Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   SafeBoot.sys (https://www.trojaner-board.de/108613-safeboot-sys.html)

ro-mann 26.01.2012 11:22
SafeBoot.sys
 
Hallo!

Bei einem Scan mit TDSSKiller ist die Datei SafeBoot.sys als Schadsoftware ausgewiesen worden. Ich habe sie in die Quarantäne kopiert und die DTA-Datei (uch nehme an, das ist die SafeBoot.sys in der Quarantäne?) bei mehreren Virus-Webseiten (Virustotal, Viruschief, Jottis) analysieren lassen, aber nichts gefunden. Anbei die DTA-Datei, kann mir jemand sagen, ob das ein Virus ist?

lg,
Roman

cosinus 26.01.2012 19:05
In der ZIP ist kein TDSS-Log.

Zitat:
Bei einem Scan mit TDSSKiller ist die Datei SafeBoot.sys als Schadsoftware ausgewiesen worden.
Wieso führst du denn einfach den TDSS-Killer aus? Voreiliges fixen bzw. planloses Löschen aller vom TDSS-Killer bemängelten Dateien kann zu einem zerstörten System führen!
In meinen Postings zum TDSS-Killer steht deswegen immer das:

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

ro-mann 02.02.2012 11:20
Hier ist das Logfile:

Code:
11:16:17.0390 8672        TDSS rootkit removing tool 2.7.9.0 Feb  1 2012 09:28:49
11:16:17.0545 8672        ============================================================
11:16:17.0545 8672        Current date / time: 2012/02/02 11:16:17.0545
11:16:17.0546 8672        SystemInfo:
11:16:17.0546 8672       
11:16:17.0546 8672        OS Version: 6.1.7601 ServicePack: 1.0
11:16:17.0546 8672        Product type: Workstation
11:16:17.0546 8672        ComputerName: WEBDEV27
11:16:17.0546 8672        UserName: r.
11:16:17.0546 8672        Windows directory: C:\Windows
11:16:17.0546 8672        System windows directory: C:\Windows
11:16:17.0546 8672        Processor architecture: Intel x86
11:16:17.0546 8672        Number of processors: 4
11:16:17.0546 8672        Page size: 0x1000
11:16:17.0546 8672        Boot type: Normal boot
11:16:17.0546 8672        ============================================================
11:16:18.0355 8672        Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:16:18.0412 8672        Drive \Device\Harddisk6\DR6 - Size: 0x7A7D1A00 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:16:18.0413 8672        \Device\Harddisk0\DR0:
11:16:18.0413 8672        MBR used
11:16:18.0413 8672        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1FF800
11:16:18.0413 8672        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x200000, BlocksNum 0x1C4CA800
11:16:18.0413 8672        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C6CA800, BlocksNum 0xAF6000
11:16:18.0413 8672        \Device\Harddisk6\DR6:
11:16:18.0414 8672        MBR used
11:16:18.0711 8672        Initialize success
11:16:18.0711 8672        ============================================================
11:16:20.0121 9744        ============================================================
11:16:20.0121 9744        Scan started
11:16:20.0121 9744        Mode: Manual;
11:16:20.0121 9744        ============================================================
11:16:21.0797 9744        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
11:16:21.0800 9744        1394ohci - ok
11:16:21.0927 9744        a2acc          (05dac43a484272de87eac038814a7840) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
11:16:21.0929 9744        a2acc - ok
11:16:22.0064 9744        A2DDA          (f7eabca8375ea2dc6f35c4bca4757515) C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys
11:16:22.0066 9744        A2DDA - ok
11:16:22.0169 9744        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
11:16:22.0174 9744        ACPI - ok
11:16:22.0277 9744        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
11:16:22.0279 9744        AcpiPmi - ok
11:16:22.0388 9744        ADIHdAudAddService (6c61bceb60c2c187e6f96001fd69493e) C:\Windows\system32\drivers\ADIHdAud.sys
11:16:22.0394 9744        ADIHdAudAddService - ok
11:16:22.0488 9744        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
11:16:22.0501 9744        adp94xx - ok
11:16:22.0583 9744        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
11:16:22.0588 9744        adpahci - ok
11:16:22.0672 9744        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
11:16:22.0675 9744        adpu320 - ok
11:16:22.0790 9744        afcdp          (53696ad8ffc5fac51949a525ff65a689) C:\Windows\system32\DRIVERS\afcdp.sys
11:16:22.0813 9744        afcdp - ok
11:16:22.0929 9744        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
11:16:22.0934 9744        AFD - ok
11:16:23.0019 9744        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
11:16:23.0020 9744        agp440 - ok
11:16:23.0103 9744        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
11:16:23.0105 9744        aic78xx - ok
11:16:23.0209 9744        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
11:16:23.0211 9744        aliide - ok
