Trojaner-Board
Seite 4 von 4 « Erste 23 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   [Schadprogramm] Windows Restore beseitigt und t.w. noch Probleme (https://www.trojaner-board.de/98419-schadprogramm-windows-restore-beseitigt-t-w-noch-probleme.html)

Drummer_Shoo 29.06.2011 19:08
Ich hab nur die OTL.txt:

Code:
OTL logfile created on: 6/29/2011 8:56:04 PM - Run
OTLPE by OldTimer - Version 3.1.46.0    Folder = X:\Programs\OTLPE
Windows 7 Home Premium  (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = I: | %SystemRoot% = I:\Windows | %ProgramFiles% = I:\Program Files
Drive C: | 100.00 Mb Total Space | 75.86 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive D: | 232.83 Gb Total Space | 108.45 Gb Free Space | 46.58% Space Free | Partition Type: FAT32
Drive I: | 443.13 Gb Total Space | 315.39 Gb Free Space | 71.17% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/05/25 11:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Disabled] -- I:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/05/01 17:00:36 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- I:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/21 07:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand] -- I:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/03/20 05:42:20 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- I:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/11/18 08:35:50 | 000,240,112 | ---- | M] (CyberLink) [Disabled] -- I:\Program Files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_E92D8507)
SRV - [2010/07/04 05:44:03 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- I:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/10 18:45:04 | 000,124,832 | ---- | M] () [Disabled] -- I:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007/03/22 05:09:16 | 001,689,304 | ---- | M] ( ) [Auto] -- I:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe -- (AshampooDefragService)
SRV - [2005/11/17 09:18:52 | 001,527,900 | ---- | M] (MAGIX®) [Disabled] -- I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005/03/04 06:42:08 | 000,315,392 | ---- | M] (AVM Berlin) [On_Demand] -- I:\Program Files\Common Files\AVM\De_serv.exe -- (de_serv)
SRV - [2005/03/04 05:50:00 | 000,118,784 | ---- | M] (AVM Berlin) [Auto] -- I:\Program Files\FRITZ!DSL\IGDCTRL.EXE -- (AVM IGD CTRL Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (catchme)
DRV - [2011/06/28 16:31:30 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- I:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011/03/20 05:42:20 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System] -- I:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/02 09:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/12/02 09:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/12/02 09:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand] -- I:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/12/02 09:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand] -- I:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/11/22 17:55:16 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto] -- I:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/10/13 16:49:42 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2010/08/14 11:59:32 | 000,281,760 | ---- | M] () [Kernel | Auto] -- I:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/08/14 11:59:32 | 000,025,888 | ---- | M] () [Kernel | Auto] -- I:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/07/10 00:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- I:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- I:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/19 10:10:38 | 000,087,536 | ---- | M] (CyberLink Corp.) [2011/06/07 21:11:23] [Kernel | Auto] -- I:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009/12/21 20:26:36 | 000,030,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009/11/20 07:15:18 | 000,137,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2009/11/20 07:15:16 | 000,058,880 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009/10/07 08:48:58 | 000,163,368 | ---- | M] (CyberLink Corporation.) [File_System | Auto] -- I:\Windows\System32\drivers\CLBUDF.sys -- (CLBUDF)
DRV - [2009/10/07 08:48:58 | 000,015,784 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System] -- I:\Windows\System32\drivers\CLBStor.sys -- (CLBStor)
DRV - [2009/07/13 21:19:10 | 000,245,328 | ---- | M] () [Kernel | Boot] -- I:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- I:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/04 21:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- I:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009/04/29 09:37:26 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- I:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86)
DRV - [2009/03/18 11:35:40 | 000,026,176 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- I:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/27 06:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- I:\Windows\System32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007/07/27 04:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- I:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007/05/11 10:17:25 | 000,221,184 | ---- | M] (TerraTec Electronic GmbH.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\Cinergy_HT_PCI_MKII.sys -- (Cinergy_HT_PCI_MKII) Cinergy HT PCI (MKII)
DRV - [2004/07/14 06:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto] -- I:\Windows\System32\drivers\hardlock.sys -- (Hardlock)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
 
IE - HKU\.DEFAULT\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\Melms_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\Melms_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Melms_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 37 13 EE 64 48 11 CB 01  [binary data]
IE - HKU\Melms_ON_I\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Melms_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Melms_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/05/22 10:36:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/05/22 10:36:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/06/18 16:02:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/22 12:08:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/15 06:43:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/06/18 16:02:35 | 000,000,000 | ---D | M]
 
