Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   externe festplatte, kein zugriff auf dateien möglich (https://www.trojaner-board.de/104884-externe-festplatte-kein-zugriff-dateien-moeglich.html)

clonman 19.12.2011 08:56
/push

na, Antwort überlesen ?? :pfeiff:

cosinus 19.12.2011 13:06
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:
:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360811t516l0463z1h5t6641k530
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360811t516l0463z1h5t6641k530
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360811t516l0463z1h5t6641k530
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360811t516l0463z1h5t6641k530
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360811t516l0463z1h5t6641k530
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {1ce76c93-a797-4ca2-ab3c-f4a6cfba3440} - No CLSID value found
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[2011.09.25 21:13:48 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{034daecb-eb3a-11e0-9e9e-c80aa9a0ebc9}\Shell - "" = AutoRun
O33 - MountPoints2\{034daecb-eb3a-11e0-9e9e-c80aa9a0ebc9}\Shell\AutoRun\command - "" = H:\iStudio.exe
O33 - MountPoints2\{48b73d03-1f26-11e1-85bd-dee941e6d294}\Shell - "" = AutoRun
O33 - MountPoints2\{48b73d03-1f26-11e1-85bd-dee941e6d294}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{c43b6044-d096-11e0-ad56-c80aa9a0ebc9}\Shell - "" = AutoRun
O33 - MountPoints2\{c43b6044-d096-11e0-ad56-c80aa9a0ebc9}\Shell\AutoRun\command - "" = E:\dvdcheck.exe
[2011.10.17 11:23:26 | 000,000,000 | -H-- | C] () -- C:\Users\***\AppData\Roaming\fLdfltehhjgg
[2011.10.17 11:23:01 | 000,000,000 | -H-- | C] () -- C:\Users\***\AppData\Roaming\j7Aj8Lg66f66
[2011.10.16 11:42:39 | 000,013,122 | ---- | C] () -- C:\Users\***\AppData\Roaming\3BF7.exe
[2011.10.14 10:20:37 | 000,417,234 | ---- | C] () -- C:\Users\***\AppData\Roaming\1B4.exe
[2011.10.14 10:14:49 | 000,000,000 | -H-- | C] () -- C:\Users\***\AppData\Roaming\ey70t1h11gK1
[2011.10.14 10:14:45 | 000,000,000 | -H-- | C] () -- C:\Users\***\AppData\Roaming\E1Lfer0fyI1e
[2011.10.14 10:14:36 | 000,417,234 | ---- | C] () -- C:\Users\***\AppData\Roaming\43B5.exe
[2011.09.25 21:13:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Babylon
[2011.09.11 00:18:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gVBKLJOy
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:C31F31E6
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

clonman 19.12.2011 15:41
gesagt, getan

Code:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully.
c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{034daecb-eb3a-11e0-9e9e-c80aa9a0ebc9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{034daecb-eb3a-11e0-9e9e-c80aa9a0ebc9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{034daecb-eb3a-11e0-9e9e-c80aa9a0ebc9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{034daecb-eb3a-11e0-9e9e-c80aa9a0ebc9}\ not found.
File H:\iStudio.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48b73d03-1f26-11e1-85bd-dee941e6d294}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48b73d03-1f26-11e1-85bd-dee941e6d294}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48b73d03-1f26-11e1-85bd-dee941e6d294}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48b73d03-1f26-11e1-85bd-dee941e6d294}\ not found.
File F:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c43b6044-d096-11e0-ad56-c80aa9a0ebc9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c43b6044-d096-11e0-ad56-c80aa9a0ebc9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c43b6044-d096-11e0-ad56-c80aa9a0ebc9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c43b6044-d096-11e0-ad56-c80aa9a0ebc9}\ not found.
File E:\dvdcheck.exe not found.
C:\Users\meindirk\AppData\Roaming\fLdfltehhjgg moved successfully.
C:\Users\meindirk\AppData\Roaming\j7Aj8Lg66f66 moved successfully.
C:\Users\meindirk\AppData\Roaming\3BF7.exe moved successfully.
C:\Users\meindirk\AppData\Roaming\1B4.exe moved successfully.
C:\Users\meindirk\AppData\Roaming\ey70t1h11gK1 moved successfully.
C:\Users\***\AppData\Roaming\E1Lfer0fyI1e moved successfully.
C:\Users\***\AppData\Roaming\43B5.exe moved successfully.
C:\Users\***\AppData\Roaming\Babylon folder moved successfully.
C:\Users\***\AppData\Roaming\gVBKLJOy\rzdqpG\1.0.0.0 folder moved successfully.
C:\Users\***\AppData\Roaming\gVBKLJOy\rzdqpG folder moved successfully.
C:\Users\***\AppData\Roaming\gVBKLJOy folder moved successfully.
ADS C:\ProgramData\Temp:ABE89FFE deleted successfully.
ADS C:\ProgramData\Temp:5D7E5A8F deleted successfully.
ADS C:\ProgramData\Temp:93DE1838 deleted successfully.
ADS C:\ProgramData\Temp:0B9176C0 deleted successfully.
ADS C:\ProgramData\Temp:C31F31E6 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: BitBox
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ***
->Temp folder emptied: 121014498 bytes
->Temporary Internet Files folder emptied: 131674254 bytes
->Java cache emptied: 1378193 bytes
->FireFox cache emptied: 205006992 bytes
->Flash cache emptied: 55664 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2262068 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 69818 bytes
RecycleBin emptied: 42840005 bytes
 
