Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
SafeBoot.sys

SafeBoot.sys


Plagegeister aller Art und deren Bekämpfung: SafeBoot.sys

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.01.2012, 11:22   #1
ro-mann
 
SafeBoot.sys - Standard

SafeBoot.sys


Hallo!

Bei einem Scan mit TDSSKiller ist die Datei SafeBoot.sys als Schadsoftware ausgewiesen worden. Ich habe sie in die Quarantäne kopiert und die DTA-Datei (uch nehme an, das ist die SafeBoot.sys in der Quarantäne?) bei mehreren Virus-Webseiten (Virustotal, Viruschief, Jottis) analysieren lassen, aber nichts gefunden. Anbei die DTA-Datei, kann mir jemand sagen, ob das ein Virus ist?

lg,
Roman

Alt 26.01.2012, 19:05   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
SafeBoot.sys - Standard

SafeBoot.sys


In der ZIP ist kein TDSS-Log.

Zitat:
Bei einem Scan mit TDSSKiller ist die Datei SafeBoot.sys als Schadsoftware ausgewiesen worden.
Wieso führst du denn einfach den TDSS-Killer aus? Voreiliges fixen bzw. planloses Löschen aller vom TDSS-Killer bemängelten Dateien kann zu einem zerstörten System führen!
In meinen Postings zum TDSS-Killer steht deswegen immer das:

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!
__________________

__________________
Alt 02.02.2012, 11:20   #3
ro-mann
 
SafeBoot.sys - Standard

SafeBoot.sys


Hier ist das Logfile:

