Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.
Nachdem ich die mit TDSS gefundenen 8 Fehler mit "delete" entfernt habe, startete der Computer neu. Danach komme ich jetzt nicht mehr ins Netz und kann auch keine Mails aufrufen.
Bei firefox kommt folgende Fehlermeldung:
Code:
ATTFilter
XML-Verarbeitungsfehler: Nicht definierte Entität
Adresse: jar:jar:file:///C:/Dokumente%20und%20Einstellungen/meister/Anwendungsdaten/Mozilla/Firefox/Profiles/trwzs2hb.default/extensions/speedtest@gotomyhelp.com.xpi!/chrome/speedtest.jar!/content/netError.xhtml
Zeile Nr. 392, Spalte 33: <div id="ed_netOffline">&netOffline.longDesc;</div>
Das letzte log von TDSS sieht wie folgt aus:
Code:
ATTFilter
16:42:21.0062 6100 TDSS rootkit removing tool 2.7.14.0 Feb 22 2012 16:54:49
16:42:21.0171 6100 ============================================================
16:42:21.0171 6100 Current date / time: 2012/02/24 16:42:21.0171
16:42:21.0171 6100 SystemInfo:
16:42:21.0171 6100
16:42:21.0171 6100 OS Version: 5.1.2600 ServicePack: 3.0
16:42:21.0171 6100 Product type: Workstation
16:42:21.0171 6100 ComputerName: MEISTER-AE9E965
16:42:21.0171 6100 UserName: meister
16:42:21.0171 6100 Windows directory: C:\WINDOWS
16:42:21.0171 6100 System windows directory: C:\WINDOWS
16:42:21.0171 6100 Processor architecture: Intel x86
16:42:21.0171 6100 Number of processors: 2
16:42:21.0171 6100 Page size: 0x1000
16:42:21.0171 6100 Boot type: Normal boot
16:42:21.0171 6100 ============================================================
16:42:22.0406 6100 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:42:22.0406 6100 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:42:22.0406 6100 Drive \Device\Harddisk2\DR9 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:42:22.0421 6100 Drive \Device\Harddisk7\DR15 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:42:22.0421 6100 \Device\Harddisk0\DR0:
16:42:22.0421 6100 MBR used
16:42:22.0421 6100 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
16:42:22.0437 6100 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D1C06FF, BlocksNum 0x1D1C0681
16:42:22.0437 6100 \Device\Harddisk1\DR1:
16:42:22.0437 6100 MBR used
16:42:22.0437 6100 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x61B746A, BlocksNum 0x84C1299
16:42:22.0437 6100 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1D1C4581, BlocksNum 0x1D1C06C0
16:42:22.0437 6100 \Device\Harddisk2\DR9:
16:42:22.0437 6100 MBR used
16:42:22.0437 6100 \Device\Harddisk2\DR9\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
16:42:22.0437 6100 \Device\Harddisk7\DR15:
16:42:22.0437 6100 MBR used
16:42:22.0437 6100 \Device\Harddisk7\DR15\Partition0: MBR, Type 0x7, StartLBA 0x4388B380, BlocksNum 0x30E76780
16:42:22.0921 6100 Initialize success
16:42:22.0921 6100 ============================================================
16:42:32.0859 5780 ============================================================
16:42:32.0859 5780 Scan started
16:42:32.0859 5780 Mode: Manual; SigCheck; TDLFS;
16:42:32.0859 5780 ============================================================
16:42:33.0234 5780 Abiosdsk - ok
16:42:33.0234 5780 abp480n5 - ok
16:42:33.0265 5780 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:42:33.0750 5780 ACPI - ok
16:42:33.0843 5780 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:42:33.0921 5780 ACPIEC - ok
16:42:33.0937 5780 adpu160m - ok
16:42:33.0968 5780 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:42:34.0046 5780 aec - ok
16:42:34.0078 5780 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:42:34.0125 5780 AFD - ok
16:42:34.0125 5780 Aha154x - ok
16:42:34.0156 5780 aic78u2 - ok
16:42:34.0171 5780 aic78xx - ok
16:42:34.0171 5780 AliIde - ok
16:42:34.0187 5780 alxowhfb - ok
16:42:34.0250 5780 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
16:42:34.0343 5780 Ambfilt - ok
16:42:34.0343 5780 amsint - ok
16:42:34.0359 5780 asc - ok
16:42:34.0359 5780 asc3350p - ok
16:42:34.0375 5780 asc3550 - ok