11:16:23.0293 9744        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
11:16:23.0295 9744        amdagp - ok
11:16:23.0385 9744        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
11:16:23.0387 9744        amdide - ok
11:16:23.0626 9744        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
11:16:23.0628 9744        AmdK8 - ok
11:16:23.0700 9744        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
11:16:23.0702 9744        AmdPPM - ok
11:16:23.0735 9744        amdsata        (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
11:16:23.0737 9744        amdsata - ok
11:16:23.0788 9744        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
11:16:23.0791 9744        amdsbs - ok
11:16:23.0813 9744        amdxata        (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
11:16:23.0815 9744        amdxata - ok
11:16:23.0896 9744        androidusb      (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\Windows\system32\Drivers\ssadadb.sys
11:16:23.0914 9744        androidusb - ok
11:16:23.0990 9744        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
11:16:23.0992 9744        AppID - ok
11:16:24.0080 9744        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
11:16:24.0083 9744        arc - ok
11:16:24.0162 9744        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
11:16:24.0164 9744        arcsas - ok
11:16:24.0289 9744        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
11:16:24.0291 9744        AsyncMac - ok
11:16:24.0409 9744        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
11:16:24.0410 9744        atapi - ok
11:16:24.0518 9744        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
11:16:24.0524 9744        b06bdrv - ok
11:16:24.0571 9744        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
11:16:24.0575 9744        b57nd60x - ok
11:16:24.0655 9744        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
11:16:24.0657 9744        Beep - ok
11:16:24.0695 9744        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
11:16:24.0696 9744        blbdrive - ok
11:16:24.0729 9744        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
11:16:24.0731 9744        bowser - ok
11:16:24.0792 9744        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:16:24.0794 9744        BrFiltLo - ok
11:16:24.0809 9744        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:16:24.0810 9744        BrFiltUp - ok
11:16:24.0876 9744        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
11:16:24.0880 9744        Brserid - ok
11:16:24.0916 9744        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
11:16:24.0918 9744        BrSerWdm - ok
11:16:24.0934 9744        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:16:24.0936 9744        BrUsbMdm - ok
11:16:24.0945 9744        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
11:16:24.0947 9744        BrUsbSer - ok
11:16:24.0964 9744        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
11:16:24.0966 9744        BTHMODEM - ok
11:16:25.0050 9744        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
11:16:25.0052 9744        cdfs - ok
11:16:25.0172 9744        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
11:16:25.0174 9744        cdrom - ok
11:16:25.0228 9744        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
11:16:25.0230 9744        circlass - ok
11:16:25.0278 9744        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
11:16:25.0281 9744        CLFS - ok
11:16:25.0367 9744        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
11:16:25.0369 9744        CmBatt - ok
11:16:25.0421 9744        cmdGuard        (ef98b620101bb406d39906feddc352a0) C:\Windows\system32\DRIVERS\cmdguard.sys
11:16:25.0474 9744        cmdGuard - ok
11:16:25.0535 9744        cmdHlp          (051d5be8106f09dd5e0d5589ea931b1e) C:\Windows\system32\DRIVERS\cmdhlp.sys
11:16:25.0555 9744        cmdHlp - ok
11:16:25.0629 9744        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
11:16:25.0631 9744        cmdide - ok
11:16:25.0682 9744        CNG            (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
11:16:25.0706 9744        CNG - ok
11:16:25.0783 9744        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
11:16:25.0784 9744        Compbatt - ok
11:16:25.0834 9744        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
11:16:25.0836 9744        CompositeBus - ok
11:16:25.0874 9744        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
11:16:25.0876 9744        crcdisk - ok
11:16:25.0990 9744        CSC            (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
11:16:25.0996 9744        CSC - ok
11:16:26.0044 9744        DAMDrv          (a05433f6218dcb8f0dec232de65f8b26) C:\Windows\system32\DRIVERS\DAMDrv.sys
11:16:26.0046 9744        DAMDrv - ok
11:16:26.0119 9744        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
