rechner gekapert: mediashift.com + sirefef.ch + rootkit.kryptik.gx

parkheim · 29.12.2011, 10:09

hallo,

habe mir jetzt die ganze nacht um die ohren geschlagen, um meinen rechner zu befreien. habe dieses mediashift.com 95p.com-problem. das scheint aber sehr mannigfaltig zu sein. meine antiviren-progamme sind alle runtergefahren und nicht mehr startbar. ich habe erst Malwarebytes und antivir drüberlaufen lassen im abgesicherten modus. findet immer wieder den trojaner. dann das zeroaccess-removal tool. der wird leider gestört durch irgendwas. habe ein windows 7 starter. kann mir bitte jemand helfen? und ja, es war mein bruder, der mir meinen rechner versaut hat! danke!

Chris4You · 29.12.2011, 10:36

Hi,

da wird interessant...

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe

Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen

Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output

Unter Extra Registry, wähle bitte Use SafeList

Klicke nun auf Run Scan links oben

Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)

Poste die Logfiles hier in den Thread

Und (am Besten im abgesicherten Modus):
TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Nach dem Start erscheint ein Fenster, dort dann "Start Scan".
Wenn der Scan fertig ist bitte "Report" anwählen. Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

chris

parkheim · 29.12.2011, 10:38

habe den otl schon mal drüber laufen lassen.