16:42:34.0406 5780 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:42:34.0468 5780 AsyncMac - ok
16:42:34.0500 5780 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:42:34.0578 5780 atapi - ok
16:42:34.0578 5780 Atdisk - ok
16:42:34.0734 5780 ati2mtag (6d7e913b48488bb5c73ee7ad53b017d8) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:42:34.0921 5780 ati2mtag - ok
16:42:34.0953 5780 AtiHDAudioService (0d6b8359677d05142b624f09c28d643a) C:\WINDOWS\system32\drivers\AtihdXP3.sys
16:42:34.0953 5780 AtiHDAudioService - ok
16:42:35.0000 5780 AtiHdmiService (b9bc23b57765c167806a1feb7a3d16a6) C:\WINDOWS\system32\drivers\AtiHdmi.sys
16:42:35.0000 5780 AtiHdmiService - ok
16:42:35.0031 5780 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:42:35.0093 5780 Atmarpc - ok
16:42:35.0156 5780 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:42:35.0234 5780 audstub - ok
16:42:35.0265 5780 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:42:35.0281 5780 avgntflt - ok
16:42:35.0296 5780 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:42:35.0296 5780 avipbb - ok
16:42:35.0312 5780 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
16:42:35.0328 5780 avkmgr - ok
16:42:35.0343 5780 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
16:42:35.0359 5780 BANTExt ( UnsignedFile.Multi.Generic ) - warning
16:42:35.0359 5780 BANTExt - detected UnsignedFile.Multi.Generic (1)
16:42:35.0406 5780 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:42:35.0468 5780 Beep - ok
16:42:35.0484 5780 bmdrvr (fa75972a7f488ebbc94c5248cc6764a9) C:\WINDOWS\system32\drivers\bmdrvr.sys
16:42:35.0500 5780 bmdrvr - ok
16:42:35.0546 5780 cbfs3 (afab1d4cab04218cbab0ae69625d0d65) C:\WINDOWS\system32\drivers\cbfs3.sys
16:42:35.0546 5780 cbfs3 - ok
16:42:35.0578 5780 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:42:35.0640 5780 cbidf2k - ok
16:42:35.0671 5780 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:42:35.0750 5780 CCDECODE - ok
16:42:35.0765 5780 cd20xrnt - ok
16:42:35.0781 5780 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:42:35.0843 5780 Cdaudio - ok
16:42:35.0843 5780 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:42:35.0906 5780 Cdfs - ok
16:42:35.0937 5780 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:42:36.0031 5780 Cdrom - ok
16:42:36.0031 5780 CmdIde - ok
16:42:36.0046 5780 Cpqarray - ok
16:42:36.0093 5780 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Programme\SystemRequirementsLab\cpudrv.sys
16:42:36.0093 5780 cpudrv - ok
16:42:36.0156 5780 CrystalSysInfo (f054744f67576a01139885173392502b) C:\Programme\MediaCoder\SysInfo.sys
16:42:36.0171 5780 CrystalSysInfo - ok
16:42:36.0171 5780 dac2w2k - ok
16:42:36.0187 5780 dac960nt - ok
16:42:36.0218 5780 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:42:36.0281 5780 Disk - ok
16:42:36.0328 5780 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
16:42:36.0406 5780 dmboot - ok
16:42:36.0421 5780 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
16:42:36.0484 5780 dmio - ok
16:42:36.0500 5780 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:42:36.0578 5780 dmload - ok
16:42:36.0593 5780 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:42:36.0656 5780 DMusic - ok
16:42:36.0671 5780 dpti2o - ok
16:42:36.0671 5780 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:42:36.0734 5780 drmkaud - ok
16:42:36.0765 5780 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\WINDOWS\system32\Drivers\DrvAgent32.sys
16:42:36.0781 5780 DrvAgent32 ( UnsignedFile.Multi.Generic ) - warning
16:42:36.0781 5780 DrvAgent32 - detected UnsignedFile.Multi.Generic (1)
16:42:36.0812 5780 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
16:42:36.0828 5780 dtsoftbus01 - ok
16:42:36.0828 5780 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:42:36.0906 5780 Fastfat - ok
16:42:36.0921 5780 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:42:36.0984 5780 Fdc - ok
16:42:37.0000 5780 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
16:42:37.0078 5780 Fips - ok