11:16:26.0122 9744        DfsC - ok
11:16:26.0200 9744        dgderdrv - ok
11:16:26.0239 9744        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
11:16:26.0241 9744        discache - ok
11:16:26.0315 9744        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
11:16:26.0318 9744        Disk - ok
11:16:26.0401 9744        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
11:16:26.0402 9744        drmkaud - ok
11:16:26.0446 9744        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
11:16:26.0461 9744        DXGKrnl - ok
11:16:26.0566 9744        e1kexpress      (20c70a4226c9a066d2ead0c814083a95) C:\Windows\system32\DRIVERS\e1k6232.sys
11:16:26.0596 9744        e1kexpress - ok
11:16:26.0685 9744        eamonm          (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys
11:16:26.0688 9744        eamonm - ok
11:16:26.0791 9744        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
11:16:27.0058 9744        ebdrv - ok
11:16:27.0130 9744        ehdrv          (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys
11:16:27.0133 9744        ehdrv - ok
11:16:27.0210 9744        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
11:16:27.0223 9744        elxstor - ok
11:16:27.0245 9744        epfwwfpr        (f39c91795ebdb9ecbeb5a388ff2841fe) C:\Windows\system32\DRIVERS\epfwwfpr.sys
11:16:27.0264 9744        epfwwfpr - ok
11:16:27.0299 9744        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
11:16:27.0301 9744        ErrDev - ok
11:16:27.0344 9744        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
11:16:27.0347 9744        exfat - ok
11:16:27.0365 9744        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
11:16:27.0368 9744        fastfat - ok
11:16:27.0396 9744        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
11:16:27.0398 9744        fdc - ok
11:16:27.0431 9744        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
11:16:27.0433 9744        FileInfo - ok
11:16:27.0462 9744        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
11:16:27.0464 9744        Filetrace - ok
11:16:27.0488 9744        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
11:16:27.0490 9744        flpydisk - ok
11:16:27.0516 9744        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
11:16:27.0520 9744        FltMgr - ok
11:16:27.0546 9744        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
11:16:27.0548 9744        FsDepends - ok
11:16:27.0575 9744        Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
11:16:27.0576 9744        Fs_Rec - ok
11:16:27.0627 9744        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
11:16:27.0631 9744        fvevol - ok
11:16:27.0663 9744        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:16:27.0666 9744        gagp30kx - ok
11:16:27.0704 9744        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
11:16:27.0706 9744        hcw85cir - ok
11:16:27.0777 9744        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
11:16:27.0782 9744        HdAudAddService - ok
11:16:27.0812 9744        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
11:16:27.0813 9744        HDAudBus - ok
11:16:27.0842 9744        HECI            (88a67c34e37186665e916fd347b50d19) C:\Windows\system32\DRIVERS\HECI.sys
11:16:27.0844 9744        HECI - ok
11:16:27.0870 9744        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
11:16:27.0873 9744        HidBatt - ok
11:16:27.0908 9744        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
11:16:28.0417 9744        HidBth - ok
11:16:28.0493 9744        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
11:16:28.0496 9744        HidIr - ok
11:16:28.0633 9744        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
11:16:28.0635 9744        HidUsb - ok
11:16:28.0785 9744        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
11:16:28.0787 9744        HpSAMD - ok
11:16:28.0894 9744        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
11:16:28.0908 9744        HTTP - ok
11:16:29.0115 9744        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
11:16:29.0116 9744        hwpolicy - ok
11:16:29.0226 9744        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
11:16:29.0228 9744        i8042prt - ok
11:16:29.0260 9744        iaStor          (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\drivers\iastor.sys
11:16:29.0262 9744        iaStor - ok
11:16:29.0309 9744        iaStorV        (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
11:16:29.0314 9744        iaStorV - ok
11:16:29.0533 9744        igfx            (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:16:29.0653 9744        igfx - ok
11:16:29.0751 9744        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
11:16:29.0752 9744        iirsp - ok
11:16:29.0818 9744        inspect        (2ee3db2c1760171c6f72f2f1792a47b5) C:\Windows\system32\DRIVERS\inspect.sys
