Aus Sicherheitsgründen wurde Ihr Windows-System blockiert... Hallo und ein Riesendank im voraus an alle für das Lesen und die Mühe, auch mein Laptop hat sich seit gestern mit diesem Problem rumzuschlagen. Da ich immer wieder gelesen habe, dass solche Probleme individuell gelöst werden, zeige ich euch erstmal alles, was ich ohne erste Aalysen machen durfte bzw wie das ganze begann. So lief das ganze ab: Beim Surfen gab es ganz plötzlich die inzwischen vielen bekannte Meldung. Alles wurde blockiert. Man konnte zwar hören, dass das Video im Hintergrund lief, konnte aber sonst nichts ausrichten, außer den Rechner auszumachen und nochmal zu booten. Nach dem Booten konnte man ganz normal surfen und so weiter und nach einer Weile kam die Meldung aber wieder. Um das Verhalten der Infektion zu testen, bin ich mehrmals im normalen Modus mit dem Laptop hochgefahren. Man konnte eine Zeit lang surfen bzw mit dem Laptop in einer Verbindung mit dem Internet stehen, bis die Meldung kam. So gesehen, wurde das ganze Sytem nicht direkt ab dem Anfang geblockt, sodass man unbedingt im abgesicherten Modus hochfahren musste. Auf eurer Seite bin ich dann auf die Ratschläge und Anleitungen gestoßen. Dann habe ich den ersten Scan mit Malwarebytes getätigt (im normalen Modus). Allerdings kam mitten im Scan die Meldung wieder. Somit musste ich den Scan im Abgesichreten Modus mit Netzwerktreibern durchführen und habe die Funde entfernen lassen. Danach bin ich wieder im normalen Modus hochgefahren und die Meldung kam nicht mehr. Habe dennoch einen ESET-Scan (unter Berücksichtigung der Anleitungspunkte) durchgeführt. Es werden noch zwei Infektionen angezeigt. Die Meldung kommt aber nicht mehr und man kann ganz normal surfen und den Laptop benutzen, ohne jeglichen Schwierigkeiten zu begegnen. Soviel zu den Anzeichen. Und hier sind die Log-Files Anhang 25798 Anhang 25799 Vielen Dank und mit besten Grüßen |
Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind. |
Hallo Arne, danke für die Antwort. Nein. Es gibt keine weiteren Logs. Ich habe das Programm erst nachdem ich beim Recherchieren auf diese Seite gestoßen bin, installiert und das System gescannt. Viele Grüße |
CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code: netsvcs
|
hallo nochmal, wie schaut es mit internetverbindung und antivirus-programm aus..sollen alle deaktiviert werden? |
Habe erstmal einen Scan ohne Internetverbindung und bei deaktiviertem Antivirusprogramm durchgeführt: OTL Logfile: Code: OTL logfile created on: 19.12.2011 19:42:00 - Run 1 |
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code: :OTL Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann! |
Bitteschön: All processes killed ========== OTL ========== Service vsdatant stopped successfully! Service vsdatant deleted successfully! C:\WINDOWS\system32\vsdatant.sys moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully. Prefs.js: "ICQ Search" removed from browser.search.defaultenginename Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.1.1&q=" removed from keyword.URL C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-10.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\11-suche.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\webde-suche.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-9.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-11.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-12.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\gmx-suche.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-13.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-17.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-16.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-18.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\lastminute.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\englische-ergebnisse.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-5.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-2.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-6.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-7.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-1.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-8.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-4.xml moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\searchplugins\icqplugin-3.xml moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\AUTOEXEC.BAT moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44873280-c759-11dc-bb6b-001636b56b7b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44873280-c759-11dc-bb6b-001636b56b7b}\ not found. File K:\setupSNK.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93ce8702-f578-11e0-85cf-0018de307b4f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93ce8702-f578-11e0-85cf-0018de307b4f}\ not found. File K:\RunClubSanDisk.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba7d37d4-5d01-11de-bf09-001636b56b7b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba7d37d4-5d01-11de-bf09-001636b56b7b}\ not found. File FIREWALL\fix.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba7d37d4-5d01-11de-bf09-001636b56b7b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba7d37d4-5d01-11de-bf09-001636b56b7b}\ not found. File FIREWALL\fix.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff46310b-6881-11dd-bcc4-001636b56b7b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff46310b-6881-11dd-bcc4-001636b56b7b}\ not found. File K:\setup.exe not found. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Aqvulu folder moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Emwo folder moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\xkfqmkxkdjxxbomcbpm2c3dvjr2hguwh2 folder moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\xfuvfy3f2clwirqnkjrpc3znva2nawrg2 folder moved successfully. C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\xrqtchp1xzzrbfxmujwkteuc1esstwbj2 folder moved successfully. ========== FILES ========== C:\FOUND.000 folder moved successfully. C:\FOUND.001 folder moved successfully. C:\FOUND.009 folder moved successfully. C:\FOUND.002 folder moved successfully. C:\FOUND.003 folder moved successfully. C:\FOUND.004 folder moved successfully. C:\FOUND.010 folder moved successfully. C:\FOUND.011 folder moved successfully. C:\FOUND.033 folder moved successfully. C:\FOUND.012 folder moved successfully. C:\FOUND.013 folder moved successfully. C:\FOUND.014 folder moved successfully. C:\FOUND.015 folder moved successfully. C:\FOUND.016 folder moved successfully. C:\FOUND.017 folder moved successfully. C:\FOUND.018 folder moved successfully. C:\FOUND.019 folder moved successfully. C:\FOUND.020 folder moved successfully. C:\FOUND.021 folder moved successfully. C:\FOUND.022 folder moved successfully. C:\FOUND.023 folder moved successfully. C:\FOUND.005 folder moved successfully. C:\FOUND.006 folder moved successfully. C:\FOUND.007 folder moved successfully. C:\FOUND.008 folder moved successfully. C:\FOUND.024 folder moved successfully. C:\FOUND.025 folder moved successfully. C:\FOUND.026 folder moved successfully. C:\FOUND.027 folder moved successfully. C:\FOUND.028 folder moved successfully. C:\FOUND.029 folder moved successfully. C:\FOUND.030 folder moved successfully. C:\FOUND.031 folder moved successfully. C:\FOUND.032 folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Default User ->Temp folder emptied: 500224 bytes ->Temporary Internet Files folder emptied: 32768 bytes User: All Users User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: Administrator ->Temp folder emptied: 500224 bytes ->Temporary Internet Files folder emptied: 32768 bytes User: Kiss ->Temp folder emptied: 314488006 bytes ->Temporary Internet Files folder emptied: 392393683 bytes ->Java cache emptied: 14832894 bytes ->FireFox cache emptied: 119991821 bytes ->Flash cache emptied: 5969763 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 19569 bytes %systemroot%\System32 .tmp files removed: 5014407 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 34305015 bytes RecycleBin emptied: 49013867 bytes Total Files Cleaned = 894,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.31.0 log created on 12192011_203112 Files\Folders moved on Reboot... Registry entries deleted on Reboot... |
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern ) http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif |
21:00:14.0218 2276 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31 21:00:14.0312 2276 ============================================================ 21:00:14.0312 2276 Current date / time: 2011/12/19 21:00:14.0312 21:00:14.0312 2276 SystemInfo: 21:00:14.0312 2276 21:00:14.0312 2276 OS Version: 5.1.2600 ServicePack: 3.0 21:00:14.0312 2276 Product type: Workstation 21:00:14.0312 2276 ComputerName: JK 21:00:14.0312 2276 UserName: Kiss 21:00:14.0312 2276 Windows directory: C:\WINDOWS 21:00:14.0312 2276 System windows directory: C:\WINDOWS 21:00:14.0312 2276 Processor architecture: Intel x86 21:00:14.0312 2276 Number of processors: 2 21:00:14.0312 2276 Page size: 0x1000 21:00:14.0312 2276 Boot type: Normal boot 21:00:14.0312 2276 ============================================================ 21:00:15.0484 2276 Initialize success 21:01:01.0687 3356 ============================================================ 21:01:01.0687 3356 Scan started 21:01:01.0687 3356 Mode: Manual; SigCheck; TDLFS; 21:01:01.0687 3356 ============================================================ 21:01:02.0765 3356 Abiosdsk - ok 21:01:02.0968 3356 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 21:01:04.0781 3356 abp480n5 - ok 21:01:05.0093 3356 ACEDRV07 (4e5451dd0aec8504d7f8030dd2d4c416) C:\WINDOWS\system32\drivers\ACEDRV07.sys 21:01:05.0140 3356 ACEDRV07 ( UnsignedFile.Multi.Generic ) - warning 21:01:05.0140 3356 ACEDRV07 - detected UnsignedFile.Multi.Generic (1) 21:01:05.0281 3356 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 21:01:05.0437 3356 ACPI - ok 21:01:05.0531 3356 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 21:01:05.0671 3356 ACPIEC - ok 21:01:05.0781 3356 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 21:01:05.0906 3356 adpu160m - ok 21:01:06.0046 3356 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 21:01:06.0171 3356 aec - ok 21:01:06.0406 3356 AegisP (375eb0b97e3950adef3633c27a82438b) C:\WINDOWS\system32\DRIVERS\AegisP.sys 21:01:06.0437 3356 AegisP ( UnsignedFile.Multi.Generic ) - warning 21:01:06.0437 3356 AegisP - detected UnsignedFile.Multi.Generic (1) 21:01:06.0671 3356 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 21:01:06.0703 3356 AFD - ok 21:01:06.0875 3356 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 21:01:07.0015 3356 agp440 - ok 21:01:07.0156 3356 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 21:01:07.0265 3356 agpCPQ - ok 21:01:07.0437 3356 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 21:01:07.0515 3356 Aha154x - ok 21:01:07.0671 3356 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 21:01:07.0796 3356 aic78u2 - ok 21:01:07.0953 3356 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 21:01:08.0078 3356 aic78xx - ok 21:01:08.0250 3356 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 21:01:08.0390 3356 AliIde - ok 21:01:08.0562 3356 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 21:01:08.0687 3356 alim1541 - ok 21:01:08.0765 3356 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 21:01:08.0890 3356 amdagp - ok 21:01:09.0078 3356 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 21:01:09.0140 3356 amsint - ok 21:01:09.0265 3356 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 21:01:09.0375 3356 Arp1394 - ok 21:01:09.0531 3356 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 21:01:09.0656 3356 asc - ok 21:01:09.0828 3356 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 21:01:09.0890 3356 asc3350p - ok 21:01:10.0062 3356 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 21:01:10.0171 