Total Files Cleaned = 481,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 12192011_153523

Files\Folders moved on Reboot...
C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

cosinus 19.12.2011 15:42
Bitte nun (im normalen Modus!) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

clonman 19.12.2011 15:49
und auch das getan

Code:
15:46:25.0206 1524        TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
15:46:25.0378 1524        ============================================================
15:46:25.0378 1524        Current date / time: 2011/12/19 15:46:25.0378
15:46:25.0378 1524        SystemInfo:
15:46:25.0378 1524       
15:46:25.0378 1524        OS Version: 6.1.7600 ServicePack: 0.0
15:46:25.0378 1524        Product type: Workstation
15:46:25.0378 1524        ComputerName: DEINDIRK-PC
15:46:25.0378 1524        UserName: meindirk
15:46:25.0378 1524        Windows directory: C:\Windows
15:46:25.0378 1524        System windows directory: C:\Windows
15:46:25.0378 1524        Running under WOW64
15:46:25.0378 1524        Processor architecture: Intel x64
15:46:25.0378 1524        Number of processors: 4
15:46:25.0378 1524        Page size: 0x1000
15:46:25.0378 1524        Boot type: Normal boot
15:46:25.0378 1524        ============================================================
15:46:25.0971 1524        Initialize success
15:46:44.0816 3304        ============================================================
15:46:44.0816 3304        Scan started
15:46:44.0816 3304        Mode: Manual; SigCheck; TDLFS;
15:46:44.0816 3304        ============================================================
15:46:45.0876 3304        1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
15:46:46.0064 3304        1394ohci - ok
15:46:46.0188 3304        ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
15:46:46.0235 3304        ACPI - ok
15:46:46.0329 3304        AcpiPmi        (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
15:46:46.0422 3304        AcpiPmi - ok
15:46:46.0563 3304        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:46:46.0610 3304        adp94xx - ok
15:46:46.0734 3304        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:46:46.0766 3304        adpahci - ok
15:46:46.0875 3304        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:46:46.0906 3304        adpu320 - ok
15:46:47.0015 3304        AFD            (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
15:46:47.0109 3304        AFD - ok
15:46:47.0218 3304        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
15:46:47.0234 3304        agp440 - ok
15:46:47.0358 3304        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
15:46:47.0390 3304        aliide - ok
15:46:47.0499 3304        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
15:46:47.0530 3304        amdide - ok
15:46:47.0639 3304        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:46:47.0686 3304        AmdK8 - ok
15:46:47.0920 3304        amdkmdag        (d3e6b2e1394d93fe9db0ba24814b0d8f) C:\Windows\system32\DRIVERS\atipmdag.sys
15:46:48.0295 3304        amdkmdag - ok
15:46:48.0404 3304        amdkmdap        (cc4d915d786d3da973b2ea9b95d59a29) C:\Windows\system32\DRIVERS\atikmpag.sys
15:46:48.0435 3304        amdkmdap - ok
15:46:48.0560 3304        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:46:48.0607 3304        AmdPPM - ok
15:46:48.0731 3304        amdsata        (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
15:46:48.0763 3304        amdsata - ok
15:46:48.0872 3304        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:46:48.0903 3304        amdsbs - ok
15:46:48.0950 3304        amdxata        (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
15:46:48.0981 3304        amdxata - ok
15:46:49.0075 3304        AmUStor        (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
15:46:49.0121 3304        AmUStor - ok
15:46:49.0277 3304        AppID          (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
15:46:49.0340 3304        AppID - ok
15:46:49.0465 3304        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:46:49.0496 3304        arc - ok
15:46:49.0511 3304        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:46:49.0527 3304        arcsas - ok
15:46:49.0621 3304        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:46:49.0808 3304        AsyncMac - ok
15:46:49.0933 3304        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
15:46:49.0948 3304        atapi - ok
15:46:50.0135 3304        athr            (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys
15:46:50.0369 3304        athr - ok
15:46:50.0494 3304        AtiHdmiService  (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys
15:46:50.0603 3304        AtiHdmiService - ok
15:46:50.0759 3304        atksgt          (4aef9ec86818375495fb78ca58df4e18) C:\Windows\system32\DRIVERS\atksgt.sys
15:46:50.0791 3304        atksgt ( UnsignedFile.Multi.Generic ) - warning
15:46:50.0791 3304        atksgt - detected UnsignedFile.Multi.Generic (1)
15:46:50.0869 3304        avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
15:46:50.0884 3304        avgntflt - ok
15:46:50.0900 3304        avipbb          (f1c9db5f7b2a56a0b29667d22ba540fc) C:\Windows\system32\DRIVERS\avipbb.sys
15:46:50.0931 3304        avipbb - ok
15:46:50.0962 3304        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
15:46:50.0978 3304        avkmgr - ok
15:46:51.0040 3304        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:46:51.0118 3304        b06bdrv - ok
15:46:51.0259 3304        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:46:51.0305 3304        b57nd60a - ok
15:46:51.0508 3304        BCM43XX        (b44879610f2dc4a046b14befa3ae72de) C:\Windows\system32\DRIVERS\bcmwl664.sys
15:46:51.0571 3304        BCM43XX - ok
15:46:51.0633 3304        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:46:51.0680 3304        Beep - ok
15:46:51.0836 3304        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:46:51.0883 3304        blbdrive - ok
15:46:51.0992 3304        bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