16:42:37.0093 5780 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:42:37.0171 5780 Flpydisk - ok
16:42:37.0203 5780 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:42:37.0265 5780 FltMgr - ok
16:42:37.0296 5780 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:42:37.0359 5780 Fs_Rec - ok
16:42:37.0390 5780 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:42:37.0453 5780 Ftdisk - ok
16:42:37.0500 5780 gdrv (d556cb79967e92b5cc69686d16c1d846) C:\WINDOWS\gdrv.sys
16:42:37.0515 5780 gdrv - ok
16:42:37.0546 5780 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
16:42:37.0546 5780 GEARAspiWDM - ok
16:42:37.0562 5780 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:42:37.0640 5780 Gpc - ok
16:42:37.0687 5780 hcmon (51fa91bb463b15fd8eacd5045c3f2fa6) C:\WINDOWS\system32\drivers\hcmon.sys
16:42:37.0703 5780 hcmon - ok
16:42:37.0734 5780 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:42:37.0796 5780 HDAudBus - ok
16:42:37.0828 5780 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:42:37.0906 5780 hidusb - ok
16:42:37.0906 5780 hpn - ok
16:42:37.0953 5780 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:42:37.0968 5780 HTTP - ok
16:42:37.0984 5780 i2omp - ok
16:42:38.0000 5780 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:42:38.0078 5780 i8042prt - ok
16:42:38.0109 5780 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:42:38.0171 5780 Imapi - ok
16:42:38.0171 5780 ini910u - ok
16:42:38.0328 5780 IntcAzAudAddService (85ab23f3e4ba6696fae8beb9d434edd6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:42:38.0484 5780 IntcAzAudAddService - ok
16:42:38.0500 5780 IntelIde - ok
16:42:38.0531 5780 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:42:38.0609 5780 intelppm - ok
16:42:38.0625 5780 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:42:38.0703 5780 Ip6Fw - ok
16:42:38.0734 5780 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:42:38.0796 5780 IpFilterDriver - ok
16:42:38.0812 5780 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:42:38.0890 5780 IpInIp - ok
16:42:38.0906 5780 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:42:38.0968 5780 IpNat - ok
16:42:38.0984 5780 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:42:39.0062 5780 IPSec - ok
16:42:39.0093 5780 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:42:39.0125 5780 IRENUM - ok
16:42:39.0156 5780 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:42:39.0234 5780 isapnp - ok
16:42:39.0265 5780 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:42:39.0343 5780 Kbdclass - ok
16:42:39.0343 5780 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:42:39.0406 5780 kbdhid - ok
16:42:39.0453 5780 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:42:39.0515 5780 kmixer - ok
16:42:39.0531 5780 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:42:39.0578 5780 KSecDD - ok
16:42:39.0609 5780 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
16:42:39.0625 5780 LVPr2Mon - ok
16:42:39.0640 5780 LVRS (a1857fbb9b4930eeb2fd92386c45c529) C:\WINDOWS\system32\DRIVERS\lvrs.sys
16:42:39.0656 5780 LVRS - ok
16:42:39.0750 5780 LVUVC (3703406af0726badd24c5e552493e5b1) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
16:42:39.0859 5780 LVUVC - ok
16:42:39.0906 5780 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:42:39.0984 5780 mnmdd - ok
16:42:40.0000 5780 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
16:42:40.0078 5780 Modem - ok
16:42:40.0140 5780 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
16:42:40.0187 5780 Monfilt - ok
16:42:40.0234 5780 Mouclass (71e15ca47fd947552054afb28536268f) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:42:40.0328 5780 Mouclass - ok
16:42:40.0343 5780 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:42:40.0406 5780 mouhid - ok
16:42:40.0453 5780 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:42:40.0531 5780 MountMgr - ok
16:42:40.0562 5780 MPE (55a9a7e6bb297bf0f5b144029dcb79cc) C:\WINDOWS\system32\DRIVERS\MPE.sys
16:42:40.0656 5780 MPE - ok