[2011/05/04 11:40:05 | 000,000,000 | ---D | M] (No name found) -- I:\Program Files\Mozilla Firefox\extensions
[2010/07/17 03:13:10 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/01/12 03:21:14 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/03 14:02:49 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/06/22 12:08:27 | 000,142,296 | ---- | M] (Mozilla Foundation) -- I:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/04/13 23:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- I:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/12/09 06:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- I:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/01/01 04:00:00 | 000,001,392 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 04:00:00 | 000,001,153 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/01/01 04:00:00 | 000,006,805 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/01/01 04:00:00 | 000,001,178 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/01/01 04:00:00 | 000,001,105 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011/05/08 09:58:58 | 000,000,027 | ---- | M]) - I:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - I:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Idea2 SidebarBrowserMonitor Class) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - I:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - I:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - I:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O4 - HKLM..\Run: [Adobe Photo Downloader] I:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] I:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] I:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] I:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [InstantBurn] I:\Program Files\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.)
O4 - HKLM..\Run: [Name of App] I:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe ( )
O4 - HKLM..\Run: [NokiaMServer] I:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NUSB3MON] I:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKU\Melms_ON_I..\Run: []  File not found
O4 - HKU\Melms_ON_I..\Run: [NokiaOviSuite2] I:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKU\Melms_ON_I..\Run: [Remote Control Editor] I:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe (TerraTec Electronic GmbH)
O4 - HKU\Melms_ON_I..\Run: [SIDEBAR] I:\Program Files\Desktop Sidebar\dsidebar.exe (Idea2)
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\Melms_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - I:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O9 - Extra 'Tools' menuitem : Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - I:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - I:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - I:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - I:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - I:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - I:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - I:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/06/28 16:32:21 | 127,222,215 | ---- | C] (Igor Pavlov) -- I:\Users\Melms\Desktop\OTLPENet.exe
[2011/06/28 16:31:30 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- I:\Windows\System32\drivers\sptd.sys
[2011/06/28 16:30:44 | 000,000,000 | ---D | C] -- I:\Program Files\LSoft Technologies
[2011/06/28 16:30:44 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2011/06/28 16:29:49 | 004,940,440 | ---- | C] (Macrovision Corporation) -- I:\Users\Melms\Desktop\IsoBurner-Setup.exe
[2011/06/26 10:04:31 | 000,000,000 | ---D | C] -- I:\Sierra
[2011/06/26 10:04:31 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
[2011/06/18 16:09:16 | 000,000,000 | ---D | C] -- I:\ProgramData\NokiaAccount
[2011/06/18 16:04:04 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Local\Nokia
[2011/06/18 16:03:44 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/06/18 16:02:25 | 000,000,000 | ---D | C] -- I:\Program Files\PC Connectivity Solution
[2011/06/18 16:02:19 | 000,000,000 | -HSD | C] -- I:\Config.Msi
[2011/06/18 16:00:27 | 000,000,000 | ---D | C] -- I:\ProgramData\NokiaInstallerCache
[2011/06/16 13:48:59 | 000,161,792 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\d3d10_1.dll
[2011/06/16 13:48:52 | 000,599,552 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msfeeds.dll
[2011/06/16 13:48:52 | 000,381,440 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\iedkcs32.dll
[2011/06/16 13:48:51 | 001,638,912 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\mshtml.tlb
[2011/06/16 13:48:51 | 000,606,208 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\mstime.dll
[2011/06/16 13:48:51 | 000,386,048 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\html.iec
[2011/06/16 13:48:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\iepeers.dll
[2011/06/16 13:48:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\ieui.dll
[2011/06/16 13:48:51 | 000,064,512 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msfeedsbs.dll
[2011/06/16 13:48:51 | 000,048,128 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\jsproxy.dll
[2011/06/16 13:48:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\licmgr10.dll
[2011/06/16 13:48:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msfeedssync.exe
[2011/06/11 11:14:31 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011/06/11 11:13:31 | 000,000,000 | ---D | C] -- I:\Program Files\Activision
[2011/06/11 03:14:53 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- I:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/07 15:24:20 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Roaming\NVIDIA
[2011/06/07 15:24:06 | 000,000,000 | ---D | C] -- I:\Users\Melms\Documents\CyberLink
[2011/06/07 15:17:37 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Local\Power2Go
[2011/06/07 15:11:22 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2011/06/07 15:11:16 | 000,000,000 | ---D | C] -- I:\Program Files\Common Files\CyberLink
[2011/06/07 15:10:03 | 000,029,480 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msxml3a.dll
[2011/06/07 15:08:03 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Roaming\CyberLink
[2011/06/07 15:08:00 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Local\Cyberlink
[2011/06/07 15:05:23 | 000,000,000 | R--D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2011/06/07 15:05:20 | 000,000,000 | ---D | C] -- I:\Program Files\Common Files\LightScribe
[2011/06/07 15:04:23 | 000,163,368 | ---- | C] (CyberLink Corporation.) -- I:\Windows\System32\drivers\CLBUDF.sys
[2011/06/07 15:04:23 | 000,015,784 | ---- | C] (Cyberlink Co.,Ltd.) -- I:\Windows\System32\drivers\CLBStor.sys
[2011/06/07 15:04:10 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2011/06/07 15:04:04 | 000,000,000 | ---D | C] -- I:\Program Files\CyberLink
[2011/06/07 15:03:59 | 000,000,000 | ---D | C] -- I:\ProgramData\CyberLink
[2011/06/07 15:02:37 | 000,000,000 | ---D | C] -- I:\ProgramData\Temp
[2011/06/07 13:52:10 | 001,531,392 | ---- | C] (Toshiba Samsung Storage Technology Corporation) -- I:\Users\Melms\AppData\Roaming\tsdnwin.dll
[2011/06/07 13:35:54 | 000,000,000 | ---D | C] -- I:\Program Files\SAMSUNG
[2011/06/07 13:35:54 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\ODD Firmware LiveUpdate
[2011/05/31 15:14:30 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/05/31 15:14:29 | 000,000,000 | ---D | C] -- I:\Program Files\LogMeIn Hamachi
[2010/10/11 15:12:07 | 000,180,224 | ---- | C] ( ) -- I:\Windows\System32\rsnp2uvc.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/06/29 02:16:36 | 000,067,584 | --S- | M] () -- I:\Windows\bootstat.dat
[2011/06/29 02:06:03 | 000,014,624 | ---- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 02:06:03 | 000,014,624 | ---- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 01:59:32 | 000,000,431 | ---- | M] () -- I:\Users\Melms\AppData\Roaming\SamsungLiveUpdateConfig.ini
[2011/06/29 01:58:50 | 000,001,092 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/29 01:58:35 | 1610,309,632 | -HS- | M] () -- I:\hiberfil.sys
[2011/06/28 17:29:00 | 000,001,096 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/28 16:38:01 | 127,222,215 | ---- | M] (Igor Pavlov) -- I:\Users\Melms\Desktop\OTLPENet.exe
[2011/06/28 16:30:44 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2011/06/28 16:29:56 | 004,940,440 | ---- | M] (Macrovision Corporation) -- I:\Users\Melms\Desktop\IsoBurner-Setup.exe
[2011/06/28 16:04:39 | 000,031,137 | ---- | M] () -- I:\Users\Melms\Desktop\Bild3.png
[2011/06/27 02:29:09 | 000,668,302 | ---- | M] () -- I:\Windows\System32\perfh007.dat
[2011/06/27 02:29:09 | 000,619,894 | ---- | M] () -- I:\Windows\System32\perfh009.dat
[2011/06/27 02:29:09 | 000,134,150 | ---- | M] () -- I:\Windows\System32\perfc007.dat
[2011/06/27 02:29:09 | 000,110,082 | ---- | M] () -- I:\Windows\System32\perfc009.dat
[2011/06/26 15:30:42 | 000,046,186 | ---- | M] () -- I:\Users\Melms\Desktop\Bild2.png
[2011/06/26 11:11:53 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/26 10:13:37 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
[2011/06/26 10:13:34 | 000,000,403 | ---- | M] () -- I:\Windows\SIERRA.INI
[2011/06/18 16:03:44 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/06/18 15:48:05 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_User_wpdcomp_01_09_00.Wdf
[2011/06/18 15:47:48 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/06/18 04:07:53 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- I:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/17 02:31:05 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/06/11 11:14:31 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011/06/11 11:14:30 | 000,000,324 | ---- | M] () -- I:\Windows\game.ini
[2011/06/08 13:50:20 | 000,029,480 | ---- | M] (Microsoft Corporation) -- I:\Windows\System32\msxml3a.dll
[2011/06/07 15:17:26 | 000,344,400 | ---- | M] () -- I:\Windows\System32\FNTCACHE.DAT
[2011/06/07 15:09:48 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2011/06/07 15:05:23 | 000,000,000 | R--D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2011/06/07 13:52:26 | 001,531,392 | ---- | M] (Toshiba Samsung Storage Technology Corporation) -- I:\Users\Melms\AppData\Roaming\tsdnwin.dll
[2011/06/07 13:35:54 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\ODD Firmware LiveUpdate
[2011/06/05 15:07:52 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\sixteen tons entertainment
[2011/05/31 15:14:30 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
 
