Facebookvirus getarnt als Bild / bildschirmschoner mit dem Namen ''shufflet''
 

Da ich neu hier im Forum bin, bitte ich schon mal im vorraus um Verständnis, wenn eine ähnliche Frage schon mal gestellt worden ist.

Nun zu meinem Problem/ meiner Frage:
ich bekam gestern von einem Facebookkontakt eine Chatnachricht mit der Bezeichnung : [link entfernt von cosinus]
es war als Bild getarnt und da es sich bei dem offensichtlichen Absender um einen guten Freund handelt, war ich so dämlich, und hab den link ohne nachzufragen geöffnet. Doch wie sich herausgestellt hat, handelte es sich dabei um einen Virus oder ähnliches, der nun selbstständig diesen Link an das gesamte Adressbuch verschickt und sich so verbreitet. Antivir hat zwar gleich angeschlagen, konnte jedoch das weitersenden nicht verhindern.
Die gelöschte Datei dazu, befindet sich jetzt im Papierkorb. Kann ich die jetzt einfach löschen und ab wieder ruhe, oder richte ich dann noch mehr Schaden an?
Ich bitte daher um Hilfe oder Anregungen, die mir dabei helfen das Ding wieder loszuwerden.
Dafür im vorraus schon mal vielen Dank

Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Danke erstmal für die schnelle Hilfe.
Also ich hab die Scans durchgeführt. Der Scan mit Malwarebytes hat 15 infizierte Dateien zum Vorschein gebracht, die ich über die Funktion : ''Auswahl löschen'' gelöscht habe.
Hier die log dazu:
Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 8010

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

24.10.2011 15:10:38
mbam-log-2011-10-24 (15-10-32).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|)
Durchsuchte Objekte: 415499
Laufzeit: 1 Stunde(n), 12 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 12

Infizierte Speicherprozesse:
c:\Users\User\m-1-52-5782-8752-5245\winsvc.exe (Backdoor.IRCBot) -> 2892 -> No action taken.
c:\Users\User\AppData\Local\Temp\2939807.exe (Trojan.Fakealert) -> 4148 -> No action taken.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft® Windows Update (Backdoor.IRCBot) -> Value: Microsoft® Windows Update -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\User\m-1-52-5782-8752-5245\winsvc.exe (Backdoor.IRCBot) -> No action taken.
c:\Users\User\AppData\Local\Temp\2939807.exe (Trojan.Fakealert) -> No action taken.
c:\program files (x86)\deep silver\Risen\bin\Engine.dll (Trojan.Agent) -> No action taken.
c:\program files (x86)\deep silver\Risen\bin\Game.dll (Trojan.Agent) -> No action taken.
c:\program files (x86)\deep silver\Risen\bin\Risen.exe (Trojan.Agent) -> No action taken.
c:\program files (x86)\deep silver\Risen\bin\scripts\script_game.dll (Trojan.Agent) -> No action taken.
c:\Users\User\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\K39BMMBN\g[1].exe (Trojan.Fakealert) -> No action taken.
c:\Users\User\AppData\Local\Temp\3957748.exe (Backdoor.IRCBot) -> No action taken.
c:\Users\User\AppData\Local\Temp\49584.exe (Backdoor.IRCBot) -> No action taken.
c:\Users\User\AppData\Local\Temp\5785134.exe (Backdoor.IRCBot) -> No action taken.
c:\Users\User\AppData\Local\Temp\7168586.exe (Trojan.Fakealert) -> No action taken.
c:\Users\User\documents\Games\left 4 dead\left4dead\addons\name_enabler.dll (Malware.UPX.Mod) -> No action taken.

Dann habe ich den Scan mit ESET Online gemacht, da kam folgende log:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=72e1dbcfa6f6ff4e9946df884ffbe402
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-24 03:07:33
# local_time=2011-10-24 05:07:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1797 16775165 100 94 663903 55999645 88777 0
# compatibility_mode=5893 16776574 100 94 50126403 71092639 0 0
# compatibility_mode=8192 67108863 100 0 145 145 0 0
# scanned=246469
# found=0
# cleaned=0
# scan_time=6064


Ich hoffe, ich habe alles richtig ausgeführt.
Es könnte vllt hilfreich sein zu erwähnen, dass der Virus/ das Programm vor den Tests auch auch ICQ übergegriffen hat und ständig den Windows Live Messanger geöffnet hat, obwohl ich da gar nicht angemeldet bin. Nach dem löschen der Dateien, die duch Malwarebytes gefunden wurden, habe ich dies noch nicht getestet.

Entfern mal bitte alle Funde mit Malwarebytes auch die o.g.

Ich habe jetzt die unter Quarantäne gestellten Funde gelöscht, darunter waren auch die oben genannten.