11:16:29.0855 9744        inspect - ok
11:16:29.0951 9744        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
11:16:29.0953 9744        intelide - ok
11:16:29.0991 9744        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
11:16:29.0992 9744        intelppm - ok
11:16:30.0016 9744        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:16:30.0018 9744        IpFilterDriver - ok
11:16:30.0086 9744        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
11:16:30.0088 9744        IPMIDRV - ok
11:16:30.0144 9744        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
11:16:30.0147 9744        IPNAT - ok
11:16:30.0214 9744        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
11:16:30.0216 9744        IRENUM - ok
11:16:30.0290 9744        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
11:16:30.0292 9744        isapnp - ok
11:16:30.0379 9744        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
11:16:30.0383 9744        iScsiPrt - ok
11:16:30.0481 9744        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:16:30.0483 9744        kbdclass - ok
11:16:30.0544 9744        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
11:16:30.0546 9744        kbdhid - ok
11:16:30.0608 9744        KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
11:16:30.0636 9744        KSecDD - ok
11:16:30.0667 9744        KSecPkg        (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
11:16:30.0699 9744        KSecPkg - ok
11:16:30.0799 9744        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
11:16:30.0801 9744        lltdio - ok
11:16:30.0875 9744        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:16:30.0877 9744        LSI_FC - ok
11:16:30.0923 9744        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:16:30.0925 9744        LSI_SAS - ok
11:16:30.0963 9744        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:16:30.0965 9744        LSI_SAS2 - ok
11:16:30.0980 9744        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:16:30.0982 9744        LSI_SCSI - ok
11:16:31.0006 9744        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
11:16:31.0008 9744        luafv - ok
11:16:31.0056 9744        MBAMProtector  (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
11:16:31.0058 9744        MBAMProtector - ok
11:16:31.0112 9744        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
11:16:31.0114 9744        megasas - ok
11:16:31.0168 9744        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
11:16:31.0172 9744        MegaSR - ok
11:16:31.0220 9744        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
11:16:31.0222 9744        Modem - ok
11:16:31.0248 9744        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
11:16:31.0249 9744        monitor - ok
11:16:31.0305 9744        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
11:16:31.0329 9744        mouclass - ok
11:16:31.0401 9744        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
11:16:31.0403 9744        mouhid - ok
11:16:31.0455 9744        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
11:16:31.0457 9744        mountmgr - ok
11:16:31.0509 9744        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
11:16:31.0512 9744        mpio - ok
11:16:31.0545 9744        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
11:16:31.0548 9744        mpsdrv - ok
11:16:31.0608 9744        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
11:16:31.0611 9744        MRxDAV - ok
11:16:31.0654 9744        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:16:31.0677 9744        mrxsmb - ok
11:16:31.0717 9744        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:16:31.0721 9744        mrxsmb10 - ok
11:16:31.0743 9744        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:16:31.0746 9744        mrxsmb20 - ok
11:16:31.0799 9744        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
11:16:31.0801 9744        msahci - ok
11:16:31.0843 9744        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
11:16:31.0846 9744        msdsm - ok
11:16:31.0893 9744        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
11:16:31.0895 9744        Msfs - ok
11:16:31.0947 9744        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
11:16:31.0949 9744        mshidkmdf - ok
11:16:31.0991 9744        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
11:16:31.0992 9744        msisadrv - ok
11:16:32.0050 9744        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
11:16:32.0053 9744        MSKSSRV - ok
11:16:32.0074 9744        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
11:16:32.0076 9744        MSPCLOCK - ok
11:16:32.0115 9744        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
11:16:32.0117 9744        MSPQM - ok
11:16:32.0170 9744        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