========== Files Created - No Company Name ==========
 
[2011/06/28 16:04:39 | 000,031,137 | ---- | C] () -- I:\Users\Melms\Desktop\Bild3.png
[2011/06/26 15:30:41 | 000,046,186 | ---- | C] () -- I:\Users\Melms\Desktop\Bild2.png
[2011/06/26 10:04:31 | 000,000,403 | ---- | C] () -- I:\Windows\SIERRA.INI
[2011/06/18 15:48:05 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_User_wpdcomp_01_09_00.Wdf
[2011/06/18 15:47:48 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/06/11 11:14:30 | 000,000,324 | ---- | C] () -- I:\Windows\game.ini
[2011/06/07 13:35:58 | 000,000,431 | ---- | C] () -- I:\Users\Melms\AppData\Roaming\SamsungLiveUpdateConfig.ini
[2011/05/08 09:51:03 | 000,256,512 | ---- | C] () -- I:\Windows\PEV.exe
[2011/05/08 09:51:03 | 000,098,816 | ---- | C] () -- I:\Windows\sed.exe
[2011/05/08 09:51:03 | 000,089,088 | ---- | C] () -- I:\Windows\MBR.exe
[2011/05/08 09:51:03 | 000,080,412 | ---- | C] () -- I:\Windows\grep.exe
[2011/05/08 09:51:03 | 000,068,096 | ---- | C] () -- I:\Windows\zip.exe
[2011/03/20 14:48:15 | 000,043,520 | ---- | C] () -- I:\Windows\System32\CmdLineExt03.dll
[2011/02/26 19:45:09 | 000,000,381 | ---- | C] () -- I:\Windows\BeatBox.INI
[2011/02/26 19:45:09 | 000,000,028 | ---- | C] () -- I:\Windows\Robota.INI
[2011/02/26 18:58:31 | 000,124,596 | ---- | C] () -- I:\Windows\System32\mlfcache.dat
[2011/02/05 14:09:24 | 000,139,152 | ---- | C] () -- I:\Windows\System32\drivers\PnkBstrK.sys
[2011/02/05 14:09:18 | 000,139,152 | ---- | C] () -- I:\Users\Melms\AppData\Roaming\PnkBstrK.sys
[2011/02/05 14:08:43 | 000,111,928 | ---- | C] () -- I:\Windows\System32\PnkBstrB.exe
[2011/02/05 14:08:40 | 000,794,408 | ---- | C] () -- I:\Windows\System32\pbsvc.exe
[2011/02/05 14:08:40 | 000,075,064 | ---- | C] () -- I:\Windows\System32\PnkBstrA.exe
[2011/02/03 15:56:57 | 000,000,019 | ---- | C] () -- I:\Windows\SoundConverter.INI
[2010/12/29 15:00:43 | 000,000,180 | ---- | C] () -- I:\Windows\System32\msftpd.exe
[2010/12/19 14:34:53 | 000,000,221 | ---- | C] () -- I:\Windows\SOFTEK.INI
[2010/10/19 11:18:19 | 000,002,464 | ---- | C] () -- I:\Windows\netdet.ini
[2010/10/15 15:00:00 | 000,007,168 | ---- | C] () -- I:\Users\Melms\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/11 15:12:07 | 000,237,568 | ---- | C] () -- I:\Windows\tsnp2uvc.exe
[2010/08/28 13:41:48 | 000,053,248 | ---- | C] () -- I:\Windows\System32\mgxasio2.dll
[2010/08/28 13:34:40 | 000,120,200 | ---- | C] () -- I:\Windows\System32\DLLDEV32i.dll
[2010/08/28 13:34:13 | 000,006,768 | ---- | C] () -- I:\Windows\mgxoschk.ini
[2010/08/14 11:26:47 | 000,007,597 | ---- | C] () -- I:\Users\Melms\AppData\Local\Resmon.ResmonCfg
[2010/08/14 11:14:19 | 000,281,760 | ---- | C] () -- I:\Windows\System32\drivers\atksgt.sys
[2010/08/14 11:14:14 | 000,025,888 | ---- | C] () -- I:\Windows\System32\drivers\lirsgt.sys
[2010/07/27 07:00:39 | 000,000,614 | ---- | C] () -- I:\Windows\eReg.dat
[2010/07/04 05:29:04 | 000,000,209 | ---- | C] () -- I:\Windows\ODBCINST.INI
[2009/08/02 18:21:54 | 000,197,912 | ---- | C] () -- I:\Windows\System32\physxcudart_20.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelSwedish.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelSpanish.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelPortugese.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelKorean.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelJapanese.dll
[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelGerman.dll
[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelFrench.dll
[2009/07/14 04:47:43 | 000,668,302 | ---- | C] () -- I:\Windows\System32\perfh007.dat
[2009/07/14 04:47:43 | 000,295,922 | ---- | C] () -- I:\Windows\System32\perfi007.dat
[2009/07/14 04:47:43 | 000,134,150 | ---- | C] () -- I:\Windows\System32\perfc007.dat
[2009/07/14 04:47:43 | 000,038,104 | ---- | C] () -- I:\Windows\System32\perfd007.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- I:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,344,400 | ---- | C] () -- I:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,619,894 | ---- | C] () -- I:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- I:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,110,082 | ---- | C] () -- I:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- I:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- I:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- I:\Windows\System32\dssec.dat
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- I:\Windows\System32\DShowRdpFilter.dll
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- I:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- I:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- I:\Windows\System32\BWContextHandler.dll
[2009/07/13 19:11:34 | 000,245,328 | ---- | C] () -- I:\Windows\System32\drivers\volsnap.sys
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- I:\Windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2010/07/20 09:35:21 | 000,000,000 | ---D | M] -- I:\ProgramData\#Company short name
[2010/06/21 09:45:55 | 000,000,000 | ---D | M] -- I:\ProgramData\Alwil Software
[2010/06/21 09:44:06 | 000,000,000 | -HSD | M] -- I:\ProgramData\Anwendungsdaten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Application Data
[2010/10/13 16:57:33 | 000,000,000 | ---D | M] -- I:\ProgramData\BVRP Software
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Documents
[2010/06/21 09:44:06 | 000,000,000 | -HSD | M] -- I:\ProgramData\Dokumente
[2010/11/20 09:51:33 | 000,000,000 | ---D | M] -- I:\ProgramData\EA Core
[2011/04/22 11:16:27 | 000,000,000 | ---D | M] -- I:\ProgramData\Electronic Arts
[2010/06/21 09:44:06 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favoriten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favorites
[2011/05/08 10:31:49 | 000,000,000 | ---D | M] -- I:\ProgramData\ICQ
[2011/05/06 16:00:19 | 000,000,000 | ---D | M] -- I:\ProgramData\Installations
[2010/08/28 13:40:04 | 000,000,000 | ---D | M] -- I:\ProgramData\MAGIX
[2010/06/26 12:58:11 | 000,000,000 | ---D | M] -- I:\ProgramData\Messenger Plus!
[2011/06/18 16:09:16 | 000,000,000 | ---D | M] -- I:\ProgramData\NokiaAccount
[2011/06/18 16:00:27 | 000,000,000 | ---D | M] -- I:\ProgramData\NokiaInstallerCache
[2011/05/06 16:20:27 | 000,000,000 | ---D | M] -- I:\ProgramData\PC Suite
[2010/12/20 10:12:08 | 000,000,000 | ---D | M] -- I:\ProgramData\Solidshield
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Start Menu
[2010/06/21 09:44:06 | 000,000,000 | -HSD | M] -- I:\ProgramData\Startmenü
[2011/06/08 13:50:49 | 000,000,000 | ---D | M] -- I:\ProgramData\Temp
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Templates
[2010/06/26 13:05:50 | 000,000,000 | ---D | M] -- I:\ProgramData\TerraTec
[2010/06/21 09:44:06 | 000,000,000 | -HSD | M] -- I:\ProgramData\Vorlagen
[2010/10/01 01:59:29 | 000,000,000 | ---D | M] -- I:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/05/19 00:47:39 | 000,032,632 | ---- | M] () -- I:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >

cosinus 29.06.2011 21:47
Den TDSSKiller konntest du ja bisher nicht starten. Versuch das bitte nochmal:

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

http://www.trojaner-board.de/attachm...rnen-start.png


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Drummer_Shoo 29.06.2011 21:57
Code:
2011/06/29 22:57:04.0130 2444        TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:16
2011/06/29 22:57:04.0333 2444        ================================================================================
2011/06/29 22:57:04.0333 2444        SystemInfo:
2011/06/29 22:57:04.0333 2444       
2011/06/29 22:57:04.0333 2444        OS Version: 6.1.7600 ServicePack: 0.0
2011/06/29 22:57:04.0333 2444        Product type: Workstation
2011/06/29 22:57:04.0333 2444        ComputerName: MELMS-PC
2011/06/29 22:57:04.0333 2444        UserName: Melms
2011/06/29 22:57:04.0333 2444        Windows directory: C:\Windows
2011/06/29 22:57:04.0333 2444        System windows directory: C:\Windows
2011/06/29 22:57:04.0333 2444        Processor architecture: Intel x86
2011/06/29 22:57:04.0333 2444        Number of processors: 2
2011/06/29 22:57:04.0333 2444        Page size: 0x1000
2011/06/29 22:57:04.0333 2444        Boot type: Normal boot
2011/06/29 22:57:04.0333 2444        ================================================================================
2011/06/29 22:57:06.0158 2444        Initialize success
2011/06/29 22:57:08.0966 1900        ================================================================================
2011/06/29 22:57:08.0966 1900        Scan started
2011/06/29 22:57:08.0966 1900        Mode: Manual;
2011/06/29 22:57:08.0966 1900        ================================================================================
2011/06/29 22:57:11.0415 1900        1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/06/29 22:57:11.0478 1900        acedrv10        (553ba53445795cbc0d4f9fa37eb855a6) C:\Windows\system32\drivers\acedrv10.sys
2011/06/29 22:57:11.0556 1900        acehlp10        (8ce00b6a46962a1808b19cd1dae5170c) C:\Windows\system32\drivers\acehlp10.sys
2011/06/29 22:57:11.0634 1900        ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/06/29 22:57:11.0665 1900        AcpiPmi        (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/06/29 22:57:11.0712 1900        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/29 22:57:11.0759 1900        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/29 22:57:11.0790 1900        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/29 22:57:11.0868 1900        AFD            (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
2011/06/29 22:57:11.0883 1900        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/06/29 22:57:11.0930 1900        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/06/29 22:57:11.0977 1900        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/06/29 22:57:12.0024 1900        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/06/29 22:57:12.0055 1900        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/06/29 22:57:12.0086 1900        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/29 22:57:12.0133 1900        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/29 22:57:12.0180 1900        amdsata        (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
2011/06/29 22:57:12.0227 1900        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/29 22:57:12.0273 1900        amdxata        (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
2011/06/29 22:57:12.0367 1900        AppID          (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/06/29 22:57:12.0445 1900        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/06/29 22:57:12.0492 1900        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/29 22:57:12.0539 1900        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/29 22:57:12.0554 1900        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/06/29 22:57:12.0585 1900        AtiPcie        (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/06/29 22:57:12.0648 1900        atksgt          (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/06/29 22:57:12.0710 1900        avgntflt        (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/06/29 22:57:12.0741 1900        avipbb          (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/06/29 22:57:12.0819 1900        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/06/29 22:57:12.0882 1900        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/06/29 22:57:12.0929 1900        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/06/29 22:57:12.0991 1900        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/29 22:57:13.0069 1900        bowser          (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/29 22:57:13.0100 1900        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/29 22:57:13.0131 1900        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/29 22:57:13.0178 1900        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/06/29 22:57:13.0225 1900        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/29 22:57:13.0272 1900        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/29 22:57:13.0303 1900        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/29 22:57:13.0365 1900        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/29 22:57:13.0506 1900        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/29 22:57:13.0553 1900        cdrom          (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/29 22:57:13.0599 1900        Cinergy_HT_PCI_MKII (e55e0c3094bed534998e5ad88f9aacc2) C:\Windows\system32\DRIVERS\Cinergy_HT_PCI_MKII.sys
2011/06/29 22:57:13.0646 1900        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/29 22:57:13.0740 1900        CLBStor        (f5c8f7a7d1a3f569bf77574a795cc19e) C:\Windows\system32\drivers\CLBStor.sys
2011/06/29 22:57:13.0802 1900        CLBUDF          (07b3e4fc5d4943ba802607ddf8f5d418) C:\Windows\system32\drivers\CLBUDF.sys
2011/06/29 22:57:13.0865 1900        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/06/29 22:57:13.0896 1900        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/29 22:57:13.0927 1900        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/06/29 22:57:13.0943 1900        CNG            (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/06/29 22:57:13.0989 1900        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/29 22:57:14.0036 1900        CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/06/29 22:57:14.0083 1900        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/29 22:57:14.0192 1900        DfsC            (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
2011/06/29 22:57:14.0239 1900        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/06/29 22:57:14.0270 1900        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/06/29 22:57:14.0317 1900        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/06/29 22:57:14.0379 1900        DXGKrnl        (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/29 22:57:14.0489 1900        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/06/29 22:57:14.0598 1900        ElbyCDIO        (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers\ElbyCDIO.sys
2011/06/29 22:57:14.0629 1900        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/29 22:57:14.0676 1900        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/06/29 22:57:14.0723 1900        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/06/29 22:57:14.0769 1900        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/06/29 22:57:14.0816 1900        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/29 22:57:14.0863 1900        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/06/29 22:57:14.0894 1900        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/06/29 22:57:14.0957 1900        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/29 22:57:15.0003 1900        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/06/29 22:57:15.0066 1900        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/06/29 22:57:15.0097 1900        Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/29 22:57:15.0144 1900        fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/29 22:57:15.0175 1900        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/29 22:57:15.0222 1900        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/06/29 22:57:15.0331 1900        hamachi        (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/06/29 22:57:15.0409 1900        Hardlock        (ed32d389f8b0e74e400932e020bcfbdf) C:\Windows\system32\drivers\hardlock.sys
2011/06/29 22:57:15.0487 1900        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/29 22:57:15.0518 1900        HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/06/29 22:57:15.0549 1900        HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/29 22:57:15.0565 1900        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/29 22:57:15.0612 1900        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/29 22:57:15.0659 1900        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/29 22:57:15.0705 1900        HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/29 22:57:15.0752 1900        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/06/29 22:57:15.0830 1900        HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/06/29 22:57:15.0846 1900        hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/29 22:57:15.0861 1900        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/29 22:57:15.0908 1900        iaStorV        (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
2011/06/29 22:57:15.0955 1900        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/29 22:57:16.0064 1900        IntcAzAudAddService (0c36a7de2b4e6ec301b98ae300547701) C:\Windows\system32\drivers\RTKVHDA.sys
2011/06/29 22:57:16.0127 1900        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/06/29 22:57:16.0189 1900        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/29 22:57:16.0251 1900        IPMIDRV        (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/06/29 22:57:16.0283 1900        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/06/29 22:57:16.0329 1900        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/06/29 22:57:16.0392 1900        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/06/29 22:57:16.0423 1900        iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/29 22:57:16.0470 1900        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/29 22:57:16.0517 1900        kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/29 22:57:16.0595 1900        KMWDFILTERx86  (4476fe98aaf505acdcd3ee6360aabec1) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
2011/06/29 22:57:16.0641 1900        KSecDD          (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/29 22:57:16.0719 1900        KSecPkg        (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/29 22:57:16.0813 1900        lirsgt          (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/06/29 22:57:16.0844 1900        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/29 22:57:16.0891 1900        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/29 22:57:16.0938 1900        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/29 22:57:16.0985 1900        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/29 22:57:17.0016 1900        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/29 22:57:17.0047 1900        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/06/29 22:57:17.0094 1900        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/29 22:57:17.0141 1900        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/29 22:57:17.0187 1900        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/06/29 22:57:17.0219 1900        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/29 22:57:17.0234 1900        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/29 22:57:17.0265 1900        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/29 22:57:17.0297 1900        mountmgr        (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/06/29 22:57:17.0312 1900        mpio            (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/06/29 22:57:17.0359 1900        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/29 22:57:17.0390 1900        MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/06/29 22:57:17.0468 1900        mrxsmb          (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/29 22:57:17.0515 1900        mrxsmb10        (c108952d3660375dcb716b222912e868) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/29 22:57:17.0562 1900        mrxsmb20        (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/29 22:57:17.0593 1900        msahci          (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/06/29 22:57:17.0640 1900        msdsm          (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/06/29 22:57:17.0671 1900        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/06/29 22:57:17.0702 1900        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/29 22:57:17.0749 1900        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/06/29 22:57:17.0780 1900        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/29 22:57:17.0827 1900        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/29 22:57:17.0874 1900        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/06/29 22:57:17.0889 1900        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/06/29 22:57:17.0921 1900        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/29 22:57:17.0936 1900        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/06/29 22:57:17.0983 1900        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/29 22:57:18.0030 1900        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/06/29 22:57:18.0077 1900        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/29 22:57:18.0123 1900        NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/06/29 22:57:18.0155 1900        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/29 22:57:18.0201 1900        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/29 22:57:18.0248 1900        Ndisuio        (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/29 22:57:18.0264 1900        NdisWan        (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/29 22:57:18.0311 1900        NDProxy        (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/06/29 22:57:18.0342 1900        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/29 22:57:18.0373 1900        NetBT          (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/29 22:57:18.0404 1900        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/29 22:57:18.0482 1900        nmwcd          (712bc0c22ba00b2ba324c6b8df668ee7) C:\Windows\system32\drivers\ccdcmb.sys
