| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: [Schadprogramm] Windows Restore beseitigt und t.w. noch ProblemeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.06.2011, 19:08
| #46 |
 | ![[Schadprogramm] Windows Restore beseitigt und t.w. noch Probleme - Standard](images/icons/icon1.gif){kind=icon} [Schadprogramm] Windows Restore beseitigt und t.w. noch Probleme Ich hab nur die OTL.txt: Code:
ATTFilter OTL logfile created on: 6/29/2011 8:56:04 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Windows 7 Home Premium (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = I: | %SystemRoot% = I:\Windows | %ProgramFiles% = I:\Program Files
Drive C: | 100.00 Mb Total Space | 75.86 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive D: | 232.83 Gb Total Space | 108.45 Gb Free Space | 46.58% Space Free | Partition Type: FAT32
Drive I: | 443.13 Gb Total Space | 315.39 Gb Free Space | 71.17% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2011/05/25 11:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Disabled] -- I:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/05/01 17:00:36 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- I:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/21 07:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand] -- I:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/03/20 05:42:20 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- I:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/11/18 08:35:50 | 000,240,112 | ---- | M] (CyberLink) [Disabled] -- I:\Program Files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_E92D8507)
SRV - [2010/07/04 05:44:03 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- I:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/10 18:45:04 | 000,124,832 | ---- | M] () [Disabled] -- I:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007/03/22 05:09:16 | 001,689,304 | ---- | M] ( ) [Auto] -- I:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe -- (AshampooDefragService)
SRV - [2005/11/17 09:18:52 | 001,527,900 | ---- | M] (MAGIX®) [Disabled] -- I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005/03/04 06:42:08 | 000,315,392 | ---- | M] (AVM Berlin) [On_Demand] -- I:\Program Files\Common Files\AVM\De_serv.exe -- (de_serv)
SRV - [2005/03/04 05:50:00 | 000,118,784 | ---- | M] (AVM Berlin) [Auto] -- I:\Program Files\FRITZ!DSL\IGDCTRL.EXE -- (AVM IGD CTRL Service)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2011/06/28 16:31:30 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- I:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011/03/20 05:42:20 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System] -- I:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/02 09:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/12/02 09:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/12/02 09:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand] -- I:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/12/02 09:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand] -- I:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/11/22 17:55:16 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto] -- I:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/10/13 16:49:42 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2010/08/14 11:59:32 | 000,281,760 | ---- | M] () [Kernel | Auto] -- I:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/08/14 11:59:32 | 000,025,888 | ---- | M] () [Kernel | Auto] -- I:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/07/10 00:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- I:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- I:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/19 10:10:38 | 000,087,536 | ---- | M] (CyberLink Corp.) [2011/06/07 21:11:23] [Kernel | Auto] -- I:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009/12/21 20:26:36 | 000,030,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009/11/20 07:15:18 | 000,137,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2009/11/20 07:15:16 | 000,058,880 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009/10/07 08:48:58 | 000,163,368 | ---- | M] (CyberLink Corporation.) [File_System | Auto] -- I:\Windows\System32\drivers\CLBUDF.sys -- (CLBUDF)
DRV - [2009/10/07 08:48:58 | 000,015,784 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System] -- I:\Windows\System32\drivers\CLBStor.sys -- (CLBStor)
DRV - [2009/07/13 21:19:10 | 000,245,328 | ---- | M] () [Kernel | Boot] -- I:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- I:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/04 21:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- I:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009/04/29 09:37:26 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- I:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86)
DRV - [2009/03/18 11:35:40 | 000,026,176 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- I:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/27 06:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- I:\Windows\System32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007/07/27 04:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- I:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007/05/11 10:17:25 | 000,221,184 | ---- | M] (TerraTec Electronic GmbH.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\Cinergy_HT_PCI_MKII.sys -- (Cinergy_HT_PCI_MKII) Cinergy HT PCI (MKII)
DRV - [2004/07/14 06:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto] -- I:\Windows\System32\drivers\hardlock.sys -- (Hardlock)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Melms_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\Melms_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Melms_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 37 13 EE 64 48 11 CB 01 [binary data]
IE - HKU\Melms_ON_I\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\Melms_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Melms_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/05/22 10:36:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/05/22 10:36:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/06/18 16:02:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/22 12:08:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/15 06:43:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/06/18 16:02:35 | 000,000,000 | ---D | M]
[2011/05/04 11:40:05 | 000,000,000 | ---D | M] (No name found) -- I:\Program Files\Mozilla Firefox\extensions
[2010/07/17 03:13:10 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/01/12 03:21:14 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/03 14:02:49 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/06/22 12:08:27 | 000,142,296 | ---- | M] (Mozilla Foundation) -- I:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/04/13 23:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- I:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/12/09 06:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- I:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/01/01 04:00:00 | 000,001,392 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 04:00:00 | 000,001,153 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/01/01 04:00:00 | 000,006,805 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/01/01 04:00:00 | 000,001,178 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/01/01 04:00:00 | 000,001,105 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011/05/08 09:58:58 | 000,000,027 | ---- | M]) - I:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - I:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Idea2 SidebarBrowserMonitor Class) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - I:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - I:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - I:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O4 - HKLM..\Run: [Adobe Photo Downloader] I:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] I:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] I:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] I:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [InstantBurn] I:\Program Files\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.)