15:46:52.0054 3304        bowser - ok
15:46:52.0163 3304        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:46:52.0210 3304        BrFiltLo - ok
15:46:52.0210 3304        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:46:52.0241 3304        BrFiltUp - ok
15:46:52.0273 3304        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:46:52.0319 3304        Brserid - ok
15:46:52.0413 3304        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:46:52.0444 3304        BrSerWdm - ok
15:46:52.0475 3304        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:46:52.0522 3304        BrUsbMdm - ok
15:46:52.0616 3304        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:46:52.0647 3304        BrUsbSer - ok
15:46:52.0756 3304        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:46:52.0787 3304        BthEnum - ok
15:46:52.0834 3304        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:46:52.0881 3304        BTHMODEM - ok
15:46:52.0928 3304        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:46:52.0959 3304        BthPan - ok
15:46:53.0099 3304        BTHPORT        (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
15:46:53.0162 3304        BTHPORT - ok
15:46:53.0193 3304        BTHUSB          (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
15:46:53.0209 3304        BTHUSB - ok
15:46:53.0255 3304        btwampfl        (380b798d30c56ede4af58619d0e86ccb) C:\Windows\system32\drivers\btwampfl.sys
15:46:53.0287 3304        btwampfl - ok
15:46:53.0365 3304        btwaudio        (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
15:46:53.0396 3304        btwaudio - ok
15:46:53.0411 3304        btwavdt        (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\drivers\btwavdt.sys
15:46:53.0443 3304        btwavdt - ok
15:46:53.0552 3304        btwl2cap        (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:46:53.0567 3304        btwl2cap - ok
15:46:53.0599 3304        btwrchid        (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
15:46:53.0614 3304        btwrchid - ok
15:46:53.0661 3304        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:46:53.0723 3304        cdfs - ok
15:46:53.0848 3304        cdrom          (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
15:46:53.0895 3304        cdrom - ok
15:46:54.0004 3304        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:46:54.0051 3304        circlass - ok
15:46:54.0082 3304        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:46:54.0113 3304        CLFS - ok
15:46:54.0238 3304        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:46:54.0285 3304        CmBatt - ok
15:46:54.0301 3304        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
15:46:54.0316 3304        cmdide - ok
15:46:54.0363 3304        CNG            (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
15:46:54.0441 3304        CNG - ok
15:46:54.0550 3304        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:46:54.0581 3304        Compbatt - ok
15:46:54.0613 3304        CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:46:54.0659 3304        CompositeBus - ok
15:46:54.0753 3304        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:46:54.0769 3304        crcdisk - ok
15:46:54.0909 3304        DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
15:46:54.0971 3304        DfsC - ok
15:46:55.0065 3304        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:46:55.0143 3304        discache - ok
15:46:55.0268 3304        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:46:55.0299 3304        Disk - ok
15:46:55.0424 3304        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:46:55.0455 3304        drmkaud - ok
15:46:55.0580 3304        DXGKrnl        (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
15:46:55.0627 3304        DXGKrnl - ok
15:46:55.0751 3304        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:46:55.0907 3304        ebdrv - ok
15:46:56.0017 3304        ElbyCDIO        (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
15:46:56.0032 3304        ElbyCDIO - ok
15:46:56.0095 3304        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:46:56.0141 3304        elxstor - ok
15:46:56.0219 3304        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
15:46:56.0266 3304        ErrDev - ok
15:46:56.0438 3304        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:46:56.0516 3304        exfat - ok
15:46:56.0547 3304        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:46:56.0641 3304        fastfat - ok
15:46:56.0734 3304        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:46:56.0765 3304        fdc - ok
15:46:56.0797 3304        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:46:56.0812 3304        FileInfo - ok
15:46:56.0843 3304        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:46:56.0906 3304        Filetrace - ok
15:46:56.0937 3304        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:46:56.0953 3304        flpydisk - ok
15:46:56.0968 3304        FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
15:46:56.0999 3304        FltMgr - ok
15:46:57.0046 3304        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:46:57.0062 3304        FsDepends - ok
15:46:57.0093 3304        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:46:57.0109 3304        Fs_Rec - ok
15:46:57.0155 3304        fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:46:57.0218 3304        fvevol - ok
15:46:57.0249 3304        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:46:57.0265 3304        gagp30kx - ok
15:46:57.0327 3304        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:46:57.0343 3304        hcw85cir - ok
15:46:57.0389 3304        HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
15:46:57.0421 3304        HdAudAddService - ok
15:46:57.0530 3304        HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:46:57.0592 3304        HDAudBus - ok
15:46:57.0639 3304        HECIx64        (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
