| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
09.02.2012, 20:08
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
O2 - BHO: (Complete Bar) - {64c54209-175c-454d-9291-ac46d4d952cf} - C:\Programme\completebartb\completebarDx.dll ()
O2 - BHO: (Updater For Complete Bar) - {fe618700-e0ee-441e-8b1d-18ce226bb193} - C:\Programme\completebartb\auxi\completebarAu.dll (Visicom Media)
O3 - HKLM\..\Toolbar: (Complete Bar) - {64c54209-175c-454d-9291-ac46d4d952cf} - C:\Programme\completebartb\completebarDx.dll ()
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSof0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1220945662-117609710-839522115-1003\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Programme\Softonic_Deutsch\tbSof0.dll (Conduit Ltd.)
O4 - HKU\S-1-5-21-1220945662-117609710-839522115-1003..\Run: [{205DA227-43AD-7F65-8D7E-50CF0358A108}] "C:\Dokumente und Einstellungen\***\Anwendungsdaten\Qaehi\egrufir.exe" File not found
O4 - HKU\S-1-5-21-1220945662-117609710-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DontSetAutoplayCheckbox = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.08.11 08:45:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
:Files
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Qaehi
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Isqikoe
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
10.02.2012, 08:56
| #2 |
 | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun?Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64c54209-175c-454d-9291-ac46d4d952cf}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64c54209-175c-454d-9291-ac46d4d952cf}\ deleted successfully.
C:\Programme\completebartb\completebarDx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe618700-e0ee-441e-8b1d-18ce226bb193}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fe618700-e0ee-441e-8b1d-18ce226bb193}\ deleted successfully.
C:\Programme\completebartb\auxi\completebarAu.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{64c54209-175c-454d-9291-ac46d4d952cf} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64c54209-175c-454d-9291-ac46d4d952cf}\ not found.
File C:\Programme\completebartb\completebarDx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}\ deleted successfully.
C:\Programme\Softonic_Deutsch\tbSof0.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1220945662-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C}\ not found.
File C:\Programme\Softonic_Deutsch\tbSof0.dll not found.
Registry value HKEY_USERS\S-1-5-21-1220945662-117609710-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\{205DA227-43AD-7F65-8D7E-50CF0358A108} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{205DA227-43AD-7F65-8D7E-50CF0358A108}\ not found.
Registry value HKEY_USERS\S-1-5-21-1220945662-117609710-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\DontSetAutoplayCheckbox deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoAutorun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutorunSetting deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
========== FILES ==========
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Qaehi folder moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Isqikoe folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Admin
->Temp folder emptied: 4192325 bytes
->Temporary Internet Files folder emptied: 48382044 bytes
->Flash cache emptied: 755 bytes
User: Administrator
->Temp folder emptied: 52392 bytes
->Temporary Internet Files folder emptied: 1446976 bytes
->FireFox cache emptied: 3342979 bytes
->Flash cache emptied: 405 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Javascripts
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 6434108 bytes
User: NetworkService
->Temp folder emptied: 993546 bytes
->Temporary Internet Files folder emptied: 1096694 bytes
User: ***
->Temp folder emptied: 804297536 bytes
->Temporary Internet Files folder emptied: 646595306 bytes
->Java cache emptied: 1680886 bytes
->FireFox cache emptied: 104829556 bytes
->Apple Safari cache emptied: 1478656 bytes
->Flash cache emptied: 38658 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4378723 bytes
%systemroot%\System32 .tmp files removed: 3244423 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11406105 bytes
RecycleBin emptied: 700944339 bytes
Total Files Cleaned = 2.236,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 02102012_083649
Files\Folders moved on Reboot...
File\Folder C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temp\Perflib_Perfdata_244.dat not found!
Registry entries deleted on Reboot...
|
|
10.02.2012, 13:05
| #3 |
| | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Hallo cosinus,
__________________ist das Log von heute morgen korrekt oder fehlt noch was? |
|
10.02.2012, 14:25
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.02.2012, 14:48
| #5 |
| | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Da ist es: Code:
ATTFilter 14:33:28.0156 1388 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
14:33:28.0671 1388 ============================================================
14:33:28.0671 1388 Current date / time: 2012/02/10 14:33:28.0671
14:33:28.0671 1388 SystemInfo:
14:33:28.0671 1388
14:33:28.0671 1388 OS Version: 5.1.2600 ServicePack: 3.0
14:33:28.0671 1388 Product type: Workstation
14:33:28.0671 1388 ComputerName: PC-SERVER
14:33:28.0671 1388 UserName: ***
14:33:28.0671 1388 Windows directory: C:\WINDOWS
14:33:28.0671 1388 System windows directory: C:\WINDOWS
14:33:28.0671 1388 Processor architecture: Intel x86
14:33:28.0671 1388 Number of processors: 1
14:33:28.0671 1388 Page size: 0x1000
14:33:28.0671 1388 Boot type: Normal boot
14:33:28.0671 1388 ============================================================
14:33:30.0953 1388 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:33:30.0984 1388 \Device\Harddisk0\DR0:
14:33:30.0984 1388 MBR used
14:33:30.0984 1388 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x88B8F9D
14:33:31.0000 1388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x88B901B, BlocksNum 0x149076A5
14:33:31.0062 1388 Initialize success
14:33:31.0062 1388 ============================================================
14:34:18.0406 4020 ============================================================
14:34:18.0406 4020 Scan started
14:34:18.0406 4020 Mode: Manual; SigCheck; TDLFS;
14:34:18.0406 4020 ============================================================
14:34:18.0734 4020 Abiosdsk - ok
14:34:18.0750 4020 abp480n5 - ok
14:34:18.0796 4020 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:34:19.0890 4020 ACPI - ok
14:34:19.0953 4020 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:34:20.0093 4020 ACPIEC - ok
14:34:20.0093 4020 adpu160m - ok
14:34:20.0140 4020 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:34:20.0312 4020 aec - ok
14:34:20.0343 4020 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:34:20.0406 4020 AFD - ok
14:34:20.0421 4020 Aha154x - ok
14:34:20.0437 4020 aic78u2 - ok
14:34:20.0453 4020 aic78xx - ok
14:34:20.0500 4020 AliIde - ok
14:34:20.0515 4020 amsint - ok
14:34:20.0546 4020 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:34:20.0703 4020 Arp1394 - ok
14:34:20.0703 4020 asc - ok
14:34:20.0718 4020 asc3350p - ok
14:34:20.0734 4020 asc3550 - ok
14:34:20.0765 4020 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:34:20.0921 4020 AsyncMac - ok
14:34:20.0953 4020 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:34:21.0078 4020 atapi - ok
14:34:21.0093 4020 Atdisk - ok
14:34:21.0109 4020 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:34:21.0250 4020 Atmarpc - ok
14:34:21.0328 4020 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:34:21.0500 4020 audstub - ok
14:34:21.0593 4020 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
14:34:21.0609 4020 avgio - ok
14:34:21.0640 4020 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:34:21.0718 4020 avgntflt - ok
14:34:21.0750 4020 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:34:21.0812 4020 avipbb - ok
14:34:21.0843 4020 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:34:22.0046 4020 Beep - ok
14:34:22.0078 4020 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:34:22.0296 4020 cbidf2k - ok
14:34:22.0328 4020 cd20xrnt - ok
14:34:22.0359 4020 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:34:22.0531 4020 Cdaudio - ok
14:34:22.0625 4020 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:34:22.0828 4020 Cdfs - ok
14:34:22.0937 4020 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:34:23.0171 4020 Cdrom - ok
14:34:23.0203 4020 Changer - ok
14:34:23.0265 4020 CmdIde - ok
14:34:23.0328 4020 Cpqarray - ok
14:34:23.0406 4020 dac2w2k - ok
14:34:23.0484 4020 dac960nt - ok
14:34:23.0625 4020 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:34:23.0843 4020 Disk - ok
14:34:24.0218 4020 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
14:34:24.0578 4020 dmboot - ok
14:34:24.0875 4020 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\DRIVERS\dmio.sys
14:34:25.0125 4020 dmio - ok
14:34:25.0265 4020 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:34:25.0437 4020 dmload - ok