O4 - HKLM..\Run: [Name of App] I:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe ( )
O4 - HKLM..\Run: [NokiaMServer] I:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NUSB3MON] I:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKU\Melms_ON_I..\Run: [] File not found
O4 - HKU\Melms_ON_I..\Run: [NokiaOviSuite2] I:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKU\Melms_ON_I..\Run: [Remote Control Editor] I:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe (TerraTec Electronic GmbH)
O4 - HKU\Melms_ON_I..\Run: [SIDEBAR] I:\Program Files\Desktop Sidebar\dsidebar.exe (Idea2)
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\Melms_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - I:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O9 - Extra 'Tools' menuitem : Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - I:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - I:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - I:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - I:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - I:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - I:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - I:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/28 16:32:21 | 127,222,215 | ---- | C] (Igor Pavlov) -- I:\Users\Melms\Desktop\OTLPENet.exe
[2011/06/28 16:31:30 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- I:\Windows\System32\drivers\sptd.sys
[2011/06/28 16:30:44 | 000,000,000 | ---D | C] -- I:\Program Files\LSoft Technologies
[2011/06/28 16:30:44 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2011/06/28 16:29:49 | 004,940,440 | ---- | C] (Macrovision Corporation) -- I:\Users\Melms\Desktop\IsoBurner-Setup.exe
[2011/06/26 10:04:31 | 000,000,000 | ---D | C] -- I:\Sierra
[2011/06/26 10:04:31 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
[2011/06/18 16:09:16 | 000,000,000 | ---D | C] -- I:\ProgramData\NokiaAccount
[2011/06/18 16:04:04 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Local\Nokia
[2011/06/18 16:03:44 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/06/18 16:02:25 | 000,000,000 | ---D | C] -- I:\Program Files\PC Connectivity Solution
[2011/06/18 16:02:19 | 000,000,000 | -HSD | C] -- I:\Config.Msi
[2011/06/18 16:00:27 | 000,000,000 | ---D | C] -- I:\ProgramData\NokiaInstallerCache
[2011/06/16 13:48:59 | 000,161,792 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\d3d10_1.dll
[2011/06/16 13:48:52 | 000,599,552 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msfeeds.dll
[2011/06/16 13:48:52 | 000,381,440 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\iedkcs32.dll
[2011/06/16 13:48:51 | 001,638,912 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\mshtml.tlb
[2011/06/16 13:48:51 | 000,606,208 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\mstime.dll
[2011/06/16 13:48:51 | 000,386,048 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\html.iec
[2011/06/16 13:48:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\iepeers.dll
[2011/06/16 13:48:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\ieui.dll
[2011/06/16 13:48:51 | 000,064,512 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msfeedsbs.dll
[2011/06/16 13:48:51 | 000,048,128 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\jsproxy.dll
[2011/06/16 13:48:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\licmgr10.dll
[2011/06/16 13:48:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msfeedssync.exe
[2011/06/11 11:14:31 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011/06/11 11:13:31 | 000,000,000 | ---D | C] -- I:\Program Files\Activision
[2011/06/11 03:14:53 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- I:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/07 15:24:20 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Roaming\NVIDIA
[2011/06/07 15:24:06 | 000,000,000 | ---D | C] -- I:\Users\Melms\Documents\CyberLink
[2011/06/07 15:17:37 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Local\Power2Go
[2011/06/07 15:11:22 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2011/06/07 15:11:16 | 000,000,000 | ---D | C] -- I:\Program Files\Common Files\CyberLink
[2011/06/07 15:10:03 | 000,029,480 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msxml3a.dll
[2011/06/07 15:08:03 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Roaming\CyberLink
[2011/06/07 15:08:00 | 000,000,000 | ---D | C] -- I:\Users\Melms\AppData\Local\Cyberlink
[2011/06/07 15:05:23 | 000,000,000 | R--D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2011/06/07 15:05:20 | 000,000,000 | ---D | C] -- I:\Program Files\Common Files\LightScribe
[2011/06/07 15:04:23 | 000,163,368 | ---- | C] (CyberLink Corporation.) -- I:\Windows\System32\drivers\CLBUDF.sys
[2011/06/07 15:04:23 | 000,015,784 | ---- | C] (Cyberlink Co.,Ltd.) -- I:\Windows\System32\drivers\CLBStor.sys
[2011/06/07 15:04:10 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2011/06/07 15:04:04 | 000,000,000 | ---D | C] -- I:\Program Files\CyberLink
[2011/06/07 15:03:59 | 000,000,000 | ---D | C] -- I:\ProgramData\CyberLink
[2011/06/07 15:02:37 | 000,000,000 | ---D | C] -- I:\ProgramData\Temp
[2011/06/07 13:52:10 | 001,531,392 | ---- | C] (Toshiba Samsung Storage Technology Corporation) -- I:\Users\Melms\AppData\Roaming\tsdnwin.dll
[2011/06/07 13:35:54 | 000,000,000 | ---D | C] -- I:\Program Files\SAMSUNG
[2011/06/07 13:35:54 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\ODD Firmware LiveUpdate
[2011/05/31 15:14:30 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/05/31 15:14:29 | 000,000,000 | ---D | C] -- I:\Program Files\LogMeIn Hamachi
[2010/10/11 15:12:07 | 000,180,224 | ---- | C] ( ) -- I:\Windows\System32\rsnp2uvc.dll
========== Files - Modified Within 30 Days ==========
[2011/06/29 02:16:36 | 000,067,584 | --S- | M] () -- I:\Windows\bootstat.dat
[2011/06/29 02:06:03 | 000,014,624 | ---- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 02:06:03 | 000,014,624 | ---- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 01:59:32 | 000,000,431 | ---- | M] () -- I:\Users\Melms\AppData\Roaming\SamsungLiveUpdateConfig.ini
[2011/06/29 01:58:50 | 000,001,092 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/29 01:58:35 | 1610,309,632 | -HS- | M] () -- I:\hiberfil.sys
[2011/06/28 17:29:00 | 000,001,096 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/28 16:38:01 | 127,222,215 | ---- | M] (Igor Pavlov) -- I:\Users\Melms\Desktop\OTLPENet.exe
[2011/06/28 16:30:44 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2011/06/28 16:29:56 | 004,940,440 | ---- | M] (Macrovision Corporation) -- I:\Users\Melms\Desktop\IsoBurner-Setup.exe
[2011/06/28 16:04:39 | 000,031,137 | ---- | M] () -- I:\Users\Melms\Desktop\Bild3.png
[2011/06/27 02:29:09 | 000,668,302 | ---- | M] () -- I:\Windows\System32\perfh007.dat
[2011/06/27 02:29:09 | 000,619,894 | ---- | M] () -- I:\Windows\System32\perfh009.dat
[2011/06/27 02:29:09 | 000,134,150 | ---- | M] () -- I:\Windows\System32\perfc007.dat
[2011/06/27 02:29:09 | 000,110,082 | ---- | M] () -- I:\Windows\System32\perfc009.dat
[2011/06/26 15:30:42 | 000,046,186 | ---- | M] () -- I:\Users\Melms\Desktop\Bild2.png
[2011/06/26 11:11:53 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/26 10:13:37 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
[2011/06/26 10:13:34 | 000,000,403 | ---- | M] () -- I:\Windows\SIERRA.INI