Code:
ATTFilter
11:16:17.0390 8672	TDSS rootkit removing tool 2.7.9.0 Feb  1 2012 09:28:49
11:16:17.0545 8672	============================================================
11:16:17.0545 8672	Current date / time: 2012/02/02 11:16:17.0545
11:16:17.0546 8672	SystemInfo:
11:16:17.0546 8672	
11:16:17.0546 8672	OS Version: 6.1.7601 ServicePack: 1.0
11:16:17.0546 8672	Product type: Workstation
11:16:17.0546 8672	ComputerName: WEBDEV27
11:16:17.0546 8672	UserName: r.
11:16:17.0546 8672	Windows directory: C:\Windows
11:16:17.0546 8672	System windows directory: C:\Windows
11:16:17.0546 8672	Processor architecture: Intel x86
11:16:17.0546 8672	Number of processors: 4
11:16:17.0546 8672	Page size: 0x1000
11:16:17.0546 8672	Boot type: Normal boot
11:16:17.0546 8672	============================================================
11:16:18.0355 8672	Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:16:18.0412 8672	Drive \Device\Harddisk6\DR6 - Size: 0x7A7D1A00 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:16:18.0413 8672	\Device\Harddisk0\DR0:
11:16:18.0413 8672	MBR used
11:16:18.0413 8672	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1FF800
11:16:18.0413 8672	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x200000, BlocksNum 0x1C4CA800
11:16:18.0413 8672	\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C6CA800, BlocksNum 0xAF6000
11:16:18.0413 8672	\Device\Harddisk6\DR6:
11:16:18.0414 8672	MBR used
11:16:18.0711 8672	Initialize success
11:16:18.0711 8672	============================================================
11:16:20.0121 9744	============================================================
11:16:20.0121 9744	Scan started
11:16:20.0121 9744	Mode: Manual; 
11:16:20.0121 9744	============================================================
11:16:21.0797 9744	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
11:16:21.0800 9744	1394ohci - ok
11:16:21.0927 9744	a2acc           (05dac43a484272de87eac038814a7840) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
11:16:21.0929 9744	a2acc - ok
11:16:22.0064 9744	A2DDA           (f7eabca8375ea2dc6f35c4bca4757515) C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys
11:16:22.0066 9744	A2DDA - ok
11:16:22.0169 9744	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
11:16:22.0174 9744	ACPI - ok
11:16:22.0277 9744	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
11:16:22.0279 9744	AcpiPmi - ok
11:16:22.0388 9744	ADIHdAudAddService (6c61bceb60c2c187e6f96001fd69493e) C:\Windows\system32\drivers\ADIHdAud.sys
11:16:22.0394 9744	ADIHdAudAddService - ok
11:16:22.0488 9744	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
11:16:22.0501 9744	adp94xx - ok
11:16:22.0583 9744	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
11:16:22.0588 9744	adpahci - ok
11:16:22.0672 9744	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
11:16:22.0675 9744	adpu320 - ok
11:16:22.0790 9744	afcdp           (53696ad8ffc5fac51949a525ff65a689) C:\Windows\system32\DRIVERS\afcdp.sys
11:16:22.0813 9744	afcdp - ok
11:16:22.0929 9744	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
11:16:22.0934 9744	AFD - ok
11:16:23.0019 9744	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
11:16:23.0020 9744	agp440 - ok
11:16:23.0103 9744	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
11:16:23.0105 9744	aic78xx - ok
11:16:23.0209 9744	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
11:16:23.0211 9744	aliide - ok
11:16:23.0293 9744	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
11:16:23.0295 9744	amdagp - ok
11:16:23.0385 9744	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
11:16:23.0387 9744	amdide - ok
11:16:23.0626 9744	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
11:16:23.0628 9744	AmdK8 - ok
11:16:23.0700 9744	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
11:16:23.0702 9744	AmdPPM - ok
11:16:23.0735 9744	amdsata         (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
11:16:23.0737 9744	amdsata - ok
11:16:23.0788 9744	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
11:16:23.0791 9744	amdsbs - ok
11:16:23.0813 9744	amdxata         (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
11:16:23.0815 9744	amdxata - ok
11:16:23.0896 9744	androidusb      (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\Windows\system32\Drivers\ssadadb.sys
11:16:23.0914 9744	androidusb - ok
11:16:23.0990 9744	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
11:16:23.0992 9744	AppID - ok
11:16:24.0080 9744	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
11:16:24.0083 9744	arc - ok
11:16:24.0162 9744	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
11:16:24.0164 9744	arcsas - ok
11:16:24.0289 9744	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
11:16:24.0291 9744	AsyncMac - ok
11:16:24.0409 9744	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
11:16:24.0410 9744	atapi - ok
11:16:24.0518 9744	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
11:16:24.0524 9744	b06bdrv - ok
11:16:24.0571 9744	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
11:16:24.0575 9744	b57nd60x - ok
11:16:24.0655 9744	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
11:16:24.0657 9744	Beep - ok
11:16:24.0695 9744	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
11:16:24.0696 9744	blbdrive - ok
11:16:24.0729 9744	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
11:16:24.0731 9744	bowser - ok
11:16:24.0792 9744	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:16:24.0794 9744	BrFiltLo - ok
11:16:24.0809 9744	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:16:24.0810 9744	BrFiltUp - ok