15:46:57.0655 3304        HECIx64 - ok
15:46:57.0686 3304        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:46:57.0717 3304        HidBatt - ok
15:46:57.0733 3304        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:46:57.0764 3304        HidBth - ok
15:46:57.0779 3304        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:46:57.0811 3304        HidIr - ok
15:46:57.0873 3304        HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
15:46:57.0904 3304        HidUsb - ok
15:46:58.0013 3304        HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:46:58.0045 3304        HpSAMD - ok
15:46:58.0091 3304        HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
15:46:58.0169 3304        HTTP - ok
15:46:58.0201 3304        hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
15:46:58.0201 3304        hwpolicy - ok
15:46:58.0247 3304        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
15:46:58.0279 3304        i8042prt - ok
15:46:58.0310 3304        iaStor          (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
15:46:58.0325 3304        iaStor - ok
15:46:58.0450 3304        iaStorV        (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
15:46:58.0497 3304        iaStorV - ok
15:46:58.0622 3304        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:46:58.0653 3304        iirsp - ok
15:46:58.0715 3304        Impcd          (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
15:46:58.0762 3304        Impcd - ok
15:46:58.0840 3304        IntcAzAudAddService - ok
15:46:58.0887 3304        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
15:46:58.0903 3304        intelide - ok
15:46:59.0168 3304        intelkmd        (09ce164afa8483e41808784d7fca154e) C:\Windows\system32\DRIVERS\igdpmd64.sys
15:46:59.0527 3304        intelkmd - ok
15:46:59.0636 3304        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:46:59.0683 3304        intelppm - ok
15:46:59.0807 3304        IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:46:59.0885 3304        IpFilterDriver - ok
15:46:59.0901 3304        IPMIDRV        (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:46:59.0932 3304        IPMIDRV - ok
15:46:59.0932 3304        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:46:59.0995 3304        IPNAT - ok
15:47:00.0026 3304        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:47:00.0057 3304        IRENUM - ok
15:47:00.0073 3304        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
15:47:00.0088 3304        isapnp - ok
15:47:00.0104 3304        iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
15:47:00.0135 3304        iScsiPrt - ok
15:47:00.0166 3304        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:47:00.0182 3304        kbdclass - ok
15:47:00.0229 3304        kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
15:47:00.0260 3304        kbdhid - ok
15:47:00.0353 3304        KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
15:47:00.0369 3304        KSecDD - ok
15:47:00.0400 3304        KSecPkg        (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
15:47:00.0431 3304        KSecPkg - ok
15:47:00.0478 3304        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:47:00.0541 3304        ksthunk - ok
15:47:00.0650 3304        L1C            (39918db0efcf045a1ce6fabbf339f975) C:\Windows\system32\DRIVERS\L1C62x64.sys
15:47:00.0681 3304        L1C - ok
15:47:00.0837 3304        lirsgt          (b658b7076b1acaa5876524595630f183) C:\Windows\system32\DRIVERS\lirsgt.sys
15:47:00.0868 3304        lirsgt ( UnsignedFile.Multi.Generic ) - warning
15:47:00.0868 3304        lirsgt - detected UnsignedFile.Multi.Generic (1)
15:47:00.0899 3304        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:47:00.0977 3304        lltdio - ok
15:47:01.0102 3304        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:47:01.0133 3304        LSI_FC - ok
15:47:01.0149 3304        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:47:01.0165 3304        LSI_SAS - ok
15:47:01.0196 3304        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:47:01.0227 3304        LSI_SAS2 - ok
15:47:01.0243 3304        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:47:01.0274 3304        LSI_SCSI - ok
15:47:01.0305 3304        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:47:01.0383 3304        luafv - ok
15:47:01.0492 3304        massfilter      (23488767cb18fc3ff39e3af1db3fb02c) C:\Windows\system32\drivers\massfilter.sys
15:47:01.0539 3304        massfilter - ok
15:47:01.0664 3304        MBAMProtector  (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
15:47:01.0695 3304        MBAMProtector - ok
15:47:01.0851 3304        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:47:01.0882 3304        megasas - ok
15:47:01.0898 3304        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:47:01.0929 3304        MegaSR - ok
15:47:01.0945 3304        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:47:02.0007 3304        Modem - ok
15:47:02.0101 3304        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:47:02.0147 3304        monitor - ok
15:47:02.0163 3304        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:47:02.0194 3304        mouclass - ok
15:47:02.0225 3304        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:47:02.0257 3304        mouhid - ok
15:47:02.0272 3304        mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
15:47:02.0303 3304        mountmgr - ok
15:47:02.0335 3304        mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
15:47:02.0350 3304        mpio - ok
15:47:02.0381 3304        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:47:02.0444 3304        mpsdrv - ok
15:47:02.0475 3304        MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
15:47:02.0506 3304        MRxDAV - ok
15:47:02.0537 3304        mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:47:02.0584 3304        mrxsmb - ok
15:47:02.0615 3304        mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:47:02.0678 3304        mrxsmb10 - ok