2011/06/29 22:57:18.0545 1900        nmwcdc          (7312987b6ccde6f6cee32c14bed1ca2e) C:\Windows\system32\drivers\ccdcmbo.sys
2011/06/29 22:57:18.0576 1900        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/06/29 22:57:18.0607 1900        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/29 22:57:18.0685 1900        Ntfs            (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
2011/06/29 22:57:18.0747 1900        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/06/29 22:57:18.0794 1900        nusb3hub        (68c890ddb21028cb1ea5551b47b29e1b) C:\Windows\system32\DRIVERS\nusb3hub.sys
2011/06/29 22:57:18.0810 1900        nusb3xhc        (2cf970c1a9e05d3b91039c2dd4471c0e) C:\Windows\system32\DRIVERS\nusb3xhc.sys
2011/06/29 22:57:18.0997 1900        nvlddmkm        (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/29 22:57:19.0169 1900        nvraid          (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
2011/06/29 22:57:19.0215 1900        nvstor          (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
2011/06/29 22:57:19.0262 1900        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/06/29 22:57:19.0309 1900        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/29 22:57:19.0371 1900        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/06/29 22:57:19.0403 1900        partmgr        (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/06/29 22:57:19.0434 1900        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/06/29 22:57:19.0512 1900        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/06/29 22:57:19.0559 1900        pci            (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/06/29 22:57:19.0605 1900        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/06/29 22:57:19.0652 1900        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/29 22:57:19.0683 1900        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/06/29 22:57:19.0715 1900        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/06/29 22:57:19.0824 1900        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/29 22:57:19.0855 1900        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/06/29 22:57:19.0886 1900        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/29 22:57:19.0949 1900        PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/06/29 22:57:20.0011 1900        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/29 22:57:20.0058 1900        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/29 22:57:20.0089 1900        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/29 22:57:20.0136 1900        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/29 22:57:20.0183 1900        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/29 22:57:20.0214 1900        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/29 22:57:20.0261 1900        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/29 22:57:20.0307 1900        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/29 22:57:20.0339 1900        rdbss          (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/29 22:57:20.0385 1900        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/29 22:57:20.0417 1900        RDPCDD          (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/29 22:57:20.0448 1900        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/29 22:57:20.0463 1900        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/29 22:57:20.0510 1900        RDPWD          (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/06/29 22:57:20.0541 1900        rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/06/29 22:57:20.0588 1900        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/29 22:57:20.0635 1900        RTL8167        (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/06/29 22:57:20.0729 1900        SASDIFSV        (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/06/29 22:57:20.0760 1900        SASKUTIL        (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/06/29 22:57:20.0791 1900        sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/06/29 22:57:20.0838 1900        scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/29 22:57:20.0885 1900        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/29 22:57:20.0931 1900        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/29 22:57:20.0994 1900        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/06/29 22:57:21.0025 1900        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/29 22:57:21.0087 1900        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/06/29 22:57:21.0119 1900        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/06/29 22:57:21.0150 1900        sffp_sd        (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/06/29 22:57:21.0165 1900        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/29 22:57:21.0228 1900        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/06/29 22:57:21.0275 1900        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/29 22:57:21.0290 1900        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/29 22:57:21.0337 1900        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/06/29 22:57:21.0368 1900        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/06/29 22:57:21.0571 1900        sptd            (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/06/29 22:57:21.0571 1900        Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/06/29 22:57:21.0587 1900        sptd - detected LockedFile.Multi.Generic (1)
2011/06/29 22:57:21.0618 1900        srv            (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
2011/06/29 22:57:21.0665 1900        srv2            (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/29 22:57:21.0727 1900        srvnet          (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/29 22:57:21.0774 1900        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/06/29 22:57:21.0821 1900        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/29 22:57:21.0852 1900        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/29 22:57:21.0945 1900        Tcpip          (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\drivers\tcpip.sys
2011/06/29 22:57:22.0008 1900        TCPIP6          (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/29 22:57:22.0039 1900        tcpipreg        (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/29 22:57:22.0070 1900        TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/06/29 22:57:22.0101 1900        TDTCP          (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/06/29 22:57:22.0133 1900        tdx            (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/29 22:57:22.0164 1900        TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/29 22:57:22.0211 1900        tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/29 22:57:22.0242 1900        tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/29 22:57:22.0273 1900        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/29 22:57:22.0320 1900        udfs            (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/29 22:57:22.0382 1900        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/06/29 22:57:22.0413 1900        umbus          (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/29 22:57:22.0429 1900        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/29 22:57:22.0476 1900        upperdev        (7062ed67a10f1c83b2ab951736e24f11) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/06/29 22:57:22.0523 1900        usbaudio        (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
2011/06/29 22:57:22.0569 1900        usbccgp        (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/29 22:57:22.0616 1900        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/06/29 22:57:22.0663 1900        usbehci        (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/29 22:57:22.0725 1900        usbfilter      (e5b14557793164db879ee56f5b59c3e2) C:\Windows\system32\DRIVERS\usbfilter.sys
2011/06/29 22:57:22.0772 1900        usbhub          (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/29 22:57:22.0835 1900        usbohci        (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/06/29 22:57:22.0866 1900        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/29 22:57:22.0913 1900        usbscan        (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/29 22:57:23.0006 1900        usbser          (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\DRIVERS\usbser.sys
2011/06/29 22:57:23.0069 1900        UsbserFilt      (b76d8039f5b595c4ca551b3d5dd15a98) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/06/29 22:57:23.0131 1900        usbsermpt      (caad3467fbfae8a380f67e9c7150a85e) C:\Windows\system32\DRIVERS\usbsermpt.sys
2011/06/29 22:57:23.0178 1900        USBSTOR        (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/29 22:57:23.0193 1900        usbuhci        (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/29 22:57:23.0225 1900        usbvideo        (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys
2011/06/29 22:57:23.0287 1900        VClone          (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys
2011/06/29 22:57:23.0334 1900        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/06/29 22:57:23.0381 1900        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/29 22:57:23.0396 1900        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/06/29 22:57:23.0427 1900        vhdmp          (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/06/29 22:57:23.0474 1900        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/06/29 22:57:23.0490 1900        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/06/29 22:57:23.0505 1900        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/06/29 22:57:23.0537 1900        volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/06/29 22:57:23.0693 1900        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/06/29 22:57:23.0817 1900        volsnap        (7c28b63e4c9e5c3be7ffe53789593619) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/29 22:57:23.0864 1900        Suspicious file (Forged): C:\Windows\system32\DRIVERS\volsnap.sys. Real md5: 7c28b63e4c9e5c3be7ffe53789593619, Fake md5: 58df9d2481a56edde167e51b334d44fd
2011/06/29 22:57:23.0880 1900        volsnap - detected Rootkit.Win32.TDSS.tdl3 (0)
2011/06/29 22:57:23.0911 1900        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/29 22:57:23.0942 1900        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/06/29 22:57:24.0005 1900        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/29 22:57:24.0067 1900        WANARP          (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/29 22:57:24.0083 1900        Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/29 22:57:24.0129 1900        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/06/29 22:57:24.0145 1900        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/29 22:57:24.0207 1900        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/29 22:57:24.0223 1900        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/06/29 22:57:24.0317 1900        WinUsb          (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/06/29 22:57:24.0363 1900        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/29 22:57:24.0395 1900        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/29 22:57:24.0441 1900        WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/06/29 22:57:24.0473 1900        WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/29 22:57:24.0675 1900        {B154377D-700F-42cc-9474-23858FBDF4BD} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD9\000.fcl
2011/06/29 22:57:24.0691 1900        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/06/29 22:57:24.0722 1900        MBR (0x1B8)    (feffdedea77250a6fcd92c304b49ace2) \Device\Harddisk5\DR5
2011/06/29 22:57:24.0738 1900        Boot (0x1200)  (52841af164ec66db5d00c7fcd90bb2d5) \Device\Harddisk0\DR0\Partition0
2011/06/29 22:57:24.0753 1900        Boot (0x1200)  (ff68da0c817c0fb993105e6fb741262c) \Device\Harddisk0\DR0\Partition1
2011/06/29 22:57:24.0769 1900        Boot (0x1200)  (94e401c5850a09e853a0d133aaa92edf) \Device\Harddisk5\DR5\Partition0
2011/06/29 22:57:24.0769 1900        ================================================================================
2011/06/29 22:57:24.0769 1900        Scan finished
2011/06/29 22:57:24.0769 1900        ================================================================================
2011/06/29 22:57:24.0785 5176        Detected object count: 2
2011/06/29 22:57:24.0785 5176        Actual detected object count: 2
2011/06/29 22:57:30.0837 5176        LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/06/29 22:57:30.0853 5176        volsnap        (7c28b63e4c9e5c3be7ffe53789593619) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/29 22:57:30.0853 5176        Suspicious file (Forged): C:\Windows\system32\DRIVERS\volsnap.sys. Real md5: 7c28b63e4c9e5c3be7ffe53789593619, Fake md5: 58df9d2481a56edde167e51b334d44fd
2011/06/29 22:57:32.0304 5176        Backup copy found, using it..
2011/06/29 22:57:32.0319 5176        C:\Windows\system32\DRIVERS\volsnap.sys - will be cured after reboot
2011/06/29 22:57:32.0319 5176        Rootkit.Win32.TDSS.tdl3(volsnap) - User select action: Cure