16:42:40.0671 5780 mraid35x - ok
16:42:40.0687 5780 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:42:40.0750 5780 MRxDAV - ok
16:42:40.0796 5780 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:42:40.0843 5780 MRxSmb - ok
16:42:40.0843 5780 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:42:40.0906 5780 Msfs - ok
16:42:40.0937 5780 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:42:41.0000 5780 MSKSSRV - ok
16:42:41.0015 5780 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:42:41.0078 5780 MSPCLOCK - ok
16:42:41.0078 5780 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:42:41.0156 5780 MSPQM - ok
16:42:41.0187 5780 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:42:41.0250 5780 mssmbios - ok
16:42:41.0265 5780 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:42:41.0343 5780 MSTEE - ok
16:42:41.0359 5780 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:42:41.0359 5780 Mup - ok
16:42:41.0390 5780 MxEFUF (363b85773d001e35dc977058956a1486) C:\WINDOWS\system32\DRIVERS\MxEFUF32.sys
16:42:41.0390 5780 MxEFUF - ok
16:42:41.0406 5780 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:42:41.0468 5780 NABTSFEC - ok
16:42:41.0500 5780 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:42:41.0578 5780 NDIS - ok
16:42:41.0593 5780 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:42:41.0671 5780 NdisIP - ok
16:42:41.0703 5780 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:42:41.0718 5780 NdisTapi - ok
16:42:41.0750 5780 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:42:41.0828 5780 Ndisuio - ok
16:42:41.0859 5780 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:42:41.0921 5780 NdisWan - ok
16:42:41.0937 5780 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:42:41.0953 5780 NDProxy - ok
16:42:41.0968 5780 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:42:42.0031 5780 NetBIOS - ok
16:42:42.0046 5780 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:42:42.0109 5780 NetBT - ok
16:42:42.0140 5780 npf (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys
16:42:42.0156 5780 npf - ok
16:42:42.0156 5780 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:42:42.0234 5780 Npfs - ok
16:42:42.0281 5780 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:42:42.0359 5780 Ntfs - ok
16:42:42.0390 5780 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:42:42.0453 5780 Null - ok
16:42:42.0484 5780 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:42:42.0546 5780 NwlnkFlt - ok
16:42:42.0562 5780 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:42:42.0625 5780 NwlnkFwd - ok
16:42:42.0640 5780 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
16:42:42.0718 5780 Parport - ok
16:42:42.0734 5780 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:42:42.0796 5780 PartMgr - ok
16:42:42.0812 5780 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
16:42:42.0875 5780 ParVdm - ok
16:42:42.0906 5780 PCI (6fb463e5b243fbd6f3d3c83f914d94fb) C:\WINDOWS\system32\DRIVERS\pci.sys
16:42:42.0984 5780 PCI - ok
16:42:43.0000 5780 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:42:43.0062 5780 PCIIde - ok
16:42:43.0093 5780 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:42:43.0171 5780 Pcmcia - ok
16:42:43.0171 5780 perc2 - ok
16:42:43.0171 5780 perc2hib - ok
16:42:43.0234 5780 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\WINDOWS\system32\DRIVERS\point32.sys
16:42:43.0234 5780 Point32 - ok
16:42:43.0250 5780 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:42:43.0312 5780 PptpMiniport - ok
16:42:43.0328 5780 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:42:43.0390 5780 PSched - ok
16:42:43.0406 5780 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:42:43.0484 5780 Ptilink - ok
16:42:43.0500 5780 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:42:43.0515 5780 PxHelp20 - ok
16:42:43.0515 5780 ql1080 - ok
16:42:43.0515 5780 Ql10wnt - ok
16:42:43.0531 5780 ql12160 - ok
16:42:43.0531 5780 ql1240 - ok