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Starte bitte die OTL.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

• Schliesse bitte nun alle Programme. (Wichtig)
• Klicke nun bitte auf den Quick Scan Button.
• Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
• Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Hier ist der Inhalt der OTL.txt:OTL EXTRAS Logfile:
--- --- ---

Das ist das weniger wichtige Extra-Log. Poste bitte noch das OTL.txt

Ich hoffe das ist nun der richtige:OTL Logfile:
--- --- ---

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Hier das Logfile des OTL-Fix:

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Global Registration deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2307b3e0-335b-11df-ab8e-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2307b3e0-335b-11df-ab8e-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2307b3e0-335b-11df-ab8e-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2307b3e0-335b-11df-ab8e-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2307b3e9-335b-11df-ab8e-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2307b3e9-335b-11df-ab8e-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2307b3e9-335b-11df-ab8e-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2307b3e9-335b-11df-ab8e-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29d53cfc-4dff-11df-a9a7-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{29d53cfc-4dff-11df-a9a7-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29d53cfc-4dff-11df-a9a7-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{29d53cfc-4dff-11df-a9a7-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3190fdd1-680f-11df-a976-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a687220-31ff-11df-aa88-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a687220-31ff-11df-aa88-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a687220-31ff-11df-aa88-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a687220-31ff-11df-aa88-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7213338d-33f1-11df-8dda-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7213338d-33f1-11df-8dda-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7213338d-33f1-11df-8dda-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7213338d-33f1-11df-8dda-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8eef4fec-33f0-11df-8d5f-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8eef4fec-33f0-11df-8d5f-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8eef4fec-33f0-11df-8d5f-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8eef4fec-33f0-11df-8d5f-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
File G:\setup_vmc_lite.exe /checkApplicationPresence not found.
C:\Users\User\M-1-52-5782-8752-5245 folder moved successfully.
C:\ProgramData\FullRemove.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: User
->Temp folder emptied: 1704792612 bytes
->Temporary Internet Files folder emptied: 1564441597 bytes
->Java cache emptied: 6223247 bytes
->FireFox cache emptied: 48822369 bytes
->Flash cache emptied: 499 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 311296 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 220206582 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3.381,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 10252011_210222

Files\Folders moved on Reboot...
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
C:\Users\User\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Hier das Logfile des OTL-Fix:

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Global Registration deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2307b3e0-335b-11df-ab8e-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2307b3e0-335b-11df-ab8e-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2307b3e0-335b-11df-ab8e-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2307b3e0-335b-11df-ab8e-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2307b3e9-335b-11df-ab8e-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2307b3e9-335b-11df-ab8e-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2307b3e9-335b-11df-ab8e-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2307b3e9-335b-11df-ab8e-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29d53cfc-4dff-11df-a9a7-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{29d53cfc-4dff-11df-a9a7-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29d53cfc-4dff-11df-a9a7-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{29d53cfc-4dff-11df-a9a7-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3190fdd1-680f-11df-a976-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3190fdd1-680f-11df-a976-00262d776d2d}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a687220-31ff-11df-aa88-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a687220-31ff-11df-aa88-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a687220-31ff-11df-aa88-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a687220-31ff-11df-aa88-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7213338d-33f1-11df-8dda-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7213338d-33f1-11df-8dda-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7213338d-33f1-11df-8dda-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7213338d-33f1-11df-8dda-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8eef4fec-33f0-11df-8d5f-00262d776d2d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8eef4fec-33f0-11df-8d5f-00262d776d2d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8eef4fec-33f0-11df-8d5f-00262d776d2d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8eef4fec-33f0-11df-8d5f-00262d776d2d}\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
File G:\setup_vmc_lite.exe /checkApplicationPresence not found.
C:\Users\User\M-1-52-5782-8752-5245 folder moved successfully.
C:\ProgramData\FullRemove.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: User
->Temp folder emptied: 1704792612 bytes
->Temporary Internet Files folder emptied: 1564441597 bytes
->Java cache emptied: 6223247 bytes
->FireFox cache emptied: 48822369 bytes
->Flash cache emptied: 499 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 311296 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 220206582 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3.381,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 10252011_210222

Files\Folders moved on Reboot...
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File move failed. E:\setup_vmc_lite.exe scheduled to be moved on reboot.
C:\Users\User\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Hier der Log von Kaspersky:

17:32:02.0580 5044 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21
17:32:04.0290 5044 ============================================================
17:32:04.0290 5044 Current date / time: 2011/10/26 17:32:04.0290
17:32:04.0290 5044 SystemInfo:
17:32:04.0290 5044
17:32:04.0290 5044 OS Version: 6.1.7600 ServicePack: 0.0
17:32:04.0290 5044 Product type: Workstation
17:32:04.0290 5044 ComputerName: USER-PC
17:32:04.0291 5044 UserName: User
17:32:04.0291 5044 Windows directory: C:\Windows
17:32:04.0291 5044 System windows directory: C:\Windows
17:32:04.0291 5044 Running under WOW64
17:32:04.0291 5044 Processor architecture: Intel x64
17:32:04.0291 5044 Number of processors: 4
17:32:04.0291 5044 Page size: 0x1000
17:32:04.0291 5044 Boot type: Normal boot
17:32:04.0291 5044 ============================================================
17:32:04.0848 5044 Initialize success
17:33:06.0407 0264 ============================================================
17:33:06.0407 0264 Scan started
17:33:06.0407 0264 Mode: Manual; SigCheck; TDLFS;
17:33:06.0407 0264 ============================================================
17:33:06.0751 0264 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
17:33:06.0864 0264 1394ohci - ok
17:33:06.0946 0264 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
17:33:06.0961 0264 ACPI - ok
17:33:06.0990 0264 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
17:33:07.0032 0264 AcpiPmi - ok
17:33:07.0236 0264 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:33:07.0272 0264 adp94xx - ok
17:33:07.0375 0264 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:33:07.0397 0264 adpahci - ok
17:33:07.0448 0264 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:33:07.0466 0264 adpu320 - ok
17:33:07.0621 0264 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
17:33:07.0687 0264 AFD - ok
17:33:07.0833 0264 AgereSoftModem (a6ab6f0ace87da76b4c401813d18be95) C:\Windows\system32\DRIVERS\agrsm64.sys
17:33:07.0900 0264 AgereSoftModem - ok
17:33:07.0992 0264 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
17:33:08.0016 0264 agp440 - ok
17:33:08.0118 0264 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
17:33:08.0139 0264 aliide - ok
17:33:08.0188 0264 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
17:33:08.0206 0264 amdide - ok
17:33:08.0299 0264 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:33:08.0371 0264 AmdK8 - ok
17:33:08.0416 0264 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:33:08.0478 0264 AmdPPM - ok
17:33:08.0603 0264 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
17:33:08.0628 0264 amdsata - ok
17:33:08.0685 0264 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:33:08.0710 0264 amdsbs - ok
17:33:08.0849 0264 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
17:33:08.0865 0264 amdxata - ok
17:33:08.0918 0264 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
17:33:08.0968 0264 AmUStor - ok
17:33:09.0079 0264 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
17:33:09.0157 0264 AppID - ok
17:33:09.0211 0264 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:33:09.0226 0264 arc - ok
17:33:09.0293 0264 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:33:09.0317 0264 arcsas - ok
17:33:09.0344 0264 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:33:09.0430 0264 AsyncMac - ok
17:33:09.0531 0264 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
17:33:09.0553 0264 atapi - ok
17:33:09.0616 0264 athr (88a02b6046356e6be4e387faa7451439) C:\Windows\system32\DRIVERS\athrx.sys
17:33:09.0695 0264 athr - ok
17:33:09.0951 0264 atikmdag (d229cc2ebcf287adafece59ab1e3d3bc) C:\Windows\system32\DRIVERS\atikmdag.sys
17:33:10.0284 0264 atikmdag - ok
17:33:10.0379 0264 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
17:33:21.0937 0264 atksgt - ok
17:33:22.0077 0264 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
17:33:22.0095 0264 avgntflt - ok
17:33:22.0119 0264 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
17:33:22.0134 0264 avipbb - ok
17:33:22.0231 0264 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:33:22.0283 0264 b06bdrv - ok
17:33:22.0383 0264 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:33:22.0438 0264 b57nd60a - ok
17:33:22.0578 0264 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
17:33:22.0681 0264 BCM43XX - ok
17:33:22.0780 0264 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:33:22.0885 0264 Beep - ok
17:33:23.0007 0264 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:33:23.0045 0264 blbdrive - ok
17:33:23.0084 0264 BMLoad (8b1e76b5f86df4396d77ab09787f6d37) C:\Windows\system32\drivers\BMLoad.sys
17:33:23.0118 0264 BMLoad ( UnsignedFile.Multi.Generic ) - warning
17:33:23.0118 0264 BMLoad - detected UnsignedFile.Multi.Generic (1)
17:33:23.0248 0264 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
17:33:23.0329 0264 bowser - ok
17:33:23.0420 0264 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:33:23.0495 0264 BrFiltLo - ok
17:33:23.0516 0264 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:33:23.0541 0264 BrFiltUp - ok
17:33:23.0668 0264 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:33:23.0733 0264 Brserid - ok
17:33:23.0839 0264 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:33:23.0892 0264 BrSerWdm - ok
17:33:23.0927 0264 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:33:23.0981 0264 BrUsbMdm - ok
