Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   problem explorer.exe (https://www.trojaner-board.de/110308-problem-explorer-exe.html)

rolli0815 24.02.2012 17:45
na bravo!

Nachdem ich die mit TDSS gefundenen 8 Fehler mit "delete" entfernt habe, startete der Computer neu. Danach komme ich jetzt nicht mehr ins Netz und kann auch keine Mails aufrufen.
Bei firefox kommt folgende Fehlermeldung:
Code:
XML-Verarbeitungsfehler: Nicht definierte Entität
Adresse: jar:jar:file:///C:/Dokumente%20und%20Einstellungen/meister/Anwendungsdaten/Mozilla/Firefox/Profiles/trwzs2hb.default/extensions/speedtest@gotomyhelp.com.xpi!/chrome/speedtest.jar!/content/netError.xhtml
Zeile Nr. 392, Spalte 33:        <div id="ed_netOffline">&netOffline.longDesc;</div>
Das letzte log von TDSS sieht wie folgt aus:
Code:
16:42:21.0062 6100        TDSS rootkit removing tool 2.7.14.0 Feb 22 2012 16:54:49
16:42:21.0171 6100        ============================================================
16:42:21.0171 6100        Current date / time: 2012/02/24 16:42:21.0171
16:42:21.0171 6100        SystemInfo:
16:42:21.0171 6100       
16:42:21.0171 6100        OS Version: 5.1.2600 ServicePack: 3.0
16:42:21.0171 6100        Product type: Workstation
16:42:21.0171 6100        ComputerName: MEISTER-AE9E965
16:42:21.0171 6100        UserName: meister
16:42:21.0171 6100        Windows directory: C:\WINDOWS
16:42:21.0171 6100        System windows directory: C:\WINDOWS
16:42:21.0171 6100        Processor architecture: Intel x86
16:42:21.0171 6100        Number of processors: 2
16:42:21.0171 6100        Page size: 0x1000
16:42:21.0171 6100        Boot type: Normal boot
16:42:21.0171 6100        ============================================================
16:42:22.0406 6100        Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:42:22.0406 6100        Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:42:22.0406 6100        Drive \Device\Harddisk2\DR9 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:42:22.0421 6100        Drive \Device\Harddisk7\DR15 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:42:22.0421 6100        \Device\Harddisk0\DR0:
16:42:22.0421 6100        MBR used
16:42:22.0421 6100        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
16:42:22.0437 6100        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D1C06FF, BlocksNum 0x1D1C0681
16:42:22.0437 6100        \Device\Harddisk1\DR1:
16:42:22.0437 6100        MBR used
16:42:22.0437 6100        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x61B746A, BlocksNum 0x84C1299
16:42:22.0437 6100        \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1D1C4581, BlocksNum 0x1D1C06C0
16:42:22.0437 6100        \Device\Harddisk2\DR9:
16:42:22.0437 6100        MBR used
16:42:22.0437 6100        \Device\Harddisk2\DR9\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
16:42:22.0437 6100        \Device\Harddisk7\DR15:
16:42:22.0437 6100        MBR used
16:42:22.0437 6100        \Device\Harddisk7\DR15\Partition0: MBR, Type 0x7, StartLBA 0x4388B380, BlocksNum 0x30E76780
16:42:22.0921 6100        Initialize success
16:42:22.0921 6100        ============================================================
16:42:32.0859 5780        ============================================================
16:42:32.0859 5780        Scan started
16:42:32.0859 5780        Mode: Manual; SigCheck; TDLFS;
16:42:32.0859 5780        ============================================================
16:42:33.0234 5780        Abiosdsk - ok
16:42:33.0234 5780        abp480n5 - ok
16:42:33.0265 5780        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:42:33.0750 5780        ACPI - ok
16:42:33.0843 5780        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:42:33.0921 5780        ACPIEC - ok
16:42:33.0937 5780        adpu160m - ok
16:42:33.0968 5780        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:42:34.0046 5780        aec - ok
16:42:34.0078 5780        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:42:34.0125 5780        AFD - ok
16:42:34.0125 5780        Aha154x - ok
16:42:34.0156 5780        aic78u2 - ok
16:42:34.0171 5780        aic78xx - ok
16:42:34.0171 5780        AliIde - ok
16:42:34.0187 5780        alxowhfb - ok
16:42:34.0250 5780        Ambfilt        (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
16:42:34.0343 5780        Ambfilt - ok
16:42:34.0343 5780        amsint - ok
16:42:34.0359 5780        asc - ok
16:42:34.0359 5780        asc3350p - ok
16:42:34.0375 5780        asc3550 - ok
16:42:34.0406 5780        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:42:34.0468 5780        AsyncMac - ok
16:42:34.0500 5780        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:42:34.0578 5780        atapi - ok
16:42:34.0578 5780        Atdisk - ok
16:42:34.0734 5780        ati2mtag        (6d7e913b48488bb5c73ee7ad53b017d8) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:42:34.0921 5780        ati2mtag - ok
16:42:34.0953 5780        AtiHDAudioService (0d6b8359677d05142b624f09c28d643a) C:\WINDOWS\system32\drivers\AtihdXP3.sys
16:42:34.0953 5780        AtiHDAudioService - ok
16:42:35.0000 5780        AtiHdmiService  (b9bc23b57765c167806a1feb7a3d16a6) C:\WINDOWS\system32\drivers\AtiHdmi.sys
16:42:35.0000 5780        AtiHdmiService - ok
16:42:35.0031 5780        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:42:35.0093 5780        Atmarpc - ok
16:42:35.0156 5780        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:42:35.0234 5780        audstub - ok
16:42:35.0265 5780        avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:42:35.0281 5780        avgntflt - ok
16:42:35.0296 5780        avipbb          (13b02b9b969dde270cd7c351203dad3c) C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:42:35.0296 5780        avipbb - ok
16:42:35.0312 5780        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
16:42:35.0328 5780        avkmgr - ok
16:42:35.0343 5780        BANTExt        (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
16:42:35.0359 5780        BANTExt ( UnsignedFile.Multi.Generic ) - warning
16:42:35.0359 5780        BANTExt - detected UnsignedFile.Multi.Generic (1)
16:42:35.0406 5780        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:42:35.0468 5780        Beep - ok
16:42:35.0484 5780        bmdrvr          (fa75972a7f488ebbc94c5248cc6764a9) C:\WINDOWS\system32\drivers\bmdrvr.sys
16:42:35.0500 5780        bmdrvr - ok
16:42:35.0546 5780        cbfs3          (afab1d4cab04218cbab0ae69625d0d65) C:\WINDOWS\system32\drivers\cbfs3.sys
16:42:35.0546 5780        cbfs3 - ok
16:42:35.0578 5780        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:42:35.0640 5780        cbidf2k - ok
16:42:35.0671 5780        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:42:35.0750 5780        CCDECODE - ok
16:42:35.0765 5780        cd20xrnt - ok
16:42:35.0781 5780        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:42:35.0843 5780        Cdaudio - ok
16:42:35.0843 5780        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:42:35.0906 5780        Cdfs - ok
16:42:35.0937 5780        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:42:36.0031 5780        Cdrom - ok