16:42:43.0546 5780 ql1280 - ok
16:42:43.0546 5780 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:42:43.0609 5780 RasAcd - ok
16:42:43.0640 5780 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:42:43.0718 5780 Rasl2tp - ok
16:42:43.0734 5780 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:42:43.0796 5780 RasPppoe - ok
16:42:43.0796 5780 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:42:43.0859 5780 Raspti - ok
16:42:43.0906 5780 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:42:43.0968 5780 Rdbss - ok
16:42:43.0984 5780 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:42:44.0046 5780 RDPCDD - ok
16:42:44.0078 5780 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:42:44.0093 5780 RDPWD - ok
16:42:44.0140 5780 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:42:44.0203 5780 redbook - ok
16:42:44.0296 5780 RTHDMIAzAudService (eb5a4e5437c643517f9d0fa0535310af) C:\WINDOWS\system32\drivers\RtKHDMI.sys
16:42:44.0453 5780 RTHDMIAzAudService - ok
16:42:44.0515 5780 RTLE8023xp (d3578c3806ed545e5c36b2a20f5c0b5a) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
16:42:44.0531 5780 RTLE8023xp - ok
16:42:44.0562 5780 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:42:44.0625 5780 Secdrv - ok
16:42:44.0671 5780 Sentinel (05f03d7f2999431c53ce254da1301b31) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
16:42:44.0687 5780 Sentinel ( UnsignedFile.Multi.Generic ) - warning
16:42:44.0687 5780 Sentinel - detected UnsignedFile.Multi.Generic (1)
16:42:44.0718 5780 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:42:44.0796 5780 serenum - ok
16:42:44.0828 5780 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
16:42:44.0906 5780 Serial - ok
16:42:44.0968 5780 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:42:45.0031 5780 Sfloppy - ok
16:42:45.0031 5780 Simbad - ok
16:42:45.0078 5780 SKYNET (69608080ba674d9942f0373e5bcab2f9) C:\WINDOWS\system32\DRIVERS\SkyNET.SYS
16:42:45.0093 5780 SKYNET - ok
16:42:45.0125 5780 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:42:45.0187 5780 SLIP - ok
16:42:45.0203 5780 Sparrow - ok
16:42:45.0218 5780 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:42:45.0281 5780 splitter - ok
16:42:45.0328 5780 sptd (f42efefb765235f24b24e1d2b6f99f46) C:\WINDOWS\System32\Drivers\sptd.sys
16:42:45.0328 5780 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: f42efefb765235f24b24e1d2b6f99f46
16:42:45.0328 5780 sptd ( LockedFile.Multi.Generic ) - warning
16:42:45.0328 5780 sptd - detected LockedFile.Multi.Generic (1)
16:42:45.0343 5780 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
16:42:45.0375 5780 sr - ok
16:42:45.0406 5780 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:42:45.0437 5780 Srv - ok
16:42:45.0484 5780 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
16:42:45.0500 5780 ssmdrv - ok
16:42:45.0515 5780 StarOpen (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
16:42:45.0515 5780 StarOpen ( UnsignedFile.Multi.Generic ) - warning
16:42:45.0515 5780 StarOpen - detected UnsignedFile.Multi.Generic (1)
16:42:45.0531 5780 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:42:45.0609 5780 streamip - ok
16:42:45.0625 5780 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:42:45.0687 5780 swenum - ok
16:42:45.0703 5780 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:42:45.0765 5780 swmidi - ok
16:42:45.0765 5780 symc810 - ok
16:42:45.0781 5780 symc8xx - ok
16:42:45.0781 5780 sym_hi - ok
16:42:45.0796 5780 sym_u3 - ok
16:42:45.0796 5780 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:42:45.0859 5780 sysaudio - ok
16:42:45.0890 5780 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:42:45.0937 5780 Tcpip - ok
16:42:45.0968 5780 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:42:46.0046 5780 TDPIPE - ok
16:42:46.0078 5780 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:42:46.0140 5780 TDTCP - ok
16:42:46.0156 5780 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:42:46.0234 5780 TermDD - ok