parkheim · 29.12.2011, 10:50

10:45:44.0162 1548 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
10:45:44.0224 1548 ============================================================
10:45:44.0224 1548 Current date / time: 2011/12/29 10:45:44.0224
10:45:44.0224 1548 SystemInfo:
10:45:44.0224 1548
10:45:44.0224 1548 OS Version: 6.1.7601 ServicePack: 1.0
10:45:44.0224 1548 Product type: Workstation
10:45:44.0224 1548 ComputerName: SOFAFREUND
10:45:44.0224 1548 UserName: lilly
10:45:44.0224 1548 Windows directory: C:\Windows
10:45:44.0224 1548 System windows directory: C:\Windows
10:45:44.0224 1548 Processor architecture: Intel x86
10:45:44.0224 1548 Number of processors: 2
10:45:44.0224 1548 Page size: 0x1000
10:45:44.0224 1548 Boot type: Normal boot
10:45:44.0224 1548 ============================================================
10:45:46.0580 1548 Initialize success
10:45:49.0497 1576 ============================================================
10:45:49.0497 1576 Scan started
10:45:49.0497 1576 Mode: Manual;
10:45:49.0497 1576 ============================================================
10:45:49.0918 1576 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
10:45:49.0918 1576 1394ohci - ok
10:45:50.0012 1576 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
10:45:50.0012 1576 ACPI - ok
10:45:50.0136 1576 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
10:45:50.0136 1576 AcpiPmi - ok
10:45:50.0246 1576 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
10:45:50.0261 1576 adp94xx - ok
10:45:50.0308 1576 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
10:45:50.0324 1576 adpahci - ok
10:45:50.0355 1576 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
10:45:50.0370 1576 adpu320 - ok
10:45:50.0433 1576 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
10:45:50.0433 1576 AFD - ok
10:45:50.0480 1576 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
10:45:50.0480 1576 agp440 - ok
10:45:50.0542 1576 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
10:45:50.0542 1576 aic78xx - ok
10:45:50.0620 1576 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
10:45:50.0636 1576 aliide - ok
10:45:50.0682 1576 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
10:45:50.0682 1576 amdagp - ok
10:45:50.0760 1576 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
10:45:50.0760 1576 amdide - ok
10:45:50.0854 1576 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
10:45:50.0870 1576 AmdK8 - ok
10:45:50.0901 1576 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
10:45:50.0901 1576 AmdPPM - ok
10:45:50.0948 1576 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
10:45:50.0948 1576 amdsata - ok
10:45:50.0994 1576 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
10:45:51.0010 1576 amdsbs - ok
10:45:51.0041 1576 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
10:45:51.0041 1576 amdxata - ok
10:45:51.0088 1576 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
10:45:51.0088 1576 AppID - ok
10:45:51.0228 1576 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
10:45:51.0228 1576 arc - ok
10:45:51.0260 1576 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
10:45:51.0275 1576 arcsas - ok
10:45:51.0306 1576 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
10:45:51.0322 1576 AsyncMac - ok
10:45:51.0369 1576 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
10:45:51.0369 1576 atapi - ok
10:45:51.0509 1576 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
10:45:51.0509 1576 avgntflt - ok
10:45:51.0540 1576 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
10:45:51.0540 1576 avipbb - ok
10:45:51.0665 1576 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
10:45:51.0681 1576 b06bdrv - ok
10:45:51.0743 1576 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
10:45:51.0743 1576 b57nd60x - ok
10:45:51.0930 1576 BCM43XX (36a47e6ab1f0967c97722183e21adb1a) C:\Windows\system32\DRIVERS\bcmwl6.sys
10:45:51.0962 1576 BCM43XX - ok
10:45:52.0024 1576 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
10:45:52.0024 1576 Beep - ok
10:45:52.0149 1576 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
10:45:52.0149 1576 blbdrive - ok
10:45:52.0196 1576 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
10:45:52.0211 1576 bowser - ok
10:45:52.0242 1576 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:45:52.0242 1576 BrFiltLo - ok
10:45:52.0258 1576 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:45:52.0258 1576 BrFiltUp - ok
10:45:52.0320 1576 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
10:45:52.0320 1576 Brserid - ok
10:45:52.0352 1576 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
10:45:52.0352 1576 BrSerWdm - ok
10:45:52.0398 1576 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:45:52.0398 1576 BrUsbMdm - ok
10:45:52.0430 1576 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
10:45:52.0430 1576 BrUsbSer - ok
10:45:52.0476 1576 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
10:45:52.0476 1576 BTHMODEM - ok
10:45:52.0617 1576 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
10:45:52.0617 1576 cdfs - ok
10:45:52.0679 1576 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
10:45:52.0679 1576 cdrom - ok
10:45:52.0804 1576 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
10:45:52.0804 1576 circlass - ok
10:45:52.0835 1576 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
10:45:52.0851 1576 CLFS - ok
10:45:52.0929 1576 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
10:45:52.0929 1576 CmBatt - ok
10:45:52.0960 1576 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
10:45:52.0976 1576 cmdide - ok
10:45:53.0007 1576 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
10:45:53.0022 1576 CNG - ok
10:45:53.0038 1576 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
10:45:53.0054 1576 Compbatt - ok
10:45:53.0132 1576 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
10:45:53.0132 1576 CompositeBus - ok
10:45:53.0225 1576 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
10:45:53.0225 1576 crcdisk - ok
10:45:53.0397 1576 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
10:45:53.0397 1576 DfsC - ok
10:45:53.0459 1576 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
10:45:53.0459 1576 discache - ok
10:45:53.0584 1576 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
10:45:53.0584 1576 Disk - ok
10:45:53.0662 1576 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
10:45:53.0662 1576 drmkaud - ok
10:45:53.0724 1576 DVMIO (ff7a7a1e0f9a0ab892a454ffb9d14bbe) C:\Windows\system32\DRIVERS\dvmio.sys
10:45:53.0724 1576 DVMIO - ok
10:45:53.0818 1576 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
10:45:53.0834 1576 DXGKrnl - ok
10:45:53.0958 1576 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
10:45:54.0068 1576 ebdrv - ok
10:45:54.0192 1576 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
10:45:54.0208 1576 elxstor - ok
10:45:54.0239 1576 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
10:45:54.0239 1576 ErrDev - ok
10:45:54.0333 1576 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
10:45:54.0333 1576 exfat - ok
10:45:54.0380 1576 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
10:45:54.0380 1576 fastfat - ok
10:45:54.0473 1576 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
10:45:54.0489 1576 fdc - ok
10:45:54.0551 1576 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
10:45:54.0551 1576 FileInfo - ok
10:45:54.0629 1576 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
10:45:54.0629 1576 Filetrace - ok
10:45:54.0692 1576 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
10:45:54.0692 1576 flpydisk - ok
10:45:54.0738 1576 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
10:45:54.0738 1576 FltMgr - ok
10:45:54.0785 1576 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
10:45:54.0801 1576 FsDepends - ok
10:45:54.0816 1576 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
10:45:54.0816 1576 Fs_Rec - ok
10:45:54.0879 1576 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
10:45:54.0879 1576 fvevol - ok
10:45:54.0957 1576 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:45:54.0957 1576 gagp30kx - ok
10:45:55.0019 1576 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:45:55.0019 1576 GEARAspiWDM - ok
10:45:55.0066 1576 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
10:45:55.0066 1576 hcw85cir - ok
10:45:55.0144 1576 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
10:45:55.0144 1576 HdAudAddService - ok
10:45:55.0206 1576 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
10:45:55.0206 1576 HDAudBus - ok
10:45:55.0253 1576 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
10:45:55.0253 1576 HidBatt - ok
10:45:55.0300 1576 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
10:45:55.0300 1576 HidBth - ok
10:45:55.0347 1576 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
10:45:55.0347 1576 HidIr - ok
10:45:55.0440 1576 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
10:45:55.0440 1576 HidUsb - ok
10:45:55.0612 1576 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
10:45:55.0628 1576 HpSAMD - ok
10:45:55.0737 1576 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
10:45:55.0752 1576 HTTP - ok
10:45:55.0799 1576 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
10:45:55.0799 1576 hwpolicy - ok
10:45:55.0893 1576 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
10:45:55.0893 1576 i8042prt - ok
10:45:56.0033 1576 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\Windows\system32\DRIVERS\iaStor.sys
10:45:56.0049 1576 iaStor - ok
10:45:56.0096 1576 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
10:45:56.0111 1576 iaStorV - ok
10:45:56.0330 1576 igfx (ba41e1bba410212ce6d30e0dac47972b) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:45:56.0470 1576 igfx - ok
10:45:56.0579 1576 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
10:45:56.0579 1576 iirsp - ok
10:45:56.0642 1576 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
10:45:56.0642 1576 intelide - ok