3356 asc3550 - ok 21:01:10.0328 3356 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 21:01:10.0437 3356 AsyncMac - ok 21:01:10.0515 3356 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 21:01:10.0625 3356 atapi - ok 21:01:10.0937 3356 Atdisk - ok 21:01:11.0484 3356 ati2mtag (86eed6c186ecd6c518d016b2a2ad7148) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 21:01:11.0953 3356 ati2mtag - ok 21:01:12.0062 3356 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 21:01:12.0187 3356 Atmarpc - ok 21:01:12.0328 3356 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 21:01:12.0453 3356 audstub - ok 21:01:12.0625 3356 AVerE506 (e7d0f6194d80c749bc36489344f3a5d9) C:\WINDOWS\system32\DRIVERS\AVerE506.sys 21:01:12.0703 3356 AVerE506 - ok 21:01:12.0859 3356 AVerM115 (118804bbfddf42c45db3c3d410f6a256) C:\WINDOWS\system32\DRIVERS\AVerM115.sys 21:01:12.0968 3356 AVerM115 - ok 21:01:13.0078 3356 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 21:01:13.0125 3356 avgntflt - ok 21:01:13.0250 3356 avipbb (475fbb85956534720858ae72010c0a43) C:\WINDOWS\system32\DRIVERS\avipbb.sys 21:01:13.0265 3356 avipbb - ok 21:01:13.0359 3356 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys 21:01:13.0375 3356 avkmgr - ok 21:01:13.0531 3356 b57w2k (48bf91cffbcdd12a710207f2a08fec4d) C:\WINDOWS\system32\DRIVERS\b57xp32.sys 21:01:13.0562 3356 b57w2k - ok 21:01:13.0593 3356 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 21:01:13.0718 3356 Beep - ok 21:01:14.0031 3356 btaudio - ok 21:01:14.0328 3356 BTDriver - ok 21:01:14.0625 3356 BTKRNL - ok 21:01:14.0921 3356 BTWDNDIS - ok 21:01:14.0968 3356 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 21:01:15.0109 3356 cbidf - ok 21:01:15.0125 3356 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 21:01:15.0250 3356 cbidf2k - ok 21:01:15.0343 3356 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 21:01:15.0468 3356 CCDECODE - ok 21:01:15.0625 3356 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 21:01:15.0687 3356 cd20xrnt - ok 21:01:15.0718 3356 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 21:01:15.0843 3356 Cdaudio - ok 21:01:15.0937 3356 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 21:01:16.0062 3356 Cdfs - ok 21:01:16.0109 3356 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 21:01:16.0234 3356 Cdrom - ok 21:01:16.0531 3356 Changer - ok 21:01:16.0656 3356 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 21:01:16.0781 3356 CmBatt - ok 21:01:16.0968 3356 CmdIde (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys 21:01:17.0109 3356 CmdIde - ok 21:01:17.0203 3356 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 21:01:17.0328 3356 Compbatt - ok 21:01:17.0484 3356 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 21:01:17.0609 3356 Cpqarray - ok 21:01:17.0828 3356 cpuz135 (3411fdf098aa20193eee5ffa36ba43b2) C:\WINDOWS\system32\drivers\cpuz135_x32.sys 21:01:17.0843 3356 cpuz135 - ok 21:01:18.0140 3356 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys 21:01:18.0171 3356 CVirtA - ok 21:01:18.0484 3356 CVPNDRVA (1c2999966f0f36aa44eaecbee70cf770) C:\WINDOWS\system32\Drivers\CVPNDRVA.sys 21:01:18.0515 3356 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning 21:01:18.0515 3356 CVPNDRVA - detected UnsignedFile.Multi.Generic (1) 21:01:18.0750 3356 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 21:01:18.0875 3356 dac2w2k - ok 21:01:19.0046 3356 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 21:01:19.0156 3356 dac960nt - ok 21:01:19.0265 3356 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 21:01:19.0375 3356 Disk - ok 21:01:19.0468 3356 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys 21:01:19.0671 3356 dmboot - ok 21:01:19.0781 3356 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys 21:01:19.0906 3356 dmio - ok 21:01:19.0921 3356 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 21:01:20.0031 3356 dmload - ok 21:01:20.0140 3356 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 21:01:20.0265 3356 DMusic - ok 21:01:20.0593 3356 DNE (7b4fdfbe97c047175e613aa96f3de987) C:\WINDOWS\system32\DRIVERS\dne2000.sys 21:01:20.0609 3356 DNE - ok 21:01:20.0765 3356 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 21:01:20.0890 3356 dpti2o - ok 21:01:21.0000 3356 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 21:01:21.0109 3356 drmkaud - ok 21:01:21.0328 3356 dtscsi (12aca694b50ea53563c1e7c99e7bb27d) C:\WINDOWS\System32\Drivers\dtscsi.sys 21:01:21.0328 3356 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\dtscsi.sys. md5: 12aca694b50ea53563c1e7c99e7bb27d 21:01:21.0328 3356 dtscsi ( LockedFile.Multi.Generic ) - warning 21:01:21.0328 3356 dtscsi - detected LockedFile.Multi.Generic (1) 21:01:21.0640 3356 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\WINDOWS\system32\DRIVERS\ENTECH.sys 21:01:21.0671 3356 ENTECH - ok 21:01:21.0890 3356 EpmPsd (d68564fcfbdfc04280cdbbb37cf7ef7f) C:\WINDOWS\system32\drivers\epm-psd.sys 21:01:21.0906 3356 EpmPsd ( UnsignedFile.Multi.Generic ) - warning 21:01:21.0906 3356 EpmPsd - detected UnsignedFile.Multi.Generic (1) 21:01:22.0125 3356 EpmShd (50425cbd80468bf53ba90f0d7cc61805) C:\WINDOWS\system32\drivers\epm-shd.sys 21:01:22.0140 3356 EpmShd ( UnsignedFile.Multi.Generic ) - warning 21:01:22.0140 3356 EpmShd - detected UnsignedFile.Multi.Generic (1) 21:01:22.0250 3356 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 21:01:22.0375 3356 Fastfat - ok 21:01:22.0421 3356 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 21:01:22.0531 3356 Fdc - ok 21:01:22.0843 3356 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys 21:01:22.0843 3356 FilterService - ok 21:01:22.0953 3356 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys 21:01:23.0062 3356 Fips - ok 21:01:23.0156 3356 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 21:01:23.0281 3356 Flpydisk - ok 21:01:23.0437 3356 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 21:01:23.0562 3356 FltMgr - ok 21:01:23.0609 