16:42:46.0281 5780 tffsport (d9d5e4ca72270e9f3eca97da0983ab87) C:\WINDOWS\system32\DRIVERS\tffsport.sys
16:42:46.0328 5780 tffsport - ok
16:42:46.0343 5780 TosIde - ok
16:42:46.0375 5780 TSMPacket (7c1367bff5587cf49c0ed2e664f6eac0) C:\WINDOWS\system32\DRIVERS\tsmpkt.sys
16:42:46.0375 5780 TSMPacket ( UnsignedFile.Multi.Generic ) - warning
16:42:46.0375 5780 TSMPacket - detected UnsignedFile.Multi.Generic (1)
16:42:46.0406 5780 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:42:46.0468 5780 Udfs - ok
16:42:46.0484 5780 ultra - ok
16:42:46.0562 5780 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Programme\Unlocker\UnlockerDriver5.sys
16:42:46.0578 5780 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
16:42:46.0578 5780 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
16:42:46.0609 5780 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:42:46.0687 5780 Update - ok
16:42:46.0703 5780 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
16:42:46.0765 5780 usbaudio - ok
16:42:46.0812 5780 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:42:46.0875 5780 usbccgp - ok
16:42:46.0890 5780 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:42:46.0968 5780 usbehci - ok
16:42:47.0000 5780 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:42:47.0078 5780 usbhub - ok
16:42:47.0093 5780 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:42:47.0171 5780 usbohci - ok
16:42:47.0203 5780 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:42:47.0265 5780 usbprint - ok
16:42:47.0281 5780 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:42:47.0343 5780 usbscan - ok
16:42:47.0343 5780 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:42:47.0406 5780 USBSTOR - ok
16:42:47.0421 5780 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:42:47.0484 5780 usbuhci - ok
16:42:47.0500 5780 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
16:42:47.0578 5780 usbvideo - ok
16:42:47.0609 5780 uxpatch (628c632710ab55747cb5bcc68716be21) C:\WINDOWS\system32\drivers\uxpatch.sys
16:42:47.0625 5780 uxpatch - ok
16:42:47.0656 5780 VBoxDrv (103b23ec82c08fc4bdbc369552ffab2a) C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
16:42:47.0656 5780 VBoxDrv - ok
16:42:47.0687 5780 VBoxNetAdp (226cd9e42be28a84ec56430fbb57224f) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
16:42:47.0687 5780 VBoxNetAdp - ok
16:42:47.0703 5780 VBoxNetFlt (0a5d6512dcb14135a388d0e7e69e01bb) C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
16:42:47.0703 5780 VBoxNetFlt - ok
16:42:47.0734 5780 VBoxUSBMon (96a478edfb1fbf1fc663beb09b4175a8) C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
16:42:47.0734 5780 VBoxUSBMon - ok
16:42:47.0781 5780 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:42:47.0828 5780 VgaSave - ok
16:42:47.0843 5780 ViaIde - ok
16:42:47.0875 5780 vmci (6f5d703bf312cb6cda78948763cb1e0d) C:\WINDOWS\system32\Drivers\vmci.sys
16:42:47.0875 5780 vmci - ok
16:42:47.0921 5780 vmkbd (27df4aece721961f9c9064a31790f2ea) C:\WINDOWS\system32\drivers\VMkbd.sys
16:42:47.0921 5780 vmkbd - ok
16:42:47.0953 5780 vmm (5bfd1ab294525a42e7ddbe85fc22d02e) C:\WINDOWS\system32\Drivers\vmm.sys
16:42:47.0968 5780 vmm - ok
16:42:47.0968 5780 VMnetAdapter (e41704d8149992107b333cc7a52c07cc) C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
16:42:47.0984 5780 VMnetAdapter - ok
16:42:48.0000 5780 VMnetBridge (37487769258ee1ee792517647c8982a4) C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
16:42:48.0000 5780 VMnetBridge - ok
16:42:48.0015 5780 VMnetuserif (ea10f0c9333388d2ecc4068efb8c366d) C:\WINDOWS\system32\drivers\vmnetuserif.sys
16:42:48.0031 5780 VMnetuserif - ok
16:42:48.0046 5780 VMparport (311e4d0703f53faf7e7a5b3a2641d4fa) C:\WINDOWS\system32\Drivers\VMparport.sys
16:42:48.0046 5780 VMparport - ok
16:42:48.0109 5780 vmx86 (35dc7079a413484423750db5d40b8ea6) C:\WINDOWS\system32\Drivers\vmx86.sys
16:42:48.0140 5780 vmx86 - ok
16:42:48.0156 5780 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
16:42:48.0234 5780 VolSnap - ok