15:47:02.0756 3304        mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:47:02.0803 3304        mrxsmb20 - ok
15:47:02.0896 3304        msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
15:47:02.0927 3304        msahci - ok
15:47:02.0943 3304        msdsm          (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
15:47:02.0959 3304        msdsm - ok
15:47:03.0005 3304        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:47:03.0052 3304        Msfs - ok
15:47:03.0083 3304        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:47:03.0146 3304        mshidkmdf - ok
15:47:03.0161 3304        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
15:47:03.0177 3304        msisadrv - ok
15:47:03.0208 3304        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:47:03.0255 3304        MSKSSRV - ok
15:47:03.0286 3304        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:47:03.0333 3304        MSPCLOCK - ok
15:47:03.0349 3304        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:47:03.0411 3304        MSPQM - ok
15:47:03.0442 3304        MsRPC          (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
15:47:03.0458 3304        MsRPC - ok
15:47:03.0489 3304        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:47:03.0505 3304        mssmbios - ok
15:47:03.0536 3304        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:47:03.0614 3304        MSTEE - ok
15:47:03.0629 3304        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:47:03.0661 3304        MTConfig - ok
15:47:03.0676 3304        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:47:03.0692 3304        Mup - ok
15:47:03.0723 3304        mwlPSDFilter    (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
15:47:03.0739 3304        mwlPSDFilter - ok
15:47:03.0754 3304        mwlPSDNServ    (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
15:47:03.0770 3304        mwlPSDNServ - ok
15:47:03.0785 3304        mwlPSDVDisk    (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
15:47:03.0801 3304        mwlPSDVDisk - ok
15:47:03.0957 3304        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:47:04.0004 3304        NativeWifiP - ok
15:47:04.0082 3304        NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
15:47:04.0144 3304        NDIS - ok
15:47:04.0253 3304        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:47:04.0331 3304        NdisCap - ok
15:47:04.0363 3304        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:47:04.0425 3304        NdisTapi - ok
15:47:04.0550 3304        Ndisuio        (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
15:47:04.0628 3304        Ndisuio - ok
15:47:04.0643 3304        NdisWan        (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:47:04.0721 3304        NdisWan - ok
15:47:04.0768 3304        NDProxy        (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
15:47:04.0815 3304        NDProxy - ok
15:47:04.0846 3304        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:47:04.0909 3304        NetBIOS - ok
15:47:04.0940 3304        NetBT          (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
15:47:05.0002 3304        NetBT - ok
15:47:05.0143 3304        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:47:05.0158 3304        nfrd960 - ok
15:47:05.0205 3304        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:47:05.0267 3304        Npfs - ok
15:47:05.0283 3304        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:47:05.0361 3304        nsiproxy - ok
15:47:05.0439 3304        Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
15:47:05.0517 3304        Ntfs - ok
15:47:05.0642 3304        NTIDrvr        (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
15:47:05.0657 3304        NTIDrvr - ok
15:47:05.0735 3304        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:47:05.0813 3304        Null - ok
15:47:05.0907 3304        nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
15:47:05.0954 3304        nvraid - ok
15:47:05.0985 3304        nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
15:47:06.0016 3304        nvstor - ok
15:47:06.0063 3304        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
15:47:06.0079 3304        nv_agp - ok
15:47:06.0203 3304        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
15:47:06.0235 3304        ohci1394 - ok
15:47:06.0250 3304        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:47:06.0266 3304        Parport - ok
15:47:06.0297 3304        partmgr        (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
15:47:06.0313 3304        partmgr - ok
15:47:06.0328 3304        pci            (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
15:47:06.0359 3304        pci - ok
15:47:06.0375 3304        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
15:47:06.0391 3304        pciide - ok
15:47:06.0406 3304        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:47:06.0422 3304        pcmcia - ok
15:47:06.0453 3304        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:47:06.0469 3304        pcw - ok
15:47:06.0500 3304        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:47:06.0578 3304        PEAUTH - ok
15:47:06.0703 3304        PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
15:47:06.0796 3304        PptpMiniport - ok
15:47:06.0827 3304        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:47:06.0859 3304        Processor - ok
15:47:06.0921 3304        Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:47:06.0983 3304        Psched - ok
15:47:07.0030 3304        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:47:07.0093 3304        ql2300 - ok
15:47:07.0108 3304        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:47:07.0124 3304        ql40xx - ok
15:47:07.0155 3304        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:47:07.0202 3304        QWAVEdrv - ok
15:47:07.0217 3304        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:47:07.0264 3304        RasAcd - ok
15:47:07.0327 3304        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:47:07.0405 3304        RasAgileVpn - ok