11:16:24.0876 9744	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
11:16:24.0880 9744	Brserid - ok
11:16:24.0916 9744	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
11:16:24.0918 9744	BrSerWdm - ok
11:16:24.0934 9744	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:16:24.0936 9744	BrUsbMdm - ok
11:16:24.0945 9744	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
11:16:24.0947 9744	BrUsbSer - ok
11:16:24.0964 9744	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
11:16:24.0966 9744	BTHMODEM - ok
11:16:25.0050 9744	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
11:16:25.0052 9744	cdfs - ok
11:16:25.0172 9744	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
11:16:25.0174 9744	cdrom - ok
11:16:25.0228 9744	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
11:16:25.0230 9744	circlass - ok
11:16:25.0278 9744	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
11:16:25.0281 9744	CLFS - ok
11:16:25.0367 9744	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
11:16:25.0369 9744	CmBatt - ok
11:16:25.0421 9744	cmdGuard        (ef98b620101bb406d39906feddc352a0) C:\Windows\system32\DRIVERS\cmdguard.sys
11:16:25.0474 9744	cmdGuard - ok
11:16:25.0535 9744	cmdHlp          (051d5be8106f09dd5e0d5589ea931b1e) C:\Windows\system32\DRIVERS\cmdhlp.sys
11:16:25.0555 9744	cmdHlp - ok
11:16:25.0629 9744	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
11:16:25.0631 9744	cmdide - ok
11:16:25.0682 9744	CNG             (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
11:16:25.0706 9744	CNG - ok
11:16:25.0783 9744	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
11:16:25.0784 9744	Compbatt - ok
11:16:25.0834 9744	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
11:16:25.0836 9744	CompositeBus - ok
11:16:25.0874 9744	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
11:16:25.0876 9744	crcdisk - ok
11:16:25.0990 9744	CSC             (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
11:16:25.0996 9744	CSC - ok
11:16:26.0044 9744	DAMDrv          (a05433f6218dcb8f0dec232de65f8b26) C:\Windows\system32\DRIVERS\DAMDrv.sys
11:16:26.0046 9744	DAMDrv - ok
11:16:26.0119 9744	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
11:16:26.0122 9744	DfsC - ok
11:16:26.0200 9744	dgderdrv - ok
11:16:26.0239 9744	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
11:16:26.0241 9744	discache - ok
11:16:26.0315 9744	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
11:16:26.0318 9744	Disk - ok
11:16:26.0401 9744	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
11:16:26.0402 9744	drmkaud - ok
11:16:26.0446 9744	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
11:16:26.0461 9744	DXGKrnl - ok
11:16:26.0566 9744	e1kexpress      (20c70a4226c9a066d2ead0c814083a95) C:\Windows\system32\DRIVERS\e1k6232.sys
11:16:26.0596 9744	e1kexpress - ok
11:16:26.0685 9744	eamonm          (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys
11:16:26.0688 9744	eamonm - ok
11:16:26.0791 9744	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
11:16:27.0058 9744	ebdrv - ok
11:16:27.0130 9744	ehdrv           (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys
11:16:27.0133 9744	ehdrv - ok
11:16:27.0210 9744	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
11:16:27.0223 9744	elxstor - ok
11:16:27.0245 9744	epfwwfpr        (f39c91795ebdb9ecbeb5a388ff2841fe) C:\Windows\system32\DRIVERS\epfwwfpr.sys
11:16:27.0264 9744	epfwwfpr - ok
11:16:27.0299 9744	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
11:16:27.0301 9744	ErrDev - ok
11:16:27.0344 9744	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
11:16:27.0347 9744	exfat - ok
11:16:27.0365 9744	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
11:16:27.0368 9744	fastfat - ok
11:16:27.0396 9744	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
11:16:27.0398 9744	fdc - ok
11:16:27.0431 9744	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
11:16:27.0433 9744	FileInfo - ok
11:16:27.0462 9744	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
11:16:27.0464 9744	Filetrace - ok
11:16:27.0488 9744	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
11:16:27.0490 9744	flpydisk - ok
11:16:27.0516 9744	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
11:16:27.0520 9744	FltMgr - ok
11:16:27.0546 9744	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
11:16:27.0548 9744	FsDepends - ok
11:16:27.0575 9744	Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
11:16:27.0576 9744	Fs_Rec - ok
11:16:27.0627 9744	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
11:16:27.0631 9744	fvevol - ok
11:16:27.0663 9744	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:16:27.0666 9744	gagp30kx - ok
11:16:27.0704 9744	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
11:16:27.0706 9744	hcw85cir - ok
11:16:27.0777 9744	HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
11:16:27.0782 9744	HdAudAddService - ok
11:16:27.0812 9744	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
11:16:27.0813 9744	HDAudBus - ok
11:16:27.0842 9744	HECI            (88a67c34e37186665e916fd347b50d19) C:\Windows\system32\DRIVERS\HECI.sys
11:16:27.0844 9744	HECI - ok
11:16:27.0870 9744	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
11:16:27.0873 9744	HidBatt - ok
11:16:27.0908 9744	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
11:16:28.0417 9744	HidBth - ok
11:16:28.0493 9744	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
11:16:28.0496 9744	HidIr - ok
11:16:28.0633 9744	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