3356 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 21:01:23.0734 3356 Fs_Rec - ok 21:01:23.0890 3356 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 21:01:24.0000 3356 Ftdisk - ok 21:01:24.0062 3356 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 21:01:24.0171 3356 Gpc - ok 21:01:24.0328 3356 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 21:01:24.0437 3356 HDAudBus - ok 21:01:24.0531 3356 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 21:01:24.0656 3356 HidUsb - ok 21:01:24.0843 3356 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 21:01:24.0968 3356 hpn - ok 21:01:25.0203 3356 HPZid412 (287a63bd8509bd78e7978823b38afa81) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 21:01:25.0250 3356 HPZid412 - ok 21:01:25.0468 3356 HPZipr12 (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 21:01:25.0484 3356 HPZipr12 - ok 21:01:25.0687 3356 HPZius12 (29559db25258b60510a60c4e470fce32) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 21:01:25.0750 3356 HPZius12 - ok 21:01:25.0906 3356 HSFHWAZL (a30d7011c1b80a0bc16602d99218d522) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys 21:01:25.0953 3356 HSFHWAZL - ok 21:01:26.0140 3356 HSF_DPV (5a5a7721d9c62d77fc0faba9b2cf5be9) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 21:01:26.0234 3356 HSF_DPV - ok 21:01:26.0312 3356 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 21:01:26.0359 3356 HTTP - ok 21:01:26.0468 3356 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 21:01:26.0593 3356 i2omgmt - ok 21:01:26.0687 3356 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 21:01:26.0796 3356 i2omp - ok 21:01:26.0875 3356 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 21:01:26.0984 3356 i8042prt - ok 21:01:27.0203 3356 ialm (81efe1c5542afb2570758f39ae3b1151) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 21:01:27.0343 3356 ialm - ok 21:01:27.0468 3356 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 21:01:27.0593 3356 Imapi - ok 21:01:27.0906 3356 InCDFs - ok 21:01:28.0218 3356 InCDPass - ok 21:01:28.0531 3356 InCDRm - ok 21:01:28.0734 3356 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 21:01:28.0859 3356 ini910u - ok 21:01:28.0859 3356 int15.sys - ok 21:01:29.0234 3356 IntcAzAudAddService (2389f12f0ed506176b7c29c8144cea09) C:\WINDOWS\system32\drivers\RtkHDAud.sys 21:01:29.0515 3356 IntcAzAudAddService - ok 21:01:29.0625 3356 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys 21:01:29.0750 3356 IntelIde - ok 21:01:29.0859 3356 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys 21:01:29.0968 3356 intelppm - ok 21:01:30.0093 3356 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 21:01:30.0218 3356 Ip6Fw - ok 21:01:30.0265 3356 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 21:01:30.0406 3356 IpFilterDriver - ok 21:01:30.0515 3356 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 21:01:30.0625 3356 IpInIp - ok 21:01:30.0703 3356 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 21:01:30.0812 3356 IpNat - ok 21:01:30.0921 3356 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 21:01:31.0031 3356 IPSec - ok 21:01:31.0140 3356 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys 21:01:31.0265 3356 irda - ok 21:01:31.0343 3356 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 21:01:31.0468 3356 IRENUM - ok 21:01:31.0531 3356 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys 21:01:31.0656 3356 isapnp - ok 21:01:31.0906 3356 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\WINDOWS\system32\DRIVERS\k750bus.sys 21:01:31.0921 3356 k750bus ( UnsignedFile.Multi.Generic ) - warning 21:01:31.0921 3356 k750bus - detected UnsignedFile.Multi.Generic (1) 21:01:32.0156 3356 k750mdfl (f44521f63c0c00364fa3d59db980de6a) C:\WINDOWS\system32\DRIVERS\k750mdfl.sys 21:01:32.0171 3356 k750mdfl ( UnsignedFile.Multi.Generic ) - warning 21:01:32.0171 3356 k750mdfl - detected UnsignedFile.Multi.Generic (1) 21:01:32.0406 3356 k750mdm (e93323c3ed5e8923a177740a973c27b2) C:\WINDOWS\system32\DRIVERS\k750mdm.sys 21:01:32.0421 3356 k750mdm ( UnsignedFile.Multi.Generic ) - warning 21:01:32.0421 3356 k750mdm - detected UnsignedFile.Multi.Generic (1) 21:01:32.0656 3356 k750mgmt (9d5f5a70ca0b7c428efcd73db50e6ac7) C:\WINDOWS\system32\DRIVERS\k750mgmt.sys 21:01:32.0671 3356 k750mgmt ( UnsignedFile.Multi.Generic ) - warning 21:01:32.0671 3356 k750mgmt - detected UnsignedFile.Multi.Generic (1) 21:01:32.0921 3356 k750obex (81ca2d57b2c14f76f4ba80846784bb3d) C:\WINDOWS\system32\DRIVERS\k750obex.sys 21:01:32.0937 3356 k750obex ( UnsignedFile.Multi.Generic ) - warning 21:01:32.0937 3356 k750obex - detected UnsignedFile.Multi.Generic (1) 21:01:33.0062 3356 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 21:01:33.0187 3356 Kbdclass - ok 21:01:33.0265 3356 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 21:01:33.0390 3356 kbdhid - ok 21:01:33.0500 3356 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 21:01:33.0625 3356 kmixer - ok 21:01:33.0796 3356 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 21:01:33.0843 3356 KSecDD - ok 21:01:34.0156 3356 lbrtfdc - ok 21:01:34.0359 3356 lv321av (8e983f827edab91baa424977c6efddee) C:\WINDOWS\system32\Drivers\lv321av.sys 21:01:34.0453 3356 lv321av - ok 21:01:34.0765 3356 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\Drivers\LVPr2Mon.sys 21:01:34.0781 3356 LVPr2Mon - ok 21:01:35.0109 3356 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys 21:01:35.0125 3356 LVRS - ok 21:01:35.0296 3356 LVUSBSta (2a3a8361192de05de7d51d1f04f58b28) C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys 21:01:35.0312 3356 LVUSBSta - ok 21:01:35.0875 3356 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys 21:01:36.0390 3356 LVUVC - ok 21:01:36.0734 3356 MBAMSwissArmy - ok 21:01:36.0906 3356 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 21:01:36.0937 3356 mdmxsdk - ok 21:01:37.0078 3356 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys 21:01:37.0093 3356 MHNDRV ( UnsignedFile.Multi.Generic ) - warning 21:01:37.0093 3356 MHNDRV - detected UnsignedFile.Multi.Generic (1) 21:01:37.0156 3356 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 21:01:37.0281 3356 mnmdd - ok 21:01:37.0406 3356 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys 21:01:37.0531 3356 Modem - ok 21:01:37.0593 3356 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys 21:01:37.0703 3356 Mouclass - ok 21:01:37.0921 3356 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys 21:01:38.0046 3356 mouhid - ok 21:01:38.0156 3356 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 21:01:38.0265 3356 MountMgr - ok 21:01:38.0312 3356 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys 21:01:38.0437 3356 MPE - ok 21:01:38.0625 3356 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 21:01:38.0734 3356 mraid35x - ok 21:01:38.0812 3356 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 21:01:38.0921 3356 MRxDAV - ok 21:01:39.0000 3356 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 21:01:39.0078 3356 MRxSmb - ok 21:01:39.0156 3356 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 21:01:39.0281 3356 Msfs - ok 21:01:39.0375 3356 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 21:01:39.0484 3356 MSKSSRV - ok 21:01:39.0546 3356 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 21:01:39.0671 3356 MSPCLOCK - ok 21:01:39.0750 3356 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 21:01:39.0843 3356 MSPQM - ok 21:01:39.0984 3356 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 21:01:40.0109 3356 mssmbios - ok 21:01:40.0171 3356 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 21:01:40.0281 3356 MSTEE - ok 21:01:40.0453 3356 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 21:01:40.0500 3356 Mup - ok 21:01:40.0578 3356 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 21:01:40.0703 3356 NABTSFEC - ok 21:01:40.0734 3356 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 21:01:40.0859 3356 NDIS - ok 21:01:41.0062 3356 NdisFilt (1f76996253071cbae0a5ab5d8551ef88) C:\WINDOWS\system32\Drivers\NdisFilt.sys 21:01:41.0078 3356 NdisFilt ( UnsignedFile.Multi.Generic ) - warning 21:01:41.0078 3356 NdisFilt - detected UnsignedFile.Multi.Generic (1) 21:01:41.0187 3356 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 21:01:41.0312 3356 NdisIP - ok 21:01:41.0406 3356 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 21:01:41.0437 3356 NdisTapi - ok 21:01:41.0531 3356 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 21:01:41.0656 3356 Ndisuio - ok 21:01:41.0671 3356 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 21:01:41.0781 3356 NdisWan - ok 21:01:42.0015 3356 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 21:01:42.0062 3356 NDProxy - ok 21:01:42.0140 3356 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 21:01:42.0250 3356 NetBIOS - ok 21:01:42.0328 3356 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 21:01:42.0437 3356 NetBT - ok 21:01:42.0640 3356 NETMNT (6a25f27202f3122a44a6b74ee46e7a76) C:\WINDOWS\system32\DRIVERS\NETMNT.sys 21:01:42.0656 3356 NETMNT ( UnsignedFile.Multi.Generic ) - warning 21:01:42.0656 3356 NETMNT - detected UnsignedFile.Multi.Generic (1) 21:01:43.0000 3356 NETw4x32 (e9d78fdf7ed53bc789cfeed1d3f15ef2) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys 21:01:43.0171 3356 NETw4x32 - ok 21:01:43.0281 3356 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 21:01:43.0406 3356 NIC1394 - ok 21:01:43.0468 3356 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 21:01:43.0593 3356 Npfs - ok 21:01:43.0687 3356 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 21:01:43.0859 3356 Ntfs - ok 21:01:44.0046 3356 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys 21:01:44.0062 3356 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning 21:01:44.0062 3356 NTIDrvr - detected UnsignedFile.Multi.Generic (1) 21:01:44.0109 3356 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 21:01:44.0234 3356 Null - ok 21:01:44.0281 3356 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 21:01:44.0390 3356 NwlnkFlt - ok 21:01:44.0421 3356 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 21:01:44.0546 3356 NwlnkFwd - ok 21:01:44.0640 3356 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 21:01:44.0765 3356 NwlnkIpx - ok 21:01:44.0828 3356 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 21:01:44.0953 3356 NwlnkNb - ok 21:01:45.0000 3356 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 21:01:45.0125 3356 NwlnkSpx - ok 21:01:45.0218 3356 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 21:01:45.0328 3356 ohci1394 - ok 21:01:45.0515 3356 OsaFsLoc (26c4a4b64d1dd8e6fdfb2f4897be029c) C:\WINDOWS\system32\drivers\OsaFsLoc.sys 21:01:45.0546 3356 OsaFsLoc ( UnsignedFile.Multi.Generic ) - warning 21:01:45.0546 3356 OsaFsLoc - detected UnsignedFile.Multi.Generic (1) 21:01:45.0734 3356 osaio (9d1177c2a8de936b33d85ff75e8cbf1a) C:\WINDOWS\system32\drivers\osaio.sys 21:01:45.0750 3356 osaio ( UnsignedFile.Multi.Generic ) - warning 21:01:45.0765 3356 osaio - detected UnsignedFile.Multi.Generic (1) 21:01:45.0953 3356 osanbm (3245bee5176697faf0744a2e1288dc77) C:\WINDOWS\system32\drivers\osanbm.sys 21:01:45.0968 3356 osanbm ( UnsignedFile.Multi.Generic ) - warning 21:01:45.0968 3356 osanbm - detected UnsignedFile.Multi.Generic (1) 21:01:46.0015 3356 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys 21:01:46.0140 3356 Parport - ok 21:01:46.0171 3356 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 21:01:46.0281 3356 PartMgr - ok 21:01:46.0328 3356 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys 21:01:46.0437 3356 ParVdm - ok 21:01:46.0500 3356 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys 21:01:46.0625 3356 PCI - ok 21:01:46.0921 3356 PCIDump - ok 21:01:47.0109 3356 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys 21:01:47.0234 3356 PCIIde - ok 21:01:47.0312 3356 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 