16:42:48.0250 5780 VPCNetS2 (776b784b4f4d0be767c289f59a21ef20) C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
16:42:48.0296 5780 VPCNetS2 - ok
16:42:48.0343 5780 vstor2-mntapi10-shared (f3ee13b14a3288ed5e0e44fb8dc424f3) C:\WINDOWS\system32\drivers\vstor2-mntapi10-shared.sys
16:42:48.0343 5780 vstor2-mntapi10-shared - ok
16:42:48.0421 5780 vstor2-ws60 (98929c5c5314c4c048e2f60492c26723) C:\Programme\VMware\VMware Player\vstor2-ws60.sys
16:42:48.0421 5780 vstor2-ws60 - ok
16:42:48.0453 5780 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:42:48.0515 5780 Wanarp - ok
16:42:48.0562 5780 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
16:42:48.0578 5780 Wdf01000 - ok
16:42:48.0625 5780 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:42:48.0703 5780 wdmaud - ok
16:42:48.0750 5780 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:42:48.0828 5780 WS2IFSL - ok
16:42:48.0859 5780 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:42:48.0921 5780 WSTCODEC - ok
16:42:48.0968 5780 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:42:49.0000 5780 WudfPf - ok
16:42:49.0015 5780 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:42:49.0031 5780 WudfRd - ok
16:42:49.0062 5780 MBR (0x1B8) (6aefa2bac284226f1a5aed86e53d7bb9) \Device\Harddisk0\DR0
16:42:49.0093 5780 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:42:49.0093 5780 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:42:49.0093 5780 MBR (0x1B8) (4004072431421eb6987f1a76377d26f0) \Device\Harddisk1\DR1
16:42:49.0109 5780 \Device\Harddisk1\DR1 - ok
16:42:49.0140 5780 MBR (0x1B8) (0792f22bcc85cfd3b28324561fffcabb) \Device\Harddisk2\DR9
16:42:49.0562 5780 \Device\Harddisk2\DR9 - ok
16:42:49.0562 5780 MBR (0x1B8) (0792f22bcc85cfd3b28324561fffcabb) \Device\Harddisk7\DR15
16:42:52.0015 5780 \Device\Harddisk7\DR15 - ok
16:42:52.0015 5780 Boot (0x1200) (bd33e6ce19a0945d6030f6bd7fdf4f17) \Device\Harddisk0\DR0\Partition0
16:42:52.0015 5780 \Device\Harddisk0\DR0\Partition0 - ok
16:42:52.0031 5780 Boot (0x1200) (1f7f6ecbc3c799c0fa1708e19d867ee5) \Device\Harddisk0\DR0\Partition1
16:42:52.0031 5780 \Device\Harddisk0\DR0\Partition1 - ok
16:42:52.0031 5780 Boot (0x1200) (1ee98097fdfa3868e609545d52fa3441) \Device\Harddisk1\DR1\Partition0
16:42:52.0031 5780 \Device\Harddisk1\DR1\Partition0 - ok
16:42:52.0046 5780 Boot (0x1200) (47a119c6ff99c39eca70f294d165430b) \Device\Harddisk1\DR1\Partition1
16:42:52.0046 5780 \Device\Harddisk1\DR1\Partition1 - ok
16:42:52.0062 5780 Boot (0x1200) (946e99e0407b625b3395fe52dbca7fde) \Device\Harddisk2\DR9\Partition0
16:42:52.0078 5780 \Device\Harddisk2\DR9\Partition0 - ok
16:42:52.0078 5780 Boot (0x1200) (9c30da73962effbfb6da61ecedaec1f0) \Device\Harddisk7\DR15\Partition0
16:42:52.0078 5780 \Device\Harddisk7\DR15\Partition0 - ok
16:42:52.0078 5780 ============================================================
16:42:52.0078 5780 Scan finished
16:42:52.0078 5780 ============================================================
16:42:52.0187 5752 Detected object count: 8
16:42:52.0187 5752 Actual detected object count: 8
16:44:16.0828 5752 C:\WINDOWS\System32\Drivers\BANTExt.sys - copied to quarantine
16:44:16.0828 5752 HKLM\SYSTEM\ControlSet001\services\BANTExt - will be deleted on reboot
16:44:16.0828 5752 HKLM\SYSTEM\ControlSet002\services\BANTExt - will be deleted on reboot
16:44:16.0828 5752 HKLM\SYSTEM\ControlSet003\services\BANTExt - will be deleted on reboot
16:44:16.0843 5752 C:\WINDOWS\System32\Drivers\BANTExt.sys - will be deleted on reboot
16:44:16.0843 5752 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:16.0890 5752 C:\WINDOWS\system32\Drivers\DrvAgent32.sys - copied to quarantine
16:44:16.0890 5752 HKLM\SYSTEM\ControlSet001\services\DrvAgent32 - will be deleted on reboot
16:44:16.0890 5752 HKLM\SYSTEM\ControlSet002\services\DrvAgent32 - will be deleted on reboot
16:44:16.0890 5752 HKLM\SYSTEM\ControlSet003\services\DrvAgent32 - will be deleted on reboot
16:44:16.0890 5752 C:\WINDOWS\system32\Drivers\DrvAgent32.sys - will be deleted on reboot