15:47:07.0451 3304        Rasl2tp        (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:47:07.0514 3304        Rasl2tp - ok
15:47:07.0529 3304        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:47:07.0592 3304        RasPppoe - ok
15:47:07.0639 3304        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:47:07.0701 3304        RasSstp - ok
15:47:07.0810 3304        rdbss          (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:47:07.0919 3304        rdbss - ok
15:47:07.0935 3304        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:47:07.0951 3304        rdpbus - ok
15:47:07.0966 3304        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:47:08.0029 3304        RDPCDD - ok
15:47:08.0060 3304        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:47:08.0122 3304        RDPENCDD - ok
15:47:08.0153 3304        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:47:08.0185 3304        RDPREFMP - ok
15:47:08.0216 3304        RDPWD          (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
15:47:08.0278 3304        RDPWD - ok
15:47:08.0387 3304        rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
15:47:08.0434 3304        rdyboost - ok
15:47:08.0559 3304        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:47:08.0606 3304        RFCOMM - ok
15:47:08.0746 3304        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:47:08.0840 3304        rspndr - ok
15:47:08.0887 3304        sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
15:47:08.0902 3304        sbp2port - ok
15:47:08.0918 3304        scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:47:08.0980 3304        scfilter - ok
15:47:09.0027 3304        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:47:09.0089 3304        secdrv - ok
15:47:09.0199 3304        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:47:09.0230 3304        Serenum - ok
15:47:09.0245 3304        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:47:09.0277 3304        Serial - ok
15:47:09.0401 3304        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:47:09.0433 3304        sermouse - ok
15:47:09.0464 3304        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
15:47:09.0495 3304        sffdisk - ok
15:47:09.0511 3304        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:47:09.0542 3304        sffp_mmc - ok
15:47:09.0557 3304        sffp_sd        (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:47:09.0573 3304        sffp_sd - ok
15:47:09.0620 3304        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:47:09.0651 3304        sfloppy - ok
15:47:09.0760 3304        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:47:09.0791 3304        SiSRaid2 - ok
15:47:09.0791 3304        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:47:09.0807 3304        SiSRaid4 - ok
15:47:09.0838 3304        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:47:09.0901 3304        Smb - ok
15:47:10.0041 3304        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:47:10.0057 3304        spldr - ok
15:47:10.0150 3304        sptd            (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\System32\Drivers\sptd.sys
15:47:10.0197 3304        sptd - ok
15:47:10.0244 3304        srv            (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
15:47:10.0322 3304        srv - ok
15:47:10.0353 3304        srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
15:47:10.0400 3304        srv2 - ok
15:47:10.0415 3304        srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
15:47:10.0462 3304        srvnet - ok
15:47:10.0603 3304        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:47:10.0618 3304        stexstor - ok
15:47:10.0649 3304        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:47:10.0665 3304        swenum - ok
15:47:10.0727 3304        SynTP          (ce9b5a79aee330bc7e88c0441e5727bb) C:\Windows\system32\DRIVERS\SynTP.sys
15:47:10.0759 3304        SynTP - ok
15:47:10.0868 3304        Tcpip          (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
15:47:10.0961 3304        Tcpip - ok
15:47:11.0102 3304        TCPIP6          (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
15:47:11.0164 3304        TCPIP6 - ok
15:47:11.0195 3304        tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:47:11.0242 3304        tcpipreg - ok
15:47:11.0273 3304        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:47:11.0320 3304        TDPIPE - ok
15:47:11.0336 3304        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:47:11.0383 3304        TDTCP - ok
15:47:11.0398 3304        tdx            (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:47:11.0461 3304        tdx - ok
15:47:11.0585 3304        TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
15:47:11.0617 3304        TermDD - ok
15:47:11.0679 3304        tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:47:11.0757 3304        tssecsrv - ok
15:47:11.0851 3304        tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:47:11.0929 3304        tunnel - ok
15:47:11.0944 3304        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:47:11.0960 3304        uagp35 - ok
15:47:11.0991 3304        UBHelper        (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
15:47:12.0007 3304        UBHelper - ok
15:47:12.0038 3304        udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
15:47:12.0116 3304        udfs - ok
15:47:12.0225 3304        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:47:12.0256 3304        uliagpkx - ok
15:47:12.0272 3304        umbus          (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:47:12.0319 3304        umbus - ok
15:47:12.0334 3304        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:47:12.0350 3304        UmPass - ok
15:47:12.0397 3304        usbccgp        (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
15:47:12.0443 3304        usbccgp - ok
15:47:12.0443 3304        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
15:47:12.0490 3304        usbcir - ok