11:16:28.0635 9744	HidUsb - ok
11:16:28.0785 9744	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
11:16:28.0787 9744	HpSAMD - ok
11:16:28.0894 9744	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
11:16:28.0908 9744	HTTP - ok
11:16:29.0115 9744	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
11:16:29.0116 9744	hwpolicy - ok
11:16:29.0226 9744	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
11:16:29.0228 9744	i8042prt - ok
11:16:29.0260 9744	iaStor          (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\drivers\iastor.sys
11:16:29.0262 9744	iaStor - ok
11:16:29.0309 9744	iaStorV         (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
11:16:29.0314 9744	iaStorV - ok
11:16:29.0533 9744	igfx            (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:16:29.0653 9744	igfx - ok
11:16:29.0751 9744	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
11:16:29.0752 9744	iirsp - ok
11:16:29.0818 9744	inspect         (2ee3db2c1760171c6f72f2f1792a47b5) C:\Windows\system32\DRIVERS\inspect.sys
11:16:29.0855 9744	inspect - ok
11:16:29.0951 9744	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
11:16:29.0953 9744	intelide - ok
11:16:29.0991 9744	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
11:16:29.0992 9744	intelppm - ok
11:16:30.0016 9744	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:16:30.0018 9744	IpFilterDriver - ok
11:16:30.0086 9744	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
11:16:30.0088 9744	IPMIDRV - ok
11:16:30.0144 9744	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
11:16:30.0147 9744	IPNAT - ok
11:16:30.0214 9744	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
11:16:30.0216 9744	IRENUM - ok
11:16:30.0290 9744	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
11:16:30.0292 9744	isapnp - ok
11:16:30.0379 9744	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
11:16:30.0383 9744	iScsiPrt - ok
11:16:30.0481 9744	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:16:30.0483 9744	kbdclass - ok
11:16:30.0544 9744	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
11:16:30.0546 9744	kbdhid - ok
11:16:30.0608 9744	KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
11:16:30.0636 9744	KSecDD - ok
11:16:30.0667 9744	KSecPkg         (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
11:16:30.0699 9744	KSecPkg - ok
11:16:30.0799 9744	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
11:16:30.0801 9744	lltdio - ok
11:16:30.0875 9744	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:16:30.0877 9744	LSI_FC - ok
11:16:30.0923 9744	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:16:30.0925 9744	LSI_SAS - ok
11:16:30.0963 9744	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:16:30.0965 9744	LSI_SAS2 - ok
11:16:30.0980 9744	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:16:30.0982 9744	LSI_SCSI - ok
11:16:31.0006 9744	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
11:16:31.0008 9744	luafv - ok
11:16:31.0056 9744	MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
11:16:31.0058 9744	MBAMProtector - ok
11:16:31.0112 9744	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
11:16:31.0114 9744	megasas - ok
11:16:31.0168 9744	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
11:16:31.0172 9744	MegaSR - ok
11:16:31.0220 9744	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
11:16:31.0222 9744	Modem - ok
11:16:31.0248 9744	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
11:16:31.0249 9744	monitor - ok
11:16:31.0305 9744	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
11:16:31.0329 9744	mouclass - ok
11:16:31.0401 9744	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
11:16:31.0403 9744	mouhid - ok
11:16:31.0455 9744	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
11:16:31.0457 9744	mountmgr - ok
11:16:31.0509 9744	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
11:16:31.0512 9744	mpio - ok
11:16:31.0545 9744	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
11:16:31.0548 9744	mpsdrv - ok
11:16:31.0608 9744	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
11:16:31.0611 9744	MRxDAV - ok
11:16:31.0654 9744	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:16:31.0677 9744	mrxsmb - ok
11:16:31.0717 9744	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:16:31.0721 9744	mrxsmb10 - ok
11:16:31.0743 9744	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:16:31.0746 9744	mrxsmb20 - ok
11:16:31.0799 9744	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
11:16:31.0801 9744	msahci - ok
11:16:31.0843 9744	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
11:16:31.0846 9744	msdsm - ok
11:16:31.0893 9744	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
11:16:31.0895 9744	Msfs - ok
11:16:31.0947 9744	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
11:16:31.0949 9744	mshidkmdf - ok
11:16:31.0991 9744	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
11:16:31.0992 9744	msisadrv - ok
11:16:32.0050 9744	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
11:16:32.0053 9744	MSKSSRV - ok
11:16:32.0074 9744	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
11:16:32.0076 9744	MSPCLOCK - ok
11:16:32.0115 9744	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
11:16:32.0117 9744	MSPQM - ok
11:16:32.0170 9744	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
11:16:32.0174 9744	MsRPC - ok
11:16:32.0231 9744	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
11:16:32.0232 9744	mssmbios - ok
11:16:32.0259 9744	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