17:33:24.0079 0264 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:33:24.0128 0264 BrUsbSer - ok
17:33:24.0169 0264 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:33:24.0245 0264 BTHMODEM - ok
17:33:24.0340 0264 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:33:24.0445 0264 cdfs - ok
17:33:24.0559 0264 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
17:33:24.0580 0264 cdrom - ok
17:33:24.0686 0264 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:33:24.0758 0264 circlass - ok
17:33:24.0853 0264 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:33:24.0871 0264 CLFS - ok
17:33:25.0056 0264 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:33:25.0124 0264 CmBatt - ok
17:33:25.0179 0264 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
17:33:25.0193 0264 cmdide - ok
17:33:25.0322 0264 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
17:33:25.0350 0264 CNG - ok
17:33:25.0467 0264 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:33:25.0480 0264 Compbatt - ok
17:33:25.0581 0264 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:33:25.0633 0264 CompositeBus - ok
17:33:25.0730 0264 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:33:25.0751 0264 crcdisk - ok
17:33:25.0886 0264 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
17:33:25.0930 0264 DfsC - ok
17:33:25.0961 0264 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:33:26.0039 0264 discache - ok
17:33:26.0147 0264 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:33:26.0171 0264 Disk - ok
17:33:26.0183 0264 DKbFltr - ok
17:33:26.0229 0264 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:33:26.0283 0264 drmkaud - ok
17:33:26.0403 0264 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
17:33:26.0449 0264 DXGKrnl - ok
17:33:26.0593 0264 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:33:26.0747 0264 ebdrv - ok
17:33:26.0924 0264 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:33:26.0950 0264 elxstor - ok
17:33:27.0044 0264 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
17:33:27.0093 0264 ErrDev - ok
17:33:27.0212 0264 ewusbnet (251af86e0a4ddf3a6b181ed5103b06b1) C:\Windows\system32\DRIVERS\ewusbnet.sys
17:33:27.0275 0264 ewusbnet - ok
17:33:27.0370 0264 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:33:27.0465 0264 exfat - ok
17:33:27.0622 0264 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:33:27.0713 0264 fastfat - ok
17:33:27.0806 0264 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:33:27.0823 0264 fdc - ok
17:33:27.0881 0264 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:33:27.0906 0264 FileInfo - ok
17:33:27.0977 0264 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:33:28.0064 0264 Filetrace - ok
17:33:28.0104 0264 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:33:28.0138 0264 flpydisk - ok
17:33:28.0232 0264 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
17:33:28.0256 0264 FltMgr - ok
17:33:28.0304 0264 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:33:28.0329 0264 FsDepends - ok
17:33:28.0360 0264 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:33:28.0373 0264 Fs_Rec - ok
17:33:28.0450 0264 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:33:28.0464 0264 fvevol - ok
17:33:28.0510 0264 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:33:28.0534 0264 gagp30kx - ok
17:33:28.0617 0264 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:33:28.0679 0264 hcw85cir - ok
17:33:28.0834 0264 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
17:33:28.0882 0264 HdAudAddService - ok
17:33:28.0971 0264 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:33:29.0013 0264 HDAudBus - ok
17:33:29.0081 0264 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
17:33:29.0092 0264 HECIx64 - ok
17:33:29.0169 0264 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:33:29.0208 0264 HidBatt - ok
17:33:29.0254 0264 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:33:29.0298 0264 HidBth - ok
17:33:29.0370 0264 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:33:29.0425 0264 HidIr - ok
17:33:29.0541 0264 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
17:33:29.0587 0264 HidUsb - ok
17:33:29.0697 0264 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:33:29.0721 0264 HpSAMD - ok
17:33:29.0828 0264 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
17:33:29.0923 0264 HTTP - ok
17:33:30.0063 0264 hwdatacard (4b5c07db91a0099272faae732e1152bd) C:\Windows\system32\DRIVERS\ewusbmdm.sys
17:33:30.0124 0264 hwdatacard - ok
17:33:30.0209 0264 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
17:33:30.0222 0264 hwpolicy - ok
17:33:30.0330 0264 hwusbfake (9c13a2691ac410cc7469f298684dca5d) C:\Windows\system32\DRIVERS\ewusbfake.sys
17:33:30.0375 0264 hwusbfake - ok
17:33:30.0477 0264 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:33:30.0504 0264 i8042prt - ok
17:33:30.0564 0264 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
17:33:30.0587 0264 iaStor - ok
17:33:30.0734 0264 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
17:33:30.0765 0264 iaStorV - ok
17:33:30.0930 0264 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:33:31.0175 0264 igfx - ok
17:33:31.0272 0264 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:33:31.0294 0264 iirsp - ok
17:33:31.0402 0264 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