14:34:25.0531 4020 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:34:25.0734 4020 DMusic - ok
14:34:25.0765 4020 dpti2o - ok
14:34:25.0890 4020 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:34:26.0062 4020 drmkaud - ok
14:34:26.0234 4020 DSSUSBF (a539daae5463f8d3acdbce50c7d20740) C:\WINDOWS\system32\DRIVERS\DSSUSBF.sys
14:34:26.0328 4020 DSSUSBF ( UnsignedFile.Multi.Generic ) - warning
14:34:26.0328 4020 DSSUSBF - detected UnsignedFile.Multi.Generic (1)
14:34:26.0468 4020 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:34:26.0734 4020 Fastfat - ok
14:34:26.0968 4020 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:34:27.0390 4020 Fdc - ok
14:34:27.0578 4020 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
14:34:27.0953 4020 Fips - ok
14:34:27.0968 4020 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:34:28.0421 4020 Flpydisk - ok
14:34:28.0437 4020 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:34:28.0875 4020 FltMgr - ok
14:34:28.0937 4020 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
14:34:29.0171 4020 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
14:34:29.0171 4020 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
14:34:29.0203 4020 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:34:29.0343 4020 Fs_Rec - ok
14:34:29.0390 4020 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:34:29.0546 4020 Ftdisk - ok
14:34:29.0578 4020 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:34:29.0734 4020 Gpc - ok
14:34:29.0781 4020 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:34:29.0937 4020 HDAudBus - ok
14:34:29.0968 4020 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:34:30.0109 4020 hidusb - ok
14:34:30.0125 4020 hpn - ok
14:34:30.0171 4020 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:34:30.0312 4020 HTTP - ok
14:34:30.0328 4020 i2omgmt - ok
14:34:30.0343 4020 i2omp - ok
14:34:30.0359 4020 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:34:30.0515 4020 i8042prt - ok
14:34:30.0546 4020 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:34:30.0703 4020 Imapi - ok
14:34:30.0718 4020 ini910u - ok
14:34:30.0843 4020 IntcAzAudAddService (b12a9fc49cd2765a43829d834f518aed) C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:34:31.0078 4020 IntcAzAudAddService - ok
14:34:31.0125 4020 IntelIde - ok
14:34:31.0171 4020 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:34:31.0312 4020 Ip6Fw - ok
14:34:31.0343 4020 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:34:31.0500 4020 IpFilterDriver - ok
14:34:31.0531 4020 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:34:31.0656 4020 IpInIp - ok
14:34:31.0671 4020 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:34:31.0828 4020 IpNat - ok
14:34:31.0843 4020 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:34:31.0984 4020 IPSec - ok
14:34:32.0015 4020 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:34:32.0093 4020 IRENUM - ok
14:34:32.0125 4020 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:34:32.0250 4020 isapnp - ok
14:34:32.0265 4020 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:34:32.0390 4020 Kbdclass - ok
14:34:32.0421 4020 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:34:32.0562 4020 kbdhid - ok
14:34:32.0593 4020 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:34:32.0765 4020 kmixer - ok
14:34:32.0781 4020 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:34:32.0906 4020 KSecDD - ok
14:34:32.0921 4020 lbrtfdc - ok
14:34:32.0968 4020 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:34:33.0125 4020 mnmdd - ok
14:34:33.0156 4020 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
14:34:33.0312 4020 Modem - ok
14:34:33.0328 4020 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:34:33.0468 4020 Mouclass - ok
14:34:33.0484 4020 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:34:33.0656 4020 mouhid - ok
14:34:33.0671 4020 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:34:33.0812 4020 MountMgr - ok
14:34:33.0828 4020 mraid35x - ok
14:34:33.0859 4020 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:34:34.0015 4020 MRxDAV - ok
14:34:34.0062 4020 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:34:34.0187 4020 MRxSmb - ok
14:34:34.0375 4020 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:34:34.0515 4020 Msfs - ok
14:34:34.0562 4020 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:34:34.0718 4020 MSKSSRV - ok
14:34:34.0718 4020 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:34:34.0859 4020 MSPCLOCK - ok
14:34:34.0875 4020 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:34:35.0031 4020 MSPQM - ok
14:34:35.0046 4020 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:34:35.0171 4020 mssmbios - ok
14:34:35.0218 4020 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
14:34:35.0281 4020 MTsensor - ok
14:34:35.0328 4020 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:34:35.0375 4020 Mup - ok
14:34:35.0421 4020 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:34:35.0562 4020 NDIS - ok
14:34:35.0593 4020 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:34:35.0640 4020 NdisTapi - ok
14:34:35.0671 4020 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:34:35.0828 4020 Ndisuio - ok
14:34:35.0843 4020 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:34:35.0984 4020 NdisWan - ok
14:34:36.0000 4020 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:34:36.0109 4020 NDProxy - ok
14:34:36.0125 4020 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:34:36.0296 4020 NetBIOS - ok
14:34:36.0312 4020 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:34:36.0484 4020 NetBT - ok
14:34:36.0515 4020 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:34:36.0671 4020 NIC1394 - ok
14:34:36.0687 4020 Normandy - ok
14:34:36.0703 4020 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:34:36.0843 4020 Npfs - ok
14:34:36.0875 4020 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:34:37.0031 4020 Ntfs - ok
14:34:37.0046 4020 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:34:37.0203 4020 Null - ok
14:34:37.0312 4020 nv (9e1f2f09e34c92a96b9900b6a45d5026) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:34:37.0531 4020 nv - ok
14:34:37.0593 4020 NVENETFD (2a7a2c6ab9631028b6e3a4159aa65705) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
14:34:37.0656 4020 NVENETFD - ok
14:34:37.0687 4020 nvnetbus (20526a8827dc0956b5526aebcb6751a0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
14:34:37.0718 4020 nvnetbus - ok
14:34:37.0750 4020 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:34:37.0890 4020 NwlnkFlt - ok
14:34:37.0921 4020 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:34:38.0062 4020 NwlnkFwd - ok
14:34:38.0093 4020 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:34:38.0250 4020 ohci1394 - ok
14:34:38.0281 4020 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
14:34:38.0406 4020 Parport - ok
14:34:38.0421 4020 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:34:38.0562 4020 PartMgr - ok
14:34:38.0578 4020 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
14:34:38.0718 4020 ParVdm - ok
14:34:38.0750 4020 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
14:34:38.0796 4020 pccsmcfd - ok
14:34:38.0812 4020 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
14:34:38.0953 4020 PCI - ok
14:34:38.0968 4020 PCIDump - ok
14:34:38.0984 4020 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:34:39.0109 4020 PCIIde - ok
14:34:39.0140 4020 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:34:39.0296 4020 Pcmcia - ok
14:34:39.0296 4020 PDCOMP - ok
14:34:39.0312 4020 PDFRAME - ok
14:34:39.0328 4020 PDRELI - ok
14:34:39.0343 4020 PDRFRAME - ok
14:34:39.0343 4020 perc2 - ok
14:34:39.0359 4020 perc2hib - ok
14:34:39.0406 4020 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:34:39.0546 4020 PptpMiniport - ok
14:34:39.0562 4020 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
14:34:39.0734 4020 Processor - ok
14:34:39.0781 4020 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:34:39.0921 4020 PSched - ok
14:34:39.0937 4020 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:34:40.0078 4020 Ptilink - ok
14:34:40.0078 4020 ql1080 - ok
14:34:40.0093 4020 Ql10wnt - ok
14:34:40.0109 4020 ql12160 - ok
14:34:40.0125 4020 ql1240 - ok
14:34:40.0140 4020 ql1280 - ok
14:34:40.0140 4020 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:34:40.0281 4020 RasAcd - ok
14:34:40.0296 4020 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:34:40.0437 4020 Rasl2tp - ok
14:34:40.0468 4020 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:34:40.0609 4020 RasPppoe - ok
14:34:40.0625 4020 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:34:40.0781 4020 Raspti - ok
14:34:40.0812 4020 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:34:40.0968 4020 Rdbss - ok
14:34:41.0000 4020 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:34:41.0140 4020 RDPCDD - ok
14:34:41.0171 4020 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:34:41.0328 4020 rdpdr - ok