11:16:32.0174 9744        MsRPC - ok
11:16:32.0231 9744        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
11:16:32.0232 9744        mssmbios - ok
11:16:32.0259 9744        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
11:16:32.0261 9744        MSTEE - ok
11:16:32.0281 9744        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
11:16:32.0283 9744        MTConfig - ok
11:16:32.0305 9744        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
11:16:32.0308 9744        Mup - ok
11:16:32.0357 9744        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
11:16:32.0362 9744        NativeWifiP - ok
11:16:32.0425 9744        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
11:16:32.0439 9744        NDIS - ok
11:16:32.0505 9744        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
11:16:32.0507 9744        NdisCap - ok
11:16:32.0538 9744        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
11:16:32.0540 9744        NdisTapi - ok
11:16:32.0590 9744        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
11:16:32.0592 9744        Ndisuio - ok
11:16:32.0638 9744        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
11:16:32.0641 9744        NdisWan - ok
11:16:32.0695 9744        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
11:16:32.0697 9744        NDProxy - ok
11:16:32.0736 9744        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
11:16:32.0737 9744        NetBIOS - ok
11:16:32.0783 9744        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
11:16:32.0786 9744        NetBT - ok
11:16:32.0929 9744        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
11:16:32.0931 9744        nfrd960 - ok
11:16:32.0978 9744        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
11:16:32.0981 9744        Npfs - ok
11:16:33.0025 9744        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
11:16:33.0026 9744        nsiproxy - ok
11:16:33.0100 9744        Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
11:16:33.0136 9744        Ntfs - ok
11:16:33.0231 9744        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
11:16:33.0233 9744        Null - ok
11:16:33.0458 9744        nvlddmkm        (36ad1a7b311d6e592f4c01cf297b3841) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:16:33.0700 9744        nvlddmkm - ok
11:16:33.0812 9744        nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
11:16:33.0815 9744        nvraid - ok
11:16:33.0872 9744        nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
11:16:33.0876 9744        nvstor - ok
11:16:33.0931 9744        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
11:16:33.0934 9744        nv_agp - ok
11:16:33.0986 9744        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
11:16:33.0988 9744        ohci1394 - ok
11:16:34.0086 9744        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
11:16:34.0088 9744        Parport - ok
11:16:34.0149 9744        partmgr        (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
11:16:34.0152 9744        partmgr - ok
11:16:34.0199 9744        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
11:16:34.0201 9744        Parvdm - ok
11:16:34.0254 9744        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
11:16:34.0257 9744        pci - ok
11:16:34.0304 9744        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
11:16:34.0306 9744        pciide - ok
11:16:34.0351 9744        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
11:16:34.0354 9744        pcmcia - ok
11:16:34.0372 9744        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
11:16:34.0374 9744        pcw - ok
11:16:34.0404 9744        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
11:16:34.0418 9744        PEAUTH - ok
11:16:34.0533 9744        Point32        (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
11:16:34.0535 9744        Point32 - ok
11:16:34.0610 9744        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
11:16:34.0613 9744        PptpMiniport - ok
11:16:34.0657 9744        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
11:16:34.0659 9744        Processor - ok
11:16:34.0725 9744        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
11:16:34.0727 9744        Psched - ok
11:16:34.0786 9744        PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
11:16:34.0811 9744        PxHelp20 - ok
11:16:34.0864 9744        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
11:16:34.0900 9744        ql2300 - ok
11:16:34.0935 9744        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
11:16:34.0938 9744        ql40xx - ok
11:16:34.0996 9744        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
11:16:34.0998 9744        QWAVEdrv - ok
11:16:35.0038 9744        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
11:16:35.0040 9744        RasAcd - ok