11:16:32.0261 9744	MSTEE - ok
11:16:32.0281 9744	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
11:16:32.0283 9744	MTConfig - ok
11:16:32.0305 9744	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
11:16:32.0308 9744	Mup - ok
11:16:32.0357 9744	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
11:16:32.0362 9744	NativeWifiP - ok
11:16:32.0425 9744	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
11:16:32.0439 9744	NDIS - ok
11:16:32.0505 9744	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
11:16:32.0507 9744	NdisCap - ok
11:16:32.0538 9744	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
11:16:32.0540 9744	NdisTapi - ok
11:16:32.0590 9744	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
11:16:32.0592 9744	Ndisuio - ok
11:16:32.0638 9744	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
11:16:32.0641 9744	NdisWan - ok
11:16:32.0695 9744	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
11:16:32.0697 9744	NDProxy - ok
11:16:32.0736 9744	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
11:16:32.0737 9744	NetBIOS - ok
11:16:32.0783 9744	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
11:16:32.0786 9744	NetBT - ok
11:16:32.0929 9744	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
11:16:32.0931 9744	nfrd960 - ok
11:16:32.0978 9744	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
11:16:32.0981 9744	Npfs - ok
11:16:33.0025 9744	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
11:16:33.0026 9744	nsiproxy - ok
11:16:33.0100 9744	Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
11:16:33.0136 9744	Ntfs - ok
11:16:33.0231 9744	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
11:16:33.0233 9744	Null - ok
11:16:33.0458 9744	nvlddmkm        (36ad1a7b311d6e592f4c01cf297b3841) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:16:33.0700 9744	nvlddmkm - ok
11:16:33.0812 9744	nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
11:16:33.0815 9744	nvraid - ok
11:16:33.0872 9744	nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
11:16:33.0876 9744	nvstor - ok
11:16:33.0931 9744	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
11:16:33.0934 9744	nv_agp - ok
11:16:33.0986 9744	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
11:16:33.0988 9744	ohci1394 - ok
11:16:34.0086 9744	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
11:16:34.0088 9744	Parport - ok
11:16:34.0149 9744	partmgr         (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
11:16:34.0152 9744	partmgr - ok
11:16:34.0199 9744	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
11:16:34.0201 9744	Parvdm - ok
11:16:34.0254 9744	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
11:16:34.0257 9744	pci - ok
11:16:34.0304 9744	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
11:16:34.0306 9744	pciide - ok
11:16:34.0351 9744	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
11:16:34.0354 9744	pcmcia - ok
11:16:34.0372 9744	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
11:16:34.0374 9744	pcw - ok
11:16:34.0404 9744	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
11:16:34.0418 9744	PEAUTH - ok
11:16:34.0533 9744	Point32         (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
11:16:34.0535 9744	Point32 - ok
11:16:34.0610 9744	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
11:16:34.0613 9744	PptpMiniport - ok
11:16:34.0657 9744	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
11:16:34.0659 9744	Processor - ok
11:16:34.0725 9744	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
11:16:34.0727 9744	Psched - ok
11:16:34.0786 9744	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
11:16:34.0811 9744	PxHelp20 - ok
11:16:34.0864 9744	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
11:16:34.0900 9744	ql2300 - ok
11:16:34.0935 9744	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
11:16:34.0938 9744	ql40xx - ok
11:16:34.0996 9744	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
11:16:34.0998 9744	QWAVEdrv - ok
11:16:35.0038 9744	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
11:16:35.0040 9744	RasAcd - ok
11:16:35.0066 9744	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:16:35.0068 9744	RasAgileVpn - ok
11:16:35.0125 9744	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:16:35.0128 9744	Rasl2tp - ok
11:16:35.0173 9744	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
11:16:35.0175 9744	RasPppoe - ok
11:16:35.0199 9744	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
11:16:35.0202 9744	RasSstp - ok
11:16:35.0252 9744	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
11:16:35.0257 9744	rdbss - ok
11:16:35.0284 9744	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
11:16:35.0286 9744	rdpbus - ok
11:16:35.0340 9744	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:16:35.0342 9744	RDPCDD - ok
11:16:35.0398 9744	RDPDR           (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
11:16:35.0401 9744	RDPDR - ok
11:16:35.0454 9744	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
11:16:35.0456 9744	RDPENCDD - ok
11:16:35.0484 9744	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
11:16:35.0486 9744	RDPREFMP - ok
11:16:35.0541 9744	RDPWD           (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
11:16:35.0545 9744	RDPWD - ok
11:16:35.0605 9744	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
11:16:35.0609 9744	rdyboost - ok
11:16:35.0785 9744	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
11:16:35.0787 9744	rspndr - ok
11:16:35.0807 9744	RsvLock         (13335d083935ab88e09c9acc077355b5) C:\Windows\system32\drivers\RsvLock.sys