14:34:41.0375 4020 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
14:34:41.0421 4020 RDPWD - ok
14:34:41.0453 4020 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:34:41.0578 4020 redbook - ok
14:34:41.0640 4020 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\WINDOWS\system32\DRIVERS\s0016bus.sys
14:34:41.0656 4020 s0016bus - ok
14:34:41.0703 4020 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
14:34:41.0718 4020 s0016mdfl - ok
14:34:41.0750 4020 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
14:34:41.0781 4020 s0016mdm - ok
14:34:41.0812 4020 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
14:34:41.0828 4020 s0016mgmt - ok
14:34:41.0859 4020 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
14:34:41.0875 4020 s0016nd5 - ok
14:34:41.0906 4020 s0016obex (36792935847143e4a3cda0dc87248487) C:\WINDOWS\system32\DRIVERS\s0016obex.sys
14:34:41.0937 4020 s0016obex - ok
14:34:41.0953 4020 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\WINDOWS\system32\DRIVERS\s0016unic.sys
14:34:41.0968 4020 s0016unic - ok
14:34:42.0015 4020 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\WINDOWS\system32\DRIVERS\s1018bus.sys
14:34:42.0031 4020 s1018bus - ok
14:34:42.0046 4020 s1018mdfl (38f5ea219593f19b6b3a1b9c169e3b61) C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys
14:34:42.0078 4020 s1018mdfl - ok
14:34:42.0093 4020 s1018mdm (666af6b64fc7df92d3ca4819ea91631d) C:\WINDOWS\system32\DRIVERS\s1018mdm.sys
14:34:42.0109 4020 s1018mdm - ok
14:34:42.0140 4020 s1018mgmt (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys
14:34:42.0265 4020 s1018mgmt - ok
14:34:42.0296 4020 s1018nd5 (3622d9ff2253dcbe885b10736609a4ca) C:\WINDOWS\system32\DRIVERS\s1018nd5.sys
14:34:42.0312 4020 s1018nd5 - ok
14:34:42.0328 4020 s1018obex (49431efda842b474531c29ffae9f5d09) C:\WINDOWS\system32\DRIVERS\s1018obex.sys
14:34:42.0359 4020 s1018obex - ok
14:34:42.0359 4020 s1018unic (ac6b514cb4474f4c867d7cdc9cd54f05) C:\WINDOWS\system32\DRIVERS\s1018unic.sys
14:34:42.0390 4020 s1018unic - ok
14:34:42.0625 4020 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
14:34:42.0656 4020 SASDIFSV - ok
14:34:42.0671 4020 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
14:34:42.0703 4020 SASKUTIL - ok
14:34:42.0750 4020 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:34:42.0828 4020 Secdrv - ok
14:34:42.0859 4020 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:34:43.0000 4020 serenum - ok
14:34:43.0031 4020 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
14:34:43.0171 4020 Serial - ok
14:34:43.0203 4020 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:34:43.0343 4020 Sfloppy - ok
14:34:43.0359 4020 Simbad - ok
14:34:43.0406 4020 snapman (09cc90606bae4341766738f1277d5a86) C:\WINDOWS\system32\DRIVERS\snapman.sys
14:34:43.0453 4020 snapman - ok
14:34:43.0468 4020 Sparrow - ok
14:34:43.0500 4020 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:34:43.0640 4020 splitter - ok
14:34:43.0671 4020 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
14:34:43.0750 4020 sr - ok
14:34:43.0796 4020 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:34:43.0875 4020 Srv - ok
14:34:43.0921 4020 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:34:43.0937 4020 ssmdrv - ok
14:34:43.0968 4020 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
14:34:44.0000 4020 ss_bbus - ok
14:34:44.0031 4020 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
14:34:44.0046 4020 ss_bmdfl - ok
14:34:44.0078 4020 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
14:34:44.0109 4020 ss_bmdm - ok
14:34:44.0140 4020 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
14:34:44.0171 4020 StarOpen ( UnsignedFile.Multi.Generic ) - warning
14:34:44.0171 4020 StarOpen - detected UnsignedFile.Multi.Generic (1)
14:34:44.0218 4020 SummaUSB (a72b07c6d8f9889cd01e399e5c653d39) C:\WINDOWS\system32\Drivers\XPSP2USB.sys
14:34:44.0250 4020 SummaUSB ( UnsignedFile.Multi.Generic ) - warning
14:34:44.0250 4020 SummaUSB - detected UnsignedFile.Multi.Generic (1)
14:34:44.0281 4020 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:34:44.0421 4020 swenum - ok
14:34:44.0453 4020 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:34:44.0593 4020 swmidi - ok
14:34:44.0625 4020 symc810 - ok
14:34:44.0640 4020 symc8xx - ok
14:34:44.0640 4020 sym_hi - ok
14:34:44.0656 4020 sym_u3 - ok
14:34:44.0687 4020 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:34:44.0812 4020 sysaudio - ok
14:34:44.0859 4020 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:34:45.0000 4020 Tcpip - ok
14:34:45.0031 4020 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:34:45.0156 4020 TDPIPE - ok
14:34:45.0187 4020 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:34:45.0328 4020 TDTCP - ok
14:34:45.0359 4020 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:34:45.0500 4020 TermDD - ok
14:34:45.0531 4020 tifsfilter (d352fff2a623b916c08ceacbfc8b5c32) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
14:34:45.0578 4020 tifsfilter - ok
14:34:45.0609 4020 timounter (64694b2a5c772e1c61feac300ed90ca6) C:\WINDOWS\system32\DRIVERS\timntr.sys
14:34:45.0656 4020 timounter - ok
14:34:45.0671 4020 TosIde - ok
14:34:45.0718 4020 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:34:45.0843 4020 Udfs - ok
14:34:45.0859 4020 ultra - ok
14:34:45.0890 4020 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:34:46.0046 4020 Update - ok
14:34:46.0062 4020 USBAAPL - ok
14:34:46.0078 4020 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:34:46.0234 4020 usbehci - ok
14:34:46.0265 4020 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:34:46.0421 4020 usbhub - ok
14:34:46.0453 4020 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:34:46.0578 4020 usbohci - ok
14:34:46.0593 4020 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:34:46.0734 4020 usbscan - ok
14:34:46.0765 4020 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:34:46.0906 4020 usbstor - ok
14:34:46.0937 4020 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:34:47.0093 4020 VgaSave - ok
14:34:47.0093 4020 ViaIde - ok
14:34:47.0140 4020 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
14:34:47.0265 4020 VolSnap - ok
14:34:47.0312 4020 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:34:47.0468 4020 Wanarp - ok
14:34:47.0484 4020 wceusbsh (dc7f91b2ed24a738c807ea07f298928c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
14:34:47.0578 4020 wceusbsh - ok
14:34:47.0593 4020 WDICA - ok
14:34:47.0625 4020 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:34:47.0765 4020 wdmaud - ok
14:34:47.0843 4020 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:34:47.0921 4020 WpdUsb - ok
14:34:47.0968 4020 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:34:48.0046 4020 WudfPf - ok
14:34:48.0062 4020 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:34:48.0078 4020 WudfRd - ok
14:34:48.0109 4020 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
14:34:48.0281 4020 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:34:48.0281 4020 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:34:48.0312 4020 Boot (0x1200) (b84d3cb01c9a148779064a0e8e64d45a) \Device\Harddisk0\DR0\Partition0
14:34:48.0312 4020 \Device\Harddisk0\DR0\Partition0 - ok
14:34:48.0343 4020 Boot (0x1200) (b8c937100863b6a927f92c846c01378a) \Device\Harddisk0\DR0\Partition1
14:34:48.0343 4020 \Device\Harddisk0\DR0\Partition1 - ok
14:34:48.0343 4020 ============================================================
14:34:48.0343 4020 Scan finished
14:34:48.0343 4020 ============================================================
14:34:48.0468 2552 Detected object count: 5
14:34:48.0468 2552 Actual detected object count: 5
14:42:01.0250 2552 DSSUSBF ( UnsignedFile.Multi.Generic ) - skipped by user
14:42:01.0250 2552 DSSUSBF ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:42:01.0250 2552 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
14:42:01.0250 2552 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:42:01.0250 2552 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
14:42:01.0250 2552 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:42:01.0250 2552 SummaUSB ( UnsignedFile.Multi.Generic ) - skipped by user
14:42:01.0250 2552 SummaUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:42:01.0250 2552 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:42:01.0250 2552 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
10.02.2012, 16:11
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun?Zitat:
__________________ --> Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? |
|
10.02.2012, 17:00
| #7 |
| | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Lieber Cosinus, wie soll ich das löschen? Hab keinen Plan - eh wieder was verkehrt wird... Muss ich da auf Scan gehen oder?  |
|
10.02.2012, 18:35
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Ja, d musst nochmal scannen und am Ende werden dir die Einträge präsentiert. Dort bitte nur TDSS File SYSTEM fixen (löschen => delete!)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.02.2012, 10:17
| #9 |
| | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Hallo - hier ist das Log: Code:
ATTFilter 10:06:04.0906 2404 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
10:06:05.0093 2404 ============================================================
10:06:05.0093 2404 Current date / time: 2012/02/11 10:06:05.0093
10:06:05.0093 2404 SystemInfo:
10:06:05.0093 2404
10:06:05.0093 2404 OS Version: 5.1.2600 ServicePack: 3.0
10:06:05.0093 2404 Product type: Workstation
10:06:05.0093 2404 ComputerName: PC-SERVER
10:06:05.0234 2404 UserName: ***
10:06:05.0250 2404 Windows directory: C:\WINDOWS
10:06:05.0250 2404 System windows directory: C:\WINDOWS
10:06:05.0250 2404 Processor architecture: Intel x86
10:06:05.0250 2404 Number of processors: 1
10:06:05.0250 2404 Page size: 0x1000
10:06:05.0250 2404 Boot type: Normal boot
10:06:05.0265 2404 ============================================================
10:06:08.0234 2404 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:06:08.0265 2404 \Device\Harddisk0\DR0:
10:06:08.0265 2404 MBR used
10:06:08.0265 2404 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x88B8F9D
10:06:08.0296 2404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x88B901B, BlocksNum 0x149076A5
10:06:08.0484 2404 Initialize success
10:06:08.0484 2404 ============================================================
10:06:38.0187 4020 ============================================================
10:06:38.0187 4020 Scan started
10:06:38.0187 4020 Mode: Manual; SigCheck; TDLFS;
10:06:38.0187 4020 ============================================================
10:06:38.0875 4020 Abiosdsk - ok
10:06:38.0890 4020 abp480n5 - ok
10:06:38.0937 4020 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:06:39.0765 4020 ACPI - ok
10:06:39.0859 4020 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:06:40.0015 4020 ACPIEC - ok
10:06:40.0031 4020 adpu160m - ok
10:06:40.0062 4020 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:06:40.0218 4020 aec - ok
10:06:40.0250 4020 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
10:06:40.0281 4020 AFD - ok
10:06:40.0281 4020 Aha154x - ok
10:06:40.0296 4020 aic78u2 - ok
10:06:40.0312 4020 aic78xx - ok
10:06:40.0328 4020 AliIde - ok
10:06:40.0343 4020 amsint - ok
10:06:40.0375 4020 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:06:40.0515 4020 Arp1394 - ok
10:06:40.0515 4020 asc - ok
10:06:40.0531 4020 asc3350p - ok
10:06:40.0546 4020 asc3550 - ok
10:06:40.0578 4020 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:06:40.0765 4020 AsyncMac - ok
10:06:40.0781 4020 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:06:40.0921 4020 atapi - ok
10:06:40.0921 4020 Atdisk - ok
10:06:40.0953 4020 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:06:41.0078 4020 Atmarpc - ok
10:06:41.0125 4020 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:06:41.0250 4020 audstub - ok
10:06:41.0359 4020 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
10:06:41.0375 4020 avgio - ok
10:06:41.0421 4020 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
10:06:41.0484 4020 avgntflt - ok
10:06:41.0515 4020 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
10:06:41.0531 4020 avipbb - ok
10:06:41.0562 4020 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:06:41.0703 4020 Beep - ok
10:06:41.0734 4020 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:06:41.0906 4020 cbidf2k - ok
10:06:41.0906 4020 cd20xrnt - ok
10:06:41.0937 4020 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:06:42.0078 4020 Cdaudio - ok
10:06:42.0109 4020 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:06:42.0265 4020 Cdfs - ok
10:06:42.0296 4020 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:06:42.0421 4020 Cdrom - ok
10:06:42.0437 4020 Changer - ok
10:06:42.0453 4020 CmdIde - ok
10:06:42.0484 4020 Cpqarray - ok
10:06:42.0500 4020 dac2w2k - ok
10:06:42.0515 4020 dac960nt - ok
10:06:42.0531 4020 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:06:42.0687 4020 Disk - ok
10:06:42.0734 4020 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
10:06:42.0906 4020 dmboot - ok
10:06:42.0921 4020 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\DRIVERS\dmio.sys
10:06:43.0062 4020 dmio - ok
10:06:43.0078 4020 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:06:43.0203 4020 dmload - ok
10:06:43.0250 4020 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:06:43.0390 4020 DMusic - ok
10:06:43.0406 4020 dpti2o - ok
10:06:43.0421 4020 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:06:43.0562 4020 drmkaud - ok
10:06:43.0593 4020 DSSUSBF (a539daae5463f8d3acdbce50c7d20740) C:\WINDOWS\system32\DRIVERS\DSSUSBF.sys
10:06:43.0609 4020 DSSUSBF ( UnsignedFile.Multi.Generic ) - warning
10:06:43.0609 4020 DSSUSBF - detected UnsignedFile.Multi.Generic (1)
10:06:43.0656 4020 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:06:43.0796 4020 Fastfat - ok
10:06:43.0812 4020 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
10:06:43.0953 4020 Fdc - ok
10:06:43.0968 4020 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
10:06:44.0109 4020 Fips - ok
10:06:44.0140 4020 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
10:06:44.0281 4020 Flpydisk - ok
10:06:44.0296 4020 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:06:44.0437 4020 FltMgr - ok
10:06:44.0484 4020 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
10:06:44.0515 4020 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
10:06:44.0515 4020 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
10:06:44.0546 4020 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:06:44.0671 4020 Fs_Rec - ok
10:06:44.0703 4020 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:06:44.0875 4020 Ftdisk - ok
10:06:44.0890 4020 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:06:45.0031 4020 Gpc - ok
10:06:45.0078 4020 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:06:45.0203 4020 HDAudBus - ok
10:06:45.0234 4020 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:06:45.0375 4020 hidusb - ok
10:06:45.0390 4020 hpn - ok
10:06:45.0453 4020 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:06:45.0500 4020 HTTP - ok
10:06:45.0515 4020 i2omgmt - ok
10:06:45.0531 4020 i2omp - ok
10:06:45.0562 4020 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:06:45.0718 4020 i8042prt - ok
10:06:45.0750 4020 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
10:06:45.0890 4020 Imapi - ok
10:06:45.0906 4020 ini910u - ok
10:06:46.0031 4020 IntcAzAudAddService (b12a9fc49cd2765a43829d834f518aed) C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:06:46.0218 4020 IntcAzAudAddService - ok
10:06:46.0265 4020 IntelIde - ok
10:06:46.0296 4020 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:06:46.0437 4020 Ip6Fw - ok
10:06:46.0468 4020 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:06:46.0656 4020 IpFilterDriver - ok
10:06:46.0671 4020 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:06:46.0796 4020 IpInIp - ok
10:06:46.0828 4020 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:06:46.0953 4020 IpNat - ok
10:06:46.0968 4020 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:06:47.0109 4020 IPSec - ok
10:06:47.0140 4020 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:06:47.0203 4020 IRENUM - ok
10:06:47.0218 4020 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:06:47.0359 4020 isapnp - ok
10:06:47.0375 4020 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:06:47.0500 4020 Kbdclass - ok
10:06:47.0531 4020 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:06:47.0671 4020 kbdhid - ok
10:06:47.0687 4020 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:06:47.0828 4020 kmixer - ok
10:06:47.0859 4020 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:06:47.0953 4020 KSecDD - ok
10:06:47.0968 4020 lbrtfdc - ok
10:06:48.0031 4020 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:06:48.0156 4020 mnmdd - ok
10:06:48.0187 4020 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
10:06:48.0328 4020 Modem - ok
10:06:48.0359 4020 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:06:48.0484 4020 Mouclass - ok
10:06:48.0500 4020 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:06:48.0640 4020 mouhid - ok
10:06:48.0640 4020 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:06:48.0796 4020 MountMgr - ok
10:06:48.0796 4020 mraid35x - ok
10:06:48.0828 4020 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:06:48.0984 4020 MRxDAV - ok
10:06:49.0031 4020 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:06:49.0078 4020 MRxSmb - ok
10:06:49.0093 4020 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:06:49.0234 4020 Msfs - ok
10:06:49.0281 4020 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:06:49.0406 4020 MSKSSRV - ok
10:06:49.0437 4020 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:06:49.0593 4020 MSPCLOCK - ok
10:06:49.0593 4020 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:06:49.0718 4020 MSPQM - ok
10:06:49.0734 4020 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:06:49.0875 4020 mssmbios - ok
10:06:49.0921 4020 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
10:06:49.0953 4020 MTsensor - ok