11:16:35.0066 9744        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:16:35.0068 9744        RasAgileVpn - ok
11:16:35.0125 9744        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:16:35.0128 9744        Rasl2tp - ok
11:16:35.0173 9744        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
11:16:35.0175 9744        RasPppoe - ok
11:16:35.0199 9744        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
11:16:35.0202 9744        RasSstp - ok
11:16:35.0252 9744        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
11:16:35.0257 9744        rdbss - ok
11:16:35.0284 9744        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
11:16:35.0286 9744        rdpbus - ok
11:16:35.0340 9744        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:16:35.0342 9744        RDPCDD - ok
11:16:35.0398 9744        RDPDR          (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
11:16:35.0401 9744        RDPDR - ok
11:16:35.0454 9744        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
11:16:35.0456 9744        RDPENCDD - ok
11:16:35.0484 9744        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
11:16:35.0486 9744        RDPREFMP - ok
11:16:35.0541 9744        RDPWD          (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
11:16:35.0545 9744        RDPWD - ok
11:16:35.0605 9744        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
11:16:35.0609 9744        rdyboost - ok
11:16:35.0785 9744        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
11:16:35.0787 9744        rspndr - ok
11:16:35.0807 9744        RsvLock        (13335d083935ab88e09c9acc077355b5) C:\Windows\system32\drivers\RsvLock.sys
11:16:35.0809 9744        RsvLock - ok
11:16:35.0854 9744        s3cap          (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
11:16:35.0856 9744        s3cap - ok
11:16:35.0882 9744        SafeBoot        (062b82fa74c895382ab0784d493c8c9c) C:\Windows\system32\drivers\SafeBoot.sys
11:16:35.0883 9744        Suspicious file (NoAccess): C:\Windows\system32\drivers\SafeBoot.sys. md5: 062b82fa74c895382ab0784d493c8c9c
11:16:35.0883 9744        SafeBoot ( LockedFile.Multi.Generic ) - warning
11:16:35.0883 9744        SafeBoot - detected LockedFile.Multi.Generic (1)
11:16:35.0938 9744        SbAlg          (c9cb2c392c35cbee2733c836d23dc642) C:\Windows\system32\drivers\SbAlg.sys
11:16:35.0940 9744        SbAlg - ok
11:16:35.0988 9744        SbFsLock        (b5a8ecdee930b52fd3ba35700a15ea53) C:\Windows\system32\drivers\SbFsLock.sys
11:16:35.0990 9744        SbFsLock - ok
11:16:36.0081 9744        SbieDrv        (3ab6cad1ddfa84cd7bc3d1a759b1e81e) C:\Program Files\Sandboxie\SbieDrv.sys
11:16:36.0084 9744        SbieDrv - ok
11:16:36.0182 9744        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
11:16:36.0184 9744        sbp2port - ok
11:16:36.0288 9744        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
11:16:36.0290 9744        scfilter - ok
11:16:36.0365 9744        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:16:36.0367 9744        secdrv - ok
11:16:36.0466 9744        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
11:16:36.0468 9744        Serenum - ok
11:16:36.0523 9744        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
11:16:36.0525 9744        Serial - ok
11:16:36.0581 9744        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
11:16:36.0583 9744        sermouse - ok
11:16:36.0651 9744        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
11:16:36.0652 9744        sffdisk - ok
11:16:36.0690 9744        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
11:16:36.0692 9744        sffp_mmc - ok
11:16:36.0732 9744        sffp_sd        (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
11:16:36.0734 9744        sffp_sd - ok
11:16:36.0784 9744        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
11:16:36.0785 9744        sfloppy - ok
11:16:36.0831 9744        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
11:16:36.0834 9744        sisagp - ok
11:16:36.0861 9744        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:16:36.0863 9744        SiSRaid2 - ok
11:16:36.0886 9744        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
11:16:36.0889 9744        SiSRaid4 - ok
11:16:36.0912 9744        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
11:16:36.0914 9744        Smb - ok
11:16:36.0988 9744        snapman        (eb49860e776ce860dc3cfb9edb1ba517) C:\Windows\system32\DRIVERS\snapman.sys
11:16:37.0006 9744        snapman - ok
11:16:37.0050 9744        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
11:16:37.0052 9744        spldr - ok
11:16:37.0108 9744        srv            (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
11:16:37.0132 9744        srv - ok
11:16:37.0170 9744        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
11:16:37.0194 9744        srv2 - ok