17:33:31.0425 0264 Impcd - ok
17:33:31.0501 0264 IntcAzAudAddService (42943bb3ab7a405b30eff7c8283cc129) C:\Windows\system32\drivers\RTKVHD64.sys
17:33:31.0560 0264 IntcAzAudAddService - ok
17:33:31.0639 0264 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
17:33:31.0660 0264 intelide - ok
17:33:31.0683 0264 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:33:31.0726 0264 intelppm - ok
17:33:31.0863 0264 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:33:31.0967 0264 IpFilterDriver - ok
17:33:32.0058 0264 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:33:32.0109 0264 IPMIDRV - ok
17:33:32.0141 0264 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:33:32.0218 0264 IPNAT - ok
17:33:32.0309 0264 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:33:32.0333 0264 IRENUM - ok
17:33:32.0391 0264 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
17:33:32.0412 0264 isapnp - ok
17:33:32.0449 0264 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
17:33:32.0478 0264 iScsiPrt - ok
17:33:32.0580 0264 k57nd60a (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
17:33:32.0609 0264 k57nd60a - ok
17:33:32.0647 0264 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:33:32.0665 0264 kbdclass - ok
17:33:32.0761 0264 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
17:33:32.0786 0264 kbdhid - ok
17:33:32.0843 0264 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
17:33:32.0858 0264 KSecDD - ok
17:33:32.0949 0264 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
17:33:32.0967 0264 KSecPkg - ok
17:33:33.0050 0264 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:33:33.0140 0264 ksthunk - ok
17:33:33.0240 0264 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
17:33:33.0288 0264 L1E - ok
17:33:33.0390 0264 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
17:33:33.0409 0264 lirsgt - ok
17:33:33.0449 0264 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:33:33.0510 0264 lltdio - ok
17:33:33.0626 0264 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:33:33.0651 0264 LSI_FC - ok
17:33:33.0673 0264 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:33:33.0690 0264 LSI_SAS - ok
17:33:33.0778 0264 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:33:33.0800 0264 LSI_SAS2 - ok
17:33:33.0823 0264 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:33:33.0845 0264 LSI_SCSI - ok
17:33:33.0911 0264 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:33:33.0987 0264 luafv - ok
17:33:34.0070 0264 massfilter (b5e86524918ef32b32d1032e0c8e92a3) C:\Windows\system32\drivers\massfilter.sys
17:33:34.0106 0264 massfilter - ok
17:33:34.0224 0264 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:33:34.0246 0264 megasas - ok
17:33:34.0268 0264 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:33:34.0298 0264 MegaSR - ok
17:33:34.0402 0264 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:33:34.0458 0264 Modem - ok
17:33:34.0482 0264 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:33:34.0518 0264 monitor - ok
17:33:34.0611 0264 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:33:34.0634 0264 mouclass - ok
17:33:34.0688 0264 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:33:34.0730 0264 mouhid - ok
17:33:34.0812 0264 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
17:33:34.0827 0264 mountmgr - ok
17:33:34.0894 0264 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
17:33:34.0911 0264 mpio - ok
17:33:34.0944 0264 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:33:35.0021 0264 mpsdrv - ok
17:33:35.0095 0264 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
17:33:35.0135 0264 MRxDAV - ok
17:33:35.0209 0264 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:33:35.0236 0264 mrxsmb - ok
17:33:35.0320 0264 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:33:35.0350 0264 mrxsmb10 - ok
17:33:35.0373 0264 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:33:35.0423 0264 mrxsmb20 - ok
17:33:35.0481 0264 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
17:33:35.0501 0264 msahci - ok
17:33:35.0566 0264 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
17:33:35.0589 0264 msdsm - ok
17:33:35.0659 0264 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:33:35.0713 0264 Msfs - ok
17:33:35.0784 0264 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:33:35.0877 0264 mshidkmdf - ok
17:33:35.0936 0264 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
17:33:35.0957 0264 msisadrv - ok
17:33:36.0043 0264 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:33:36.0107 0264 MSKSSRV - ok
17:33:36.0141 0264 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:33:36.0204 0264 MSPCLOCK - ok
17:33:36.0270 0264 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:33:36.0348 0264 MSPQM - ok
17:33:36.0398 0264 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
17:33:36.0420 0264 MsRPC - ok
17:33:36.0435 0264 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:33:36.0445 0264 mssmbios - ok
17:33:36.0509 0264 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:33:36.0573 0264 MSTEE - ok
17:33:36.0606 0264 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:33:36.0630 0264 MTConfig - ok
17:33:36.0649 0264 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:33:36.0666 0264 Mup - ok
17:33:36.0734 0264 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