10:45:56.0688 1576 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
10:45:56.0688 1576 intelppm - ok
10:45:56.0766 1576 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:45:56.0782 1576 IpFilterDriver - ok
10:45:56.0813 1576 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
10:45:56.0829 1576 IPMIDRV - ok
10:45:56.0844 1576 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
10:45:56.0860 1576 IPNAT - ok
10:45:56.0891 1576 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
10:45:56.0907 1576 IRENUM - ok
10:45:56.0954 1576 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
10:45:56.0954 1576 isapnp - ok
10:45:57.0000 1576 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
10:45:57.0016 1576 iScsiPrt - ok
10:45:57.0047 1576 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
10:45:57.0047 1576 kbdclass - ok
10:45:57.0141 1576 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
10:45:57.0156 1576 kbdhid - ok
10:45:57.0203 1576 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
10:45:57.0203 1576 KSecDD - ok
10:45:57.0250 1576 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
10:45:57.0266 1576 KSecPkg - ok
10:45:57.0328 1576 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
10:45:57.0328 1576 lltdio - ok
10:45:57.0468 1576 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:45:57.0468 1576 LSI_FC - ok
10:45:57.0515 1576 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:45:57.0515 1576 LSI_SAS - ok
10:45:57.0562 1576 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:45:57.0562 1576 LSI_SAS2 - ok
10:45:57.0609 1576 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:45:57.0624 1576 LSI_SCSI - ok
10:45:57.0671 1576 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
10:45:57.0671 1576 luafv - ok
10:45:57.0780 1576 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
10:45:57.0796 1576 MBAMProtector - ok
10:45:57.0858 1576 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
10:45:57.0858 1576 megasas - ok
10:45:57.0905 1576 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
10:45:57.0921 1576 MegaSR - ok
10:45:57.0968 1576 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
10:45:57.0968 1576 Modem - ok
10:45:57.0999 1576 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
10:45:57.0999 1576 monitor - ok
10:45:58.0092 1576 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
10:45:58.0092 1576 mouclass - ok
10:45:58.0155 1576 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
10:45:58.0170 1576 mouhid - ok
10:45:58.0217 1576 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
10:45:58.0233 1576 mountmgr - ok
10:45:58.0295 1576 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
10:45:58.0295 1576 mpio - ok
10:45:58.0342 1576 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
10:45:58.0342 1576 mpsdrv - ok
10:45:58.0389 1576 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
10:45:58.0389 1576 MRxDAV - ok
10:45:58.0420 1576 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:45:58.0436 1576 mrxsmb - ok
10:45:58.0467 1576 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:45:58.0482 1576 mrxsmb10 - ok
10:45:58.0529 1576 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:45:58.0529 1576 mrxsmb20 - ok
10:45:58.0576 1576 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
10:45:58.0576 1576 msahci - ok
10:45:58.0623 1576 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
10:45:58.0638 1576 msdsm - ok
10:45:58.0685 1576 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
10:45:58.0701 1576 Msfs - ok
10:45:58.0716 1576 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
10:45:58.0716 1576 mshidkmdf - ok
10:45:58.0763 1576 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
10:45:58.0763 1576 msisadrv - ok
10:45:58.0826 1576 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
10:45:58.0826 1576 MSKSSRV - ok
10:45:58.0857 1576 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
10:45:58.0857 1576 MSPCLOCK - ok
10:45:58.0888 1576 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
10:45:58.0888 1576 MSPQM - ok
10:45:58.0919 1576 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
10:45:58.0919 1576 MsRPC - ok
10:45:58.0982 1576 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
10:45:58.0982 1576 mssmbios - ok
10:45:59.0028 1576 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
10:45:59.0028 1576 MSTEE - ok
10:45:59.0060 1576 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
10:45:59.0075 1576 MTConfig - ok
10:45:59.0091 1576 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
10:45:59.0091 1576 Mup - ok
10:45:59.0200 1576 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
10:45:59.0200 1576 NativeWifiP - ok
10:45:59.0262 1576 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
10:45:59.0294 1576 NDIS - ok
10:45:59.0372 1576 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
10:45:59.0372 1576 NdisCap - ok
10:45:59.0403 1576 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
10:45:59.0403 1576 NdisTapi - ok
10:45:59.0512 1576 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
10:45:59.0512 1576 Ndisuio - ok
10:45:59.0574 1576 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
10:45:59.0574 1576 NdisWan - ok
10:45:59.0621 1576 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
10:45:59.0621 1576 NDProxy - ok
10:45:59.0684 1576 Netaapl (7afd0e39ab15cb355487b7cc19f4e2c5) C:\Windows\system32\DRIVERS\netaapl.sys
10:45:59.0684 1576 Netaapl - ok
10:45:59.0746 1576 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
10:45:59.0746 1576 NetBIOS - ok
10:45:59.0793 1576 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
10:45:59.0808 1576 NetBT - ok
10:46:00.0042 1576 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
10:46:00.0152 1576 netw5v32 - ok
10:46:00.0214 1576 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
10:46:00.0230 1576 nfrd960 - ok
10:46:00.0292 1576 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
10:46:00.0292 1576 Npfs - ok
10:46:00.0323 1576 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
10:46:00.0339 1576 nsiproxy - ok
10:46:00.0417 1576 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
10:46:00.0448 1576 Ntfs - ok
10:46:00.0510 1576 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
10:46:00.0510 1576 Null - ok
10:46:00.0557 1576 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
10:46:00.0573 1576 nvraid - ok
10:46:00.0604 1576 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
10:46:00.0604 1576 nvstor - ok
10:46:00.0651 1576 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
10:46:00.0666 1576 nv_agp - ok
10:46:00.0682 1576 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
10:46:00.0698 1576 ohci1394 - ok
10:46:00.0854 1576 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
10:46:00.0854 1576 Parport - ok
10:46:00.0900 1576 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
10:46:00.0916 1576 partmgr - ok
10:46:00.0947 1576 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
10:46:00.0947 1576 Parvdm - ok
10:46:01.0010 1576 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
10:46:01.0010 1576 pci - ok
10:46:01.0056 1576 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
10:46:01.0072 1576 pciide - ok
10:46:01.0119 1576 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
10:46:01.0119 1576 pcmcia - ok
10:46:01.0166 1576 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
10:46:01.0166 1576 pcw - ok
10:46:01.0197 1576 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
10:46:01.0212 1576 PEAUTH - ok
10:46:01.0353 1576 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
10:46:01.0368 1576 PptpMiniport - ok
10:46:01.0415 1576 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
10:46:01.0415 1576 Processor - ok
10:46:01.0493 1576 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
10:46:01.0493 1576 Psched - ok
10:46:01.0556 1576 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
10:46:01.0602 1576 ql2300 - ok
10:46:01.0665 1576 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
10:46:01.0680 1576 ql40xx - ok
10:46:01.0727 1576 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
10:46:01.0727 1576 QWAVEdrv - ok
10:46:01.0758 1576 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
10:46:01.0758 1576 RasAcd - ok
10:46:01.0805 1576 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:46:01.0805 1576 RasAgileVpn - ok
10:46:01.0868 1576 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:46:01.0868 1576 Rasl2tp - ok
10:46:01.0946 1576 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
10:46:01.0961 1576 RasPppoe - ok
10:46:01.0977 1576 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
10:46:01.0992 1576 RasSstp - ok
10:46:02.0039 1576 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
10:46:02.0039 1576 rdbss - ok
10:46:02.0086 1576 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
10:46:02.0086 1576 rdpbus - ok
10:46:02.0133 1576 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:46:02.0133 1576 RDPCDD - ok
10:46:02.0211 1576 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
10:46:02.0211 1576 RDPENCDD - ok
10:46:02.0242 1576 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
10:46:02.0242 1576 RDPREFMP - ok
10:46:02.0289 1576 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
10:46:02.0289 1576 RDPWD - ok
10:46:02.0382 1576 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
10:46:02.0382 1576 rdyboost - ok
10:46:02.0538 1576 RSPCIESTOR (2ad7b2b3d7a10ae3d534877d543eed74) C:\Windows\system32\DRIVERS\RtsPStor.sys
10:46:02.0538 1576 RSPCIESTOR - ok
10:46:02.0601 1576 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
10:46:02.0601 1576 rspndr - ok
10:46:02.0694 1576 RTL8167 (0516998076ad894ae7e362c3110aa071) C:\Windows\system32\DRIVERS\Rt86win7.sys
10:46:02.0694 1576 RTL8167 - ok
10:46:02.0757 1576 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
10:46:02.0772 1576 sbp2port - ok
10:46:02.0819 1576 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