16:42:36.0031 5780        CmdIde - ok
16:42:36.0046 5780        Cpqarray - ok
16:42:36.0093 5780        cpudrv          (d01f685f8b4598d144b0cce9ff95d8d5) C:\Programme\SystemRequirementsLab\cpudrv.sys
16:42:36.0093 5780        cpudrv - ok
16:42:36.0156 5780        CrystalSysInfo  (f054744f67576a01139885173392502b) C:\Programme\MediaCoder\SysInfo.sys
16:42:36.0171 5780        CrystalSysInfo - ok
16:42:36.0171 5780        dac2w2k - ok
16:42:36.0187 5780        dac960nt - ok
16:42:36.0218 5780        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:42:36.0281 5780        Disk - ok
16:42:36.0328 5780        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
16:42:36.0406 5780        dmboot - ok
16:42:36.0421 5780        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
16:42:36.0484 5780        dmio - ok
16:42:36.0500 5780        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:42:36.0578 5780        dmload - ok
16:42:36.0593 5780        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:42:36.0656 5780        DMusic - ok
16:42:36.0671 5780        dpti2o - ok
16:42:36.0671 5780        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:42:36.0734 5780        drmkaud - ok
16:42:36.0765 5780        DrvAgent32      (651554e483712b708ede864d0ca1aa73) C:\WINDOWS\system32\Drivers\DrvAgent32.sys
16:42:36.0781 5780        DrvAgent32 ( UnsignedFile.Multi.Generic ) - warning
16:42:36.0781 5780        DrvAgent32 - detected UnsignedFile.Multi.Generic (1)
16:42:36.0812 5780        dtsoftbus01    (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
16:42:36.0828 5780        dtsoftbus01 - ok
16:42:36.0828 5780        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:42:36.0906 5780        Fastfat - ok
16:42:36.0921 5780        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:42:36.0984 5780        Fdc - ok
16:42:37.0000 5780        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
16:42:37.0078 5780        Fips - ok
16:42:37.0093 5780        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:42:37.0171 5780        Flpydisk - ok
16:42:37.0203 5780        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:42:37.0265 5780        FltMgr - ok
16:42:37.0296 5780        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:42:37.0359 5780        Fs_Rec - ok
16:42:37.0390 5780        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:42:37.0453 5780        Ftdisk - ok
16:42:37.0500 5780        gdrv            (d556cb79967e92b5cc69686d16c1d846) C:\WINDOWS\gdrv.sys
16:42:37.0515 5780        gdrv - ok
16:42:37.0546 5780        GEARAspiWDM    (4ac51459805264affd5f6fdfb9d9235f) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
16:42:37.0546 5780        GEARAspiWDM - ok
16:42:37.0562 5780        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:42:37.0640 5780        Gpc - ok
16:42:37.0687 5780        hcmon          (51fa91bb463b15fd8eacd5045c3f2fa6) C:\WINDOWS\system32\drivers\hcmon.sys
16:42:37.0703 5780        hcmon - ok
16:42:37.0734 5780        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:42:37.0796 5780        HDAudBus - ok
16:42:37.0828 5780        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:42:37.0906 5780        hidusb - ok
16:42:37.0906 5780        hpn - ok
16:42:37.0953 5780        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:42:37.0968 5780        HTTP - ok
16:42:37.0984 5780        i2omp - ok
16:42:38.0000 5780        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:42:38.0078 5780        i8042prt - ok
16:42:38.0109 5780        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:42:38.0171 5780        Imapi - ok
16:42:38.0171 5780        ini910u - ok
16:42:38.0328 5780        IntcAzAudAddService (85ab23f3e4ba6696fae8beb9d434edd6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:42:38.0484 5780        IntcAzAudAddService - ok
16:42:38.0500 5780        IntelIde - ok
16:42:38.0531 5780        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:42:38.0609 5780        intelppm - ok
16:42:38.0625 5780        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:42:38.0703 5780        Ip6Fw - ok
16:42:38.0734 5780        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:42:38.0796 5780        IpFilterDriver - ok
16:42:38.0812 5780        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:42:38.0890 5780        IpInIp - ok
16:42:38.0906 5780        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:42:38.0968 5780        IpNat - ok
16:42:38.0984 5780        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:42:39.0062 5780        IPSec - ok
16:42:39.0093 5780        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:42:39.0125 5780        IRENUM - ok
16:42:39.0156 5780        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:42:39.0234 5780        isapnp - ok
16:42:39.0265 5780        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:42:39.0343 5780        Kbdclass - ok
16:42:39.0343 5780        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:42:39.0406 5780        kbdhid - ok
16:42:39.0453 5780        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:42:39.0515 5780        kmixer - ok
16:42:39.0531 5780        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:42:39.0578 5780        KSecDD - ok
16:42:39.0609 5780        LVPr2Mon        (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
16:42:39.0625 5780        LVPr2Mon - ok
16:42:39.0640 5780        LVRS            (a1857fbb9b4930eeb2fd92386c45c529) C:\WINDOWS\system32\DRIVERS\lvrs.sys
16:42:39.0656 5780        LVRS - ok
16:42:39.0750 5780        LVUVC          (3703406af0726badd24c5e552493e5b1) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
16:42:39.0859 5780        LVUVC - ok
16:42:39.0906 5780        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:42:39.0984 5780        mnmdd - ok
16:42:40.0000 5780        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
16:42:40.0078 5780        Modem - ok
16:42:40.0140 5780        Monfilt        (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
16:42:40.0187 5780        Monfilt - ok
16:42:40.0234 5780        Mouclass        (71e15ca47fd947552054afb28536268f) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:42:40.0328 5780        Mouclass - ok
16:42:40.0343 5780        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:42:40.0406 5780        mouhid - ok
16:42:40.0453 5780        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:42:40.0531 5780        MountMgr - ok
16:42:40.0562 5780        MPE            (55a9a7e6bb297bf0f5b144029dcb79cc) C:\WINDOWS\system32\DRIVERS\MPE.sys
16:42:40.0656 5780        MPE - ok
16:42:40.0671 5780        mraid35x - ok
16:42:40.0687 5780        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:42:40.0750 5780        MRxDAV - ok
16:42:40.0796 5780        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:42:40.0843 5780        MRxSmb - ok
16:42:40.0843 5780        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:42:40.0906 5780        Msfs - ok
16:42:40.0937 5780        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:42:41.0000 5780        MSKSSRV - ok
16:42:41.0015 5780        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:42:41.0078 5780        MSPCLOCK - ok