cosinus 29.06.2011 22:05
TDSS wurde erkannt und entfernt. Bitte Windows neu starten und zur Kontrolle ein neues Log mit dem Kaspersky-TDSS-Killer machen.

Drummer_Shoo 29.06.2011 22:07
Code:
2011/06/29 23:07:53.0322 3356        TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:16
2011/06/29 23:07:53.0464 3356        ================================================================================
2011/06/29 23:07:53.0464 3356        SystemInfo:
2011/06/29 23:07:53.0464 3356       
2011/06/29 23:07:53.0464 3356        OS Version: 6.1.7600 ServicePack: 0.0
2011/06/29 23:07:53.0464 3356        Product type: Workstation
2011/06/29 23:07:53.0464 3356        ComputerName: MELMS-PC
2011/06/29 23:07:53.0464 3356        UserName: Melms
2011/06/29 23:07:53.0464 3356        Windows directory: C:\Windows
2011/06/29 23:07:53.0464 3356        System windows directory: C:\Windows
2011/06/29 23:07:53.0464 3356        Processor architecture: Intel x86
2011/06/29 23:07:53.0464 3356        Number of processors: 2
2011/06/29 23:07:53.0464 3356        Page size: 0x1000
2011/06/29 23:07:53.0464 3356        Boot type: Normal boot
2011/06/29 23:07:53.0464 3356        ================================================================================
2011/06/29 23:07:54.0541 3356        Initialize success
2011/06/29 23:07:58.0775 4024        ================================================================================
2011/06/29 23:07:58.0775 4024        Scan started
2011/06/29 23:07:58.0775 4024        Mode: Manual;
2011/06/29 23:07:58.0775 4024        ================================================================================
2011/06/29 23:08:00.0488 4024        1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/06/29 23:08:00.0550 4024        acedrv10        (553ba53445795cbc0d4f9fa37eb855a6) C:\Windows\system32\drivers\acedrv10.sys
2011/06/29 23:08:00.0604 4024        acehlp10        (8ce00b6a46962a1808b19cd1dae5170c) C:\Windows\system32\drivers\acehlp10.sys
2011/06/29 23:08:00.0664 4024        ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/06/29 23:08:00.0688 4024        AcpiPmi        (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/06/29 23:08:00.0727 4024        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/29 23:08:00.0750 4024        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/29 23:08:00.0769 4024        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/29 23:08:00.0830 4024        AFD            (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
2011/06/29 23:08:00.0853 4024        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/06/29 23:08:00.0877 4024        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/06/29 23:08:00.0906 4024        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/06/29 23:08:00.0940 4024        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/06/29 23:08:00.0965 4024        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/06/29 23:08:00.0989 4024        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/29 23:08:01.0021 4024        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/29 23:08:01.0065 4024        amdsata        (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
2011/06/29 23:08:01.0093 4024        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/29 23:08:01.0116 4024        amdxata        (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
2011/06/29 23:08:01.0169 4024        AppID          (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/06/29 23:08:01.0216 4024        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/06/29 23:08:01.0239 4024        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/29 23:08:01.0281 4024        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/29 23:08:01.0303 4024        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/06/29 23:08:01.0336 4024        AtiPcie        (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/06/29 23:08:01.0391 4024        atksgt          (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/06/29 23:08:01.0447 4024        avgntflt        (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/06/29 23:08:01.0470 4024        avipbb          (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/06/29 23:08:01.0524 4024        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/06/29 23:08:01.0573 4024        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/06/29 23:08:01.0641 4024        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/06/29 23:08:01.0669 4024        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/29 23:08:01.0718 4024        bowser          (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/29 23:08:01.0748 4024        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/29 23:08:01.0769 4024        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/29 23:08:01.0804 4024        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/06/29 23:08:01.0838 4024        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/29 23:08:01.0853 4024        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/29 23:08:01.0871 4024        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/29 23:08:01.0897 4024        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/29 23:08:02.0023 4024        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/29 23:08:02.0055 4024        cdrom          (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/29 23:08:02.0106 4024        Cinergy_HT_PCI_MKII (e55e0c3094bed534998e5ad88f9aacc2) C:\Windows\system32\DRIVERS\Cinergy_HT_PCI_MKII.sys
2011/06/29 23:08:02.0136 4024        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/29 23:08:02.0199 4024        CLBStor        (f5c8f7a7d1a3f569bf77574a795cc19e) C:\Windows\system32\drivers\CLBStor.sys
2011/06/29 23:08:02.0233 4024        CLBUDF          (07b3e4fc5d4943ba802607ddf8f5d418) C:\Windows\system32\drivers\CLBUDF.sys
2011/06/29 23:08:02.0275 4024        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/06/29 23:08:02.0335 4024        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/29 23:08:02.0355 4024        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/06/29 23:08:02.0386 4024        CNG            (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/06/29 23:08:02.0415 4024        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/29 23:08:02.0441 4024        CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/06/29 23:08:02.0468 4024        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/29 23:08:02.0541 4024        DfsC            (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
2011/06/29 23:08:02.0576 4024        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/06/29 23:08:02.0605 4024        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/06/29 23:08:02.0677 4024        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/06/29 23:08:02.0726 4024        DXGKrnl        (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/29 23:08:02.0829 4024        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/06/29 23:08:02.0934 4024        ElbyCDIO        (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers\ElbyCDIO.sys
2011/06/29 23:08:02.0966 4024        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/29 23:08:02.0997 4024        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/06/29 23:08:03.0044 4024        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/06/29 23:08:03.0079 4024        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/06/29 23:08:03.0123 4024        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/29 23:08:03.0156 4024        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/06/29 23:08:03.0185 4024        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/06/29 23:08:03.0235 4024        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/29 23:08:03.0269 4024        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/06/29 23:08:03.0303 4024        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/06/29 23:08:03.0325 4024        Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/29 23:08:03.0366 4024        fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/29 23:08:03.0391 4024        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/29 23:08:03.0444 4024        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/06/29 23:08:03.0522 4024        hamachi        (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/06/29 23:08:03.0606 4024        Hardlock        (ed32d389f8b0e74e400932e020bcfbdf) C:\Windows\system32\drivers\hardlock.sys
2011/06/29 23:08:03.0671 4024        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/29 23:08:03.0710 4024        HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/06/29 23:08:03.0749 4024        HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/29 23:08:03.0761 4024        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/29 23:08:03.0791 4024        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/29 23:08:03.0835 4024        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/29 23:08:03.0861 4024        HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/29 23:08:03.0908 4024        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/06/29 23:08:03.0942 4024        HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/06/29 23:08:03.0972 4024        hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/29 23:08:03.0994 4024        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/29 23:08:04.0043 4024        iaStorV        (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
2011/06/29 23:08:04.0070 4024        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/29 23:08:04.0151 4024        IntcAzAudAddService (0c36a7de2b4e6ec301b98ae300547701) C:\Windows\system32\drivers\RTKVHDA.sys
2011/06/29 23:08:04.0202 4024        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/06/29 23:08:04.0227 4024        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/29 23:08:04.0255 4024        IPMIDRV        (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/06/29 23:08:04.0288 4024        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/06/29 23:08:04.0329 4024        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/06/29 23:08:04.0350 4024        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/06/29 23:08:04.0377 4024        iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/29 23:08:04.0415 4024        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/29 23:08:04.0438 4024        kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/29 23:08:04.0507 4024        KMWDFILTERx86  (4476fe98aaf505acdcd3ee6360aabec1) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
2011/06/29 23:08:04.0527 4024        KSecDD          (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/29 23:08:04.0568 4024        KSecPkg        (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/29 23:08:04.0664 4024        lirsgt          (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/06/29 23:08:04.0691 4024        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/29 23:08:04.0734 4024        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/29 23:08:04.0753 4024        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/29 23:08:04.0775 4024        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/29 23:08:04.0799 4024        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/29 23:08:04.0824 4024        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/06/29 23:08:04.0850 4024        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/29 23:08:04.0880 4024        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/29 23:08:04.0915 4024        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/06/29 23:08:04.0952 4024        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/29 23:08:04.0967 4024        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/29 23:08:04.0992 4024        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/29 23:08:05.0013 4024        mountmgr        (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/06/29 23:08:05.0036 4024        mpio            (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/06/29 23:08:05.0063 4024        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/29 23:08:05.0093 4024        MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/06/29 23:08:05.0146 4024        mrxsmb          (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/29 23:08:05.0188 4024        mrxsmb10        (c108952d3660375dcb716b222912e868) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/29 23:08:05.0231 4024        mrxsmb20        (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/29 23:08:05.0259 4024        msahci          (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/06/29 23:08:05.0306 4024        msdsm          (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/06/29 23:08:05.0352 4024        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/06/29 23:08:05.0371 4024        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/29 23:08:05.0389 4024        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/06/29 23:08:05.0431 4024        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/29 23:08:05.0459 4024        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/29 23:08:05.0473 4024        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/06/29 23:08:05.0497 4024        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/06/29 23:08:05.0522 4024        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/29 23:08:05.0545 4024        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/06/29 23:08:05.0563 4024        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/29 23:08:05.0585 4024        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/06/29 23:08:05.0643 4024        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/29 23:08:05.0677 4024        NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/06/29 23:08:05.0703 4024        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/29 23:08:05.0731 4024        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/29 23:08:05.0764 4024        Ndisuio        (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/29 23:08:05.0786 4024        NdisWan        (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/29 23:08:05.0825 4024        NDProxy        (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/06/29 23:08:05.0840 4024        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/29 23:08:05.0861 4024        NetBT          (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/29 23:08:05.0909 4024        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/29 23:08:05.0966 4024        nmwcd          (712bc0c22ba00b2ba324c6b8df668ee7) C:\Windows\system32\drivers\ccdcmb.sys