17:33:36.0746 0264 mwlPSDFilter - ok
17:33:36.0791 0264 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
17:33:36.0801 0264 mwlPSDNServ - ok
17:33:36.0815 0264 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
17:33:36.0825 0264 mwlPSDVDisk - ok
17:33:36.0918 0264 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:33:36.0967 0264 NativeWifiP - ok
17:33:37.0090 0264 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
17:33:37.0116 0264 NDIS - ok
17:33:37.0188 0264 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:33:37.0247 0264 NdisCap - ok
17:33:37.0286 0264 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:33:37.0326 0264 NdisTapi - ok
17:33:37.0403 0264 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
17:33:37.0467 0264 Ndisuio - ok
17:33:37.0485 0264 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:33:37.0529 0264 NdisWan - ok
17:33:37.0606 0264 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
17:33:37.0674 0264 NDProxy - ok
17:33:37.0767 0264 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:33:37.0846 0264 NetBIOS - ok
17:33:37.0878 0264 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
17:33:37.0917 0264 NetBT - ok
17:33:38.0029 0264 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:33:38.0053 0264 nfrd960 - ok
17:33:38.0086 0264 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:33:38.0157 0264 Npfs - ok
17:33:38.0249 0264 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:33:38.0327 0264 nsiproxy - ok
17:33:38.0403 0264 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
17:33:38.0476 0264 Ntfs - ok
17:33:38.0580 0264 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
17:33:38.0596 0264 NTIDrvr - ok
17:33:38.0638 0264 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:33:38.0712 0264 Null - ok
17:33:38.0842 0264 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
17:33:38.0863 0264 nvraid - ok
17:33:38.0924 0264 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
17:33:38.0943 0264 nvstor - ok
17:33:38.0980 0264 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
17:33:38.0995 0264 nv_agp - ok
17:33:39.0077 0264 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
17:33:39.0103 0264 ohci1394 - ok
17:33:39.0273 0264 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:33:39.0298 0264 Parport - ok
17:33:39.0327 0264 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
17:33:39.0342 0264 partmgr - ok
17:33:39.0353 0264 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
17:33:39.0365 0264 pci - ok
17:33:39.0382 0264 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
17:33:39.0394 0264 pciide - ok
17:33:39.0489 0264 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:33:39.0517 0264 pcmcia - ok
17:33:39.0551 0264 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:33:39.0571 0264 pcw - ok
17:33:39.0619 0264 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:33:39.0731 0264 PEAUTH - ok
17:33:39.0913 0264 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
17:33:39.0978 0264 PptpMiniport - ok
17:33:40.0002 0264 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:33:40.0047 0264 Processor - ok
17:33:40.0155 0264 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
17:33:40.0242 0264 Psched - ok
17:33:40.0342 0264 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:33:40.0388 0264 ql2300 - ok
17:33:40.0480 0264 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:33:40.0507 0264 ql40xx - ok
17:33:40.0532 0264 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:33:40.0553 0264 QWAVEdrv - ok
17:33:40.0657 0264 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:33:40.0731 0264 RasAcd - ok
17:33:40.0777 0264 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:33:40.0854 0264 RasAgileVpn - ok
17:33:40.0904 0264 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:33:40.0967 0264 Rasl2tp - ok
17:33:41.0042 0264 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:33:41.0101 0264 RasPppoe - ok
17:33:41.0147 0264 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:33:41.0210 0264 RasSstp - ok
17:33:41.0277 0264 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
17:33:41.0365 0264 rdbss - ok
17:33:41.0440 0264 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:33:41.0469 0264 rdpbus - ok
17:33:41.0498 0264 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:33:41.0575 0264 RDPCDD - ok
17:33:41.0665 0264 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:33:41.0710 0264 RDPENCDD - ok
17:33:41.0752 0264 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:33:41.0790 0264 RDPREFMP - ok
17:33:41.0813 0264 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
17:33:41.0880 0264 RDPWD - ok
17:33:41.0975 0264 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
17:33:42.0005 0264 rdyboost - ok
17:33:42.0061 0264 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:33:42.0120 0264 rspndr - ok
17:33:42.0200 0264 RTHDMIAzAudService (7421a35c45484b95e83b5e9e107cefc2) C:\Windows\system32\drivers\RtHDMIVX.sys
17:33:42.0234 0264 RTHDMIAzAudService - ok
17:33:42.0286 0264 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
17:33:42.0303 0264 sbp2port - ok
17:33:42.0326 0264 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
17:33:42.0392 0264 scfilter - ok
17:33:42.0467 0264 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:33:42.0558 0264 secdrv - ok