10:06:49.0984 4020 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
10:06:50.0015 4020 Mup - ok
10:06:50.0031 4020 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:06:50.0171 4020 NDIS - ok
10:06:50.0218 4020 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:06:50.0234 4020 NdisTapi - ok
10:06:50.0281 4020 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:06:50.0421 4020 Ndisuio - ok
10:06:50.0437 4020 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:06:50.0593 4020 NdisWan - ok
10:06:50.0625 4020 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
10:06:50.0671 4020 NDProxy - ok
10:06:50.0687 4020 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:06:50.0828 4020 NetBIOS - ok
10:06:50.0843 4020 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:06:50.0984 4020 NetBT - ok
10:06:51.0031 4020 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:06:51.0171 4020 NIC1394 - ok
10:06:51.0203 4020 Normandy - ok
10:06:51.0218 4020 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:06:51.0343 4020 Npfs - ok
10:06:51.0375 4020 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:06:51.0531 4020 Ntfs - ok
10:06:51.0546 4020 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:06:51.0687 4020 Null - ok
10:06:51.0796 4020 nv (9e1f2f09e34c92a96b9900b6a45d5026) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:06:52.0031 4020 nv - ok
10:06:52.0125 4020 NVENETFD (2a7a2c6ab9631028b6e3a4159aa65705) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
10:06:52.0171 4020 NVENETFD - ok
10:06:52.0203 4020 nvnetbus (20526a8827dc0956b5526aebcb6751a0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
10:06:52.0234 4020 nvnetbus - ok
10:06:52.0250 4020 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:06:52.0390 4020 NwlnkFlt - ok
10:06:52.0421 4020 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:06:52.0546 4020 NwlnkFwd - ok
10:06:52.0593 4020 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:06:52.0718 4020 ohci1394 - ok
10:06:52.0750 4020 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
10:06:52.0875 4020 Parport - ok
10:06:52.0890 4020 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:06:53.0031 4020 PartMgr - ok
10:06:53.0078 4020 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
10:06:53.0187 4020 ParVdm - ok
10:06:53.0218 4020 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:06:53.0234 4020 pccsmcfd - ok
10:06:53.0250 4020 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
10:06:53.0390 4020 PCI - ok
10:06:53.0406 4020 PCIDump - ok
10:06:53.0437 4020 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:06:53.0546 4020 PCIIde - ok
10:06:53.0578 4020 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:06:53.0734 4020 Pcmcia - ok
10:06:53.0734 4020 PDCOMP - ok
10:06:53.0750 4020 PDFRAME - ok
10:06:53.0765 4020 PDRELI - ok
10:06:53.0781 4020 PDRFRAME - ok
10:06:53.0796 4020 perc2 - ok
10:06:53.0796 4020 perc2hib - ok
10:06:53.0843 4020 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:06:53.0968 4020 PptpMiniport - ok
10:06:53.0984 4020 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
10:06:54.0125 4020 Processor - ok
10:06:54.0171 4020 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:06:54.0296 4020 PSched - ok
10:06:54.0312 4020 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:06:54.0437 4020 Ptilink - ok
10:06:54.0453 4020 ql1080 - ok
10:06:54.0468 4020 Ql10wnt - ok
10:06:54.0484 4020 ql12160 - ok
10:06:54.0500 4020 ql1240 - ok
10:06:54.0500 4020 ql1280 - ok
10:06:54.0531 4020 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:06:54.0656 4020 RasAcd - ok
10:06:54.0687 4020 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:06:54.0906 4020 Rasl2tp - ok
10:06:54.0921 4020 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:06:55.0062 4020 RasPppoe - ok
10:06:55.0062 4020 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:06:55.0203 4020 Raspti - ok
10:06:55.0234 4020 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:06:55.0359 4020 Rdbss - ok
10:06:55.0421 4020 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:06:55.0578 4020 RDPCDD - ok
10:06:55.0625 4020 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:06:55.0765 4020 rdpdr - ok
10:06:55.0796 4020 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
10:06:55.0843 4020 RDPWD - ok
10:06:55.0875 4020 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:06:56.0000 4020 redbook - ok
10:06:56.0062 4020 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\WINDOWS\system32\DRIVERS\s0016bus.sys
10:06:56.0078 4020 s0016bus - ok
10:06:56.0125 4020 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
10:06:56.0140 4020 s0016mdfl - ok
10:06:56.0156 4020 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
10:06:56.0171 4020 s0016mdm - ok
10:06:56.0187 4020 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
10:06:56.0203 4020 s0016mgmt - ok
10:06:56.0234 4020 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
10:06:56.0250 4020 s0016nd5 - ok
10:06:56.0265 4020 s0016obex (36792935847143e4a3cda0dc87248487) C:\WINDOWS\system32\DRIVERS\s0016obex.sys
10:06:56.0281 4020 s0016obex - ok
10:06:56.0296 4020 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\WINDOWS\system32\DRIVERS\s0016unic.sys
10:06:56.0312 4020 s0016unic - ok
10:06:56.0359 4020 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\WINDOWS\system32\DRIVERS\s1018bus.sys
10:06:56.0375 4020 s1018bus - ok
10:06:56.0406 4020 s1018mdfl (38f5ea219593f19b6b3a1b9c169e3b61) C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys
10:06:56.0421 4020 s1018mdfl - ok
10:06:56.0437 4020 s1018mdm (666af6b64fc7df92d3ca4819ea91631d) C:\WINDOWS\system32\DRIVERS\s1018mdm.sys
10:06:56.0453 4020 s1018mdm - ok
10:06:56.0484 4020 s1018mgmt (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys
10:06:56.0578 4020 s1018mgmt - ok
10:06:56.0609 4020 s1018nd5 (3622d9ff2253dcbe885b10736609a4ca) C:\WINDOWS\system32\DRIVERS\s1018nd5.sys
10:06:56.0625 4020 s1018nd5 - ok
10:06:56.0640 4020 s1018obex (49431efda842b474531c29ffae9f5d09) C:\WINDOWS\system32\DRIVERS\s1018obex.sys
10:06:56.0656 4020 s1018obex - ok
10:06:56.0671 4020 s1018unic (ac6b514cb4474f4c867d7cdc9cd54f05) C:\WINDOWS\system32\DRIVERS\s1018unic.sys
10:06:56.0687 4020 s1018unic - ok
10:06:56.0781 4020 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
10:06:56.0781 4020 SASDIFSV - ok
10:06:56.0828 4020 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
10:06:56.0843 4020 SASKUTIL - ok
10:06:56.0890 4020 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:06:56.0968 4020 Secdrv - ok
10:06:56.0984 4020 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:06:57.0125 4020 serenum - ok
10:06:57.0156 4020 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
10:06:57.0296 4020 Serial - ok
10:06:57.0328 4020 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:06:57.0453 4020 Sfloppy - ok
10:06:57.0468 4020 Simbad - ok
10:06:57.0515 4020 snapman (09cc90606bae4341766738f1277d5a86) C:\WINDOWS\system32\DRIVERS\snapman.sys
10:06:57.0531 4020 snapman - ok
10:06:57.0531 4020 Sparrow - ok
10:06:57.0578 4020 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:06:57.0750 4020 splitter - ok
10:06:57.0859 4020 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
10:06:57.0937 4020 sr - ok
10:06:58.0000 4020 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
10:06:58.0046 4020 Srv - ok
10:06:58.0078 4020 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
10:06:58.0093 4020 ssmdrv - ok
10:06:58.0140 4020 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
10:06:58.0156 4020 ss_bbus - ok
10:06:58.0171 4020 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
10:06:58.0187 4020 ss_bmdfl - ok
10:06:58.0203 4020 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
10:06:58.0234 4020 ss_bmdm - ok
10:06:58.0265 4020 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
10:06:58.0281 4020 StarOpen ( UnsignedFile.Multi.Generic ) - warning
10:06:58.0281 4020 StarOpen - detected UnsignedFile.Multi.Generic (1)
10:06:58.0328 4020 SummaUSB (a72b07c6d8f9889cd01e399e5c653d39) C:\WINDOWS\system32\Drivers\XPSP2USB.sys
10:06:58.0343 4020 SummaUSB ( UnsignedFile.Multi.Generic ) - warning
10:06:58.0343 4020 SummaUSB - detected UnsignedFile.Multi.Generic (1)
10:06:58.0390 4020 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:06:58.0500 4020 swenum - ok
10:06:58.0531 4020 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:06:58.0656 4020 swmidi - ok
10:06:58.0671 4020 symc810 - ok
10:06:58.0687 4020 symc8xx - ok
10:06:58.0703 4020 sym_hi - ok
10:06:58.0718 4020 sym_u3 - ok
10:06:58.0750 4020 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:06:58.0859 4020 sysaudio - ok
10:06:58.0921 4020 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:06:59.0000 4020 Tcpip - ok
10:06:59.0031 4020 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:06:59.0140 4020 TDPIPE - ok
10:06:59.0171 4020 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:06:59.0296 4020 TDTCP - ok
10:06:59.0312 4020 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:06:59.0437 4020 TermDD - ok