2011/06/29 23:08:06.0003 4024        nmwcdc          (7312987b6ccde6f6cee32c14bed1ca2e) C:\Windows\system32\drivers\ccdcmbo.sys
2011/06/29 23:08:06.0031 4024        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/06/29 23:08:06.0052 4024        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/29 23:08:06.0104 4024        Ntfs            (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
2011/06/29 23:08:06.0146 4024        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/06/29 23:08:06.0184 4024        nusb3hub        (68c890ddb21028cb1ea5551b47b29e1b) C:\Windows\system32\DRIVERS\nusb3hub.sys
2011/06/29 23:08:06.0207 4024        nusb3xhc        (2cf970c1a9e05d3b91039c2dd4471c0e) C:\Windows\system32\DRIVERS\nusb3xhc.sys
2011/06/29 23:08:06.0386 4024        nvlddmkm        (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/29 23:08:06.0513 4024        nvraid          (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
2011/06/29 23:08:06.0544 4024        nvstor          (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
2011/06/29 23:08:06.0583 4024        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/06/29 23:08:06.0630 4024        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/29 23:08:06.0658 4024        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/06/29 23:08:06.0687 4024        partmgr        (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/06/29 23:08:06.0707 4024        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/06/29 23:08:06.0769 4024        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/06/29 23:08:06.0804 4024        pci            (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/06/29 23:08:06.0832 4024        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/06/29 23:08:06.0874 4024        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/29 23:08:06.0924 4024        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/06/29 23:08:06.0954 4024        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/06/29 23:08:07.0083 4024        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/29 23:08:07.0106 4024        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/06/29 23:08:07.0156 4024        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/29 23:08:07.0209 4024        PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/06/29 23:08:07.0270 4024        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/29 23:08:07.0311 4024        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/29 23:08:07.0342 4024        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/29 23:08:07.0377 4024        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/29 23:08:07.0401 4024        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/29 23:08:07.0428 4024        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/29 23:08:07.0468 4024        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/29 23:08:07.0493 4024        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/29 23:08:07.0518 4024        rdbss          (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/29 23:08:07.0545 4024        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/29 23:08:07.0565 4024        RDPCDD          (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/29 23:08:07.0597 4024        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/29 23:08:07.0614 4024        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/29 23:08:07.0662 4024        RDPWD          (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/06/29 23:08:07.0694 4024        rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/06/29 23:08:07.0740 4024        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/29 23:08:07.0781 4024        RTL8167        (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/06/29 23:08:07.0893 4024        SASDIFSV        (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/06/29 23:08:07.0930 4024        SASKUTIL        (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/06/29 23:08:07.0972 4024        sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/06/29 23:08:08.0001 4024        scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/29 23:08:08.0039 4024        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/29 23:08:08.0076 4024        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/29 23:08:08.0117 4024        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/06/29 23:08:08.0146 4024        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/29 23:08:08.0196 4024        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/06/29 23:08:08.0231 4024        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/06/29 23:08:08.0251 4024        sffp_sd        (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/06/29 23:08:08.0274 4024        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/29 23:08:08.0319 4024        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/06/29 23:08:08.0343 4024        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/29 23:08:08.0364 4024        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/29 23:08:08.0380 4024        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/06/29 23:08:08.0412 4024        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/06/29 23:08:08.0489 4024        sptd            (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/06/29 23:08:08.0489 4024        Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/06/29 23:08:08.0499 4024        sptd - detected LockedFile.Multi.Generic (1)
2011/06/29 23:08:08.0540 4024        srv            (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
2011/06/29 23:08:08.0578 4024        srv2            (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/29 23:08:08.0633 4024        srvnet          (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/29 23:08:08.0675 4024        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/06/29 23:08:08.0705 4024        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/29 23:08:08.0736 4024        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/29 23:08:08.0825 4024        Tcpip          (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\drivers\tcpip.sys
2011/06/29 23:08:08.0881 4024        TCPIP6          (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/29 23:08:08.0912 4024        tcpipreg        (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/29 23:08:08.0937 4024        TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/06/29 23:08:08.0951 4024        TDTCP          (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/06/29 23:08:08.0973 4024        tdx            (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/29 23:08:08.0993 4024        TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/29 23:08:09.0039 4024        tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/29 23:08:09.0073 4024        tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/29 23:08:09.0104 4024        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/29 23:08:09.0132 4024        udfs            (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/29 23:08:09.0178 4024        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/06/29 23:08:09.0209 4024        umbus          (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/29 23:08:09.0238 4024        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/29 23:08:09.0280 4024        upperdev        (7062ed67a10f1c83b2ab951736e24f11) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/06/29 23:08:09.0327 4024        usbaudio        (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
2011/06/29 23:08:09.0351 4024        usbccgp        (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/29 23:08:09.0401 4024        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/06/29 23:08:09.0432 4024        usbehci        (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/29 23:08:09.0471 4024        usbfilter      (e5b14557793164db879ee56f5b59c3e2) C:\Windows\system32\DRIVERS\usbfilter.sys
2011/06/29 23:08:09.0495 4024        usbhub          (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/29 23:08:09.0515 4024        usbohci        (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/06/29 23:08:09.0533 4024        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/29 23:08:09.0572 4024        usbscan        (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/29 23:08:09.0629 4024        usbser          (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\DRIVERS\usbser.sys
2011/06/29 23:08:09.0691 4024        UsbserFilt      (b76d8039f5b595c4ca551b3d5dd15a98) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/06/29 23:08:09.0743 4024        usbsermpt      (caad3467fbfae8a380f67e9c7150a85e) C:\Windows\system32\DRIVERS\usbsermpt.sys
2011/06/29 23:08:09.0778 4024        USBSTOR        (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/29 23:08:09.0811 4024        usbuhci        (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/29 23:08:09.0852 4024        usbvideo        (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys
2011/06/29 23:08:09.0899 4024        VClone          (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys
2011/06/29 23:08:09.0932 4024        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/06/29 23:08:09.0974 4024        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/29 23:08:09.0996 4024        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/06/29 23:08:10.0020 4024        vhdmp          (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/06/29 23:08:10.0047 4024        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/06/29 23:08:10.0067 4024        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/06/29 23:08:10.0083 4024        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/06/29 23:08:10.0107 4024        volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/06/29 23:08:10.0133 4024        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/06/29 23:08:10.0162 4024        volsnap        (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/29 23:08:10.0214 4024        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/29 23:08:10.0244 4024        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/06/29 23:08:10.0266 4024        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/29 23:08:10.0297 4024        WANARP          (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/29 23:08:10.0310 4024        Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/29 23:08:10.0356 4024        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/06/29 23:08:10.0382 4024        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/29 23:08:10.0439 4024        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/29 23:08:10.0453 4024        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/06/29 23:08:10.0527 4024        WinUsb          (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/06/29 23:08:10.0561 4024        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/29 23:08:10.0598 4024        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/29 23:08:10.0654 4024        WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/06/29 23:08:10.0682 4024        WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/29 23:08:10.0809 4024        {B154377D-700F-42cc-9474-23858FBDF4BD} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD9\000.fcl
2011/06/29 23:08:10.0831 4024        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/06/29 23:08:10.0864 4024        MBR (0x1B8)    (feffdedea77250a6fcd92c304b49ace2) \Device\Harddisk5\DR5
2011/06/29 23:08:10.0875 4024        Boot (0x1200)  (52841af164ec66db5d00c7fcd90bb2d5) \Device\Harddisk0\DR0\Partition0
2011/06/29 23:08:10.0890 4024        Boot (0x1200)  (ff68da0c817c0fb993105e6fb741262c) \Device\Harddisk0\DR0\Partition1
2011/06/29 23:08:10.0899 4024        Boot (0x1200)  (94e401c5850a09e853a0d133aaa92edf) \Device\Harddisk5\DR5\Partition0
2011/06/29 23:08:10.0906 4024        ================================================================================
2011/06/29 23:08:10.0906 4024        Scan finished
2011/06/29 23:08:10.0906 4024        ================================================================================
2011/06/29 23:08:10.0915 6008        Detected object count: 1
2011/06/29 23:08:10.0915 6008        Actual detected object count: 1
2011/06/29 23:08:16.0472 6008        LockedFile.Multi.Generic(sptd) - User select action: Skip