15:47:12.0521 3304        usbehci        (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
15:47:12.0553 3304        usbehci - ok
15:47:12.0599 3304        usbhub          (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
15:47:12.0646 3304        usbhub - ok
15:47:12.0755 3304        usbohci        (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
15:47:12.0771 3304        usbohci - ok
15:47:12.0833 3304        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:47:12.0865 3304        usbprint - ok
15:47:12.0896 3304        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:47:12.0958 3304        usbscan - ok
15:47:13.0005 3304        USBSTOR        (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:47:13.0052 3304        USBSTOR - ok
15:47:13.0083 3304        usbuhci        (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
15:47:13.0099 3304        usbuhci - ok
15:47:13.0145 3304        usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
15:47:13.0208 3304        usbvideo - ok
15:47:13.0333 3304        VBoxDrv        (f8899654688af11b5e8ddf9ed53cb72e) C:\Windows\system32\DRIVERS\VBoxDrv.sys
15:47:13.0364 3304        VBoxDrv - ok
15:47:13.0395 3304        VBoxNetAdp      (01f5ff577ca9d3555941c5c266af4385) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
15:47:13.0411 3304        VBoxNetAdp - ok
15:47:13.0442 3304        VBoxNetFlt      (2666d93096570f92346e3117b9c051e8) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
15:47:13.0457 3304        VBoxNetFlt - ok
15:47:13.0598 3304        VBoxUSBMon      (92d8db75837262e3811dfabf80dc08e0) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
15:47:13.0613 3304        VBoxUSBMon - ok
15:47:13.0660 3304        VClone          (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
15:47:13.0691 3304        VClone - ok
15:47:13.0723 3304        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:47:13.0738 3304        vdrvroot - ok
15:47:13.0863 3304        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:47:13.0894 3304        vga - ok
15:47:13.0910 3304        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:47:13.0972 3304        VgaSave - ok
15:47:13.0988 3304        vhdmp          (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
15:47:14.0019 3304        vhdmp - ok
15:47:14.0050 3304        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
15:47:14.0066 3304        viaide - ok
15:47:14.0097 3304        volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
15:47:14.0113 3304        volmgr - ok
15:47:14.0144 3304        volmgrx        (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:47:14.0175 3304        volmgrx - ok
15:47:14.0191 3304        volsnap        (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
15:47:14.0222 3304        volsnap - ok
15:47:14.0253 3304        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:47:14.0269 3304        vsmraid - ok
15:47:14.0300 3304        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:47:14.0315 3304        vwifibus - ok
15:47:14.0347 3304        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:47:14.0393 3304        vwififlt - ok
15:47:14.0487 3304        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:47:14.0518 3304        vwifimp - ok
15:47:14.0549 3304        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:47:14.0581 3304        WacomPen - ok
15:47:14.0674 3304        WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:47:14.0752 3304        WANARP - ok
15:47:14.0783 3304        Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:47:14.0815 3304        Wanarpv6 - ok
15:47:14.0846 3304        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:47:14.0861 3304        Wd - ok
15:47:14.0893 3304        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:47:14.0924 3304        Wdf01000 - ok
15:47:14.0971 3304        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:47:15.0017 3304        WfpLwf - ok
15:47:15.0049 3304        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:47:15.0064 3304        WIMMount - ok
15:47:15.0205 3304        WinUsb          (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
15:47:15.0236 3304        WinUsb - ok
15:47:15.0283 3304        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:47:15.0314 3304        WmiAcpi - ok
15:47:15.0454 3304        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:47:15.0517 3304        ws2ifsl - ok
15:47:15.0548 3304        WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
15:47:15.0610 3304        WudfPf - ok
15:47:15.0719 3304        WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:47:15.0782 3304        WUDFRd - ok
15:47:15.0860 3304        ZTEusbmdm6k    (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
15:47:15.0891 3304        ZTEusbmdm6k - ok
15:47:16.0016 3304        ZTEusbnmea      (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
15:47:16.0047 3304        ZTEusbnmea - ok
15:47:16.0078 3304        ZTEusbser6k    (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
15:47:16.0094 3304        ZTEusbser6k - ok
15:47:16.0156 3304        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:47:16.0265 3304        \Device\Harddisk0\DR0 - ok
15:47:16.0265 3304        Boot (0x1200)  (6a1e1e606461512cd5040548c3dc0419) \Device\Harddisk0\DR0\Partition0
15:47:16.0265 3304        \Device\Harddisk0\DR0\Partition0 - ok
15:47:16.0265 3304        ============================================================
15:47:16.0265 3304        Scan finished
15:47:16.0265 3304        ============================================================
15:47:16.0281 4176        Detected object count: 2
15:47:16.0281 4176        Actual detected object count: 2
15:47:40.0430 4176        atksgt ( UnsignedFile.Multi.Generic ) - skipped by user
15:47:40.0430 4176        atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:47:40.0430 4176        lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user
15:47:40.0430 4176        lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 19.12.2011 18:38
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