10:06:59.0484 4020 tifsfilter (d352fff2a623b916c08ceacbfc8b5c32) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
10:06:59.0500 4020 tifsfilter - ok
10:06:59.0531 4020 timounter (64694b2a5c772e1c61feac300ed90ca6) C:\WINDOWS\system32\DRIVERS\timntr.sys
10:06:59.0562 4020 timounter - ok
10:06:59.0578 4020 TosIde - ok
10:06:59.0593 4020 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:06:59.0718 4020 Udfs - ok
10:06:59.0718 4020 ultra - ok
10:06:59.0781 4020 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:06:59.0921 4020 Update - ok
10:06:59.0968 4020 USBAAPL - ok
10:07:00.0015 4020 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:07:00.0218 4020 usbehci - ok
10:07:00.0265 4020 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:07:00.0375 4020 usbhub - ok
10:07:00.0390 4020 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
10:07:00.0515 4020 usbohci - ok
10:07:00.0546 4020 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:07:00.0671 4020 usbscan - ok
10:07:00.0718 4020 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:07:00.0843 4020 usbstor - ok
10:07:00.0859 4020 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:07:00.0984 4020 VgaSave - ok
10:07:01.0000 4020 ViaIde - ok
10:07:01.0046 4020 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
10:07:01.0171 4020 VolSnap - ok
10:07:01.0203 4020 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:07:01.0343 4020 Wanarp - ok
10:07:01.0406 4020 wceusbsh (dc7f91b2ed24a738c807ea07f298928c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
10:07:01.0468 4020 wceusbsh - ok
10:07:01.0484 4020 WDICA - ok
10:07:01.0515 4020 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:07:01.0640 4020 wdmaud - ok
10:07:01.0718 4020 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:07:01.0781 4020 WpdUsb - ok
10:07:01.0812 4020 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:07:01.0859 4020 WudfPf - ok
10:07:01.0875 4020 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:07:01.0890 4020 WudfRd - ok
10:07:01.0937 4020 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
10:07:02.0093 4020 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:07:02.0093 4020 \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:07:02.0125 4020 Boot (0x1200) (b84d3cb01c9a148779064a0e8e64d45a) \Device\Harddisk0\DR0\Partition0
10:07:02.0281 4020 \Device\Harddisk0\DR0\Partition0 - ok
10:07:02.0296 4020 Boot (0x1200) (b8c937100863b6a927f92c846c01378a) \Device\Harddisk0\DR0\Partition1
10:07:02.0312 4020 \Device\Harddisk0\DR0\Partition1 - ok
10:07:02.0312 4020 ============================================================
10:07:02.0312 4020 Scan finished
10:07:02.0312 4020 ============================================================
10:07:02.0453 4036 Detected object count: 5
10:07:02.0453 4036 Actual detected object count: 5
10:08:12.0484 4036 DSSUSBF ( UnsignedFile.Multi.Generic ) - skipped by user
10:08:12.0484 4036 DSSUSBF ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:08:12.0484 4036 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
10:08:12.0484 4036 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:08:12.0484 4036 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
10:08:12.0484 4036 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:08:12.0484 4036 SummaUSB ( UnsignedFile.Multi.Generic ) - skipped by user
10:08:12.0484 4036 SummaUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:08:12.0578 4036 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
10:08:12.0625 4036 \Device\Harddisk0\DR0\TDLFS\tdl - copied to quarantine
10:08:12.0640 4036 \Device\Harddisk0\DR0\TDLFS\rsrc.dat - copied to quarantine
10:08:12.0656 4036 \Device\Harddisk0\DR0\TDLFS\tdlcmd.dll - copied to quarantine
10:08:12.0656 4036 \Device\Harddisk0\DR0\TDLFS\data.db - copied to quarantine
10:08:12.0656 4036 \Device\Harddisk0\DR0\TDLFS\data.js - copied to quarantine
10:08:12.0656 4036 \Device\Harddisk0\DR0\TDLFS - deleted
10:08:12.0656 4036 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
10:09:57.0859 3036 Deinitialize success
|
|
12.02.2012, 13:18
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Ja wurde gelöscht. Du solltest nach dem Löschen des TDSS File System einen neuen Scan mit dem TDSS-Killer machen und das neue Log posten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.02.2012, 13:32
| #11 |
| | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Lieber cosinus, ich kann das Log erst in ca. 2 Wochen machen, fahre jetzt für 2 Wochen weg. Lasst Ihr bitte den Thread offen? Ich melde mich dann in 2 Wochen. Ich danke Dir erstmal. lg chico |
|
12.02.2012, 14:06
| #12 |
| | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Hallo, habe doch noch fix das Log machen können, hier ist es: Ist das Teil nun runter? Meld mich in 2 Wochen. Code:
ATTFilter 14:01:59.0796 3948 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
14:02:00.0093 3948 ============================================================
14:02:00.0093 3948 Current date / time: 2012/02/12 14:02:00.0093
14:02:00.0093 3948 SystemInfo:
14:02:00.0093 3948
14:02:00.0093 3948 OS Version: 5.1.2600 ServicePack: 3.0
14:02:00.0093 3948 Product type: Workstation
14:02:00.0093 3948 ComputerName: PC-SERVER
14:02:00.0093 3948 UserName: ***
14:02:00.0093 3948 Windows directory: C:\WINDOWS
14:02:00.0093 3948 System windows directory: C:\WINDOWS
14:02:00.0093 3948 Processor architecture: Intel x86
14:02:00.0093 3948 Number of processors: 1
14:02:00.0093 3948 Page size: 0x1000
14:02:00.0093 3948 Boot type: Normal boot
14:02:00.0093 3948 ============================================================
14:02:03.0171 3948 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:02:03.0218 3948 \Device\Harddisk0\DR0:
14:02:03.0234 3948 MBR used
14:02:03.0234 3948 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x88B8F9D
14:02:03.0250 3948 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x88B901B, BlocksNum 0x149076A5
14:02:03.0484 3948 Initialize success
14:02:03.0484 3948 ============================================================
14:02:18.0390 2124 ============================================================
14:02:18.0390 2124 Scan started
14:02:18.0390 2124 Mode: Manual; SigCheck; TDLFS;
14:02:18.0390 2124 ============================================================
14:02:20.0312 2124 Abiosdsk - ok
14:02:20.0421 2124 abp480n5 - ok
14:02:20.0671 2124 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:02:26.0140 2124 ACPI - ok
14:02:26.0406 2124 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:02:26.0531 2124 ACPIEC - ok
14:02:26.0640 2124 adpu160m - ok
14:02:26.0765 2124 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:02:26.0968 2124 aec - ok
14:02:27.0031 2124 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:02:27.0125 2124 AFD - ok
14:02:27.0187 2124 Aha154x - ok
14:02:27.0234 2124 aic78u2 - ok
14:02:27.0250 2124 aic78xx - ok
14:02:27.0265 2124 AliIde - ok
14:02:27.0281 2124 amsint - ok
14:02:27.0343 2124 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:02:27.0453 2124 Arp1394 - ok
14:02:27.0468 2124 asc - ok
14:02:27.0484 2124 asc3350p - ok
14:02:27.0500 2124 asc3550 - ok
14:02:27.0531 2124 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:02:27.0671 2124 AsyncMac - ok
14:02:27.0703 2124 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:02:27.0828 2124 atapi - ok
14:02:27.0843 2124 Atdisk - ok
14:02:27.0875 2124 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:02:28.0000 2124 Atmarpc - ok
14:02:28.0046 2124 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:02:28.0171 2124 audstub - ok
14:02:28.0265 2124 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
14:02:28.0281 2124 avgio - ok
14:02:28.0296 2124 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:02:28.0312 2124 avgntflt - ok
14:02:28.0328 2124 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:02:28.0343 2124 avipbb - ok
14:02:28.0375 2124 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:02:28.0500 2124 Beep - ok
14:02:28.0531 2124 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:02:28.0671 2124 cbidf2k - ok
14:02:29.0062 2124 cd20xrnt - ok
14:02:29.0156 2124 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:02:29.0312 2124 Cdaudio - ok
14:02:29.0390 2124 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:02:29.0562 2124 Cdfs - ok
14:02:29.0640 2124 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:02:29.0796 2124 Cdrom - ok
14:02:29.0890 2124 Changer - ok
14:02:29.0953 2124 CmdIde - ok
14:02:30.0109 2124 Cpqarray - ok
14:02:30.0265 2124 dac2w2k - ok
14:02:30.0390 2124 dac960nt - ok
14:02:30.0546 2124 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:02:30.0703 2124 Disk - ok
14:02:31.0062 2124 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
14:02:31.0265 2124 dmboot - ok
14:02:31.0546 2124 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\DRIVERS\dmio.sys
14:02:31.0718 2124 dmio - ok
14:02:32.0156 2124 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:02:32.0296 2124 dmload - ok
14:02:32.0468 2124 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:02:32.0625 2124 DMusic - ok
14:02:32.0765 2124 dpti2o - ok