16:42:41.0078 5780        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:42:41.0156 5780        MSPQM - ok
16:42:41.0187 5780        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:42:41.0250 5780        mssmbios - ok
16:42:41.0265 5780        MSTEE          (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:42:41.0343 5780        MSTEE - ok
16:42:41.0359 5780        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:42:41.0359 5780        Mup - ok
16:42:41.0390 5780        MxEFUF          (363b85773d001e35dc977058956a1486) C:\WINDOWS\system32\DRIVERS\MxEFUF32.sys
16:42:41.0390 5780        MxEFUF - ok
16:42:41.0406 5780        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:42:41.0468 5780        NABTSFEC - ok
16:42:41.0500 5780        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:42:41.0578 5780        NDIS - ok
16:42:41.0593 5780        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:42:41.0671 5780        NdisIP - ok
16:42:41.0703 5780        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:42:41.0718 5780        NdisTapi - ok
16:42:41.0750 5780        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:42:41.0828 5780        Ndisuio - ok
16:42:41.0859 5780        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:42:41.0921 5780        NdisWan - ok
16:42:41.0937 5780        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:42:41.0953 5780        NDProxy - ok
16:42:41.0968 5780        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:42:42.0031 5780        NetBIOS - ok
16:42:42.0046 5780        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:42:42.0109 5780        NetBT - ok
16:42:42.0140 5780        npf            (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys
16:42:42.0156 5780        npf - ok
16:42:42.0156 5780        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:42:42.0234 5780        Npfs - ok
16:42:42.0281 5780        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:42:42.0359 5780        Ntfs - ok
16:42:42.0390 5780        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:42:42.0453 5780        Null - ok
16:42:42.0484 5780        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:42:42.0546 5780        NwlnkFlt - ok
16:42:42.0562 5780        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:42:42.0625 5780        NwlnkFwd - ok
16:42:42.0640 5780        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
16:42:42.0718 5780        Parport - ok
16:42:42.0734 5780        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:42:42.0796 5780        PartMgr - ok
16:42:42.0812 5780        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
16:42:42.0875 5780        ParVdm - ok
16:42:42.0906 5780        PCI            (6fb463e5b243fbd6f3d3c83f914d94fb) C:\WINDOWS\system32\DRIVERS\pci.sys
16:42:42.0984 5780        PCI - ok
16:42:43.0000 5780        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:42:43.0062 5780        PCIIde - ok
16:42:43.0093 5780        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:42:43.0171 5780        Pcmcia - ok
16:42:43.0171 5780        perc2 - ok
16:42:43.0171 5780        perc2hib - ok
16:42:43.0234 5780        Point32        (896d916de06f5502d301e8c4dc442ae8) C:\WINDOWS\system32\DRIVERS\point32.sys
16:42:43.0234 5780        Point32 - ok
16:42:43.0250 5780        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:42:43.0312 5780        PptpMiniport - ok
16:42:43.0328 5780        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:42:43.0390 5780        PSched - ok
16:42:43.0406 5780        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:42:43.0484 5780        Ptilink - ok
16:42:43.0500 5780        PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:42:43.0515 5780        PxHelp20 - ok
16:42:43.0515 5780        ql1080 - ok
16:42:43.0515 5780        Ql10wnt - ok
16:42:43.0531 5780        ql12160 - ok
16:42:43.0531 5780        ql1240 - ok
16:42:43.0546 5780        ql1280 - ok
16:42:43.0546 5780        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:42:43.0609 5780        RasAcd - ok
16:42:43.0640 5780        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:42:43.0718 5780        Rasl2tp - ok
16:42:43.0734 5780        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:42:43.0796 5780        RasPppoe - ok
16:42:43.0796 5780        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:42:43.0859 5780        Raspti - ok
16:42:43.0906 5780        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:42:43.0968 5780        Rdbss - ok
16:42:43.0984 5780        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:42:44.0046 5780        RDPCDD - ok
16:42:44.0078 5780        RDPWD          (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:42:44.0093 5780        RDPWD - ok
16:42:44.0140 5780        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:42:44.0203 5780        redbook - ok
16:42:44.0296 5780        RTHDMIAzAudService (eb5a4e5437c643517f9d0fa0535310af) C:\WINDOWS\system32\drivers\RtKHDMI.sys
16:42:44.0453 5780        RTHDMIAzAudService - ok
16:42:44.0515 5780        RTLE8023xp      (d3578c3806ed545e5c36b2a20f5c0b5a) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
16:42:44.0531 5780        RTLE8023xp - ok
16:42:44.0562 5780        Secdrv          (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:42:44.0625 5780        Secdrv - ok
16:42:44.0671 5780        Sentinel        (05f03d7f2999431c53ce254da1301b31) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
16:42:44.0687 5780        Sentinel ( UnsignedFile.Multi.Generic ) - warning
16:42:44.0687 5780        Sentinel - detected UnsignedFile.Multi.Generic (1)
16:42:44.0718 5780        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:42:44.0796 5780        serenum - ok
16:42:44.0828 5780        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
16:42:44.0906 5780        Serial - ok
16:42:44.0968 5780        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:42:45.0031 5780        Sfloppy - ok
16:42:45.0031 5780        Simbad - ok
16:42:45.0078 5780        SKYNET          (69608080ba674d9942f0373e5bcab2f9) C:\WINDOWS\system32\DRIVERS\SkyNET.SYS
16:42:45.0093 5780        SKYNET - ok
16:42:45.0125 5780        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:42:45.0187 5780        SLIP - ok
16:42:45.0203 5780        Sparrow - ok
16:42:45.0218 5780        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:42:45.0281 5780        splitter - ok
16:42:45.0328 5780        sptd            (f42efefb765235f24b24e1d2b6f99f46) C:\WINDOWS\System32\Drivers\sptd.sys
16:42:45.0328 5780        Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: f42efefb765235f24b24e1d2b6f99f46
16:42:45.0328 5780        sptd ( LockedFile.Multi.Generic ) - warning
16:42:45.0328 5780        sptd - detected LockedFile.Multi.Generic (1)
16:42:45.0343 5780        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
16:42:45.0375 5780        sr - ok
16:42:45.0406 5780        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:42:45.0437 5780        Srv - ok
16:42:45.0484 5780        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