cosinus 29.06.2011 22:10
Wir sollten den MBR manuell fixen, auch wenn das letzte Log von mbrcheck sagte es wär alles ok. Andere Idee hab ich aufgrund der Unauffälligkeiten der Logs nicht mehr. Sichere für den Fall der Fälle alle wichtigen Daten.

Hast Du noch andere Betriebssysteme außer Win7 (32-Bit) installiert?
Wenn nicht: Schau mal hier => RescueDisc-Win7-32-Bit

Lad das iso runter, brenn es zB mit ImgBurn per Imagebrennfunktion auf eine CD und starte damit den Rechner (von dieser CD booten)

Falls Du eine normale Win7-Installations-DVD (32-Bit) hast, brauchst Du das o.g. Image nicht sondern kannst einfach von der dieser DVD booten.

Klick auf Computerreparaturoptionen, weiter, Eingabeaufforderung - die Konsole öffnet sich. Da bitte bootrec.exe /fixboot eintippen (mit enter bestätigen), dann bootrec.exe /fixmbr eintippen (mit enter bestätigen) - Rechner neustarten, CD vorher rausnehmen. Erstell danach wieder neue Logs mit MBRCheck und wenn es geht GMER.


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:03 Uhr.
Seite 4 von 4 « Erste 23 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131