16:44:16.0890 5752 DrvAgent32 ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:16.0953 5752 C:\WINDOWS\System32\Drivers\SENTINEL.SYS - copied to quarantine
16:44:16.0953 5752 HKLM\SYSTEM\ControlSet001\services\Sentinel - will be deleted on reboot
16:44:16.0953 5752 HKLM\SYSTEM\ControlSet002\services\Sentinel - will be deleted on reboot
16:44:16.0953 5752 HKLM\SYSTEM\ControlSet003\services\Sentinel - will be deleted on reboot
16:44:16.0953 5752 C:\WINDOWS\System32\Drivers\SENTINEL.SYS - will be deleted on reboot
16:44:16.0953 5752 Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:17.0031 5752 C:\WINDOWS\System32\Drivers\sptd.sys - copied to quarantine
16:44:17.0031 5752 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
16:44:17.0031 5752 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
16:44:17.0031 5752 HKLM\SYSTEM\ControlSet003\services\sptd - will be deleted on reboot
16:44:17.0031 5752 C:\WINDOWS\System32\Drivers\sptd.sys - will be deleted on reboot
16:44:17.0031 5752 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
16:44:17.0078 5752 C:\WINDOWS\system32\drivers\StarOpen.sys - copied to quarantine
16:44:17.0078 5752 HKLM\SYSTEM\ControlSet001\services\StarOpen - will be deleted on reboot
16:44:17.0078 5752 HKLM\SYSTEM\ControlSet002\services\StarOpen - will be deleted on reboot
16:44:17.0078 5752 HKLM\SYSTEM\ControlSet003\services\StarOpen - will be deleted on reboot
16:44:17.0078 5752 C:\WINDOWS\system32\drivers\StarOpen.sys - will be deleted on reboot
16:44:17.0078 5752 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:17.0156 5752 C:\WINDOWS\system32\DRIVERS\tsmpkt.sys - copied to quarantine
16:44:17.0156 5752 HKLM\SYSTEM\ControlSet001\services\TSMPacket - will be deleted on reboot
16:44:17.0156 5752 HKLM\SYSTEM\ControlSet002\services\TSMPacket - will be deleted on reboot
16:44:17.0156 5752 HKLM\SYSTEM\ControlSet003\services\TSMPacket - will be deleted on reboot
16:44:17.0156 5752 C:\WINDOWS\system32\DRIVERS\tsmpkt.sys - will be deleted on reboot
16:44:17.0156 5752 TSMPacket ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:17.0234 5752 C:\Programme\Unlocker\UnlockerDriver5.sys - copied to quarantine
16:44:17.0234 5752 HKLM\SYSTEM\ControlSet001\services\UnlockerDriver5 - will be deleted on reboot
16:44:17.0234 5752 HKLM\SYSTEM\ControlSet002\services\UnlockerDriver5 - will be deleted on reboot
16:44:17.0234 5752 HKLM\SYSTEM\ControlSet003\services\UnlockerDriver5 - will be deleted on reboot
16:44:17.0250 5752 C:\Programme\Unlocker\UnlockerDriver5.sys - will be deleted on reboot
16:44:17.0250 5752 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:17.0250 5752 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
16:44:17.0281 5752 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
16:44:17.0281 5752 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
16:44:17.0281 5752 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
16:44:17.0281 5752 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
16:44:17.0296 5752 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:44:17.0296 5752 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:44:17.0312 5752 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:44:17.0312 5752 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
16:44:17.0328 5752 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:44:17.0343 5752 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
16:44:17.0343 5752 \Device\Harddisk0\DR0\TDLFS - deleted
16:44:17.0343 5752 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
16:44:29.0921 5272 Deinitialize success
Zu Glück kann ich diesen Vorgang noch schildern, da ich auf meiner zweiten Festplatte Ubuntu installiert Habe
Zum Thema problem explorer.exe - na bravo!
Nachdem ich die mit TDSS gefundenen 8 Fehler mit "delete" entfernt habe, startete der Computer neu. Danach komme ich jetzt nicht mehr ins Netz und kann auch keine - problem explorer.exe...
24.02.2012, 17:45
Hybrid-Darstellung
