden
    Log-Analyse und Auswertung - 30.12.2011 (9)
  4. Malware Sinowal.knfal bei XP
    Plagegeister aller Art und deren Bekämpfung - 30.12.2011 (3)
  5. BDS/Sinowal.knfal im Masterbootsektor HDO sagt Virenprogramm
    Plagegeister aller Art und deren Bekämpfung - 28.12.2011 (12)
  6. RKIT/MBR.Sinowal.J ...Boo/Sinowal.C ...W32/Stanit
    Plagegeister aller Art und deren Bekämpfung - 25.02.2011 (15)
  7. Backdoorprogramm BDS/Papras.VZ
    Plagegeister aller Art und deren Bekämpfung - 05.11.2010 (12)
  8. Backdoorprogramm auf Laptop
    Antiviren-, Firewall- und andere Schutzprogramme - 06.10.2010 (52)
  9. Gefährliches Backdoorprogramm
    Log-Analyse und Auswertung - 18.07.2010 (21)
  10. Backdoorprogramm BDS/Papras.JE
    Log-Analyse und Auswertung - 10.07.2010 (5)
  11. backdoorprogramm ausgeführt
    Plagegeister aller Art und deren Bekämpfung - 19.08.2009 (7)
  12. Agent.ced Backdoorprogramm
    Mülltonne - 20.10.2007 (0)
  13. Winhealer.dll Backdoorprogramm?!!
    Log-Analyse und Auswertung - 01.05.2007 (2)
  14. BDS Backdoorprogramm entdeckt
    Plagegeister aller Art und deren Bekämpfung - 30.08.2006 (5)
  15. Backdoorprogramm BDS/Ra.AS in Firefox
    Plagegeister aller Art und deren Bekämpfung - 01.08.2006 (2)
  16. Backdoorprogramm BDS/Small.FP.2
    Log-Analyse und Auswertung - 22.06.2005 (2)
  17. Backdoorprogramm BDS/Bancodor.x.DLL
    Plagegeister aller Art und deren Bekämpfung - 04.02.2005 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Entfernungsprobleme mit Backdoorprogramm BDS\Sinowal.knfal.... - Hallo Kira, ich bin jetzt so vorgegangen, wie du es mir beschrieben hast (Logfiles folgen). OTL hat bei mir irgendwie nicht funktioniert bzw. welchen Text aus welcher Codebox muss ich - Entfernungsprobleme mit Backdoorprogramm BDS\Sinowal.knfal.......
Archiv
Du betrachtest: Entfernungsprobleme mit Backdoorprogramm BDS\Sinowal.knfal.... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132