14:02:32.0906 2124 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:02:33.0015 2124 drmkaud - ok
14:02:33.0171 2124 DSSUSBF (a539daae5463f8d3acdbce50c7d20740) C:\WINDOWS\system32\DRIVERS\DSSUSBF.sys
14:02:33.0187 2124 DSSUSBF ( UnsignedFile.Multi.Generic ) - warning
14:02:33.0187 2124 DSSUSBF - detected UnsignedFile.Multi.Generic (1)
14:02:33.0359 2124 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:02:33.0531 2124 Fastfat - ok
14:02:33.0703 2124 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:02:33.0828 2124 Fdc - ok
14:02:34.0046 2124 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
14:02:34.0203 2124 Fips - ok
14:02:34.0406 2124 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:02:34.0546 2124 Flpydisk - ok
14:02:34.0625 2124 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:02:34.0796 2124 FltMgr - ok
14:02:34.0875 2124 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
14:02:34.0906 2124 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
14:02:34.0906 2124 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
14:02:34.0984 2124 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:02:35.0125 2124 Fs_Rec - ok
14:02:35.0406 2124 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:02:35.0546 2124 Ftdisk - ok
14:02:35.0843 2124 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:02:35.0984 2124 Gpc - ok
14:02:36.0484 2124 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:02:36.0625 2124 HDAudBus - ok
14:02:36.0843 2124 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:02:36.0984 2124 hidusb - ok
14:02:37.0125 2124 hpn - ok
14:02:37.0250 2124 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:02:37.0359 2124 HTTP - ok
14:02:37.0453 2124 i2omgmt - ok
14:02:37.0640 2124 i2omp - ok
14:02:37.0828 2124 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:02:37.0968 2124 i8042prt - ok
14:02:38.0125 2124 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:02:38.0390 2124 Imapi - ok
14:02:38.0468 2124 ini910u - ok
14:02:39.0453 2124 IntcAzAudAddService (b12a9fc49cd2765a43829d834f518aed) C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:02:40.0421 2124 IntcAzAudAddService - ok
14:02:40.0562 2124 IntelIde - ok
14:02:40.0703 2124 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:02:40.0843 2124 Ip6Fw - ok
14:02:41.0046 2124 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:02:41.0218 2124 IpFilterDriver - ok
14:02:41.0359 2124 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:02:41.0531 2124 IpInIp - ok
14:02:41.0609 2124 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:02:41.0750 2124 IpNat - ok
14:02:41.0796 2124 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:02:41.0937 2124 IPSec - ok
14:02:42.0046 2124 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:02:42.0125 2124 IRENUM - ok
14:02:42.0203 2124 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:02:42.0375 2124 isapnp - ok
14:02:42.0531 2124 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:02:42.0687 2124 Kbdclass - ok
14:02:42.0921 2124 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:02:43.0078 2124 kbdhid - ok
14:02:43.0187 2124 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:02:43.0328 2124 kmixer - ok
14:02:43.0546 2124 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:02:43.0656 2124 KSecDD - ok
14:02:43.0812 2124 lbrtfdc - ok
14:02:44.0109 2124 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:02:44.0281 2124 mnmdd - ok
14:02:44.0703 2124 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
14:02:44.0859 2124 Modem - ok
14:02:45.0203 2124 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:02:45.0359 2124 Mouclass - ok
14:02:45.0625 2124 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:02:45.0765 2124 mouhid - ok
14:02:45.0968 2124 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:02:46.0109 2124 MountMgr - ok
14:02:46.0156 2124 mraid35x - ok
14:02:46.0250 2124 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:02:46.0375 2124 MRxDAV - ok
14:02:46.0468 2124 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:02:46.0546 2124 MRxSmb - ok
14:02:46.0578 2124 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:02:46.0718 2124 Msfs - ok
14:02:46.0750 2124 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:02:46.0875 2124 MSKSSRV - ok
14:02:46.0890 2124 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:02:47.0015 2124 MSPCLOCK - ok
14:02:47.0031 2124 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:02:47.0156 2124 MSPQM - ok
14:02:47.0156 2124 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:02:47.0281 2124 mssmbios - ok
14:02:47.0328 2124 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
14:02:47.0375 2124 MTsensor - ok
14:02:47.0406 2124 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:02:47.0421 2124 Mup - ok
14:02:47.0437 2124 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:02:47.0578 2124 NDIS - ok
14:02:47.0609 2124 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:02:47.0640 2124 NdisTapi - ok
14:02:47.0671 2124 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:02:47.0796 2124 Ndisuio - ok
14:02:47.0828 2124 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:02:47.0937 2124 NdisWan - ok
14:02:47.0984 2124 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:02:48.0015 2124 NDProxy - ok
14:02:48.0046 2124 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:02:48.0156 2124 NetBIOS - ok
14:02:48.0203 2124 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:02:48.0328 2124 NetBT - ok
14:02:48.0359 2124 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:02:48.0515 2124 NIC1394 - ok
14:02:48.0531 2124 Normandy - ok
14:02:48.0546 2124 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:02:48.0671 2124 Npfs - ok
14:02:48.0687 2124 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:02:48.0812 2124 Ntfs - ok
14:02:48.0843 2124 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:02:48.0953 2124 Null - ok
14:02:49.0062 2124 nv (9e1f2f09e34c92a96b9900b6a45d5026) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:02:49.0281 2124 nv - ok
14:02:49.0359 2124 NVENETFD (2a7a2c6ab9631028b6e3a4159aa65705) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
14:02:49.0406 2124 NVENETFD - ok
14:02:49.0421 2124 nvnetbus (20526a8827dc0956b5526aebcb6751a0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
14:02:49.0453 2124 nvnetbus - ok
14:02:49.0484 2124 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:02:49.0609 2124 NwlnkFlt - ok
14:02:49.0640 2124 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:02:49.0750 2124 NwlnkFwd - ok
14:02:49.0796 2124 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:02:49.0921 2124 ohci1394 - ok
14:02:49.0953 2124 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
14:02:50.0062 2124 Parport - ok
14:02:50.0078 2124 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:02:50.0187 2124 PartMgr - ok
14:02:50.0218 2124 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
14:02:50.0328 2124 ParVdm - ok
14:02:50.0375 2124 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
14:02:50.0390 2124 pccsmcfd - ok
14:02:50.0406 2124 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
14:02:50.0515 2124 PCI - ok
14:02:50.0531 2124 PCIDump - ok
14:02:50.0546 2124 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:02:50.0671 2124 PCIIde - ok
14:02:50.0703 2124 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:02:50.0812 2124 Pcmcia - ok
14:02:50.0828 2124 PDCOMP - ok
14:02:50.0843 2124 PDFRAME - ok
14:02:50.0859 2124 PDRELI - ok
14:02:50.0859 2124 PDRFRAME - ok
14:02:50.0875 2124 perc2 - ok
14:02:50.0890 2124 perc2hib - ok
14:02:50.0921 2124 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:02:51.0031 2124 PptpMiniport - ok
14:02:51.0062 2124 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
14:02:51.0203 2124 Processor - ok
14:02:51.0218 2124 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:02:51.0328 2124 PSched - ok
14:02:51.0328 2124 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:02:51.0468 2124 Ptilink - ok
14:02:51.0468 2124 ql1080 - ok
14:02:51.0484 2124 Ql10wnt - ok
14:02:51.0500 2124 ql12160 - ok
14:02:51.0515 2124 ql1240 - ok
14:02:51.0515 2124 ql1280 - ok
14:02:51.0546 2124 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:02:51.0656 2124 RasAcd - ok
14:02:51.0687 2124 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:02:51.0796 2124 Rasl2tp - ok
14:02:51.0828 2124 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:02:51.0953 2124 RasPppoe - ok
14:02:51.0968 2124 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:02:52.0078 2124 Raspti - ok
14:02:52.0093 2124 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:02:52.0218 2124 Rdbss - ok
14:02:52.0250 2124 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:02:52.0359 2124 RDPCDD - ok
14:02:52.0390 2124 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:02:52.0515 2124 rdpdr - ok
14:02:52.0546 2124 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
14:02:52.0578 2124 RDPWD - ok
14:02:52.0593 2124 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:02:52.0703 2124 redbook - ok