[2011/06/18 16:03:44 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/06/18 15:48:05 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_User_wpdcomp_01_09_00.Wdf
[2011/06/18 15:47:48 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/06/18 04:07:53 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- I:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/17 02:31:05 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/06/11 11:14:31 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011/06/11 11:14:30 | 000,000,324 | ---- | M] () -- I:\Windows\game.ini
[2011/06/08 13:50:20 | 000,029,480 | ---- | M] (Microsoft Corporation) -- I:\Windows\System32\msxml3a.dll
[2011/06/07 15:17:26 | 000,344,400 | ---- | M] () -- I:\Windows\System32\FNTCACHE.DAT
[2011/06/07 15:09:48 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2011/06/07 15:05:23 | 000,000,000 | R--D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2011/06/07 13:52:26 | 001,531,392 | ---- | M] (Toshiba Samsung Storage Technology Corporation) -- I:\Users\Melms\AppData\Roaming\tsdnwin.dll
[2011/06/07 13:35:54 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\ODD Firmware LiveUpdate
[2011/06/05 15:07:52 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\sixteen tons entertainment
[2011/05/31 15:14:30 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
========== Files Created - No Company Name ==========
[2011/06/28 16:04:39 | 000,031,137 | ---- | C] () -- I:\Users\Melms\Desktop\Bild3.png
[2011/06/26 15:30:41 | 000,046,186 | ---- | C] () -- I:\Users\Melms\Desktop\Bild2.png
[2011/06/26 10:04:31 | 000,000,403 | ---- | C] () -- I:\Windows\SIERRA.INI
[2011/06/18 15:48:05 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_User_wpdcomp_01_09_00.Wdf
[2011/06/18 15:47:48 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/06/11 11:14:30 | 000,000,324 | ---- | C] () -- I:\Windows\game.ini
[2011/06/07 13:35:58 | 000,000,431 | ---- | C] () -- I:\Users\Melms\AppData\Roaming\SamsungLiveUpdateConfig.ini
[2011/05/08 09:51:03 | 000,256,512 | ---- | C] () -- I:\Windows\PEV.exe
[2011/05/08 09:51:03 | 000,098,816 | ---- | C] () -- I:\Windows\sed.exe
[2011/05/08 09:51:03 | 000,089,088 | ---- | C] () -- I:\Windows\MBR.exe
[2011/05/08 09:51:03 | 000,080,412 | ---- | C] () -- I:\Windows\grep.exe
[2011/05/08 09:51:03 | 000,068,096 | ---- | C] () -- I:\Windows\zip.exe
[2011/03/20 14:48:15 | 000,043,520 | ---- | C] () -- I:\Windows\System32\CmdLineExt03.dll
[2011/02/26 19:45:09 | 000,000,381 | ---- | C] () -- I:\Windows\BeatBox.INI
[2011/02/26 19:45:09 | 000,000,028 | ---- | C] () -- I:\Windows\Robota.INI
[2011/02/26 18:58:31 | 000,124,596 | ---- | C] () -- I:\Windows\System32\mlfcache.dat
[2011/02/05 14:09:24 | 000,139,152 | ---- | C] () -- I:\Windows\System32\drivers\PnkBstrK.sys
[2011/02/05 14:09:18 | 000,139,152 | ---- | C] () -- I:\Users\Melms\AppData\Roaming\PnkBstrK.sys
[2011/02/05 14:08:43 | 000,111,928 | ---- | C] () -- I:\Windows\System32\PnkBstrB.exe
[2011/02/05 14:08:40 | 000,794,408 | ---- | C] () -- I:\Windows\System32\pbsvc.exe
[2011/02/05 14:08:40 | 000,075,064 | ---- | C] () -- I:\Windows\System32\PnkBstrA.exe
[2011/02/03 15:56:57 | 000,000,019 | ---- | C] () -- I:\Windows\SoundConverter.INI
[2010/12/29 15:00:43 | 000,000,180 | ---- | C] () -- I:\Windows\System32\msftpd.exe
[2010/12/19 14:34:53 | 000,000,221 | ---- | C] () -- I:\Windows\SOFTEK.INI
[2010/10/19 11:18:19 | 000,002,464 | ---- | C] () -- I:\Windows\netdet.ini
[2010/10/15 15:00:00 | 000,007,168 | ---- | C] () -- I:\Users\Melms\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/11 15:12:07 | 000,237,568 | ---- | C] () -- I:\Windows\tsnp2uvc.exe
[2010/08/28 13:41:48 | 000,053,248 | ---- | C] () -- I:\Windows\System32\mgxasio2.dll
[2010/08/28 13:34:40 | 000,120,200 | ---- | C] () -- I:\Windows\System32\DLLDEV32i.dll
[2010/08/28 13:34:13 | 000,006,768 | ---- | C] () -- I:\Windows\mgxoschk.ini
[2010/08/14 11:26:47 | 000,007,597 | ---- | C] () -- I:\Users\Melms\AppData\Local\Resmon.ResmonCfg
[2010/08/14 11:14:19 | 000,281,760 | ---- | C] () -- I:\Windows\System32\drivers\atksgt.sys
[2010/08/14 11:14:14 | 000,025,888 | ---- | C] () -- I:\Windows\System32\drivers\lirsgt.sys
[2010/07/27 07:00:39 | 000,000,614 | ---- | C] () -- I:\Windows\eReg.dat
[2010/07/04 05:29:04 | 000,000,209 | ---- | C] () -- I:\Windows\ODBCINST.INI
[2009/08/02 18:21:54 | 000,197,912 | ---- | C] () -- I:\Windows\System32\physxcudart_20.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelSwedish.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelSpanish.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelPortugese.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelKorean.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelJapanese.dll
[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelGerman.dll
[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- I:\Windows\System32\AgCPanelFrench.dll
[2009/07/14 04:47:43 | 000,668,302 | ---- | C] () -- I:\Windows\System32\perfh007.dat
[2009/07/14 04:47:43 | 000,295,922 | ---- | C] () -- I:\Windows\System32\perfi007.dat
[2009/07/14 04:47:43 | 000,134,150 | ---- | C] () -- I:\Windows\System32\perfc007.dat
[2009/07/14 04:47:43 | 000,038,104 | ---- | C] () -- I:\Windows\System32\perfd007.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- I:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,344,400 | ---- | C] () -- I:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,619,894 | ---- | C] () -- I:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- I:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,110,082 | ---- | C] () -- I:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- I:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- I:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- I:\Windows\System32\dssec.dat
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- I:\Windows\System32\DShowRdpFilter.dll
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- I:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- I:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- I:\Windows\System32\BWContextHandler.dll
[2009/07/13 19:11:34 | 000,245,328 | ---- | C] () -- I:\Windows\System32\drivers\volsnap.sys
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- I:\Windows\System32\mlang.dat
========== LOP Check ==========
[2010/07/20 09:35:21 | 000,000,000 | ---D | M] -- I:\ProgramData\#Company short name
[2010/06/21 09:45:55 | 000,000,000 | ---D | M] -- I:\ProgramData\Alwil Software
[2010/06/21 09:44:06 | 000,000,000 | -HSD | M] -- I:\ProgramData\Anwendungsdaten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Application Data
[2010/10/13 16:57:33 | 000,000,000 | ---D | M] -- I:\ProgramData\BVRP Software
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Documents
[2010/06/21 09:44:06 | 000,000,000 | -HSD | M] -- I:\ProgramData\Dokumente
[2010/11/20 09:51:33 | 000,000,000 | ---D | M] -- I:\ProgramData\EA Core
[2011/04/22 11:16:27 | 000,000,000 | ---D | M] -- I:\ProgramData\Electronic Arts
[2010/06/21 09:44:06 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favoriten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favorites
[2011/05/08 10:31:49 | 000,000,000 | ---D | M] -- I:\ProgramData\ICQ
[2011/05/06 16:00:19 | 000,000,000 | ---D | M] -- I:\ProgramData\Installations
[2010/08/28 13:40:04 | 000,000,000 | ---D | M] -- I:\ProgramData\MAGIX
[2010/06/26 12:58:11 | 000,000,000 | ---D | M] -- I:\ProgramData\Messenger Plus!