16:42:45.0500 5780        ssmdrv - ok
16:42:45.0515 5780        StarOpen        (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
16:42:45.0515 5780        StarOpen ( UnsignedFile.Multi.Generic ) - warning
16:42:45.0515 5780        StarOpen - detected UnsignedFile.Multi.Generic (1)
16:42:45.0531 5780        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:42:45.0609 5780        streamip - ok
16:42:45.0625 5780        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:42:45.0687 5780        swenum - ok
16:42:45.0703 5780        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:42:45.0765 5780        swmidi - ok
16:42:45.0765 5780        symc810 - ok
16:42:45.0781 5780        symc8xx - ok
16:42:45.0781 5780        sym_hi - ok
16:42:45.0796 5780        sym_u3 - ok
16:42:45.0796 5780        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:42:45.0859 5780        sysaudio - ok
16:42:45.0890 5780        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:42:45.0937 5780        Tcpip - ok
16:42:45.0968 5780        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:42:46.0046 5780        TDPIPE - ok
16:42:46.0078 5780        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:42:46.0140 5780        TDTCP - ok
16:42:46.0156 5780        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:42:46.0234 5780        TermDD - ok
16:42:46.0281 5780        tffsport        (d9d5e4ca72270e9f3eca97da0983ab87) C:\WINDOWS\system32\DRIVERS\tffsport.sys
16:42:46.0328 5780        tffsport - ok
16:42:46.0343 5780        TosIde - ok
16:42:46.0375 5780        TSMPacket      (7c1367bff5587cf49c0ed2e664f6eac0) C:\WINDOWS\system32\DRIVERS\tsmpkt.sys
16:42:46.0375 5780        TSMPacket ( UnsignedFile.Multi.Generic ) - warning
16:42:46.0375 5780        TSMPacket - detected UnsignedFile.Multi.Generic (1)
16:42:46.0406 5780        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:42:46.0468 5780        Udfs - ok
16:42:46.0484 5780        ultra - ok
16:42:46.0562 5780        UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Programme\Unlocker\UnlockerDriver5.sys
16:42:46.0578 5780        UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
16:42:46.0578 5780        UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
16:42:46.0609 5780        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:42:46.0687 5780        Update - ok
16:42:46.0703 5780        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
16:42:46.0765 5780        usbaudio - ok
16:42:46.0812 5780        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:42:46.0875 5780        usbccgp - ok
16:42:46.0890 5780        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:42:46.0968 5780        usbehci - ok
16:42:47.0000 5780        usbhub          (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:42:47.0078 5780        usbhub - ok
16:42:47.0093 5780        usbohci        (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:42:47.0171 5780        usbohci - ok
16:42:47.0203 5780        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:42:47.0265 5780        usbprint - ok
16:42:47.0281 5780        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:42:47.0343 5780        usbscan - ok
16:42:47.0343 5780        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:42:47.0406 5780        USBSTOR - ok
16:42:47.0421 5780        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:42:47.0484 5780        usbuhci - ok
16:42:47.0500 5780        usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
16:42:47.0578 5780        usbvideo - ok
16:42:47.0609 5780        uxpatch        (628c632710ab55747cb5bcc68716be21) C:\WINDOWS\system32\drivers\uxpatch.sys
16:42:47.0625 5780        uxpatch - ok
16:42:47.0656 5780        VBoxDrv        (103b23ec82c08fc4bdbc369552ffab2a) C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
16:42:47.0656 5780        VBoxDrv - ok
16:42:47.0687 5780        VBoxNetAdp      (226cd9e42be28a84ec56430fbb57224f) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
16:42:47.0687 5780        VBoxNetAdp - ok
16:42:47.0703 5780        VBoxNetFlt      (0a5d6512dcb14135a388d0e7e69e01bb) C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
16:42:47.0703 5780        VBoxNetFlt - ok
16:42:47.0734 5780        VBoxUSBMon      (96a478edfb1fbf1fc663beb09b4175a8) C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
16:42:47.0734 5780        VBoxUSBMon - ok
16:42:47.0781 5780        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:42:47.0828 5780        VgaSave - ok
16:42:47.0843 5780        ViaIde - ok
16:42:47.0875 5780        vmci            (6f5d703bf312cb6cda78948763cb1e0d) C:\WINDOWS\system32\Drivers\vmci.sys
16:42:47.0875 5780        vmci - ok
16:42:47.0921 5780        vmkbd          (27df4aece721961f9c9064a31790f2ea) C:\WINDOWS\system32\drivers\VMkbd.sys
16:42:47.0921 5780        vmkbd - ok
16:42:47.0953 5780        vmm            (5bfd1ab294525a42e7ddbe85fc22d02e) C:\WINDOWS\system32\Drivers\vmm.sys
16:42:47.0968 5780        vmm - ok
16:42:47.0968 5780        VMnetAdapter    (e41704d8149992107b333cc7a52c07cc) C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
16:42:47.0984 5780        VMnetAdapter - ok
16:42:48.0000 5780        VMnetBridge    (37487769258ee1ee792517647c8982a4) C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
16:42:48.0000 5780        VMnetBridge - ok
16:42:48.0015 5780        VMnetuserif    (ea10f0c9333388d2ecc4068efb8c366d) C:\WINDOWS\system32\drivers\vmnetuserif.sys
16:42:48.0031 5780        VMnetuserif - ok
16:42:48.0046 5780        VMparport      (311e4d0703f53faf7e7a5b3a2641d4fa) C:\WINDOWS\system32\Drivers\VMparport.sys
16:42:48.0046 5780        VMparport - ok
16:42:48.0109 5780        vmx86          (35dc7079a413484423750db5d40b8ea6) C:\WINDOWS\system32\Drivers\vmx86.sys
16:42:48.0140 5780        vmx86 - ok
16:42:48.0156 5780        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
16:42:48.0234 5780        VolSnap - ok
16:42:48.0250 5780        VPCNetS2        (776b784b4f4d0be767c289f59a21ef20) C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
16:42:48.0296 5780        VPCNetS2 - ok
16:42:48.0343 5780        vstor2-mntapi10-shared (f3ee13b14a3288ed5e0e44fb8dc424f3) C:\WINDOWS\system32\drivers\vstor2-mntapi10-shared.sys
16:42:48.0343 5780        vstor2-mntapi10-shared - ok
16:42:48.0421 5780        vstor2-ws60    (98929c5c5314c4c048e2f60492c26723) C:\Programme\VMware\VMware Player\vstor2-ws60.sys
16:42:48.0421 5780        vstor2-ws60 - ok
16:42:48.0453 5780        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:42:48.0515 5780        Wanarp - ok
16:42:48.0562 5780        Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
16:42:48.0578 5780        Wdf01000 - ok
16:42:48.0625 5780        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:42:48.0703 5780        wdmaud - ok
16:42:48.0750 5780        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:42:48.0828 5780        WS2IFSL - ok
16:42:48.0859 5780        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:42:48.0921 5780        WSTCODEC - ok
16:42:48.0968 5780        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:42:49.0000 5780        WudfPf - ok