17:33:42.0673 0264 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:33:42.0698 0264 Serenum - ok
17:33:42.0722 0264 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:33:42.0766 0264 Serial - ok
17:33:42.0865 0264 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:33:42.0907 0264 sermouse - ok
17:33:43.0023 0264 sfdrv01 (a48b9f81d3c2ba989ae2d566747b4623) C:\Windows\system32\drivers\sfdrv01.sys
17:33:43.0050 0264 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
17:33:43.0050 0264 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
17:33:43.0076 0264 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
17:33:43.0128 0264 sffdisk - ok
17:33:43.0210 0264 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:33:43.0256 0264 sffp_mmc - ok
17:33:43.0267 0264 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:33:43.0296 0264 sffp_sd - ok
17:33:43.0398 0264 sfhlp02 (9e0ecda6c72c5d0d8cf3f0fba076422b) C:\Windows\system32\drivers\sfhlp02.sys
17:33:43.0425 0264 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
17:33:43.0425 0264 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
17:33:43.0466 0264 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:33:43.0509 0264 sfloppy - ok
17:33:43.0622 0264 sfvfs02 (f65d13175ebf3fa49b1f7f948926a16e) C:\Windows\system32\drivers\sfvfs02.sys
17:33:43.0660 0264 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
17:33:43.0660 0264 sfvfs02 - detected UnsignedFile.Multi.Generic (1)
17:33:43.0723 0264 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:33:43.0743 0264 SiSRaid2 - ok
17:33:43.0799 0264 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:33:43.0815 0264 SiSRaid4 - ok
17:33:43.0848 0264 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:33:43.0918 0264 Smb - ok
17:33:44.0036 0264 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:33:44.0055 0264 spldr - ok
17:33:44.0142 0264 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
17:33:44.0142 0264 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
17:33:44.0157 0264 sptd ( LockedFile.Multi.Generic ) - warning
17:33:44.0157 0264 sptd - detected LockedFile.Multi.Generic (1)
17:33:44.0252 0264 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
17:33:44.0288 0264 srv - ok
17:33:44.0390 0264 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
17:33:44.0439 0264 srv2 - ok
17:33:44.0474 0264 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
17:33:44.0511 0264 srvnet - ok
17:33:44.0619 0264 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:33:44.0632 0264 stexstor - ok
17:33:44.0662 0264 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:33:44.0675 0264 swenum - ok
17:33:44.0780 0264 SynTP (ed6d1424e5b0c21a57b28dd8508d6843) C:\Windows\system32\DRIVERS\SynTP.sys
17:33:44.0797 0264 SynTP - ok
17:33:44.0885 0264 tap0901 (bcd6a90d6fd757ce9c29ddc850f7f231) C:\Windows\system32\DRIVERS\tap0901.sys
17:33:44.0898 0264 tap0901 - ok
17:33:45.0037 0264 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
17:33:45.0086 0264 Tcpip - ok
17:33:45.0230 0264 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
17:33:45.0274 0264 TCPIP6 - ok
17:33:45.0381 0264 tcpipBM (fba939b917976b2c37f1b235dfcd4876) C:\Windows\system32\drivers\tcpipBM.sys
17:33:45.0411 0264 tcpipBM ( UnsignedFile.Multi.Generic ) - warning
17:33:45.0412 0264 tcpipBM - detected UnsignedFile.Multi.Generic (1)
17:33:45.0456 0264 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
17:33:45.0496 0264 tcpipreg - ok
17:33:45.0572 0264 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:33:45.0625 0264 TDPIPE - ok
17:33:45.0632 0264 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:33:45.0692 0264 TDTCP - ok
17:33:45.0735 0264 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
17:33:45.0810 0264 tdx - ok
17:33:45.0877 0264 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
17:33:45.0899 0264 TermDD - ok
17:33:46.0001 0264 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:33:46.0079 0264 tssecsrv - ok
17:33:46.0171 0264 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
17:33:46.0256 0264 tunnel - ok
17:33:46.0312 0264 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
17:33:46.0332 0264 TurboB - ok
17:33:46.0408 0264 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:33:46.0430 0264 uagp35 - ok
17:33:46.0499 0264 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
17:33:46.0511 0264 UBHelper - ok
17:33:46.0591 0264 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
17:33:46.0669 0264 udfs - ok
17:33:46.0730 0264 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:33:46.0746 0264 uliagpkx - ok
17:33:46.0817 0264 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
17:33:46.0864 0264 umbus - ok
17:33:46.0959 0264 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:33:46.0998 0264 UmPass - ok
17:33:47.0127 0264 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
17:33:47.0170 0264 usbccgp - ok
17:33:47.0204 0264 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
17:33:47.0254 0264 usbcir - ok
17:33:47.0377 0264 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
17:33:47.0418 0264 usbehci - ok
17:33:47.0545 0264 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
17:33:47.0608 0264 usbhub - ok
17:33:47.0722 0264 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
17:33:47.0772 0264 usbohci - ok