[2011/06/18 16:09:16 | 000,000,000 | ---D | M] -- I:\ProgramData\NokiaAccount
[2011/06/18 16:00:27 | 000,000,000 | ---D | M] -- I:\ProgramData\NokiaInstallerCache
[2011/05/06 16:20:27 | 000,000,000 | ---D | M] -- I:\ProgramData\PC Suite
[2010/12/20 10:12:08 | 000,000,000 | ---D | M] -- I:\ProgramData\Solidshield
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Start Menu
[2010/06/21 09:44:06 | 000,000,000 | -HSD | M] -- I:\ProgramData\Startmenü
[2011/06/08 13:50:49 | 000,000,000 | ---D | M] -- I:\ProgramData\Temp
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- I:\ProgramData\Templates
[2010/06/26 13:05:50 | 000,000,000 | ---D | M] -- I:\ProgramData\TerraTec
[2010/06/21 09:44:06 | 000,000,000 | -HSD | M] -- I:\ProgramData\Vorlagen
[2010/10/01 01:59:29 | 000,000,000 | ---D | M] -- I:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/05/19 00:47:39 | 000,032,632 | ---- | M] () -- I:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
|
|
29.06.2011, 21:47
| #47 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | [Schadprogramm] Windows Restore beseitigt und t.w. noch Probleme Den TDSSKiller konntest du ja bisher nicht starten. Versuch das bitte nochmal:
__________________Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ |
|
29.06.2011, 21:57
| #48 |
| | [Schadprogramm] Windows Restore beseitigt und t.w. noch ProblemeCode:
ATTFilter 2011/06/29 22:57:04.0130 2444 TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:16
2011/06/29 22:57:04.0333 2444 ================================================================================
2011/06/29 22:57:04.0333 2444 SystemInfo:
2011/06/29 22:57:04.0333 2444
2011/06/29 22:57:04.0333 2444 OS Version: 6.1.7600 ServicePack: 0.0
2011/06/29 22:57:04.0333 2444 Product type: Workstation
2011/06/29 22:57:04.0333 2444 ComputerName: MELMS-PC
2011/06/29 22:57:04.0333 2444 UserName: Melms
2011/06/29 22:57:04.0333 2444 Windows directory: C:\Windows
2011/06/29 22:57:04.0333 2444 System windows directory: C:\Windows
2011/06/29 22:57:04.0333 2444 Processor architecture: Intel x86
2011/06/29 22:57:04.0333 2444 Number of processors: 2
2011/06/29 22:57:04.0333 2444 Page size: 0x1000
2011/06/29 22:57:04.0333 2444 Boot type: Normal boot
2011/06/29 22:57:04.0333 2444 ================================================================================
2011/06/29 22:57:06.0158 2444 Initialize success
2011/06/29 22:57:08.0966 1900 ================================================================================
2011/06/29 22:57:08.0966 1900 Scan started
2011/06/29 22:57:08.0966 1900 Mode: Manual;
2011/06/29 22:57:08.0966 1900 ================================================================================
2011/06/29 22:57:11.0415 1900 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/06/29 22:57:11.0478 1900 acedrv10 (553ba53445795cbc0d4f9fa37eb855a6) C:\Windows\system32\drivers\acedrv10.sys
2011/06/29 22:57:11.0556 1900 acehlp10 (8ce00b6a46962a1808b19cd1dae5170c) C:\Windows\system32\drivers\acehlp10.sys
2011/06/29 22:57:11.0634 1900 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/06/29 22:57:11.0665 1900 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/06/29 22:57:11.0712 1900 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/29 22:57:11.0759 1900 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/29 22:57:11.0790 1900 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/29 22:57:11.0868 1900 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
2011/06/29 22:57:11.0883 1900 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/06/29 22:57:11.0930 1900 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/06/29 22:57:11.0977 1900 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/06/29 22:57:12.0024 1900 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/06/29 22:57:12.0055 1900 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/06/29 22:57:12.0086 1900 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/29 22:57:12.0133 1900 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/29 22:57:12.0180 1900 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
2011/06/29 22:57:12.0227 1900 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/29 22:57:12.0273 1900 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
2011/06/29 22:57:12.0367 1900 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/06/29 22:57:12.0445 1900 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/06/29 22:57:12.0492 1900 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/29 22:57:12.0539 1900 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/29 22:57:12.0554 1900 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/06/29 22:57:12.0585 1900 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/06/29 22:57:12.0648 1900 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/06/29 22:57:12.0710 1900 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/06/29 22:57:12.0741 1900 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/06/29 22:57:12.0819 1900 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/06/29 22:57:12.0882 1900 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/06/29 22:57:12.0929 1900 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/06/29 22:57:12.0991 1900 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/29 22:57:13.0069 1900 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/29 22:57:13.0100 1900 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/29 22:57:13.0131 1900 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/29 22:57:13.0178 1900 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/06/29 22:57:13.0225 1900 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/29 22:57:13.0272 1900 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/29 22:57:13.0303 1900 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/29 22:57:13.0365 1900 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/29 22:57:13.0506 1900 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/29 22:57:13.0553 1900 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/29 22:57:13.0599 1900 Cinergy_HT_PCI_MKII (e55e0c3094bed534998e5ad88f9aacc2) C:\Windows\system32\DRIVERS\Cinergy_HT_PCI_MKII.sys
2011/06/29 22:57:13.0646 1900 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/29 22:57:13.0740 1900 CLBStor (f5c8f7a7d1a3f569bf77574a795cc19e) C:\Windows\system32\drivers\CLBStor.sys
2011/06/29 22:57:13.0802 1900 CLBUDF (07b3e4fc5d4943ba802607ddf8f5d418) C:\Windows\system32\drivers\CLBUDF.sys
2011/06/29 22:57:13.0865 1900 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/06/29 22:57:13.0896 1900 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/29 22:57:13.0927 1900 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/06/29 22:57:13.0943 1900 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/06/29 22:57:13.0989 1900 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/29 22:57:14.0036 1900 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/06/29 22:57:14.0083 1900 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/29 22:57:14.0192 1900 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
2011/06/29 22:57:14.0239 1900 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/06/29 22:57:14.0270 1900 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/06/29 22:57:14.0317 1900 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/06/29 22:57:14.0379 1900 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/29 22:57:14.0489 1900 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/06/29 22:57:14.0598 1900 ElbyCDIO (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers\ElbyCDIO.sys
2011/06/29 22:57:14.0629 1900 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/29 22:57:14.0676 1900 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/06/29 22:57:14.0723 1900 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/06/29 22:57:14.0769 1900 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/06/29 22:57:14.0816 1900 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/29 22:57:14.0863 1900 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/06/29 22:57:14.0894 1900 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/06/29 22:57:14.0957 1900 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/29 22:57:15.0003 1900 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/06/29 22:57:15.0066 1900 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/06/29 22:57:15.0097 1900 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/29 22:57:15.0144 1900 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/29 22:57:15.0175 1900 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/29 22:57:15.0222 1900 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/06/29 22:57:15.0331 1900 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/06/29 22:57:15.0409 1900 Hardlock (ed32d389f8b0e74e400932e020bcfbdf) C:\Windows\system32\drivers\hardlock.sys
2011/06/29 22:57:15.0487 1900 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/29 22:57:15.0518 1900 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/06/29 22:57:15.0549 1900 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/29 22:57:15.0565 1900 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/29 22:57:15.0612 1900 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/29 22:57:15.0659 1900 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/29 22:57:15.0705 1900 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/29 22:57:15.0752 1900 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/06/29 22:57:15.0830 1900 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/06/29 22:57:15.0846 1900 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/29 22:57:15.0861 1900 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/29 22:57:15.0908 1900 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
2011/06/29 22:57:15.0955 1900 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/29 22:57:16.0064 1900 IntcAzAudAddService (0c36a7de2b4e6ec301b98ae300547701) C:\Windows\system32\drivers\RTKVHDA.sys
2011/06/29 22:57:16.0127 1900 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/06/29 22:57:16.0189 1900 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/29 22:57:16.0251 1900 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/06/29 22:57:16.0283 1900 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/06/29 22:57:16.0329 1900 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/06/29 22:57:16.0392 1900 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/06/29 22:57:16.0423 1900 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/29 22:57:16.0470 1900 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/29 22:57:16.0517 1900 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/29 22:57:16.0595 1900 KMWDFILTERx86 (4476fe98aaf505acdcd3ee6360aabec1) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