16:42:49.0015 5780        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:42:49.0031 5780        WudfRd - ok
16:42:49.0062 5780        MBR (0x1B8)    (6aefa2bac284226f1a5aed86e53d7bb9) \Device\Harddisk0\DR0
16:42:49.0093 5780        \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:42:49.0093 5780        \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:42:49.0093 5780        MBR (0x1B8)    (4004072431421eb6987f1a76377d26f0) \Device\Harddisk1\DR1
16:42:49.0109 5780        \Device\Harddisk1\DR1 - ok
16:42:49.0140 5780        MBR (0x1B8)    (0792f22bcc85cfd3b28324561fffcabb) \Device\Harddisk2\DR9
16:42:49.0562 5780        \Device\Harddisk2\DR9 - ok
16:42:49.0562 5780        MBR (0x1B8)    (0792f22bcc85cfd3b28324561fffcabb) \Device\Harddisk7\DR15
16:42:52.0015 5780        \Device\Harddisk7\DR15 - ok
16:42:52.0015 5780        Boot (0x1200)  (bd33e6ce19a0945d6030f6bd7fdf4f17) \Device\Harddisk0\DR0\Partition0
16:42:52.0015 5780        \Device\Harddisk0\DR0\Partition0 - ok
16:42:52.0031 5780        Boot (0x1200)  (1f7f6ecbc3c799c0fa1708e19d867ee5) \Device\Harddisk0\DR0\Partition1
16:42:52.0031 5780        \Device\Harddisk0\DR0\Partition1 - ok
16:42:52.0031 5780        Boot (0x1200)  (1ee98097fdfa3868e609545d52fa3441) \Device\Harddisk1\DR1\Partition0
16:42:52.0031 5780        \Device\Harddisk1\DR1\Partition0 - ok
16:42:52.0046 5780        Boot (0x1200)  (47a119c6ff99c39eca70f294d165430b) \Device\Harddisk1\DR1\Partition1
16:42:52.0046 5780        \Device\Harddisk1\DR1\Partition1 - ok
16:42:52.0062 5780        Boot (0x1200)  (946e99e0407b625b3395fe52dbca7fde) \Device\Harddisk2\DR9\Partition0
16:42:52.0078 5780        \Device\Harddisk2\DR9\Partition0 - ok
16:42:52.0078 5780        Boot (0x1200)  (9c30da73962effbfb6da61ecedaec1f0) \Device\Harddisk7\DR15\Partition0
16:42:52.0078 5780        \Device\Harddisk7\DR15\Partition0 - ok
16:42:52.0078 5780        ============================================================
16:42:52.0078 5780        Scan finished
16:42:52.0078 5780        ============================================================
16:42:52.0187 5752        Detected object count: 8
16:42:52.0187 5752        Actual detected object count: 8
16:44:16.0828 5752        C:\WINDOWS\System32\Drivers\BANTExt.sys - copied to quarantine
16:44:16.0828 5752        HKLM\SYSTEM\ControlSet001\services\BANTExt - will be deleted on reboot
16:44:16.0828 5752        HKLM\SYSTEM\ControlSet002\services\BANTExt - will be deleted on reboot
16:44:16.0828 5752        HKLM\SYSTEM\ControlSet003\services\BANTExt - will be deleted on reboot
16:44:16.0843 5752        C:\WINDOWS\System32\Drivers\BANTExt.sys - will be deleted on reboot
16:44:16.0843 5752        BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:16.0890 5752        C:\WINDOWS\system32\Drivers\DrvAgent32.sys - copied to quarantine
16:44:16.0890 5752        HKLM\SYSTEM\ControlSet001\services\DrvAgent32 - will be deleted on reboot
16:44:16.0890 5752        HKLM\SYSTEM\ControlSet002\services\DrvAgent32 - will be deleted on reboot
16:44:16.0890 5752        HKLM\SYSTEM\ControlSet003\services\DrvAgent32 - will be deleted on reboot
16:44:16.0890 5752        C:\WINDOWS\system32\Drivers\DrvAgent32.sys - will be deleted on reboot
16:44:16.0890 5752        DrvAgent32 ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:16.0953 5752        C:\WINDOWS\System32\Drivers\SENTINEL.SYS - copied to quarantine
16:44:16.0953 5752        HKLM\SYSTEM\ControlSet001\services\Sentinel - will be deleted on reboot
16:44:16.0953 5752        HKLM\SYSTEM\ControlSet002\services\Sentinel - will be deleted on reboot
16:44:16.0953 5752        HKLM\SYSTEM\ControlSet003\services\Sentinel - will be deleted on reboot
16:44:16.0953 5752        C:\WINDOWS\System32\Drivers\SENTINEL.SYS - will be deleted on reboot
16:44:16.0953 5752        Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:17.0031 5752        C:\WINDOWS\System32\Drivers\sptd.sys - copied to quarantine
16:44:17.0031 5752        HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
16:44:17.0031 5752        HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
16:44:17.0031 5752        HKLM\SYSTEM\ControlSet003\services\sptd - will be deleted on reboot
16:44:17.0031 5752        C:\WINDOWS\System32\Drivers\sptd.sys - will be deleted on reboot
16:44:17.0031 5752        sptd ( LockedFile.Multi.Generic ) - User select action: Delete
16:44:17.0078 5752        C:\WINDOWS\system32\drivers\StarOpen.sys - copied to quarantine
16:44:17.0078 5752        HKLM\SYSTEM\ControlSet001\services\StarOpen - will be deleted on reboot
16:44:17.0078 5752        HKLM\SYSTEM\ControlSet002\services\StarOpen - will be deleted on reboot
16:44:17.0078 5752        HKLM\SYSTEM\ControlSet003\services\StarOpen - will be deleted on reboot
16:44:17.0078 5752        C:\WINDOWS\system32\drivers\StarOpen.sys - will be deleted on reboot
16:44:17.0078 5752        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:17.0156 5752        C:\WINDOWS\system32\DRIVERS\tsmpkt.sys - copied to quarantine
16:44:17.0156 5752        HKLM\SYSTEM\ControlSet001\services\TSMPacket - will be deleted on reboot
16:44:17.0156 5752        HKLM\SYSTEM\ControlSet002\services\TSMPacket - will be deleted on reboot
16:44:17.0156 5752        HKLM\SYSTEM\ControlSet003\services\TSMPacket - will be deleted on reboot
16:44:17.0156 5752        C:\WINDOWS\system32\DRIVERS\tsmpkt.sys - will be deleted on reboot
16:44:17.0156 5752        TSMPacket ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:17.0234 5752        C:\Programme\Unlocker\UnlockerDriver5.sys - copied to quarantine
16:44:17.0234 5752        HKLM\SYSTEM\ControlSet001\services\UnlockerDriver5 - will be deleted on reboot
16:44:17.0234 5752        HKLM\SYSTEM\ControlSet002\services\UnlockerDriver5 - will be deleted on reboot
16:44:17.0234 5752        HKLM\SYSTEM\ControlSet003\services\UnlockerDriver5 - will be deleted on reboot
16:44:17.0250 5752        C:\Programme\Unlocker\UnlockerDriver5.sys - will be deleted on reboot
16:44:17.0250 5752        UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Delete
16:44:17.0250 5752        \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
16:44:17.0281 5752        \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
16:44:17.0281 5752        \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
16:44:17.0281 5752        \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
16:44:17.0281 5752        \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
16:44:17.0296 5752        \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:44:17.0296 5752        \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:44:17.0312 5752        \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:44:17.0312 5752        \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
16:44:17.0328 5752        \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:44:17.0343 5752        \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
16:44:17.0343 5752        \Device\Harddisk0\DR0\TDLFS - deleted
16:44:17.0343 5752        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
16:44:29.0921 5272        Deinitialize success
Zu Glück kann ich diesen Vorgang noch schildern, da ich auf meiner zweiten Festplatte Ubuntu installiert Habe