10:46:02.0819 1576 scfilter - ok
10:46:02.0897 1576 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
10:46:02.0897 1576 sdbus - ok
10:46:02.0960 1576 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:46:02.0960 1576 secdrv - ok
10:46:03.0053 1576 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
10:46:03.0053 1576 Serenum - ok
10:46:03.0116 1576 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
10:46:03.0116 1576 Serial - ok
10:46:03.0162 1576 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
10:46:03.0162 1576 sermouse - ok
10:46:03.0225 1576 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
10:46:03.0225 1576 sffdisk - ok
10:46:03.0256 1576 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
10:46:03.0256 1576 sffp_mmc - ok
10:46:03.0287 1576 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
10:46:03.0287 1576 sffp_sd - ok
10:46:03.0318 1576 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
10:46:03.0318 1576 sfloppy - ok
10:46:03.0381 1576 Sftfs (74744f4d9eb18ddd0eb45e03cfdd648e) C:\Windows\system32\DRIVERS\Sftfslh.sys
10:46:03.0396 1576 Sftfs - ok
10:46:03.0459 1576 Sftplay (cbc5be6f81e86cc73656e61767002da9) C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:46:03.0459 1576 Sftplay - ok
10:46:03.0552 1576 Sftredir (961e50666e6d6949328b1ffbc33adf43) C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:46:03.0552 1576 Sftredir - ok
10:46:03.0599 1576 Sftvol (c8c02c8fe267751ec62b7e7d8d214c63) C:\Windows\system32\DRIVERS\Sftvollh.sys
10:46:03.0599 1576 Sftvol - ok
10:46:03.0708 1576 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
10:46:03.0708 1576 sisagp - ok
10:46:03.0755 1576 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:46:03.0755 1576 SiSRaid2 - ok
10:46:03.0802 1576 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
10:46:03.0802 1576 SiSRaid4 - ok
10:46:03.0849 1576 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
10:46:03.0849 1576 Smb - ok
10:46:03.0896 1576 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
10:46:03.0896 1576 spldr - ok
10:46:03.0974 1576 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
10:46:03.0989 1576 srv - ok
10:46:04.0005 1576 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
10:46:04.0020 1576 srv2 - ok
10:46:04.0067 1576 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:46:04.0083 1576 SrvHsfHDA - ok
10:46:04.0130 1576 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
10:46:04.0161 1576 SrvHsfV92 - ok
10:46:04.0208 1576 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
10:46:04.0239 1576 SrvHsfWinac - ok
10:46:04.0286 1576 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
10:46:04.0286 1576 srvnet - ok
10:46:04.0348 1576 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:46:04.0348 1576 ssmdrv - ok
10:46:04.0426 1576 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
10:46:04.0426 1576 stexstor - ok
10:46:04.0488 1576 STHDA (f71736dc79731c98698b93326e01a6bd) C:\Windows\system32\DRIVERS\stwrt.sys
10:46:04.0504 1576 STHDA - ok
10:46:04.0551 1576 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
10:46:04.0551 1576 swenum - ok
10:46:04.0660 1576 SynTP (0e8676fb3bb95aa40fdf7a4a31018c8b) C:\Windows\system32\DRIVERS\SynTP.sys
10:46:04.0676 1576 SynTP - ok
10:46:04.0832 1576 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
10:46:04.0878 1576 Tcpip - ok
10:46:05.0019 1576 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
10:46:05.0034 1576 TCPIP6 - ok
10:46:05.0112 1576 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
10:46:05.0112 1576 tcpipreg - ok
10:46:05.0159 1576 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
10:46:05.0175 1576 TDPIPE - ok
10:46:05.0206 1576 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
10:46:05.0206 1576 TDTCP - ok
10:46:05.0268 1576 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
10:46:05.0268 1576 tdx - ok
10:46:05.0315 1576 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
10:46:05.0315 1576 TermDD - ok
10:46:05.0471 1576 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:46:05.0471 1576 tssecsrv - ok
10:46:05.0534 1576 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
10:46:05.0534 1576 TsUsbFlt - ok
10:46:05.0596 1576 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
10:46:05.0596 1576 tunnel - ok
10:46:05.0627 1576 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
10:46:05.0627 1576 uagp35 - ok
10:46:05.0674 1576 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
10:46:05.0690 1576 udfs - ok
10:46:05.0752 1576 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
10:46:05.0752 1576 uliagpkx - ok
10:46:05.0814 1576 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
10:46:05.0814 1576 umbus - ok
10:46:05.0877 1576 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
10:46:05.0877 1576 UmPass - ok
10:46:05.0939 1576 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
10:46:05.0939 1576 USBAAPL - ok
10:46:06.0002 1576 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
10:46:06.0002 1576 usbccgp - ok
10:46:06.0048 1576 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
10:46:06.0064 1576 usbcir - ok
10:46:06.0095 1576 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
10:46:06.0095 1576 usbehci - ok
10:46:06.0142 1576 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
10:46:06.0158 1576 usbhub - ok
10:46:06.0204 1576 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
10:46:06.0204 1576 usbohci - ok
10:46:06.0251 1576 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
10:46:06.0251 1576 usbprint - ok
10:46:06.0282 1576 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:46:06.0282 1576 USBSTOR - ok
10:46:06.0329 1576 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
10:46:06.0329 1576 usbuhci - ok
10:46:06.0376 1576 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
10:46:06.0376 1576 usbvideo - ok
10:46:06.0454 1576 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
10:46:06.0454 1576 vdrvroot - ok
10:46:06.0516 1576 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
10:46:06.0516 1576 vga - ok
10:46:06.0548 1576 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
10:46:06.0548 1576 VgaSave - ok
10:46:06.0594 1576 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
10:46:06.0610 1576 vhdmp - ok
10:46:06.0657 1576 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
10:46:06.0657 1576 viaagp - ok
10:46:06.0704 1576 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
10:46:06.0704 1576 ViaC7 - ok
10:46:06.0735 1576 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
10:46:06.0735 1576 viaide - ok
10:46:06.0766 1576 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
10:46:06.0766 1576 volmgr - ok
10:46:06.0813 1576 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
10:46:06.0828 1576 volmgrx - ok
10:46:06.0875 1576 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
10:46:06.0875 1576 volsnap - ok
10:46:06.0922 1576 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
10:46:06.0922 1576 vsmraid - ok
10:46:06.0969 1576 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
10:46:06.0969 1576 vwifibus - ok
10:46:07.0016 1576 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
10:46:07.0016 1576 vwififlt - ok
10:46:07.0047 1576 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
10:46:07.0062 1576 vwifimp - ok
10:46:07.0109 1576 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
10:46:07.0125 1576 WacomPen - ok
10:46:07.0172 1576 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
10:46:07.0172 1576 WANARP - ok
10:46:07.0187 1576 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
10:46:07.0203 1576 Wanarpv6 - ok
10:46:07.0265 1576 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
10:46:07.0281 1576 Wd - ok
10:46:07.0328 1576 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
10:46:07.0343 1576 Wdf01000 - ok
10:46:07.0530 1576 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
10:46:07.0530 1576 WfpLwf - ok
10:46:07.0562 1576 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
10:46:07.0562 1576 WIMMount - ok
10:46:07.0764 1576 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
10:46:07.0764 1576 WinUsb - ok
10:46:07.0827 1576 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
10:46:07.0827 1576 WmiAcpi - ok
10:46:07.0905 1576 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
10:46:07.0920 1576 ws2ifsl - ok
10:46:07.0967 1576 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
10:46:07.0967 1576 WSDPrintDevice - ok
10:46:08.0014 1576 WSDScan (7dc0270cfd4a05b4112e3ebbf083b595) C:\Windows\system32\DRIVERS\WSDScan.sys
10:46:08.0014 1576 WSDScan - ok
10:46:08.0076 1576 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
10:46:08.0092 1576 WudfPf - ok
10:46:08.0154 1576 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:46:08.0154 1576 WUDFRd - ok
10:46:08.0279 1576 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys
10:46:08.0279 1576 yukonw7 - ok
10:46:08.0357 1576 MBR (0x1B8) (af16213c8d7c2ffd462507ceed3bfc6b) \Device\Harddisk0\DR0
10:46:08.0404 1576 \Device\Harddisk0\DR0 - ok
10:46:08.0435 1576 Boot (0x1200) (3964a31ba06a74d6743f7167c7154ae6) \Device\Harddisk0\DR0\Partition0
10:46:08.0435 1576 \Device\Harddisk0\DR0\Partition0 - ok
10:46:08.0466 1576 Boot (0x1200) (9d2343a07d30c785f10ab0225b8bd6d4) \Device\Harddisk0\DR0\Partition1
10:46:08.0466 1576 \Device\Harddisk0\DR0\Partition1 - ok
10:46:08.0498 1576 Boot (0x1200) (ebb0ab066ac689dabfaa684851addb96) \Device\Harddisk0\DR0\Partition2
10:46:08.0498 1576 \Device\Harddisk0\DR0\Partition2 - ok
10:46:08.0529 1576 Boot (0x1200) (375968d12d2a646796aad2ba9eb09772) \Device\Harddisk0\DR0\Partition3
10:46:08.0529 1576 \Device\Harddisk0\DR0\Partition3 - ok
10:46:08.0529 1576 ============================================================
10:46:08.0529 1576 Scan finished
10:46:08.0529 1576 ============================================================
10:46:08.0560 1568 Detected object count: 0
10:46:08.0560 1568 Actual detected object count: 0