2011/06/29 22:57:16.0641 1900 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/29 22:57:16.0719 1900 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/29 22:57:16.0813 1900 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/06/29 22:57:16.0844 1900 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/29 22:57:16.0891 1900 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/29 22:57:16.0938 1900 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/29 22:57:16.0985 1900 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/29 22:57:17.0016 1900 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/29 22:57:17.0047 1900 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/06/29 22:57:17.0094 1900 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/29 22:57:17.0141 1900 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/29 22:57:17.0187 1900 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/06/29 22:57:17.0219 1900 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/29 22:57:17.0234 1900 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/29 22:57:17.0265 1900 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/29 22:57:17.0297 1900 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/06/29 22:57:17.0312 1900 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/06/29 22:57:17.0359 1900 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/29 22:57:17.0390 1900 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/06/29 22:57:17.0468 1900 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/29 22:57:17.0515 1900 mrxsmb10 (c108952d3660375dcb716b222912e868) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/29 22:57:17.0562 1900 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/29 22:57:17.0593 1900 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/06/29 22:57:17.0640 1900 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/06/29 22:57:17.0671 1900 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/06/29 22:57:17.0702 1900 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/29 22:57:17.0749 1900 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/06/29 22:57:17.0780 1900 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/29 22:57:17.0827 1900 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/29 22:57:17.0874 1900 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/06/29 22:57:17.0889 1900 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/06/29 22:57:17.0921 1900 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/29 22:57:17.0936 1900 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/06/29 22:57:17.0983 1900 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/29 22:57:18.0030 1900 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/06/29 22:57:18.0077 1900 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/29 22:57:18.0123 1900 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/06/29 22:57:18.0155 1900 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/29 22:57:18.0201 1900 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/29 22:57:18.0248 1900 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/29 22:57:18.0264 1900 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/29 22:57:18.0311 1900 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/06/29 22:57:18.0342 1900 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/29 22:57:18.0373 1900 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/29 22:57:18.0404 1900 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/29 22:57:18.0482 1900 nmwcd (712bc0c22ba00b2ba324c6b8df668ee7) C:\Windows\system32\drivers\ccdcmb.sys
2011/06/29 22:57:18.0545 1900 nmwcdc (7312987b6ccde6f6cee32c14bed1ca2e) C:\Windows\system32\drivers\ccdcmbo.sys
2011/06/29 22:57:18.0576 1900 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/06/29 22:57:18.0607 1900 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/29 22:57:18.0685 1900 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
2011/06/29 22:57:18.0747 1900 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/06/29 22:57:18.0794 1900 nusb3hub (68c890ddb21028cb1ea5551b47b29e1b) C:\Windows\system32\DRIVERS\nusb3hub.sys
2011/06/29 22:57:18.0810 1900 nusb3xhc (2cf970c1a9e05d3b91039c2dd4471c0e) C:\Windows\system32\DRIVERS\nusb3xhc.sys
2011/06/29 22:57:18.0997 1900 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/29 22:57:19.0169 1900 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
2011/06/29 22:57:19.0215 1900 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
2011/06/29 22:57:19.0262 1900 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/06/29 22:57:19.0309 1900 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/29 22:57:19.0371 1900 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/06/29 22:57:19.0403 1900 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/06/29 22:57:19.0434 1900 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/06/29 22:57:19.0512 1900 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/06/29 22:57:19.0559 1900 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/06/29 22:57:19.0605 1900 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/06/29 22:57:19.0652 1900 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/29 22:57:19.0683 1900 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/06/29 22:57:19.0715 1900 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/06/29 22:57:19.0824 1900 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/29 22:57:19.0855 1900 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/06/29 22:57:19.0886 1900 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/29 22:57:19.0949 1900 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/06/29 22:57:20.0011 1900 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/29 22:57:20.0058 1900 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/29 22:57:20.0089 1900 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/29 22:57:20.0136 1900 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/29 22:57:20.0183 1900 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/29 22:57:20.0214 1900 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/29 22:57:20.0261 1900 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/29 22:57:20.0307 1900 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/29 22:57:20.0339 1900 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/29 22:57:20.0385 1900 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/29 22:57:20.0417 1900 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/29 22:57:20.0448 1900 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/29 22:57:20.0463 1900 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/29 22:57:20.0510 1900 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/06/29 22:57:20.0541 1900 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/06/29 22:57:20.0588 1900 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/29 22:57:20.0635 1900 RTL8167 (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/06/29 22:57:20.0729 1900 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/06/29 22:57:20.0760 1900 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/06/29 22:57:20.0791 1900 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/06/29 22:57:20.0838 1900 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/29 22:57:20.0885 1900 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/29 22:57:20.0931 1900 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/29 22:57:20.0994 1900 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/06/29 22:57:21.0025 1900 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/29 22:57:21.0087 1900 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/06/29 22:57:21.0119 1900 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/06/29 22:57:21.0150 1900 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/06/29 22:57:21.0165 1900 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/29 22:57:21.0228 1900 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/06/29 22:57:21.0275 1900 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/29 22:57:21.0290 1900 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/29 22:57:21.0337 1900 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/06/29 22:57:21.0368 1900 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/06/29 22:57:21.0571 1900 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/06/29 22:57:21.0571 1900 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/06/29 22:57:21.0587 1900 sptd - detected LockedFile.Multi.Generic (1)
2011/06/29 22:57:21.0618 1900 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
2011/06/29 22:57:21.0665 1900 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/29 22:57:21.0727 1900 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/29 22:57:21.0774 1900 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/06/29 22:57:21.0821 1900 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/29 22:57:21.0852 1900 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/29 22:57:21.0945 1900 Tcpip (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\drivers\tcpip.sys
2011/06/29 22:57:22.0008 1900 TCPIP6 (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/29 22:57:22.0039 1900 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/29 22:57:22.0070 1900 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/06/29 22:57:22.0101 1900 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/06/29 22:57:22.0133 1900 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/29 22:57:22.0164 1900 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/29 22:57:22.0211 1900 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/29 22:57:22.0242 1900 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/29 22:57:22.0273 1900 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/29 22:57:22.0320 1900 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/29 22:57:22.0382 1900 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/06/29 22:57:22.0413 1900 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/29 22:57:22.0429 1900 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/29 22:57:22.0476 1900 upperdev (7062ed67a10f1c83b2ab951736e24f11) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/06/29 22:57:22.0523 1900 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