cosinus 24.02.2012 19:04
Zitat:
Nachdem ich die mit TDSS gefundenen 8 Fehler mit "delete" entfernt habe, startete der Computer neu. Danach komme ich jetzt nicht mehr ins Netz und kann auch keine Mails aufrufen
Tja, selber schuld, du hast meine Anweisung auch missachtet!
Du solltest nur das TDSS File System löschen, ich hab nicht geschrieben, dass alles gelöscht werden soll!
Versuch mit dem TDSS-Killer die Elemente aus der Q wiederherzustellen, wenn das nicht geht, darfst du hier weitermachen => Neuinstallation von Windows

rolli0815 24.02.2012 19:13
Hallo Arne,
habe offenbar nicht verstanden, was mit TDSS File System gemeint ist. Da ich zur Zeit noch in Ubuntu bin, habe ich die Wiederherstellung noch nicht versucht. Dürfte wahrscheinlich schwierig sein , da ich nicht verschoben habe sondern delete ausgewählt habe. Ist denn eine Neuinstallation erforderlch? Alle anderen Funktionen laufen noch.

cosinus 24.02.2012 19:22
Ich kann einfach nicht nachvollziehen warum du alles gelöscht hast

Meine Anweisung war doch: "Das TDSS File System bitte mit dem TDSS-Killer löschen lassen"
Und darüber war nur die Zeile mit dem TDSS File System zitiert :(