11:16:35.0809 9744	RsvLock - ok
11:16:35.0854 9744	s3cap           (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
11:16:35.0856 9744	s3cap - ok
11:16:35.0882 9744	SafeBoot        (062b82fa74c895382ab0784d493c8c9c) C:\Windows\system32\drivers\SafeBoot.sys
11:16:35.0883 9744	Suspicious file (NoAccess): C:\Windows\system32\drivers\SafeBoot.sys. md5: 062b82fa74c895382ab0784d493c8c9c
11:16:35.0883 9744	SafeBoot ( LockedFile.Multi.Generic ) - warning
11:16:35.0883 9744	SafeBoot - detected LockedFile.Multi.Generic (1)
11:16:35.0938 9744	SbAlg           (c9cb2c392c35cbee2733c836d23dc642) C:\Windows\system32\drivers\SbAlg.sys
11:16:35.0940 9744	SbAlg - ok
11:16:35.0988 9744	SbFsLock        (b5a8ecdee930b52fd3ba35700a15ea53) C:\Windows\system32\drivers\SbFsLock.sys
11:16:35.0990 9744	SbFsLock - ok
11:16:36.0081 9744	SbieDrv         (3ab6cad1ddfa84cd7bc3d1a759b1e81e) C:\Program Files\Sandboxie\SbieDrv.sys
11:16:36.0084 9744	SbieDrv - ok
11:16:36.0182 9744	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
11:16:36.0184 9744	sbp2port - ok
11:16:36.0288 9744	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
11:16:36.0290 9744	scfilter - ok
11:16:36.0365 9744	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:16:36.0367 9744	secdrv - ok
11:16:36.0466 9744	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
11:16:36.0468 9744	Serenum - ok
11:16:36.0523 9744	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
11:16:36.0525 9744	Serial - ok
11:16:36.0581 9744	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
11:16:36.0583 9744	sermouse - ok
11:16:36.0651 9744	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
11:16:36.0652 9744	sffdisk - ok
11:16:36.0690 9744	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
11:16:36.0692 9744	sffp_mmc - ok
11:16:36.0732 9744	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
11:16:36.0734 9744	sffp_sd - ok
11:16:36.0784 9744	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
11:16:36.0785 9744	sfloppy - ok
11:16:36.0831 9744	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
11:16:36.0834 9744	sisagp - ok
11:16:36.0861 9744	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:16:36.0863 9744	SiSRaid2 - ok
11:16:36.0886 9744	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
11:16:36.0889 9744	SiSRaid4 - ok
11:16:36.0912 9744	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
11:16:36.0914 9744	Smb - ok
11:16:36.0988 9744	snapman         (eb49860e776ce860dc3cfb9edb1ba517) C:\Windows\system32\DRIVERS\snapman.sys
11:16:37.0006 9744	snapman - ok
11:16:37.0050 9744	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
11:16:37.0052 9744	spldr - ok
11:16:37.0108 9744	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
11:16:37.0132 9744	srv - ok
11:16:37.0170 9744	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
11:16:37.0194 9744	srv2 - ok
11:16:37.0229 9744	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
11:16:37.0232 9744	srvnet - ok
11:16:37.0289 9744	ssadbus         (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\Windows\system32\DRIVERS\ssadbus.sys
11:16:37.0292 9744	ssadbus - ok
11:16:37.0329 9744	ssadmdfl        (bb2c84a15c765da89fd832b0e73f26ce) C:\Windows\system32\DRIVERS\ssadmdfl.sys
11:16:37.0331 9744	ssadmdfl - ok
11:16:37.0367 9744	ssadmdm         (6d0d132ddc6f43eda00dced6d8b1ca31) C:\Windows\system32\DRIVERS\ssadmdm.sys
11:16:37.0414 9744	ssadmdm - ok
11:16:37.0449 9744	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
11:16:37.0451 9744	stexstor - ok
11:16:37.0511 9744	storflt         (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
11:16:37.0513 9744	storflt - ok
11:16:37.0542 9744	storvsc         (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
11:16:37.0544 9744	storvsc - ok
11:16:37.0563 9744	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
11:16:37.0565 9744	swenum - ok
11:16:37.0687 9744	Tcpip           (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
11:16:37.0722 9744	Tcpip - ok
11:16:37.0770 9744	TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
11:16:37.0777 9744	TCPIP6 - ok
11:16:37.0822 9744	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
11:16:37.0824 9744	tcpipreg - ok
11:16:37.0872 9744	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
11:16:37.0874 9744	TDPIPE - ok
11:16:37.0945 9744	tdrpman273      (431801fcc97034e04a6eff81136578d7) C:\Windows\system32\DRIVERS\tdrpm273.sys
11:16:38.0001 9744	tdrpman273 - ok
11:16:38.0042 9744	TDTCP           (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
11:16:38.0044 9744	TDTCP - ok
11:16:38.0096 9744	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
11:16:38.0098 9744	tdx - ok
11:16:38.0149 9744	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
11:16:38.0152 9744	TermDD - ok
11:16:38.0207 9744	timounter       (a34d7024bb7140ec785c86bc065d4f60) C:\Windows\system32\DRIVERS\timntr.sys
11:16:38.0246 9744	timounter - ok
11:16:38.0284 9744	TPM             (5ad05191dc8b444a7ba4d79b76c42a30) C:\Windows\system32\drivers\tpm.sys
11:16:38.0286 9744	TPM - ok
11:16:38.0332 9744	truecrypt       (746b8cf9cededdd865472544edf626da) C:\Windows\system32\drivers\truecrypt.sys
11:16:38.0356 9744	truecrypt - ok
11:16:38.0405 9744	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:16:38.0407 9744	tssecsrv - ok
11:16:38.0463 9744	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
11:16:38.0466 9744	TsUsbFlt - ok
11:16:38.0537 9744	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
11:16:38.0540 9744	tunnel - ok
11:16:38.0572 9744	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