17:33:47.0830 0264 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:33:47.0861 0264 usbprint - ok
17:33:47.0969 0264 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:33:48.0000 0264 usbscan - ok
17:33:48.0045 0264 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:33:48.0067 0264 USBSTOR - ok
17:33:48.0094 0264 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
17:33:48.0131 0264 usbuhci - ok
17:33:48.0268 0264 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
17:33:48.0318 0264 usbvideo - ok
17:33:48.0378 0264 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:33:48.0401 0264 vdrvroot - ok
17:33:48.0473 0264 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:33:48.0497 0264 vga - ok
17:33:48.0518 0264 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:33:48.0581 0264 VgaSave - ok
17:33:48.0617 0264 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
17:33:48.0636 0264 vhdmp - ok
17:33:48.0712 0264 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
17:33:48.0733 0264 viaide - ok
17:33:48.0841 0264 vodafone_K3805-z_dc_enum (3bb37a860a72ed211e66e539943a7b3e) C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
17:33:48.0880 0264 vodafone_K3805-z_dc_enum - ok
17:33:48.0913 0264 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
17:33:48.0927 0264 volmgr - ok
17:33:48.0994 0264 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
17:33:49.0008 0264 volmgrx - ok
17:33:49.0032 0264 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
17:33:49.0050 0264 volsnap - ok
17:33:49.0089 0264 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:33:49.0105 0264 vsmraid - ok
17:33:49.0187 0264 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:33:49.0215 0264 vwifibus - ok
17:33:49.0237 0264 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:33:49.0281 0264 vwififlt - ok
17:33:49.0396 0264 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:33:49.0436 0264 WacomPen - ok
17:33:49.0484 0264 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:33:49.0557 0264 WANARP - ok
17:33:49.0560 0264 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:33:49.0598 0264 Wanarpv6 - ok
17:33:49.0681 0264 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:33:49.0702 0264 Wd - ok
17:33:49.0755 0264 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:33:49.0797 0264 Wdf01000 - ok
17:33:49.0931 0264 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:33:49.0979 0264 WfpLwf - ok
17:33:50.0009 0264 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:33:50.0023 0264 WIMMount - ok
17:33:50.0120 0264 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
17:33:50.0174 0264 WinUsb - ok
17:33:50.0213 0264 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:33:50.0256 0264 WmiAcpi - ok
17:33:50.0370 0264 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:33:50.0449 0264 ws2ifsl - ok
17:33:50.0491 0264 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
17:33:50.0557 0264 WudfPf - ok
17:33:50.0672 0264 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:33:50.0731 0264 WUDFRd - ok
17:33:50.0810 0264 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
17:33:50.0858 0264 xusb21 - ok
17:33:50.0949 0264 ZTEusbmdm6k (31db70a61814e4f33181d48190d46845) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
17:33:50.0982 0264 ZTEusbmdm6k - ok
17:33:51.0048 0264 ZTEusbnet (01cbeea25aa78c0f0272654048d61f34) C:\Windows\system32\DRIVERS\ZTEusbnet.sys
17:33:51.0062 0264 ZTEusbnet - ok
17:33:51.0114 0264 ZTEusbnmea - ok
17:33:51.0151 0264 ZTEusbser6k - ok
17:33:51.0196 0264 ZTEusbvoice (c9ada887bf326d8413e81fe80b1be7eb) C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
17:33:51.0242 0264 ZTEusbvoice - ok
17:33:51.0318 0264 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:33:51.0393 0264 \Device\Harddisk0\DR0 - ok
17:33:51.0397 0264 Boot (0x1200) (02202116cb35cb772dde434a87da801d) \Device\Harddisk0\DR0\Partition0
17:33:51.0398 0264 \Device\Harddisk0\DR0\Partition0 - ok
17:33:51.0433 0264 Boot (0x1200) (7ab71251876e7919bcf16b4180b09f4d) \Device\Harddisk0\DR0\Partition1
17:33:51.0434 0264 \Device\Harddisk0\DR0\Partition1 - ok
17:33:51.0435 0264 ============================================================
17:33:51.0435 0264 Scan finished
17:33:51.0435 0264 ============================================================
17:33:51.0458 3952 Detected object count: 6
17:33:51.0458 3952 Actual detected object count: 6
17:35:08.0505 3952 BMLoad ( UnsignedFile.Multi.Generic ) - skipped by user
17:35:08.0505 3952 BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:35:08.0506 3952 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
17:35:08.0506 3952 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:35:08.0507 3952 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:35:08.0508 3952 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:35:08.0514 3952 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:35:08.0514 3952 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:35:08.0517 3952 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:35:08.0517 3952 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:35:08.0519 3952 tcpipBM ( UnsignedFile.Multi.Generic ) - skipped by user
17:35:08.0519 3952 tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Skip

Ich habe das Gefühl, dass mein Internet seit der ganzen Sache langsamer geworden ist, kann das sein?