11:16:37.0229 9744        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
11:16:37.0232 9744        srvnet - ok
11:16:37.0289 9744        ssadbus        (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\Windows\system32\DRIVERS\ssadbus.sys
11:16:37.0292 9744        ssadbus - ok
11:16:37.0329 9744        ssadmdfl        (bb2c84a15c765da89fd832b0e73f26ce) C:\Windows\system32\DRIVERS\ssadmdfl.sys
11:16:37.0331 9744        ssadmdfl - ok
11:16:37.0367 9744        ssadmdm        (6d0d132ddc6f43eda00dced6d8b1ca31) C:\Windows\system32\DRIVERS\ssadmdm.sys
11:16:37.0414 9744        ssadmdm - ok
11:16:37.0449 9744        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
11:16:37.0451 9744        stexstor - ok
11:16:37.0511 9744        storflt        (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
11:16:37.0513 9744        storflt - ok
11:16:37.0542 9744        storvsc        (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
11:16:37.0544 9744        storvsc - ok
11:16:37.0563 9744        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
11:16:37.0565 9744        swenum - ok
11:16:37.0687 9744        Tcpip          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
11:16:37.0722 9744        Tcpip - ok
11:16:37.0770 9744        TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
11:16:37.0777 9744        TCPIP6 - ok
11:16:37.0822 9744        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
11:16:37.0824 9744        tcpipreg - ok
11:16:37.0872 9744        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
11:16:37.0874 9744        TDPIPE - ok
11:16:37.0945 9744        tdrpman273      (431801fcc97034e04a6eff81136578d7) C:\Windows\system32\DRIVERS\tdrpm273.sys
11:16:38.0001 9744        tdrpman273 - ok
11:16:38.0042 9744        TDTCP          (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
11:16:38.0044 9744        TDTCP - ok
11:16:38.0096 9744        tdx            (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
11:16:38.0098 9744        tdx - ok
11:16:38.0149 9744        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
11:16:38.0152 9744        TermDD - ok
11:16:38.0207 9744        timounter      (a34d7024bb7140ec785c86bc065d4f60) C:\Windows\system32\DRIVERS\timntr.sys
11:16:38.0246 9744        timounter - ok
11:16:38.0284 9744        TPM            (5ad05191dc8b444a7ba4d79b76c42a30) C:\Windows\system32\drivers\tpm.sys
11:16:38.0286 9744        TPM - ok
11:16:38.0332 9744        truecrypt      (746b8cf9cededdd865472544edf626da) C:\Windows\system32\drivers\truecrypt.sys
11:16:38.0356 9744        truecrypt - ok
11:16:38.0405 9744        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:16:38.0407 9744        tssecsrv - ok
11:16:38.0463 9744        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
11:16:38.0466 9744        TsUsbFlt - ok
11:16:38.0537 9744        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
11:16:38.0540 9744        tunnel - ok
11:16:38.0572 9744        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
11:16:38.0575 9744        uagp35 - ok
11:16:38.0625 9744        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
11:16:38.0630 9744        udfs - ok
11:16:38.0734 9744        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
11:16:38.0736 9744        uliagpkx - ok
11:16:38.0791 9744        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
11:16:38.0793 9744        umbus - ok
11:16:38.0839 9744        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
11:16:38.0841 9744        UmPass - ok
11:16:38.0886 9744        usbccgp        (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
11:16:38.0889 9744        usbccgp - ok
11:16:38.0932 9744        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
11:16:38.0935 9744        usbcir - ok
11:16:38.0974 9744        usbehci        (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
11:16:38.0977 9744        usbehci - ok
11:16:39.0052 9744        usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
11:16:39.0057 9744        usbhub - ok
11:16:39.0110 9744        usbohci        (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
11:16:39.0112 9744        usbohci - ok
11:16:39.0178 9744        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
11:16:39.0180 9744        usbprint - ok
11:16:39.0232 9744        USBSTOR        (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:16:39.0235 9744        USBSTOR - ok
11:16:39.0279 9744        usbuhci        (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
11:16:39.0296 9744        usbuhci - ok
11:16:39.0374 9744        usb_rndisx      (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
11:16:39.0397 9744        usb_rndisx - ok
11:16:39.0482 9744        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
11:16:39.0484 9744        vdrvroot - ok
11:16:39.0543 9744        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