14:02:52.0765 2124 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\WINDOWS\system32\DRIVERS\s0016bus.sys
14:02:52.0765 2124 s0016bus - ok
14:02:52.0812 2124 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
14:02:53.0046 2124 s0016mdfl - ok
14:02:53.0078 2124 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
14:02:53.0078 2124 s0016mdm - ok
14:02:53.0109 2124 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
14:02:53.0109 2124 s0016mgmt - ok
14:02:53.0140 2124 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
14:02:53.0140 2124 s0016nd5 - ok
14:02:53.0171 2124 s0016obex (36792935847143e4a3cda0dc87248487) C:\WINDOWS\system32\DRIVERS\s0016obex.sys
14:02:53.0171 2124 s0016obex - ok
14:02:53.0187 2124 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\WINDOWS\system32\DRIVERS\s0016unic.sys
14:02:53.0203 2124 s0016unic - ok
14:02:53.0250 2124 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\WINDOWS\system32\DRIVERS\s1018bus.sys
14:02:53.0250 2124 s1018bus - ok
14:02:53.0281 2124 s1018mdfl (38f5ea219593f19b6b3a1b9c169e3b61) C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys
14:02:53.0281 2124 s1018mdfl - ok
14:02:53.0296 2124 s1018mdm (666af6b64fc7df92d3ca4819ea91631d) C:\WINDOWS\system32\DRIVERS\s1018mdm.sys
14:02:53.0296 2124 s1018mdm - ok
14:02:53.0343 2124 s1018mgmt (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys
14:02:53.0406 2124 s1018mgmt - ok
14:02:53.0437 2124 s1018nd5 (3622d9ff2253dcbe885b10736609a4ca) C:\WINDOWS\system32\DRIVERS\s1018nd5.sys
14:02:53.0453 2124 s1018nd5 - ok
14:02:53.0468 2124 s1018obex (49431efda842b474531c29ffae9f5d09) C:\WINDOWS\system32\DRIVERS\s1018obex.sys
14:02:53.0468 2124 s1018obex - ok
14:02:53.0500 2124 s1018unic (ac6b514cb4474f4c867d7cdc9cd54f05) C:\WINDOWS\system32\DRIVERS\s1018unic.sys
14:02:53.0515 2124 s1018unic - ok
14:02:53.0593 2124 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
14:02:53.0593 2124 SASDIFSV - ok
14:02:53.0609 2124 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
14:02:53.0609 2124 SASKUTIL - ok
14:02:53.0656 2124 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:02:53.0734 2124 Secdrv - ok
14:02:53.0765 2124 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:02:53.0875 2124 serenum - ok
14:02:53.0890 2124 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
14:02:54.0046 2124 Serial - ok
14:02:54.0078 2124 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:02:54.0203 2124 Sfloppy - ok
14:02:54.0218 2124 Simbad - ok
14:02:54.0250 2124 snapman (09cc90606bae4341766738f1277d5a86) C:\WINDOWS\system32\DRIVERS\snapman.sys
14:02:54.0250 2124 snapman - ok
14:02:54.0265 2124 Sparrow - ok
14:02:54.0312 2124 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:02:54.0437 2124 splitter - ok
14:02:54.0468 2124 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
14:02:54.0515 2124 sr - ok
14:02:54.0562 2124 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:02:54.0593 2124 Srv - ok
14:02:54.0640 2124 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:02:54.0640 2124 ssmdrv - ok
14:02:54.0687 2124 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
14:02:54.0687 2124 ss_bbus - ok
14:02:54.0750 2124 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
14:02:54.0750 2124 ss_bmdfl - ok
14:02:54.0765 2124 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
14:02:54.0781 2124 ss_bmdm - ok
14:02:54.0812 2124 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
14:02:54.0843 2124 StarOpen ( UnsignedFile.Multi.Generic ) - warning
14:02:54.0843 2124 StarOpen - detected UnsignedFile.Multi.Generic (1)
14:02:54.0875 2124 SummaUSB (a72b07c6d8f9889cd01e399e5c653d39) C:\WINDOWS\system32\Drivers\XPSP2USB.sys
14:02:54.0890 2124 SummaUSB ( UnsignedFile.Multi.Generic ) - warning
14:02:54.0890 2124 SummaUSB - detected UnsignedFile.Multi.Generic (1)
14:02:54.0937 2124 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:02:55.0046 2124 swenum - ok
14:02:55.0062 2124 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:02:55.0187 2124 swmidi - ok
14:02:55.0203 2124 symc810 - ok
14:02:55.0218 2124 symc8xx - ok
14:02:55.0234 2124 sym_hi - ok
14:02:55.0250 2124 sym_u3 - ok
14:02:55.0265 2124 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:02:55.0359 2124 sysaudio - ok
14:02:55.0406 2124 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:02:55.0468 2124 Tcpip - ok
14:02:55.0500 2124 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:02:55.0609 2124 TDPIPE - ok
14:02:55.0640 2124 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:02:55.0750 2124 TDTCP - ok
14:02:55.0781 2124 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:02:55.0890 2124 TermDD - ok
14:02:55.0921 2124 tifsfilter (d352fff2a623b916c08ceacbfc8b5c32) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
14:02:55.0937 2124 tifsfilter - ok
14:02:55.0953 2124 timounter (64694b2a5c772e1c61feac300ed90ca6) C:\WINDOWS\system32\DRIVERS\timntr.sys
14:02:55.0968 2124 timounter - ok
14:02:55.0984 2124 TosIde - ok
14:02:56.0015 2124 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:02:56.0125 2124 Udfs - ok
14:02:56.0140 2124 ultra - ok
14:02:56.0187 2124 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:02:56.0312 2124 Update - ok
14:02:56.0343 2124 USBAAPL - ok
14:02:56.0359 2124 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:02:56.0484 2124 usbehci - ok
14:02:56.0515 2124 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:02:56.0640 2124 usbhub - ok
14:02:56.0656 2124 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:02:56.0765 2124 usbohci - ok
14:02:56.0796 2124 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:02:56.0921 2124 usbscan - ok
14:02:56.0953 2124 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:02:57.0062 2124 usbstor - ok
14:02:57.0109 2124 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:02:57.0218 2124 VgaSave - ok
14:02:57.0234 2124 ViaIde - ok
14:02:57.0281 2124 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
14:02:57.0406 2124 VolSnap - ok
14:02:57.0453 2124 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:02:57.0562 2124 Wanarp - ok
14:02:57.0593 2124 wceusbsh (dc7f91b2ed24a738c807ea07f298928c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
14:02:57.0625 2124 wceusbsh - ok
14:02:57.0640 2124 WDICA - ok
14:02:57.0671 2124 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:02:57.0781 2124 wdmaud - ok
14:02:57.0843 2124 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:02:57.0890 2124 WpdUsb - ok
14:02:57.0921 2124 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:02:57.0968 2124 WudfPf - ok
14:02:57.0968 2124 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:02:57.0984 2124 WudfRd - ok
14:02:58.0031 2124 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
14:02:58.0296 2124 \Device\Harddisk0\DR0 - ok
14:02:58.0312 2124 Boot (0x1200) (b84d3cb01c9a148779064a0e8e64d45a) \Device\Harddisk0\DR0\Partition0
14:02:58.0328 2124 \Device\Harddisk0\DR0\Partition0 - ok
14:02:58.0328 2124 Boot (0x1200) (b8c937100863b6a927f92c846c01378a) \Device\Harddisk0\DR0\Partition1
14:02:58.0328 2124 \Device\Harddisk0\DR0\Partition1 - ok
14:02:58.0328 2124 ============================================================
14:02:58.0328 2124 Scan finished
14:02:58.0328 2124 ============================================================
14:02:58.0453 2080 Detected object count: 4
14:02:58.0453 2080 Actual detected object count: 4
14:03:04.0015 2080 DSSUSBF ( UnsignedFile.Multi.Generic ) - skipped by user
14:03:04.0015 2080 DSSUSBF ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:03:04.0015 2080 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
14:03:04.0015 2080 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:03:04.0015 2080 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
14:03:04.0015 2080 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:03:04.0015 2080 SummaUSB ( UnsignedFile.Multi.Generic ) - skipped by user
14:03:04.0015 2080 SummaUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:03:11.0375 1272 Deinitialize success
|
|
12.02.2012, 14:52
| #13 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.02.2012, 16:13
| #14 |
| | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Hi Arne, bin zurück ausm Urlaub. Habe Combo Fix wie beschrieben ausgeführt. Habe kein automatisches Log bekommen, finde es auch nicht unter C... Soll ich das nochmal machen? Wo könnte das Log sein? Mit der Suchen-Funktion habe ich auch nix gefunden |
|
29.02.2012, 16:36
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und probier es bitte nochmal.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Avira hat TR/Maljava.A.43 und Exploits EXP/CVE-2011-3544.AZ gefunden - und nun? |
| antivir, antivir guard, avira, bildschirm, cdburnerxp, computer, defender, desktop, einstellungen, firefox, flash player, focus, format, google, google earth, helper, lexware, mozilla, olympus, plug-in, registry, rundll, scan, server, softonic, softonic deutsch toolbar, studio, svchost, system, trojaner, verweise, viren, visual studio, warnung, windows, windows internet, windows xp |
Hybrid-Darstellung