2011/06/29 22:57:22.0569 1900 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/29 22:57:22.0616 1900 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/06/29 22:57:22.0663 1900 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/29 22:57:22.0725 1900 usbfilter (e5b14557793164db879ee56f5b59c3e2) C:\Windows\system32\DRIVERS\usbfilter.sys
2011/06/29 22:57:22.0772 1900 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/29 22:57:22.0835 1900 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/06/29 22:57:22.0866 1900 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/29 22:57:22.0913 1900 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/29 22:57:23.0006 1900 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\DRIVERS\usbser.sys
2011/06/29 22:57:23.0069 1900 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/06/29 22:57:23.0131 1900 usbsermpt (caad3467fbfae8a380f67e9c7150a85e) C:\Windows\system32\DRIVERS\usbsermpt.sys
2011/06/29 22:57:23.0178 1900 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/29 22:57:23.0193 1900 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/29 22:57:23.0225 1900 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys
2011/06/29 22:57:23.0287 1900 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys
2011/06/29 22:57:23.0334 1900 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/06/29 22:57:23.0381 1900 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/29 22:57:23.0396 1900 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/06/29 22:57:23.0427 1900 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/06/29 22:57:23.0474 1900 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/06/29 22:57:23.0490 1900 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/06/29 22:57:23.0505 1900 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/06/29 22:57:23.0537 1900 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/06/29 22:57:23.0693 1900 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/06/29 22:57:23.0817 1900 volsnap (7c28b63e4c9e5c3be7ffe53789593619) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/29 22:57:23.0864 1900 Suspicious file (Forged): C:\Windows\system32\DRIVERS\volsnap.sys. Real md5: 7c28b63e4c9e5c3be7ffe53789593619, Fake md5: 58df9d2481a56edde167e51b334d44fd
2011/06/29 22:57:23.0880 1900 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0)
2011/06/29 22:57:23.0911 1900 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/29 22:57:23.0942 1900 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/06/29 22:57:24.0005 1900 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/29 22:57:24.0067 1900 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/29 22:57:24.0083 1900 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/29 22:57:24.0129 1900 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/06/29 22:57:24.0145 1900 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/29 22:57:24.0207 1900 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/29 22:57:24.0223 1900 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/06/29 22:57:24.0317 1900 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/06/29 22:57:24.0363 1900 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/29 22:57:24.0395 1900 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/29 22:57:24.0441 1900 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/06/29 22:57:24.0473 1900 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/29 22:57:24.0675 1900 {B154377D-700F-42cc-9474-23858FBDF4BD} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD9\000.fcl
2011/06/29 22:57:24.0691 1900 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/06/29 22:57:24.0722 1900 MBR (0x1B8) (feffdedea77250a6fcd92c304b49ace2) \Device\Harddisk5\DR5
2011/06/29 22:57:24.0738 1900 Boot (0x1200) (52841af164ec66db5d00c7fcd90bb2d5) \Device\Harddisk0\DR0\Partition0
2011/06/29 22:57:24.0753 1900 Boot (0x1200) (ff68da0c817c0fb993105e6fb741262c) \Device\Harddisk0\DR0\Partition1
2011/06/29 22:57:24.0769 1900 Boot (0x1200) (94e401c5850a09e853a0d133aaa92edf) \Device\Harddisk5\DR5\Partition0
2011/06/29 22:57:24.0769 1900 ================================================================================
2011/06/29 22:57:24.0769 1900 Scan finished
2011/06/29 22:57:24.0769 1900 ================================================================================
2011/06/29 22:57:24.0785 5176 Detected object count: 2
2011/06/29 22:57:24.0785 5176 Actual detected object count: 2
2011/06/29 22:57:30.0837 5176 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/06/29 22:57:30.0853 5176 volsnap (7c28b63e4c9e5c3be7ffe53789593619) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/29 22:57:30.0853 5176 Suspicious file (Forged): C:\Windows\system32\DRIVERS\volsnap.sys. Real md5: 7c28b63e4c9e5c3be7ffe53789593619, Fake md5: 58df9d2481a56edde167e51b334d44fd
2011/06/29 22:57:32.0304 5176 Backup copy found, using it..
2011/06/29 22:57:32.0319 5176 C:\Windows\system32\DRIVERS\volsnap.sys - will be cured after reboot
2011/06/29 22:57:32.0319 5176 Rootkit.Win32.TDSS.tdl3(volsnap) - User select action: Cure
|
|
29.06.2011, 22:05
| #49 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | [Schadprogramm] Windows Restore beseitigt und t.w. noch Probleme TDSS wurde erkannt und entfernt. Bitte Windows neu starten und zur Kontrolle ein neues Log mit dem Kaspersky-TDSS-Killer machen.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.06.2011, 22:07
| #50 |
| | [Schadprogramm] Windows Restore beseitigt und t.w. noch ProblemeCode:
ATTFilter 2011/06/29 23:07:53.0322 3356 TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:16
2011/06/29 23:07:53.0464 3356 ================================================================================
2011/06/29 23:07:53.0464 3356 SystemInfo:
2011/06/29 23:07:53.0464 3356
2011/06/29 23:07:53.0464 3356 OS Version: 6.1.7600 ServicePack: 0.0
2011/06/29 23:07:53.0464 3356 Product type: Workstation
2011/06/29 23:07:53.0464 3356 ComputerName: MELMS-PC
2011/06/29 23:07:53.0464 3356 UserName: Melms
2011/06/29 23:07:53.0464 3356 Windows directory: C:\Windows
2011/06/29 23:07:53.0464 3356 System windows directory: C:\Windows
2011/06/29 23:07:53.0464 3356 Processor architecture: Intel x86
2011/06/29 23:07:53.0464 3356 Number of processors: 2
2011/06/29 23:07:53.0464 3356 Page size: 0x1000
2011/06/29 23:07:53.0464 3356 Boot type: Normal boot
2011/06/29 23:07:53.0464 3356 ================================================================================
2011/06/29 23:07:54.0541 3356 Initialize success
2011/06/29 23:07:58.0775 4024 ================================================================================
2011/06/29 23:07:58.0775 4024 Scan started
2011/06/29 23:07:58.0775 4024 Mode: Manual;
2011/06/29 23:07:58.0775 4024 ================================================================================
2011/06/29 23:08:00.0488 4024 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/06/29 23:08:00.0550 4024 acedrv10 (553ba53445795cbc0d4f9fa37eb855a6) C:\Windows\system32\drivers\acedrv10.sys
2011/06/29 23:08:00.0604 4024 acehlp10 (8ce00b6a46962a1808b19cd1dae5170c) C:\Windows\system32\drivers\acehlp10.sys
2011/06/29 23:08:00.0664 4024 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/06/29 23:08:00.0688 4024 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/06/29 23:08:00.0727 4024 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/29 23:08:00.0750 4024 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/29 23:08:00.0769 4024 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/29 23:08:00.0830 4024 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
2011/06/29 23:08:00.0853 4024 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/06/29 23:08:00.0877 4024 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/06/29 23:08:00.0906 4024 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/06/29 23:08:00.0940 4024 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/06/29 23:08:00.0965 4024 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/06/29 23:08:00.0989 4024 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/29 23:08:01.0021 4024 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/29 23:08:01.0065 4024 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
2011/06/29 23:08:01.0093 4024 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/29 23:08:01.0116 4024 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
2011/06/29 23:08:01.0169 4024 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/06/29 23:08:01.0216 4024 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/06/29 23:08:01.0239 4024 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/29 23:08:01.0281 4024 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/29 23:08:01.0303 4024 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/06/29 23:08:01.0336 4024 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/06/29 23:08:01.0391 4024 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/06/29 23:08:01.0447 4024 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/06/29 23:08:01.0470 4024 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/06/29 23:08:01.0524 4024 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/06/29 23:08:01.0573 4024 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/06/29 23:08:01.0641 4024 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/06/29 23:08:01.0669 4024 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/29 23:08:01.0718 4024 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/29 23:08:01.0748 4024 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/29 23:08:01.0769 4024 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/29 23:08:01.0804 4024 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/06/29 23:08:01.0838 4024 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/29 23:08:01.0853 4024 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/29 23:08:01.0871 4024 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/29 23:08:01.0897 4024 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/29 23:08:02.0023 4024 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/29 23:08:02.0055 4024 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/29 23:08:02.0106 4024 Cinergy_HT_PCI_MKII (e55e0c3094bed534998e5ad88f9aacc2) C:\Windows\system32\DRIVERS\Cinergy_HT_PCI_MKII.sys