parkheim · 29.12.2011, 10:53

der killer hat was gefunden, aber ich hab auf "cure" geklickt. hab gedacht er schreibt das trotzdem in den report. hab ihn dann noch mal im abgesicherten modus laufen lassen und das ist das ergebnis. :/

parkheim · 29.12.2011, 10:56

hier ist das logfile vom ersten scan:

10:42:51.0973 1620 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
10:42:52.0036 1620 ============================================================
10:42:52.0036 1620 Current date / time: 2011/12/29 10:42:52.0036
10:42:52.0036 1620 SystemInfo:
10:42:52.0036 1620
10:42:52.0036 1620 OS Version: 6.1.7601 ServicePack: 1.0
10:42:52.0036 1620 Product type: Workstation
10:42:52.0036 1620 ComputerName: SOFAFREUND
10:42:52.0036 1620 UserName: lilly
10:42:52.0036 1620 Windows directory: C:\Windows
10:42:52.0036 1620 System windows directory: C:\Windows
10:42:52.0036 1620 Processor architecture: Intel x86
10:42:52.0036 1620 Number of processors: 2
10:42:52.0036 1620 Page size: 0x1000
10:42:52.0036 1620 Boot type: Normal boot
10:42:52.0036 1620 ============================================================
10:42:54.0750 1620 Initialize success
10:42:57.0449 1668 ============================================================
10:42:57.0449 1668 Scan started
10:42:57.0449 1668 Mode: Manual;
10:42:57.0449 1668 ============================================================
10:42:57.0932 1668 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
10:42:57.0932 1668 1394ohci - ok
10:42:58.0010 1668 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
10:42:58.0026 1668 ACPI - ok
10:42:58.0151 1668 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
10:42:58.0151 1668 AcpiPmi - ok
10:42:58.0260 1668 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
10:42:58.0276 1668 adp94xx - ok
10:42:58.0322 1668 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
10:42:58.0322 1668 adpahci - ok
10:42:58.0369 1668 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
10:42:58.0369 1668 adpu320 - ok
10:42:58.0432 1668 AFD (dea534b592d9d28b761e676cb94ed989) C:\Windows\system32\drivers\afd.sys
10:42:58.0447 1668 Suspicious file (Forged): C:\Windows\system32\drivers\afd.sys. Real md5: dea534b592d9d28b761e676cb94ed989, Fake md5: 9ebbba55060f786f0fcaa3893bfa2806
10:42:58.0447 1668 AFD ( Rootkit.Win32.ZAccess.aml ) - infected
10:42:58.0447 1668 AFD - detected Rootkit.Win32.ZAccess.aml (0)
10:42:58.0494 1668 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
10:42:58.0510 1668 agp440 - ok
10:42:58.0556 1668 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
10:42:58.0572 1668 aic78xx - ok
10:42:58.0634 1668 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
10:42:58.0634 1668 aliide - ok
10:42:58.0681 1668 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
10:42:58.0697 1668 amdagp - ok
10:42:58.0712 1668 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
10:42:58.0712 1668 amdide - ok
10:42:58.0775 1668 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
10:42:58.0775 1668 AmdK8 - ok
10:42:58.0822 1668 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
10:42:58.0822 1668 AmdPPM - ok
10:42:58.0868 1668 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
10:42:58.0868 1668 amdsata - ok
10:42:58.0915 1668 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
10:42:58.0931 1668 amdsbs - ok
10:42:58.0946 1668 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
10:42:58.0946 1668 amdxata - ok
10:42:58.0993 1668 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
10:42:59.0009 1668 AppID - ok
10:42:59.0149 1668 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
10:42:59.0149 1668 arc - ok
10:42:59.0180 1668 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
10:42:59.0196 1668 arcsas - ok
10:42:59.0227 1668 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
10:42:59.0243 1668 AsyncMac - ok
10:42:59.0290 1668 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
10:42:59.0290 1668 atapi - ok
10:42:59.0430 1668 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
10:42:59.0430 1668 avgntflt - ok
10:42:59.0461 1668 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
10:42:59.0461 1668 avipbb - ok
10:42:59.0586 1668 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
10:42:59.0602 1668 b06bdrv - ok
10:42:59.0664 1668 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
10:42:59.0664 1668 b57nd60x - ok
10:42:59.0851 1668 BCM43XX (36a47e6ab1f0967c97722183e21adb1a) C:\Windows\system32\DRIVERS\bcmwl6.sys
10:42:59.0882 1668 BCM43XX - ok
10:42:59.0992 1668 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
10:43:00.0007 1668 Beep - ok
10:43:00.0054 1668 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
10:43:00.0054 1668 blbdrive - ok
10:43:00.0179 1668 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
10:43:00.0179 1668 bowser - ok
10:43:00.0210 1668 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:43:00.0226 1668 BrFiltLo - ok
10:43:00.0241 1668 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:43:00.0241 1668 BrFiltUp - ok
10:43:00.0288 1668 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
10:43:00.0304 1668 Brserid - ok
10:43:00.0335 1668 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
10:43:00.0335 1668 BrSerWdm - ok
10:43:00.0366 1668 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:43:00.0366 1668 BrUsbMdm - ok
10:43:00.0413 1668 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
10:43:00.0413 1668 BrUsbSer - ok
10:43:00.0460 1668 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
10:43:00.0460 1668 BTHMODEM - ok
10:43:00.0522 1668 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
10:43:00.0538 1668 cdfs - ok
10:43:00.0662 1668 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
10:43:00.0662 1668 cdrom - ok
10:43:00.0772 1668 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
10:43:00.0787 1668 circlass - ok
10:43:00.0818 1668 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
10:43:00.0818 1668 CLFS - ok
10:43:00.0912 1668 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
10:43:00.0912 1668 CmBatt - ok
10:43:00.0959 1668 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
10:43:00.0959 1668 cmdide - ok
10:43:00.0990 1668 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
10:43:01.0006 1668 CNG - ok
10:43:01.0037 1668 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
10:43:01.0037 1668 Compbatt - ok
10:43:01.0115 1668 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
10:43:01.0115 1668 CompositeBus - ok
10:43:01.0208 1668 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
10:43:01.0224 1668 crcdisk - ok
10:43:01.0364 1668 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
10:43:01.0380 1668 DfsC - ok
10:43:01.0427 1668 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
10:43:01.0427 1668 discache - ok
10:43:01.0505 1668 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
10:43:01.0505 1668 Disk - ok
10:43:01.0583 1668 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
10:43:01.0583 1668 drmkaud - ok
10:43:01.0630 1668 DVMIO (ff7a7a1e0f9a0ab892a454ffb9d14bbe) C:\Windows\system32\DRIVERS\dvmio.sys
10:43:01.0630 1668 DVMIO - ok
10:43:01.0676 1668 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
10:43:01.0692 1668 DXGKrnl - ok
10:43:01.0848 1668 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
10:43:01.0942 1668 ebdrv - ok
10:43:02.0020 1668 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
10:43:02.0020 1668 elxstor - ok
10:43:02.0066 1668 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
10:43:02.0066 1668 ErrDev - ok
10:43:02.0144 1668 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
10:43:02.0144 1668 exfat - ok
10:43:02.0176 1668 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
10:43:02.0191 1668 fastfat - ok
10:43:02.0238 1668 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
10:43:02.0254 1668 fdc - ok
10:43:02.0316 1668 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
10:43:02.0316 1668 FileInfo - ok
10:43:02.0347 1668 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
10:43:02.0347 1668 Filetrace - ok
10:43:02.0394 1668 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
10:43:02.0394 1668 flpydisk - ok
10:43:02.0425 1668 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
10:43:02.0441 1668 FltMgr - ok
10:43:02.0488 1668 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
10:43:02.0488 1668 FsDepends - ok
10:43:02.0519 1668 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
10:43:02.0519 1668 Fs_Rec - ok
10:43:02.0581 1668 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
10:43:02.0581 1668 fvevol - ok
10:43:02.0628 1668 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:43:02.0644 1668 gagp30kx - ok
10:43:02.0753 1668 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:43:02.0753 1668 GEARAspiWDM - ok
10:43:02.0815 1668 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
10:43:02.0815 1668 hcw85cir - ok
10:43:02.0909 1668 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
10:43:02.0909 1668 HdAudAddService - ok
10:43:03.0034 1668 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
10:43:03.0034 1668 HDAudBus - ok
10:43:03.0080 1668 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
10:43:03.0096 1668 HidBatt - ok
10:43:03.0127 1668 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
10:43:03.0143 1668 HidBth - ok
10:43:03.0174 1668 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
10:43:03.0190 1668 HidIr - ok
10:43:03.0283 1668 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
10:43:03.0283 1668 HidUsb - ok
10:43:03.0470 1668 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
10:43:03.0470 1668 HpSAMD - ok
10:43:03.0533 1668 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
10:43:03.0548 1668 HTTP - ok
10:43:03.0611 1668 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
10:43:03.0611 1668 hwpolicy - ok
10:43:03.0689 1668 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
10:43:03.0689 1668 i8042prt - ok
10:43:03.0814 1668 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\Windows\system32\DRIVERS\iaStor.sys
10:43:03.0829 1668 iaStor - ok
10:43:03.0907 1668 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
10:43:03.0923 1668 iaStorV - ok
10:43:04.0126 1668 igfx (ba41e1bba410212ce6d30e0dac47972b) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:43:04.0266 1668 igfx - ok