Wenn du es nicht genau verstehst kannst du ja nachfragen. Aber gleich alles löschen war einfach nur absurd und ich fürchte du hast dir damit dein Windows zerschossen

rolli0815 24.02.2012 19:26
Hallo Arne,
zunächst vielen dank für die Hilfe. Wenn man zu blöd ist, muss man eben leiden. Werde wieder zurück nach XP gehen und versuchen was zu retten ist. Danach werde ich berichten
Gruß

rolli

cosinus 24.02.2012 19:28
Sichern kannst du ja noch alles mit Ubuntu auf eine externe Platte.
Nur blöderweise macht eine Neuinstallation mit WinXP auch dein Ubuntu wieder platt :(

rolli0815 25.02.2012 11:05
Hallo Arne, habe im PC doch 2 getrennte interne Festplatten. Eine mit XP auf einer Partition (C:) und eine mit Ubuntu. Wenn ich nun die Partition C platt mache und dort Xp neu aufsetze dürfte doch das Ubuntu auf der anderen Festplatte unberührt bleiben.

cosinus 26.02.2012 14:54
Zitat:
Hallo Arne, habe im PC doch 2 getrennte interne Festplatten. Eine mit XP auf einer Partition
Zwei Partitionen bedeuten nicht zwei verschiedene Festplatten!
Hast du tatsächlich zwei Platen oder nur eine? Dass bei einer diese in mehrere Partitionen aufgeteilt werden musste ist ja logisch wenn Ubuntu installiert ist.

mach mal in Ubuntu im Terminal ein

Code:
sudo fdisk -lu
oder poste einen Scrennshot von GParted oder der Laufwerkverwaltung

rolli0815 26.02.2012 19:04
Hallo Arne, ich habe wie schon mitgeteilt zwei separate interne Festplatte.
Code:
rolli@rolli-desktop:~$ sudo fdisk -lu
[sudo] password for rolli:

Platte /dev/sda: 500.1 GByte, 500107862016 Byte
255 Köpfe, 63 Sektoren/Spur, 60801 Zylinder, zusammen 976773168 Sektoren
Einheiten = Sektoren von 1 × 512 = 512 Bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xedc6edc6

  Gerät  boot.    Anfang        Ende    Blöcke  Id  System
/dev/sda1  *          63  488375999  244187968+  7  HPFS/NTFS
/dev/sda2      488376000  976751999  244188000    f  W95 Erw. (LBA)
/dev/sda5      488376063  976751999  244187968+  7  HPFS/NTFS

Platte /dev/sdb: 500.1 GByte, 500107862016 Byte
255 Köpfe, 63 Sektoren/Spur, 60801 Zylinder, zusammen 976773168 Sektoren
Einheiten = Sektoren von 1 × 512 = 512 Bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000d3168

  Gerät  boot.    Anfang        Ende    Blöcke  Id  System
/dev/sdb1      102462570  241665794    69601612+  7  HPFS/NTFS
/dev/sdb2      488392065  976768064  244188000    7  HPFS/NTFS
/dev/sdb3      241665795  488392064  123363135    5  Erweiterte
/dev/sdb4              63  102462569    51231253+  83  Linux
/dev/sdb5      241665858  478287179  118310661  83  Linux
/dev/sdb6      478287243  488392064    5052411  82  Linux Swap / Solaris

Partitionstabelleneinträge sind nicht in Platten-Reihenfolge

Platte /dev/sdc: 320.1 GByte, 320072933376 Byte
255 Köpfe, 63 Sektoren/Spur, 38913 Zylinder, zusammen 625142448 Sektoren
Einheiten = Sektoren von 1 × 512 = 512 Bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0008d811

  Gerät  boot.    Anfang        Ende    Blöcke  Id  System
/dev/sdc1  *          63  625137344  312568641    7  HPFS/NTFS

Platte /dev/sdi: 1000.2 GByte, 1000202043392 Byte
255 Köpfe, 63 Sektoren/Spur, 121600 Zylinder, zusammen 1953519616 Sektoren
Einheiten = Sektoren von 1 × 512 = 512 Bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00081129

  Gerät  boot.    Anfang        Ende    Blöcke  Id  System
/dev/sdi1      1133032320  1953503999  410235840    7  HPFS/NTFS
/dev/sdi2              63  1133032319  566516128+  83  Linux

Partitionstabelleneinträge sind nicht in Platten-Reihenfolge
rolli@rolli-desktop:~$

cosinus 26.02.2012 19:45
Ja wenn du mehrere Platten hast...
Auf welcher wurde denn GRUB installiert?

rolli0815 26.02.2012 22:20
Hallo Arne,
Code:
rolli@rolli-desktop:~$ cat /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by /usr/sbin/grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
  load_env
fi
set default="0"
if [ ${prev_saved_entry} ]; then
  set saved_entry=${prev_saved_entry}
  save_env saved_entry
  set prev_saved_entry=
  save_env prev_saved_entry
  set boot_once=true
fi

function savedefault {
  if [ -z ${boot_once} ]; then
    saved_entry=${chosen}
    save_env saved_entry
  fi
}

function recordfail {
  set recordfail=1
  if [ -n ${have_grubenv} ]; then if [ -z ${boot_once} ]; then save_env recordfail; fi; fi
}
insmod ext2
set root='(hd1,5)'
search --no-floppy --fs-uuid --set 8ed1e996-3db0-4dd4-88a9-69c2366b78a1
if loadfont /usr/share/grub/unicode.pf2 ; then
  set gfxmode=640x480
  insmod gfxterm
  insmod vbe
  if terminal_output gfxterm ; then true ; else
    # For backward compatibility with versions of terminal.mod that don't
    # understand terminal_output
    terminal gfxterm
  fi
fi
insmod ext2
set root='(hd1,5)'
search --no-floppy --fs-uuid --set 8ed1e996-3db0-4dd4-88a9-69c2366b78a1
set locale_dir=($root)/boot/grub/locale
set lang=de
insmod gettext
if [ ${recordfail} = 1 ]; then
  set timeout=-1
else
  set timeout=10
fi
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/05_debian_theme ###
set menu_color_normal=white/black
set menu_color_highlight=black/light-gray
### END /etc/grub.d/05_debian_theme ###