2011/06/29 23:08:02.0136 4024 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/29 23:08:02.0199 4024 CLBStor (f5c8f7a7d1a3f569bf77574a795cc19e) C:\Windows\system32\drivers\CLBStor.sys
2011/06/29 23:08:02.0233 4024 CLBUDF (07b3e4fc5d4943ba802607ddf8f5d418) C:\Windows\system32\drivers\CLBUDF.sys
2011/06/29 23:08:02.0275 4024 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/06/29 23:08:02.0335 4024 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/29 23:08:02.0355 4024 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/06/29 23:08:02.0386 4024 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/06/29 23:08:02.0415 4024 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/29 23:08:02.0441 4024 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/06/29 23:08:02.0468 4024 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/29 23:08:02.0541 4024 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
2011/06/29 23:08:02.0576 4024 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/06/29 23:08:02.0605 4024 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/06/29 23:08:02.0677 4024 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/06/29 23:08:02.0726 4024 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/29 23:08:02.0829 4024 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/06/29 23:08:02.0934 4024 ElbyCDIO (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers\ElbyCDIO.sys
2011/06/29 23:08:02.0966 4024 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/29 23:08:02.0997 4024 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/06/29 23:08:03.0044 4024 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/06/29 23:08:03.0079 4024 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/06/29 23:08:03.0123 4024 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/29 23:08:03.0156 4024 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/06/29 23:08:03.0185 4024 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/06/29 23:08:03.0235 4024 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/29 23:08:03.0269 4024 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/06/29 23:08:03.0303 4024 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/06/29 23:08:03.0325 4024 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/29 23:08:03.0366 4024 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/29 23:08:03.0391 4024 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/29 23:08:03.0444 4024 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/06/29 23:08:03.0522 4024 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/06/29 23:08:03.0606 4024 Hardlock (ed32d389f8b0e74e400932e020bcfbdf) C:\Windows\system32\drivers\hardlock.sys
2011/06/29 23:08:03.0671 4024 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/29 23:08:03.0710 4024 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/06/29 23:08:03.0749 4024 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/29 23:08:03.0761 4024 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/29 23:08:03.0791 4024 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/29 23:08:03.0835 4024 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/29 23:08:03.0861 4024 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/29 23:08:03.0908 4024 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/06/29 23:08:03.0942 4024 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/06/29 23:08:03.0972 4024 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/29 23:08:03.0994 4024 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/29 23:08:04.0043 4024 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
2011/06/29 23:08:04.0070 4024 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/29 23:08:04.0151 4024 IntcAzAudAddService (0c36a7de2b4e6ec301b98ae300547701) C:\Windows\system32\drivers\RTKVHDA.sys
2011/06/29 23:08:04.0202 4024 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/06/29 23:08:04.0227 4024 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/29 23:08:04.0255 4024 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/06/29 23:08:04.0288 4024 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/06/29 23:08:04.0329 4024 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/06/29 23:08:04.0350 4024 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/06/29 23:08:04.0377 4024 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/29 23:08:04.0415 4024 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/29 23:08:04.0438 4024 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/29 23:08:04.0507 4024 KMWDFILTERx86 (4476fe98aaf505acdcd3ee6360aabec1) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
2011/06/29 23:08:04.0527 4024 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/29 23:08:04.0568 4024 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/29 23:08:04.0664 4024 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/06/29 23:08:04.0691 4024 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/29 23:08:04.0734 4024 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/29 23:08:04.0753 4024 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/29 23:08:04.0775 4024 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/29 23:08:04.0799 4024 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/29 23:08:04.0824 4024 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/06/29 23:08:04.0850 4024 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/29 23:08:04.0880 4024 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/29 23:08:04.0915 4024 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/06/29 23:08:04.0952 4024 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/29 23:08:04.0967 4024 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/29 23:08:04.0992 4024 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/29 23:08:05.0013 4024 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/06/29 23:08:05.0036 4024 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/06/29 23:08:05.0063 4024 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/29 23:08:05.0093 4024 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/06/29 23:08:05.0146 4024 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/29 23:08:05.0188 4024 mrxsmb10 (c108952d3660375dcb716b222912e868) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/29 23:08:05.0231 4024 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/29 23:08:05.0259 4024 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/06/29 23:08:05.0306 4024 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/06/29 23:08:05.0352 4024 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/06/29 23:08:05.0371 4024 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/29 23:08:05.0389 4024 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/06/29 23:08:05.0431 4024 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/29 23:08:05.0459 4024 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/29 23:08:05.0473 4024 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/06/29 23:08:05.0497 4024 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/06/29 23:08:05.0522 4024 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/29 23:08:05.0545 4024 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/06/29 23:08:05.0563 4024 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/29 23:08:05.0585 4024 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/06/29 23:08:05.0643 4024 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/29 23:08:05.0677 4024 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/06/29 23:08:05.0703 4024 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/29 23:08:05.0731 4024 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/29 23:08:05.0764 4024 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/29 23:08:05.0786 4024 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/29 23:08:05.0825 4024 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/06/29 23:08:05.0840 4024 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/29 23:08:05.0861 4024 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/29 23:08:05.0909 4024 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/29 23:08:05.0966 4024 nmwcd (712bc0c22ba00b2ba324c6b8df668ee7) C:\Windows\system32\drivers\ccdcmb.sys
2011/06/29 23:08:06.0003 4024 nmwcdc (7312987b6ccde6f6cee32c14bed1ca2e) C:\Windows\system32\drivers\ccdcmbo.sys
2011/06/29 23:08:06.0031 4024 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/06/29 23:08:06.0052 4024 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/29 23:08:06.0104 4024 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
2011/06/29 23:08:06.0146 4024 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/06/29 23:08:06.0184 4024 nusb3hub (68c890ddb21028cb1ea5551b47b29e1b) C:\Windows\system32\DRIVERS\nusb3hub.sys
2011/06/29 23:08:06.0207 4024 nusb3xhc (2cf970c1a9e05d3b91039c2dd4471c0e) C:\Windows\system32\DRIVERS\nusb3xhc.sys
2011/06/29 23:08:06.0386 4024 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/29 23:08:06.0513 4024 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
2011/06/29 23:08:06.0544 4024 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