10:43:04.0360 1668 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
10:43:04.0360 1668 iirsp - ok
10:43:04.0406 1668 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
10:43:04.0406 1668 intelide - ok
10:43:04.0453 1668 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
10:43:04.0469 1668 intelppm - ok
10:43:04.0547 1668 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:43:04.0547 1668 IpFilterDriver - ok
10:43:04.0594 1668 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
10:43:04.0594 1668 IPMIDRV - ok
10:43:04.0640 1668 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
10:43:04.0640 1668 IPNAT - ok
10:43:04.0703 1668 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
10:43:04.0703 1668 IRENUM - ok
10:43:04.0750 1668 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
10:43:04.0750 1668 isapnp - ok
10:43:04.0812 1668 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
10:43:04.0812 1668 iScsiPrt - ok
10:43:04.0843 1668 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
10:43:04.0843 1668 kbdclass - ok
10:43:04.0921 1668 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
10:43:04.0921 1668 kbdhid - ok
10:43:04.0984 1668 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
10:43:04.0984 1668 KSecDD - ok
10:43:05.0030 1668 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
10:43:05.0046 1668 KSecPkg - ok
10:43:05.0124 1668 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
10:43:05.0124 1668 lltdio - ok
10:43:05.0218 1668 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:43:05.0218 1668 LSI_FC - ok
10:43:05.0249 1668 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:43:05.0264 1668 LSI_SAS - ok
10:43:05.0296 1668 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:43:05.0296 1668 LSI_SAS2 - ok
10:43:05.0358 1668 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:43:05.0358 1668 LSI_SCSI - ok
10:43:05.0405 1668 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
10:43:05.0405 1668 luafv - ok
10:43:05.0514 1668 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
10:43:05.0530 1668 MBAMProtector - ok
10:43:05.0592 1668 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
10:43:05.0592 1668 megasas - ok
10:43:05.0639 1668 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
10:43:05.0654 1668 MegaSR - ok
10:43:05.0701 1668 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
10:43:05.0701 1668 Modem - ok
10:43:05.0732 1668 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
10:43:05.0732 1668 monitor - ok
10:43:05.0826 1668 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
10:43:05.0826 1668 mouclass - ok
10:43:05.0888 1668 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
10:43:05.0904 1668 mouhid - ok
10:43:05.0966 1668 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
10:43:05.0966 1668 mountmgr - ok
10:43:06.0029 1668 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
10:43:06.0029 1668 mpio - ok
10:43:06.0076 1668 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
10:43:06.0076 1668 mpsdrv - ok
10:43:06.0122 1668 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
10:43:06.0122 1668 MRxDAV - ok
10:43:06.0154 1668 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:43:06.0169 1668 mrxsmb - ok
10:43:06.0200 1668 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:43:06.0216 1668 mrxsmb10 - ok
10:43:06.0232 1668 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:43:06.0247 1668 mrxsmb20 - ok
10:43:06.0310 1668 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
10:43:06.0310 1668 msahci - ok
10:43:06.0356 1668 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
10:43:06.0372 1668 msdsm - ok
10:43:06.0450 1668 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
10:43:06.0450 1668 Msfs - ok
10:43:06.0481 1668 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
10:43:06.0481 1668 mshidkmdf - ok
10:43:06.0528 1668 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
10:43:06.0528 1668 msisadrv - ok
10:43:06.0637 1668 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
10:43:06.0637 1668 MSKSSRV - ok
10:43:06.0668 1668 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
10:43:06.0668 1668 MSPCLOCK - ok
10:43:06.0700 1668 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
10:43:06.0700 1668 MSPQM - ok
10:43:06.0731 1668 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
10:43:06.0731 1668 MsRPC - ok
10:43:06.0793 1668 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
10:43:06.0793 1668 mssmbios - ok
10:43:06.0840 1668 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
10:43:06.0840 1668 MSTEE - ok
10:43:06.0871 1668 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
10:43:06.0887 1668 MTConfig - ok
10:43:06.0902 1668 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
10:43:06.0902 1668 Mup - ok
10:43:06.0980 1668 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
10:43:06.0980 1668 NativeWifiP - ok
10:43:07.0074 1668 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
10:43:07.0090 1668 NDIS - ok
10:43:07.0136 1668 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
10:43:07.0152 1668 NdisCap - ok
10:43:07.0214 1668 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
10:43:07.0214 1668 NdisTapi - ok
10:43:07.0324 1668 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
10:43:07.0324 1668 Ndisuio - ok
10:43:07.0370 1668 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
10:43:07.0386 1668 NdisWan - ok
10:43:07.0433 1668 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
10:43:07.0433 1668 NDProxy - ok
10:43:07.0495 1668 Netaapl (7afd0e39ab15cb355487b7cc19f4e2c5) C:\Windows\system32\DRIVERS\netaapl.sys
10:43:07.0511 1668 Netaapl - ok
10:43:07.0558 1668 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
10:43:07.0573 1668 NetBIOS - ok
10:43:07.0651 1668 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
10:43:07.0651 1668 NetBT - ok
10:43:07.0901 1668 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
10:43:08.0026 1668 netw5v32 - ok
10:43:08.0072 1668 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
10:43:08.0072 1668 nfrd960 - ok
10:43:08.0135 1668 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
10:43:08.0150 1668 Npfs - ok
10:43:08.0213 1668 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
10:43:08.0213 1668 nsiproxy - ok
10:43:08.0306 1668 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
10:43:08.0338 1668 Ntfs - ok
10:43:08.0384 1668 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
10:43:08.0400 1668 Null - ok
10:43:08.0431 1668 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
10:43:08.0447 1668 nvraid - ok
10:43:08.0478 1668 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
10:43:08.0478 1668 nvstor - ok
10:43:08.0540 1668 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
10:43:08.0540 1668 nv_agp - ok
10:43:08.0587 1668 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
10:43:08.0587 1668 ohci1394 - ok
10:43:08.0743 1668 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
10:43:08.0743 1668 Parport - ok
10:43:08.0806 1668 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
10:43:08.0806 1668 partmgr - ok
10:43:08.0852 1668 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
10:43:08.0852 1668 Parvdm - ok
10:43:08.0899 1668 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
10:43:08.0915 1668 pci - ok
10:43:08.0962 1668 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
10:43:08.0962 1668 pciide - ok
10:43:09.0008 1668 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
10:43:09.0024 1668 pcmcia - ok
10:43:09.0055 1668 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
10:43:09.0055 1668 pcw - ok
10:43:09.0102 1668 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
10:43:09.0118 1668 PEAUTH - ok
10:43:09.0289 1668 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
10:43:09.0289 1668 PptpMiniport - ok
10:43:09.0336 1668 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
10:43:09.0336 1668 Processor - ok
10:43:09.0430 1668 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
10:43:09.0430 1668 Psched - ok
10:43:09.0492 1668 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
10:43:09.0539 1668 ql2300 - ok
10:43:09.0601 1668 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
10:43:09.0601 1668 ql40xx - ok
10:43:09.0648 1668 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
10:43:09.0664 1668 QWAVEdrv - ok
10:43:09.0695 1668 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
10:43:09.0695 1668 RasAcd - ok
10:43:09.0726 1668 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:43:09.0726 1668 RasAgileVpn - ok
10:43:09.0757 1668 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:43:09.0773 1668 Rasl2tp - ok
10:43:09.0866 1668 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
10:43:09.0866 1668 RasPppoe - ok
10:43:09.0898 1668 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
10:43:09.0898 1668 RasSstp - ok
10:43:09.0944 1668 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
10:43:09.0960 1668 rdbss - ok
10:43:09.0991 1668 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
10:43:10.0007 1668 rdpbus - ok
10:43:10.0054 1668 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:43:10.0054 1668 RDPCDD - ok
10:43:10.0116 1668 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
10:43:10.0116 1668 RDPENCDD - ok
10:43:10.0147 1668 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
10:43:10.0147 1668 RDPREFMP - ok
10:43:10.0194 1668 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
10:43:10.0194 1668 RDPWD - ok
10:43:10.0272 1668 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
10:43:10.0272 1668 rdyboost - ok
10:43:10.0444 1668 RSPCIESTOR (2ad7b2b3d7a10ae3d534877d543eed74) C:\Windows\system32\DRIVERS\RtsPStor.sys
10:43:10.0444 1668 RSPCIESTOR - ok
10:43:10.0490 1668 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
10:43:10.0490 1668 rspndr - ok
10:43:10.0553 1668 RTL8167 (0516998076ad894ae7e362c3110aa071) C:\Windows\system32\DRIVERS\Rt86win7.sys
10:43:10.0553 1668 RTL8167 - ok
10:43:10.0662 1668 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
10:43:10.0662 1668 sbp2port - ok
10:43:10.0724 1668 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
10:43:10.0724 1668 scfilter - ok
10:43:10.0787 1668 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