11:16:38.0575 9744	uagp35 - ok
11:16:38.0625 9744	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
11:16:38.0630 9744	udfs - ok
11:16:38.0734 9744	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
11:16:38.0736 9744	uliagpkx - ok
11:16:38.0791 9744	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
11:16:38.0793 9744	umbus - ok
11:16:38.0839 9744	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
11:16:38.0841 9744	UmPass - ok
11:16:38.0886 9744	usbccgp         (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
11:16:38.0889 9744	usbccgp - ok
11:16:38.0932 9744	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
11:16:38.0935 9744	usbcir - ok
11:16:38.0974 9744	usbehci         (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
11:16:38.0977 9744	usbehci - ok
11:16:39.0052 9744	usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
11:16:39.0057 9744	usbhub - ok
11:16:39.0110 9744	usbohci         (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
11:16:39.0112 9744	usbohci - ok
11:16:39.0178 9744	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
11:16:39.0180 9744	usbprint - ok
11:16:39.0232 9744	USBSTOR         (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:16:39.0235 9744	USBSTOR - ok
11:16:39.0279 9744	usbuhci         (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
11:16:39.0296 9744	usbuhci - ok
11:16:39.0374 9744	usb_rndisx      (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
11:16:39.0397 9744	usb_rndisx - ok
11:16:39.0482 9744	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
11:16:39.0484 9744	vdrvroot - ok
11:16:39.0543 9744	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
11:16:39.0545 9744	vga - ok
11:16:39.0588 9744	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
11:16:39.0590 9744	VgaSave - ok
11:16:39.0637 9744	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
11:16:39.0641 9744	vhdmp - ok
11:16:39.0672 9744	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
11:16:39.0675 9744	viaagp - ok
11:16:39.0717 9744	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
11:16:39.0719 9744	ViaC7 - ok
11:16:39.0759 9744	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
11:16:39.0761 9744	viaide - ok
11:16:39.0805 9744	vmbus           (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
11:16:39.0809 9744	vmbus - ok
11:16:39.0853 9744	VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
11:16:39.0855 9744	VMBusHID - ok
11:16:39.0873 9744	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
11:16:39.0876 9744	volmgr - ok
11:16:39.0897 9744	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
11:16:39.0902 9744	volmgrx - ok
11:16:39.0928 9744	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
11:16:39.0932 9744	volsnap - ok
11:16:39.0965 9744	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
11:16:39.0968 9744	vsmraid - ok
11:16:39.0999 9744	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
11:16:40.0001 9744	vwifibus - ok
11:16:40.0033 9744	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
11:16:40.0035 9744	WacomPen - ok
11:16:40.0096 9744	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
11:16:40.0099 9744	WANARP - ok
11:16:40.0106 9744	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
11:16:40.0108 9744	Wanarpv6 - ok
11:16:40.0182 9744	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
11:16:40.0184 9744	Wd - ok
11:16:40.0216 9744	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
11:16:40.0230 9744	Wdf01000 - ok
11:16:40.0295 9744	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
11:16:40.0297 9744	WfpLwf - ok
11:16:40.0315 9744	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
11:16:40.0319 9744	WIMMount - ok
11:16:40.0417 9744	WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
11:16:40.0435 9744	WinUsb - ok
11:16:40.0484 9744	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
11:16:40.0485 9744	WmiAcpi - ok
11:16:40.0538 9744	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
11:16:40.0872 9744	ws2ifsl - ok
11:16:41.0004 9744	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
11:16:41.0007 9744	WudfPf - ok
11:16:41.0093 9744	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:16:41.0096 9744	WUDFRd - ok
11:16:41.0162 9744	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:16:41.0223 9744	\Device\Harddisk0\DR0 - ok
11:16:41.0228 9744	MBR (0x1B8)     (c0485ddf598443c99fca5adc0e12ef3e) \Device\Harddisk6\DR6
11:16:43.0028 9744	\Device\Harddisk6\DR6 - ok
11:16:43.0032 9744	Boot (0x1200)   (aef357b2f5c9c4a1abdc3111da61f8ab) \Device\Harddisk0\DR0\Partition0
11:16:43.0033 9744	\Device\Harddisk0\DR0\Partition0 - ok
11:16:43.0060 9744	Boot (0x1200)   (8d6993752932507bd95fa45c44dbccd5) \Device\Harddisk0\DR0\Partition1
11:16:43.0061 9744	\Device\Harddisk0\DR0\Partition1 - ok
11:16:43.0094 9744	Boot (0x1200)   (1cff12a7f4f8bf8d64bcac0f11e50397) \Device\Harddisk0\DR0\Partition2
11:16:43.0095 9744	\Device\Harddisk0\DR0\Partition2 - ok
11:16:43.0095 9744	============================================================
11:16:43.0095 9744	Scan finished
11:16:43.0095 9744	============================================================
11:16:43.0108 10016	Detected object count: 1
11:16:43.0109 10016	Actual detected object count: 1
11:16:52.0507 10016	SafeBoot ( LockedFile.Multi.Generic ) - skipped by user
11:16:52.0507 10016	SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip
lg,
Roman
__________________
Alt 02.02.2012, 16:29   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
SafeBoot.sys - Standard