11:16:39.0545 9744        vga - ok
11:16:39.0588 9744        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
11:16:39.0590 9744        VgaSave - ok
11:16:39.0637 9744        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
11:16:39.0641 9744        vhdmp - ok
11:16:39.0672 9744        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
11:16:39.0675 9744        viaagp - ok
11:16:39.0717 9744        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
11:16:39.0719 9744        ViaC7 - ok
11:16:39.0759 9744        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
11:16:39.0761 9744        viaide - ok
11:16:39.0805 9744        vmbus          (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
11:16:39.0809 9744        vmbus - ok
11:16:39.0853 9744        VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
11:16:39.0855 9744        VMBusHID - ok
11:16:39.0873 9744        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
11:16:39.0876 9744        volmgr - ok
11:16:39.0897 9744        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
11:16:39.0902 9744        volmgrx - ok
11:16:39.0928 9744        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
11:16:39.0932 9744        volsnap - ok
11:16:39.0965 9744        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
11:16:39.0968 9744        vsmraid - ok
11:16:39.0999 9744        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
11:16:40.0001 9744        vwifibus - ok
11:16:40.0033 9744        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
11:16:40.0035 9744        WacomPen - ok
11:16:40.0096 9744        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
11:16:40.0099 9744        WANARP - ok
11:16:40.0106 9744        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
11:16:40.0108 9744        Wanarpv6 - ok
11:16:40.0182 9744        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
11:16:40.0184 9744        Wd - ok
11:16:40.0216 9744        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
11:16:40.0230 9744        Wdf01000 - ok
11:16:40.0295 9744        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
11:16:40.0297 9744        WfpLwf - ok
11:16:40.0315 9744        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
11:16:40.0319 9744        WIMMount - ok
11:16:40.0417 9744        WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
11:16:40.0435 9744        WinUsb - ok
11:16:40.0484 9744        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
11:16:40.0485 9744        WmiAcpi - ok
11:16:40.0538 9744        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
11:16:40.0872 9744        ws2ifsl - ok
11:16:41.0004 9744        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
11:16:41.0007 9744        WudfPf - ok
11:16:41.0093 9744        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:16:41.0096 9744        WUDFRd - ok
11:16:41.0162 9744        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:16:41.0223 9744        \Device\Harddisk0\DR0 - ok
11:16:41.0228 9744        MBR (0x1B8)    (c0485ddf598443c99fca5adc0e12ef3e) \Device\Harddisk6\DR6
11:16:43.0028 9744        \Device\Harddisk6\DR6 - ok
11:16:43.0032 9744        Boot (0x1200)  (aef357b2f5c9c4a1abdc3111da61f8ab) \Device\Harddisk0\DR0\Partition0
11:16:43.0033 9744        \Device\Harddisk0\DR0\Partition0 - ok
11:16:43.0060 9744        Boot (0x1200)  (8d6993752932507bd95fa45c44dbccd5) \Device\Harddisk0\DR0\Partition1
11:16:43.0061 9744        \Device\Harddisk0\DR0\Partition1 - ok
11:16:43.0094 9744        Boot (0x1200)  (1cff12a7f4f8bf8d64bcac0f11e50397) \Device\Harddisk0\DR0\Partition2
11:16:43.0095 9744        \Device\Harddisk0\DR0\Partition2 - ok
11:16:43.0095 9744        ============================================================
11:16:43.0095 9744        Scan finished
11:16:43.0095 9744        ============================================================
11:16:43.0108 10016        Detected object count: 1
11:16:43.0109 10016        Actual detected object count: 1
11:16:52.0507 10016        SafeBoot ( LockedFile.Multi.Generic ) - skipped by user
11:16:52.0507 10016        SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip
lg,
Roman

cosinus 02.02.2012 16:29
Zitat:
Suspicious file (NoAccess):
Suspicous bedeutet verdächtig, aber nicht dass es definitiv eine Schaddatei ist!

Safeboot.sys driver | What is Safeboot.sys file?

Zitat:
Safeboot.sys with description McAfee Endpoint Encryption Driver is a driver file from company McAfee, Inc. belonging to product McAfee Endpoint Encryption.
The file is digitally signed from MCAFEE INTERNATIONAL LTD. - VeriSign Time Stamping Services Signer - G2
We do not recommend removing digitally signed files from MCAFEE INTERNATIONAL LTD.


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:09 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131