10:43:10.0787 1668 sdbus - ok
10:43:10.0880 1668 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:43:10.0896 1668 secdrv - ok
10:43:10.0958 1668 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
10:43:10.0958 1668 Serenum - ok
10:43:11.0036 1668 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
10:43:11.0052 1668 Serial - ok
10:43:11.0083 1668 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
10:43:11.0099 1668 sermouse - ok
10:43:11.0161 1668 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
10:43:11.0161 1668 sffdisk - ok
10:43:11.0177 1668 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
10:43:11.0177 1668 sffp_mmc - ok
10:43:11.0208 1668 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
10:43:11.0208 1668 sffp_sd - ok
10:43:11.0255 1668 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
10:43:11.0255 1668 sfloppy - ok
10:43:11.0317 1668 Sftfs (74744f4d9eb18ddd0eb45e03cfdd648e) C:\Windows\system32\DRIVERS\Sftfslh.sys
10:43:11.0317 1668 Sftfs - ok
10:43:11.0442 1668 Sftplay (cbc5be6f81e86cc73656e61767002da9) C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:43:11.0442 1668 Sftplay - ok
10:43:11.0473 1668 Sftredir (961e50666e6d6949328b1ffbc33adf43) C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:43:11.0489 1668 Sftredir - ok
10:43:11.0536 1668 Sftvol (c8c02c8fe267751ec62b7e7d8d214c63) C:\Windows\system32\DRIVERS\Sftvollh.sys
10:43:11.0536 1668 Sftvol - ok
10:43:11.0598 1668 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
10:43:11.0614 1668 sisagp - ok
10:43:11.0645 1668 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:43:11.0660 1668 SiSRaid2 - ok
10:43:11.0692 1668 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
10:43:11.0692 1668 SiSRaid4 - ok
10:43:11.0738 1668 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
10:43:11.0738 1668 Smb - ok
10:43:11.0801 1668 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
10:43:11.0801 1668 spldr - ok
10:43:11.0910 1668 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
10:43:11.0910 1668 srv - ok
10:43:11.0941 1668 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
10:43:11.0957 1668 srv2 - ok
10:43:12.0004 1668 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:43:12.0004 1668 SrvHsfHDA - ok
10:43:12.0066 1668 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
10:43:12.0097 1668 SrvHsfV92 - ok
10:43:12.0144 1668 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
10:43:12.0160 1668 SrvHsfWinac - ok
10:43:12.0222 1668 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
10:43:12.0238 1668 srvnet - ok
10:43:12.0300 1668 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:43:12.0300 1668 ssmdrv - ok
10:43:12.0362 1668 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
10:43:12.0362 1668 stexstor - ok
10:43:12.0456 1668 STHDA (f71736dc79731c98698b93326e01a6bd) C:\Windows\system32\DRIVERS\stwrt.sys
10:43:12.0456 1668 STHDA - ok
10:43:12.0518 1668 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
10:43:12.0518 1668 swenum - ok
10:43:12.0690 1668 SynTP (0e8676fb3bb95aa40fdf7a4a31018c8b) C:\Windows\system32\DRIVERS\SynTP.sys
10:43:12.0706 1668 SynTP - ok
10:43:12.0830 1668 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
10:43:12.0862 1668 Tcpip - ok
10:43:12.0940 1668 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
10:43:12.0955 1668 TCPIP6 - ok
10:43:13.0049 1668 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
10:43:13.0049 1668 tcpipreg - ok
10:43:13.0111 1668 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
10:43:13.0111 1668 TDPIPE - ok
10:43:13.0158 1668 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
10:43:13.0158 1668 TDTCP - ok
10:43:13.0205 1668 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
10:43:13.0220 1668 tdx - ok
10:43:13.0267 1668 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
10:43:13.0267 1668 TermDD - ok
10:43:13.0408 1668 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:43:13.0408 1668 tssecsrv - ok
10:43:13.0470 1668 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
10:43:13.0470 1668 TsUsbFlt - ok
10:43:13.0532 1668 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
10:43:13.0548 1668 tunnel - ok
10:43:13.0579 1668 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
10:43:13.0595 1668 uagp35 - ok
10:43:13.0642 1668 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
10:43:13.0642 1668 udfs - ok
10:43:13.0704 1668 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
10:43:13.0704 1668 uliagpkx - ok
10:43:13.0751 1668 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
10:43:13.0751 1668 umbus - ok
10:43:13.0813 1668 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
10:43:13.0813 1668 UmPass - ok
10:43:13.0922 1668 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
10:43:13.0922 1668 USBAAPL - ok
10:43:13.0969 1668 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
10:43:13.0969 1668 usbccgp - ok
10:43:14.0032 1668 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
10:43:14.0032 1668 usbcir - ok
10:43:14.0078 1668 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
10:43:14.0078 1668 usbehci - ok
10:43:14.0125 1668 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
10:43:14.0125 1668 usbhub - ok
10:43:14.0156 1668 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
10:43:14.0156 1668 usbohci - ok
10:43:14.0203 1668 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
10:43:14.0203 1668 usbprint - ok
10:43:14.0266 1668 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:43:14.0266 1668 USBSTOR - ok
10:43:14.0281 1668 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
10:43:14.0297 1668 usbuhci - ok
10:43:14.0344 1668 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
10:43:14.0344 1668 usbvideo - ok
10:43:14.0422 1668 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
10:43:14.0422 1668 vdrvroot - ok
10:43:14.0468 1668 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
10:43:14.0484 1668 vga - ok
10:43:14.0515 1668 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
10:43:14.0515 1668 VgaSave - ok
10:43:14.0562 1668 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
10:43:14.0578 1668 vhdmp - ok
10:43:14.0624 1668 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
10:43:14.0624 1668 viaagp - ok
10:43:14.0656 1668 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
10:43:14.0671 1668 ViaC7 - ok
10:43:14.0702 1668 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
10:43:14.0718 1668 viaide - ok
10:43:14.0734 1668 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
10:43:14.0749 1668 volmgr - ok
10:43:14.0796 1668 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
10:43:14.0796 1668 volmgrx - ok
10:43:14.0827 1668 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
10:43:14.0827 1668 volsnap - ok
10:43:14.0890 1668 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
10:43:14.0890 1668 vsmraid - ok
10:43:14.0936 1668 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
10:43:14.0936 1668 vwifibus - ok
10:43:14.0983 1668 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
10:43:14.0983 1668 vwififlt - ok
10:43:15.0030 1668 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
10:43:15.0030 1668 vwifimp - ok
10:43:15.0092 1668 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
10:43:15.0092 1668 WacomPen - ok
10:43:15.0155 1668 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
10:43:15.0155 1668 WANARP - ok
10:43:15.0170 1668 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
10:43:15.0170 1668 Wanarpv6 - ok
10:43:15.0248 1668 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
10:43:15.0248 1668 Wd - ok
10:43:15.0295 1668 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
10:43:15.0311 1668 Wdf01000 - ok
10:43:15.0498 1668 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
10:43:15.0498 1668 WfpLwf - ok
10:43:15.0529 1668 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
10:43:15.0529 1668 WIMMount - ok
10:43:15.0701 1668 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
10:43:15.0701 1668 WinUsb - ok
10:43:15.0763 1668 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
10:43:15.0763 1668 WmiAcpi - ok
10:43:15.0857 1668 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
10:43:15.0857 1668 ws2ifsl - ok
10:43:15.0904 1668 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
10:43:15.0904 1668 WSDPrintDevice - ok
10:43:15.0935 1668 WSDScan (7dc0270cfd4a05b4112e3ebbf083b595) C:\Windows\system32\DRIVERS\WSDScan.sys
10:43:15.0950 1668 WSDScan - ok
10:43:16.0013 1668 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
10:43:16.0013 1668 WudfPf - ok
10:43:16.0091 1668 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:43:16.0091 1668 WUDFRd - ok
10:43:16.0247 1668 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys
10:43:16.0247 1668 yukonw7 - ok
10:43:16.0325 1668 MBR (0x1B8) (af16213c8d7c2ffd462507ceed3bfc6b) \Device\Harddisk0\DR0
10:43:16.0372 1668 \Device\Harddisk0\DR0 - ok
10:43:16.0418 1668 Boot (0x1200) (3964a31ba06a74d6743f7167c7154ae6) \Device\Harddisk0\DR0\Partition0
10:43:16.0418 1668 \Device\Harddisk0\DR0\Partition0 - ok
10:43:16.0434 1668 Boot (0x1200) (9d2343a07d30c785f10ab0225b8bd6d4) \Device\Harddisk0\DR0\Partition1
10:43:16.0434 1668 \Device\Harddisk0\DR0\Partition1 - ok
10:43:16.0481 1668 Boot (0x1200) (ebb0ab066ac689dabfaa684851addb96) \Device\Harddisk0\DR0\Partition2
10:43:16.0481 1668 \Device\Harddisk0\DR0\Partition2 - ok
10:43:16.0496 1668 Boot (0x1200) (375968d12d2a646796aad2ba9eb09772) \Device\Harddisk0\DR0\Partition3
10:43:16.0496 1668 \Device\Harddisk0\DR0\Partition3 - ok
10:43:16.0496 1668 ============================================================
10:43:16.0496 1668 Scan finished
10:43:16.0496 1668 ============================================================
10:43:16.0528 1660 Detected object count: 1
10:43:16.0528 1660 Actual detected object count: 1
10:43:47.0852 1660 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\afd.sys_CLN) error 1813
10:43:54.0717 1660 Backup copy found, using it..
10:43:54.0732 1660 C:\Windows\system32\drivers\afd.sys - will be cured on reboot
10:43:56.0183 1660 C:\Windows\System32\c_75745.nls - will be deleted on reboot
10:43:56.0651 1660 AFD ( Rootkit.Win32.ZAccess.aml ) - User select action: Cure
10:44:11.0923 1616 Deinitialize success