21:01:47.0406 3356 Pcmcia - ok 21:01:47.0718 3356 PDCOMP - ok 21:01:48.0015 3356 PDFRAME - ok 21:01:48.0312 3356 PDRELI - ok 21:01:48.0625 3356 PDRFRAME - ok 21:01:48.0781 3356 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 21:01:48.0906 3356 perc2 - ok 21:01:49.0000 3356 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 21:01:49.0125 3356 perc2hib - ok 21:01:49.0234 3356 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 21:01:49.0343 3356 PptpMiniport - ok 21:01:49.0406 3356 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 21:01:49.0531 3356 PSched - ok 21:01:49.0578 3356 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 21:01:49.0687 3356 Ptilink - ok 21:01:49.0828 3356 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys 21:01:49.0843 3356 PxHelp20 - ok 21:01:50.0000 3356 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 21:01:50.0125 3356 ql1080 - ok 21:01:50.0281 3356 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 21:01:50.0406 3356 Ql10wnt - ok 21:01:50.0562 3356 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 21:01:50.0687 3356 ql12160 - ok 21:01:50.0843 3356 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 21:01:50.0953 3356 ql1240 - ok 21:01:51.0109 3356 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 21:01:51.0234 3356 ql1280 - ok 21:01:51.0265 3356 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 21:01:51.0375 3356 RasAcd - ok 21:01:51.0531 3356 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys 21:01:51.0593 3356 Rasirda - ok 21:01:51.0687 3356 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 21:01:51.0812 3356 Rasl2tp - ok 21:01:51.0875 3356 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 21:01:52.0000 3356 RasPppoe - ok 21:01:52.0031 3356 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 21:01:52.0140 3356 Raspti - ok 21:01:52.0218 3356 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 21:01:52.0328 3356 Rdbss - ok 21:01:52.0375 3356 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 21:01:52.0500 3356 RDPCDD - ok 21:01:52.0578 3356 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 21:01:52.0687 3356 rdpdr - ok 21:01:52.0796 3356 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 21:01:52.0843 3356 RDPWD - ok 21:01:52.0921 3356 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys 21:01:53.0046 3356 redbook - ok 21:01:53.0312 3356 s24trans (e2c6abcbefb1d44f6aaeb1cd5d6062d4) C:\WINDOWS\system32\DRIVERS\s24trans.sys 21:01:53.0328 3356 s24trans ( UnsignedFile.Multi.Generic ) - warning 21:01:53.0328 3356 s24trans - detected UnsignedFile.Multi.Generic (1) 21:01:53.0640 3356 sea1bus (d2654321192037bae90204e2fa6697ce) C:\WINDOWS\system32\DRIVERS\sea1bus.sys 21:01:53.0656 3356 sea1bus ( UnsignedFile.Multi.Generic ) - warning 21:01:53.0656 3356 sea1bus - detected UnsignedFile.Multi.Generic (1) 21:01:53.0937 3356 sea1mdfl (8146d9ec5142bd364956d3807f09ca9a) C:\WINDOWS\system32\DRIVERS\sea1mdfl.sys 21:01:53.0953 3356 sea1mdfl ( UnsignedFile.Multi.Generic ) - warning 21:01:53.0953 3356 sea1mdfl - detected UnsignedFile.Multi.Generic (1) 21:01:54.0234 3356 sea1mdm (afe065da777dc4408c64df5c87472bb9) C:\WINDOWS\system32\DRIVERS\sea1mdm.sys 21:01:54.0265 3356 sea1mdm ( UnsignedFile.Multi.Generic ) - warning 21:01:54.0265 3356 sea1mdm - detected UnsignedFile.Multi.Generic (1) 21:01:54.0578 3356 sea1mgmt (a0bbd60222ad053d52f3a5c4f79904c7) C:\WINDOWS\system32\DRIVERS\sea1mgmt.sys 21:01:54.0593 3356 sea1mgmt ( UnsignedFile.Multi.Generic ) - warning 21:01:54.0593 3356 sea1mgmt - detected UnsignedFile.Multi.Generic (1) 21:01:54.0875 3356 sea1nd5 (6549babfc3362f1621a8c0eff288fb14) C:\WINDOWS\system32\DRIVERS\sea1nd5.sys 21:01:54.0890 3356 sea1nd5 ( UnsignedFile.Multi.Generic ) - warning 21:01:54.0890 3356 sea1nd5 - detected UnsignedFile.Multi.Generic (1) 21:01:55.0171 3356 sea1obex (957510ab44e84497733f53322351f6e8) C:\WINDOWS\system32\DRIVERS\sea1obex.sys 21:01:55.0187 3356 sea1obex ( UnsignedFile.Multi.Generic ) - warning 21:01:55.0187 3356 sea1obex - detected UnsignedFile.Multi.Generic (1) 21:01:55.0484 3356 sea1unic (c1517e6a7ce1191ab076472bdf1b0e6e) C:\WINDOWS\system32\DRIVERS\sea1unic.sys 21:01:55.0500 3356 sea1unic ( UnsignedFile.Multi.Generic ) - warning 21:01:55.0500 3356 sea1unic - detected UnsignedFile.Multi.Generic (1) 21:01:55.0843 3356 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 21:01:55.0968 3356 Secdrv - ok 21:01:56.0281 3356 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys 21:01:56.0390 3356 Serial - ok 21:01:56.0640 3356 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys 21:01:56.0656 3356 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning 21:01:56.0656 3356 sfdrv01 - detected UnsignedFile.Multi.Generic (1) 21:01:56.0875 3356 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys 21:01:56.0890 3356 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning 21:01:56.0890 3356 sfhlp02 - detected UnsignedFile.Multi.Generic (1) 21:01:57.0234 3356 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 21:01:57.0343 3356 Sfloppy - ok 21:01:57.0593 3356 sfsync04 (21a4c510ab071a10bcb638fe4254d101) C:\WINDOWS\system32\drivers\sfsync04.sys 21:01:57.0609 3356 sfsync04 ( UnsignedFile.Multi.Generic ) - warning 21:01:57.0609 3356 sfsync04 - detected UnsignedFile.Multi.Generic (1) 21:01:57.0828 3356 sfvfs02 (d5a7e09d2c6a702809e49190d52adc9f) C:\WINDOWS\system32\drivers\sfvfs02.sys 21:01:57.0828 3356 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning 21:01:57.0828 3356 sfvfs02 - detected UnsignedFile.Multi.Generic (1) 21:01:58.0156 3356 Simbad - ok 21:01:58.0296 3356 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 21:01:58.0406 3356 sisagp - ok 21:01:58.0734 3356 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 21:01:58.0828 3356 SLIP - ok 21:01:59.0000 3356 SMCB000 (56642f0391ca5176f8cc1432e559ad00) C:\WINDOWS\system32\DRIVERS\hidsmsc.sys 21:01:59.0015 3356 SMCB000 - ok 21:01:59.0171 3356 SMCIRDA (62556d170f22c43a544481e4ee16d2e2) C:\WINDOWS\system32\DRIVERS\smcirda.sys 21:01:59.0203 3356 SMCIRDA - ok 21:01:59.0343 3356 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 21:01:59.0421 3356 Sparrow - ok 21:01:59.0734 3356 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 21:01:59.0859 3356 splitter - ok 21:02:00.0078 3356 sptd (d390675b8ce45e5fb359338e5e649329) C:\WINDOWS\system32\Drivers\sptd.sys 21:02:00.0078 3356 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329 21:02:00.0093 3356 sptd ( LockedFile.Multi.Generic ) - warning 21:02:00.0093 3356 sptd - detected LockedFile.Multi.Generic (1) 21:02:00.0390 3356 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys 21:02:00.0500 3356 sr - ok 21:02:00.0593 3356 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 21:02:00.0656 3356 Srv - ok 21:02:00.0781 3356 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 21:02:00.0796 3356 ssmdrv - ok 21:02:01.0125 3356 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 21:02:01.0250 3356 streamip - ok 21:02:01.0437 3356 STYLEXPHELPER - ok 21:02:01.0828 3356 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 21:02:01.0937 3356 swenum - ok 21:02:02.0250 3356 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 21:02:02.0359 3356 swmidi - ok 21:02:02.0546 3356 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 21:02:02.0671 3356 symc810 - ok 21:02:02.0843 3356 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 21:02:02.0953 3356 symc8xx - ok 21:02:03.0015 3356 SYMIDSCO - ok 21:02:03.0187 3356 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 21:02:03.0312 3356 sym_hi - ok 21:02:03.0468 3356 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 21:02:03.0593 3356 sym_u3 - ok 21:02:03.0750 3356 SynTP (a63401d180863a2cefce51798542ae5f) C:\WINDOWS\system32\DRIVERS\SynTP.sys 21:02:03.0781 3356 SynTP - ok 21:02:04.0109 3356 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 21:02:04.0234 3356 sysaudio - ok 21:02:04.0484 3356 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 21:02:04.0593 3356 Tcpip - ok 21:02:04.0687 3356 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys 21:02:04.0734 3356 Tcpip6 - ok 21:02:05.0062 3356 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 21:02:05.0187 3356 TDPIPE - ok 21:02:05.0500 3356 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 21:02:05.0609 3356 TDTCP - ok 21:02:05.0937 3356 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 21:02:06.0046 3356 TermDD - ok 21:02:06.0250 3356 tifm21 (0edc3cf7b38f4260eb006c38e4a44de4) C:\WINDOWS\system32\drivers\tifm21.sys 21:02:06.0281 3356 tifm21 - ok 21:02:06.0468 3356 TosIde (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys 21:02:06.0593 3356 TosIde - ok 21:02:06.0734 3356 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys 21:02:06.0843 3356 tunmp - ok 21:02:07.0015 3356 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys 21:02:07.0031 3356 UBHelper ( UnsignedFile.Multi.Generic ) - warning 21:02:07.0031 3356 UBHelper - detected UnsignedFile.Multi.Generic (1) 21:02:07.0359 3356 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 21:02:07.0484 3356 Udfs - ok 21:02:07.0656 3356 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 21:02:07.0703 3356 ultra - ok 21:02:07.0843 3356 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 21:02:08.0000 3356 Update - ok 21:02:08.0328 3356 USBAAPL - ok 21:02:08.0656 3356 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 21:02:08.0765 3356 usbaudio - ok 21:02:09.0093 3356 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 21:02:09.0203 3356 usbccgp - ok 21:02:09.0312 3356 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 21:02:09.0437 3356 usbehci - ok 21:02:09.0734 3356 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 21:02:09.0843 3356 usbhub - ok 21:02:10.0156 3356 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 21:02:10.0281 3356 usbprint - ok 21:02:10.0593 3356 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 21:02:10.0703 3356 usbscan - ok 21:02:11.0031 3356 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys 21:02:11.0140 3356 usbser - ok 21:02:11.0437 3356 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 21:02:11.0546 3356 USBSTOR - ok 21:02:11.0859 3356 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 21:02:11.0984 3356 usbuhci - ok 21:02:12.0109 3356 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 21:02:12.0234 3356 usbvideo - ok 21:02:12.0546 3356 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys 21:02:12.0671 3356 USB_RNDIS - ok 21:02:12.0984 3356 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 21:02:13.0093 3356 VgaSave - ok 21:02:13.0203 3356 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 21:02:13.0328 3356 viaagp - ok 21:02:13.0625 3356 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 21:02:13.0718 3356 ViaIde - ok 21:02:14.0015 3356 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys 21:02:14.0125 3356 VolSnap - ok 21:02:14.0328 3356 w39n51 (73395a19fc86461a151d3c330604e8b3) C:\WINDOWS\system32\DRIVERS\w39n51.sys 21:02:14.0468 3356 w39n51 - ok 21:02:14.0796 3356 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 21:02:14.0921 3356 Wanarp - ok 21:02:15.0234 3356 wanatw - ok 21:02:15.0546 3356 WDICA - ok 21:02:15.0859 3356 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 21:02:15.0984 3356 wdmaud - ok 21:02:16.0171 3356 winachsf (e0a00b06ea067c84e124b407dffa1af1) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 21:02:16.0265 3356 winachsf - ok 21:02:16.0609 3356 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 21:02:16.0734 3356 WmiAcpi - ok 21:02:17.0000 3356 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 21:02:17.0031 3356 WpdUsb - ok 21:02:17.0328 3356 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 21:02:17.0437 3356 WSTCODEC - ok 21:02:17.0703 3356 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 21:02:17.0781 3356 WudfPf - ok 21:02:18.0031 3356 