2011/06/29 23:08:06.0583 4024 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/06/29 23:08:06.0630 4024 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/29 23:08:06.0658 4024 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/06/29 23:08:06.0687 4024 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/06/29 23:08:06.0707 4024 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/06/29 23:08:06.0769 4024 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/06/29 23:08:06.0804 4024 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/06/29 23:08:06.0832 4024 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/06/29 23:08:06.0874 4024 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/29 23:08:06.0924 4024 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/06/29 23:08:06.0954 4024 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/06/29 23:08:07.0083 4024 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/29 23:08:07.0106 4024 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/06/29 23:08:07.0156 4024 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/29 23:08:07.0209 4024 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/06/29 23:08:07.0270 4024 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/29 23:08:07.0311 4024 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/29 23:08:07.0342 4024 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/29 23:08:07.0377 4024 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/29 23:08:07.0401 4024 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/29 23:08:07.0428 4024 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/29 23:08:07.0468 4024 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/29 23:08:07.0493 4024 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/29 23:08:07.0518 4024 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/29 23:08:07.0545 4024 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/29 23:08:07.0565 4024 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/29 23:08:07.0597 4024 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/29 23:08:07.0614 4024 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/29 23:08:07.0662 4024 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/06/29 23:08:07.0694 4024 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/06/29 23:08:07.0740 4024 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/29 23:08:07.0781 4024 RTL8167 (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/06/29 23:08:07.0893 4024 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/06/29 23:08:07.0930 4024 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/06/29 23:08:07.0972 4024 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/06/29 23:08:08.0001 4024 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/29 23:08:08.0039 4024 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/29 23:08:08.0076 4024 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/29 23:08:08.0117 4024 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/06/29 23:08:08.0146 4024 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/29 23:08:08.0196 4024 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/06/29 23:08:08.0231 4024 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/06/29 23:08:08.0251 4024 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/06/29 23:08:08.0274 4024 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/29 23:08:08.0319 4024 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/06/29 23:08:08.0343 4024 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/29 23:08:08.0364 4024 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/29 23:08:08.0380 4024 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/06/29 23:08:08.0412 4024 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/06/29 23:08:08.0489 4024 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/06/29 23:08:08.0489 4024 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/06/29 23:08:08.0499 4024 sptd - detected LockedFile.Multi.Generic (1)
2011/06/29 23:08:08.0540 4024 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
2011/06/29 23:08:08.0578 4024 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/29 23:08:08.0633 4024 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/29 23:08:08.0675 4024 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/06/29 23:08:08.0705 4024 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/29 23:08:08.0736 4024 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/29 23:08:08.0825 4024 Tcpip (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\drivers\tcpip.sys
2011/06/29 23:08:08.0881 4024 TCPIP6 (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/29 23:08:08.0912 4024 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/29 23:08:08.0937 4024 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/06/29 23:08:08.0951 4024 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/06/29 23:08:08.0973 4024 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/29 23:08:08.0993 4024 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/29 23:08:09.0039 4024 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/29 23:08:09.0073 4024 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/29 23:08:09.0104 4024 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/29 23:08:09.0132 4024 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/29 23:08:09.0178 4024 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/06/29 23:08:09.0209 4024 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/29 23:08:09.0238 4024 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/29 23:08:09.0280 4024 upperdev (7062ed67a10f1c83b2ab951736e24f11) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/06/29 23:08:09.0327 4024 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
2011/06/29 23:08:09.0351 4024 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/29 23:08:09.0401 4024 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/06/29 23:08:09.0432 4024 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/29 23:08:09.0471 4024 usbfilter (e5b14557793164db879ee56f5b59c3e2) C:\Windows\system32\DRIVERS\usbfilter.sys
2011/06/29 23:08:09.0495 4024 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/29 23:08:09.0515 4024 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/06/29 23:08:09.0533 4024 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/29 23:08:09.0572 4024 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/29 23:08:09.0629 4024 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\DRIVERS\usbser.sys
2011/06/29 23:08:09.0691 4024 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/06/29 23:08:09.0743 4024 usbsermpt (caad3467fbfae8a380f67e9c7150a85e) C:\Windows\system32\DRIVERS\usbsermpt.sys
2011/06/29 23:08:09.0778 4024 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/29 23:08:09.0811 4024 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/29 23:08:09.0852 4024 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys
2011/06/29 23:08:09.0899 4024 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys
2011/06/29 23:08:09.0932 4024 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/06/29 23:08:09.0974 4024 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/29 23:08:09.0996 4024 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/06/29 23:08:10.0020 4024 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/06/29 23:08:10.0047 4024 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/06/29 23:08:10.0067 4024 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/06/29 23:08:10.0083 4024 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/06/29 23:08:10.0107 4024 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/06/29 23:08:10.0133 4024 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/06/29 23:08:10.0162 4024 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/29 23:08:10.0214 4024 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/29 23:08:10.0244 4024 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/06/29 23:08:10.0266 4024 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/29 23:08:10.0297 4024 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/29 23:08:10.0310 4024 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/29 23:08:10.0356 4024 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/06/29 23:08:10.0382 4024 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/29 23:08:10.0439 4024 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/29 23:08:10.0453 4024 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/06/29 23:08:10.0527 4024 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/06/29 23:08:10.0561 4024 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/29 23:08:10.0598 4024 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/29 23:08:10.0654 4024 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/06/29 23:08:10.0682 4024 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/29 23:08:10.0809 4024 {B154377D-700F-42cc-9474-23858FBDF4BD} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD9\000.fcl
2011/06/29 23:08:10.0831 4024 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/06/29 23:08:10.0864 4024 MBR (0x1B8) (feffdedea77250a6fcd92c304b49ace2) \Device\Harddisk5\DR5
2011/06/29 23:08:10.0875 4024 Boot (0x1200) (52841af164ec66db5d00c7fcd90bb2d5) \Device\Harddisk0\DR0\Partition0
2011/06/29 23:08:10.0890 4024 Boot (0x1200) (ff68da0c817c0fb993105e6fb741262c) \Device\Harddisk0\DR0\Partition1
2011/06/29 23:08:10.0899 4024 Boot (0x1200) (94e401c5850a09e853a0d133aaa92edf) \Device\Harddisk5\DR5\Partition0
2011/06/29 23:08:10.0906 4024 ================================================================================
2011/06/29 23:08:10.0906 4024 Scan finished
2011/06/29 23:08:10.0906 4024 ================================================================================
2011/06/29 23:08:10.0915 6008 Detected object count: 1
2011/06/29 23:08:10.0915 6008 Actual detected object count: 1
2011/06/29 23:08:16.0472 6008 LockedFile.Multi.Generic(sptd) - User select action: Skip
|
|
29.06.2011, 22:10
| #51 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | [Schadprogramm] Windows Restore beseitigt und t.w. noch Probleme Wir sollten den MBR manuell fixen, auch wenn das letzte Log von mbrcheck sagte es wär alles ok. Andere Idee hab ich aufgrund der Unauffälligkeiten der Logs nicht mehr. Sichere für den Fall der Fälle alle wichtigen Daten. Hast Du noch andere Betriebssysteme außer Win7 (32-Bit) installiert? Wenn nicht: Schau mal hier => RescueDisc-Win7-32-Bit Lad das iso runter, brenn es zB mit ImgBurn per Imagebrennfunktion auf eine CD und starte damit den Rechner (von dieser CD booten) Falls Du eine normale Win7-Installations-DVD (32-Bit) hast, brauchst Du das o.g. Image nicht sondern kannst einfach von der dieser DVD booten. Klick auf Computerreparaturoptionen, weiter, Eingabeaufforderung - die Konsole öffnet sich. Da bitte bootrec.exe /fixboot eintippen (mit enter bestätigen), dann bootrec.exe /fixmbr eintippen (mit enter bestätigen) - Rechner neustarten, CD vorher rausnehmen. Erstell danach wieder neue Logs mit MBRCheck und wenn es geht GMER.
__________________ --> [Schadprogramm] Windows Restore beseitigt und t.w. noch Probleme |
|
| Themen zu [Schadprogramm] Windows Restore beseitigt und t.w. noch Probleme |
| adresse, alternate, avgntflt.sys, beseitigt, checkliste, dinge, disabletaskmgr, eingefangen, fehler, forum, gen, installieren, interne, intranet, launch, links, location, nutzung, nvlddmkm.sys, oldtimer, pdf creator, plug-in, problem, probleme, programme, rechner, rechners, relativ, remote control, restore, searchplugins, seite, seiten, start menu, stunden, usb 3.0, webcheck, weitergeleitet, windows, woche, wochen |
![[Schadprogramm] Windows Restore beseitigt und t.w. noch Probleme](iconimages/plagegeister-aller-art-deren-bekaempfung/schadprogramm-windows-restore-beseitigt-t-w-noch-probleme_ltr.gif)
Linear-Darstellung