Chris4You · 29.12.2011, 10:58

Hi,

viele Services die nicht laufen und deren Files nicht zu finden sind...

Fix für OTL

Doppelklick auf die OTL.exe, um das Programm auszuführen.

Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.

Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:

ATTFilter

:OTL
O4 - HKLM..\Run: [bitkb] C:\Users\lilly\AppData\Roaming\bitkb.exe File not found
O4 - HKLM..\Run: [msilabel] C:\ProgramData\msilabel.exe File not found


:Commands
[emptytemp]
[Reboot]

Den roten Run Fixes! Button anklicken.

Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.

Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:

%systemroot%\_OTL

TDSS findet nichts, dann mal Hitman fragen...

Hitman
Lade Dir die passende Version von Hitman runter (32/64Bit), laufen lassen und Log posten.
Downloads - SurfRight

Richte Deinem Bruder ein eigenes Gast-Konto ein..

chris

parkheim · 29.12.2011, 11:13

ok, hier der result. möchtest du das otl-fix-log auch noch oder ist das das gleiche?
erstmal vielen vielen dank, dass du dich um mich dummes opfer kümmerst!

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\bitkb deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\msilabel deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: lilly
->Temp folder emptied: 4391959020 bytes
->Temporary Internet Files folder emptied: 93720748 bytes
->Java cache emptied: 447115 bytes
->FireFox cache emptied: 77470634 bytes
->Flash cache emptied: 35475 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 233125608 bytes
RecycleBin emptied: 206776174 bytes

Total Files Cleaned = 4.772,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 12292011_110405

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

parkheim · 29.12.2011, 11:23

hier auch noch mal das logfile von hitman....

Chris4You · 29.12.2011, 11:39

Hi,

das sieht so schlecht nicht aus...

Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Update" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

chris

parkheim · 29.12.2011, 11:47

oh man, das wäre super! windows firewall oder ähnliches bekomme ich aber nicht aktiviert. ist das noch ein symptom oder gibt es dafür fixes? und ja, wenn mein bruder den öfter benutzen würde, hätte ich das auch getan, aber wie das weihnachten so ist: kann ich mal kurz ins internet?

lilly

parkheim · 29.12.2011, 13:05

also mit mam hat er noch etwas gefunden. im anhang die log-datei.

lilly

Chris4You · 29.12.2011, 13:10

Hi,

gefällt mir nicht... bitte neues OTL-Log posten und Hitman:

Hitman
Lade Dir die passende Version von Hitman runter (32/64Bit), laufen lassen und Log posten.
Downloads - SurfRight

chris
Ps.: Um die Firewall kümmern wir uns später...

parkheim · 29.12.2011, 13:18

habe hier auch mal den mbr-check laufen lassen. weiß nicht, ob das weiterhilft...

Chris4You · 29.12.2011, 13:26

Hi,

232 GB \\.\PhysicalDrive0 Unknown MBR code kann auch ein MBR vom Hersteller sein...

Was sagt Hitman?

chris

rechner gekapert: mediashift.com + sirefef.ch + rootkit.kryptik.gx

Plagegeister aller Art und deren Bekämpfung: rechner gekapert: mediashift.com + sirefef.ch + rootkit.kryptik.gx