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 21:02:18.0062 3356 WudfRd - ok 21:02:18.0187 3356 zlportio - ok 21:02:18.0234 3356 MBR (0x1B8) (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0 21:02:19.0265 3356 \Device\Harddisk0\DR0 - ok 21:02:19.0296 3356 Boot (0x1200) (1bc39c46c2788f199c8e41d9cd44b478) \Device\Harddisk0\DR0\Partition0 21:02:19.0312 3356 \Device\Harddisk0\DR0\Partition0 - ok 21:02:19.0328 3356 Boot (0x1200) (0587253fc35d71eb1d37a0ac1f7c6901) \Device\Harddisk0\DR0\Partition1 21:02:19.0328 3356 \Device\Harddisk0\DR0\Partition1 - ok 21:02:19.0328 3356 ============================================================ 21:02:19.0328 3356 Scan finished 21:02:19.0328 3356 ============================================================ 21:02:19.0437 2612 Detected object count: 32 21:02:19.0437 2612 Actual detected object count: 32 21:02:41.0921 2612 ACEDRV07 ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0921 2612 ACEDRV07 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0921 2612 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0921 2612 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0921 2612 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0921 2612 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0937 2612 dtscsi ( LockedFile.Multi.Generic ) - skipped by user 21:02:41.0937 2612 dtscsi ( LockedFile.Multi.Generic ) - User select action: Skip 21:02:41.0937 2612 EpmPsd ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0937 2612 EpmPsd ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0937 2612 EpmShd ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0937 2612 EpmShd ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0937 2612 k750bus ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0937 2612 k750bus ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0937 2612 k750mdfl ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0937 2612 k750mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0937 2612 k750mdm ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0937 2612 k750mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0937 2612 k750mgmt ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0937 2612 k750mgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0953 2612 k750obex ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0953 2612 k750obex ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0953 2612 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0953 2612 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0953 2612 NdisFilt ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0953 2612 NdisFilt ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0953 2612 NETMNT ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0953 2612 NETMNT ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0953 2612 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0953 2612 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0953 2612 OsaFsLoc ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0953 2612 OsaFsLoc ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0953 2612 osaio ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0953 2612 osaio ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0953 2612 osanbm ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0953 2612 osanbm ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0968 2612 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0968 2612 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0968 2612 sea1bus ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0968 2612 sea1bus ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0968 2612 sea1mdfl ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0968 2612 sea1mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0968 2612 sea1mdm ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0968 2612 sea1mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0968 2612 sea1mgmt ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0968 2612 sea1mgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0968 2612 sea1nd5 ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0968 2612 sea1nd5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0968 2612 sea1obex ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0968 2612 sea1obex ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0968 2612 sea1unic ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0968 2612 sea1unic ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0968 2612 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0968 2612 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0984 2612 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0984 2612 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0984 2612 sfsync04 ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0984 2612 sfsync04 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0984 2612 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0984 2612 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:02:41.0984 2612 sptd ( LockedFile.Multi.Generic ) - skipped by user 21:02:41.0984 2612 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 21:02:41.0984 2612 UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user 21:02:41.0984 2612 UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip |
Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
|
Combofix Logfile: Code: ComboFix 11-12-21.02 - Kiss 21.12.2011 16:10:32.1.2 - FAT32x86 |
Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code: Registry:: 4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet. http://users.pandora.be/bluepatchy/m...s/CFScript.gif 6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann! |
nach neustart hat er nicht gefragt... Combofix Logfile: Code: ComboFix 11-12-21.02 - Kiss 21.12.2011 17:41:30.2.2 - FAT32x86 |
Partitionen nach NTFS konvertieren: 1) Start, Ausführen, cmd eintippen und ok |
Alle Zeitangaben in WEZ +1. Es ist jetzt 21:33 Uhr. |
Copyright ©2000-2024, Trojaner-Board