clonman 19.12.2011 19:08
auch dies, obwohl der mir dateien gelöscht hat die ich noch benötige, aber gut, wenns denn hilft

nu haben wir ein problem wegen den logs


Der Text, den Sie eingegeben haben, besteht aus 104945 Zeichen und ist damit zu lang. Bitte kürzen Sie den Text auf die maximale Länge von 100000 Zeichen.


Fehler beim Hochladen
ComboFix.txt:
Die Datei, die Sie anhängen möchten, ist zu groß. Die maximale Dateigröße für diesen Dateityp beträgt 97,7 KB. Ihre Datei ist 102,4 KB groß.

und nu ?

cosinus 19.12.2011 19:59
Dann das Log zippen und hier anhängen

clonman 19.12.2011 20:12
ok, dann nächster versuch :)

cosinus 19.12.2011 20:30
CF hat dieses Verzeichnis gelöscht:

c:\users\meindirk\2.1

Kennst du das? War das so gewollt? :wtf:

clonman 19.12.2011 20:50
ich kenn das ding, das is n spiel was ich online habe und offline bearbeite, welches ich noch in 'nem ordner habe, da hat er aber nix gelöscht, des wundert mich halt

des spiel (php, tpl und js dateien) liegt im htdocs ordner von xamp

cosinus 19.12.2011 20:58
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

clonman 20.12.2011 09:45
auch diesen sollst du haben

Code:
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-20 09:11:36
-----------------------------
09:11:36.907    OS Version: Windows x64 6.1.7600
09:11:36.907    Number of processors: 4 586 0x2502
09:11:36.907    ComputerName: DEINDIRK-PC  UserName: meindirk
09:11:38.545    Initialize success
09:11:46.345    AVAST engine defs: 11121900
09:11:49.028    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:11:49.028    Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
09:11:49.043    Disk 0 MBR read successfully
09:11:49.043    Disk 0 MBR scan
09:11:49.059    Disk 0 Windows VISTA default MBR code
09:11:49.075    Service scanning
09:11:58.747    Modules scanning
09:11:58.747    Disk 0 trace - called modules:
09:11:58.778    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
09:11:58.778    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c54060]
09:11:58.793    3 CLASSPNP.SYS[fffff88001b0443f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004916050]
09:12:01.196    AVAST engine scan C:\Windows
09:12:07.997    AVAST engine scan C:\Windows\system32
09:14:34.466    AVAST engine scan C:\Windows\system32\drivers
09:14:52.406    AVAST engine scan C:\Users\meindirk
09:36:28.675    AVAST engine scan C:\ProgramData
09:39:14.643    Scan finished successfully
09:44:04.836    Disk 0 MBR has been saved successfully to "C:\Users\meindirk\Desktop\MBR.dat"
09:44:04.836    The log file has been saved successfully to "C:\Users\meindirk\Desktop\aswMBR.txt"

cosinus 20.12.2011 10:12
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


clonman 21.12.2011 14:03
und auch diese nochmals


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:30 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19