### BEGIN /etc/grub.d/10_linux ###
menuentry 'Ubuntu, mit Linux 2.6.32-38-generic' --class ubuntu --class gnu-linux --class gnu --class os {
        recordfail
        insmod ext2
        set root='(hd1,5)'
        search --no-floppy --fs-uuid --set 8ed1e996-3db0-4dd4-88a9-69c2366b78a1
        linux        /boot/vmlinuz-2.6.32-38-generic root=UUID=8ed1e996-3db0-4dd4-88a9-69c2366b78a1 ro  quiet splash
        initrd        /boot/initrd.img-2.6.32-38-generic
}
menuentry 'Ubuntu, mit Linux 2.6.32-38-generic (Wiederherstellungsmodus)' --class ubuntu --class gnu-linux --class gnu --class os {
        recordfail
        insmod ext2
        set root='(hd1,5)'
        search --no-floppy --fs-uuid --set 8ed1e996-3db0-4dd4-88a9-69c2366b78a1
        echo        'Linux 2.6.32-38-generic wird geladen …'
        linux        /boot/vmlinuz-2.6.32-38-generic root=UUID=8ed1e996-3db0-4dd4-88a9-69c2366b78a1 ro single
        echo        'Initiale Ramdisk wird geladen …'
        initrd        /boot/initrd.img-2.6.32-38-generic
}
menuentry 'Ubuntu, mit Linux 2.6.32-37-generic' --class ubuntu --class gnu-linux --class gnu --class os {
        recordfail
        insmod ext2
        set root='(hd1,5)'
        search --no-floppy --fs-uuid --set 8ed1e996-3db0-4dd4-88a9-69c2366b78a1
        linux        /boot/vmlinuz-2.6.32-37-generic root=UUID=8ed1e996-3db0-4dd4-88a9-69c2366b78a1 ro  quiet splash
        initrd        /boot/initrd.img-2.6.32-37-generic
}
menuentry 'Ubuntu, mit Linux 2.6.32-37-generic (Wiederherstellungsmodus)' --class ubuntu --class gnu-linux --class gnu --class os {
        recordfail
        insmod ext2
        set root='(hd1,5)'
        search --no-floppy --fs-uuid --set 8ed1e996-3db0-4dd4-88a9-69c2366b78a1
        echo        'Linux 2.6.32-37-generic wird geladen …'
        linux        /boot/vmlinuz-2.6.32-37-generic root=UUID=8ed1e996-3db0-4dd4-88a9-69c2366b78a1 ro single
        echo        'Initiale Ramdisk wird geladen …'
        initrd        /boot/initrd.img-2.6.32-37-generic
}
### END /etc/grub.d/10_linux ###

### BEGIN /etc/grub.d/20_memtest86+ ###
menuentry "Memory test (memtest86+)" {
        insmod ext2
        set root='(hd1,5)'
        search --no-floppy --fs-uuid --set 8ed1e996-3db0-4dd4-88a9-69c2366b78a1
        linux16        /boot/memtest86+.bin
}
menuentry "Memory test (memtest86+, serial console 115200)" {
        insmod ext2
        set root='(hd1,5)'
        search --no-floppy --fs-uuid --set 8ed1e996-3db0-4dd4-88a9-69c2366b78a1
        linux16        /boot/memtest86+.bin console=ttyS0,115200n8
}
### END /etc/grub.d/20_memtest86+ ###

### BEGIN /etc/grub.d/30_os-prober ###
menuentry "Microsoft Windows XP Home Edition (on /dev/sda1)" {
        insmod ntfs
        set root='(hd0,1)'
        search --no-floppy --fs-uuid --set BA6CAADB6CAA91A5
        drivemap -s (hd0) ${root}
        chainloader +1
}
### END /etc/grub.d/30_os-prober ###

### BEGIN /etc/grub.d/40_custom ###
# This file provides an easy way to add custom menu entries.  Simply type the
# menu entries you want to add after this comment.  Be careful not to change
# the 'exec tail' line above.
### END /etc/grub.d/40_custom ###
rolli@rolli-desktop:~$

cosinus 26.02.2012 22:37
also die grub.cfg wollte ich eigentlich nicht sehen :confused:

Auf der ersten Platte scheint ja Windows und auf der zweiten Platte Linux installiert zu sein. Angenommen GRUB wäre auf der zweiten Platte, müsstest du jedesmal via Bootdevice-Menü im BIOS erstmal auswählen von welcher Platte du starten willst, falls es die zweite sein soll auf der Linux ist.

Ist bei dir bestimmt nich nicht oder? Du machst den Rechner an und GRUB meldet sich wo du auswählen kannst ob Windows oder Linux?

rolli0815 26.02.2012 23:14
Hallo, Du hast es richtig beschrieben. Demnach wird Grub nach der Neuinstallation untergegangen sein. Hatte den Fall schon einmal vor einigen Jahren aber habe leider die damalige Lösung vergessen.

Gruß rolli

cosinus 27.02.2012 10:09
GRUB kannst du reparieren => GRUB 2

Geht auch rel. einfach mit Rescatux - Super Grub Disk

rolli0815 27.02.2012 11:33
Hallo Arne,
ich verstehe das so, dass ich nach der Neuinstallation von XP die Rescatux CD zum Einsatz bringe. Liege ich damit richtig?

Gruß rolli


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:19 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131