SafeBoot.sys


Zitat:
Suspicious file (NoAccess):
Suspicous bedeutet verdächtig, aber nicht dass es definitiv eine Schaddatei ist!

Safeboot.sys driver | What is Safeboot.sys file?

Zitat:
Safeboot.sys with description McAfee Endpoint Encryption Driver is a driver file from company McAfee, Inc. belonging to product McAfee Endpoint Encryption.
The file is digitally signed from MCAFEE INTERNATIONAL LTD. - VeriSign Time Stamping Services Signer - G2
We do not recommend removing digitally signed files from MCAFEE INTERNATIONAL LTD.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu SafeBoot.sys
analysieren, anbei, datei, gefunde, kopiert, mehreren, nichts, quarantäne, safeboot.sys, scan, schadsoftware, tdsskiller, virustotal


« backdoor,win32.bifrose.f | BKa Trojaner eigefangen,wie soll ich vorgehen? »


Ähnliche Themen: SafeBoot.sys


  1. Labtop bootet nur noch in Safeboot nach einer "Supportline" (Win7x64)
    Log-Analyse und Auswertung - 29.05.2015 (21)
  2. Ist SafeBoot.sys wirklich eine verdächtige/schädliche Datei?
    Plagegeister aller Art und deren Bekämpfung - 12.05.2011 (7)
  3. Festplattencrash - SafeBoot
    Plagegeister aller Art und deren Bekämpfung - 03.08.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema SafeBoot.sys - Hallo! Bei einem Scan mit TDSSKiller ist die Datei SafeBoot.sys als Schadsoftware ausgewiesen worden. Ich habe sie in die Quarantäne kopiert und die DTA-Datei (uch nehme an, das ist die - SafeBoot.sys...
Archiv
Du betrachtest: SafeBoot.sys auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132