Trojaner-Board
Seite 2 von 4 1 2 34
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Gema Trojaner Win XP - Desktop leer, Taskleiste weg (https://www.trojaner-board.de/107940-gema-trojaner-win-xp-desktop-leer-taskleiste-weg.html)

cosinus 14.01.2012 16:12
Zugriffscanner deaktivieren reicht.
Notfalls den Fix im abgesicherten Modus machen

tax 14.01.2012 16:17
Zitat:
Zitat von cosinus (Beitrag 754505)
Zugriffscanner deaktivieren reicht.
Was meinst du damit?

cosinus 14.01.2012 16:19
Zugrifsscanner=Hintergrundwächter

tax 14.01.2012 16:37
So ist durchgelaufen.


Code:
All processes killed
========== OTL ==========
Error: Unable to stop service xpsec!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xpsec deleted successfully.
Error: Unable to stop service xcpip!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xcpip deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages:C:\WINDOWS\system32\rqRKEWNh deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
File move failed. D:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a97259c-e345-11d9-98ef-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2a97259c-e345-11d9-98ef-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a97259c-e345-11d9-98ef-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2a97259c-e345-11d9-98ef-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a97259c-e345-11d9-98ef-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2a97259c-e345-11d9-98ef-806d6172696f}\ not found.
File D:\ASUSACPI.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5bb0f5f0-b9fd-11db-9b2d-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5bb0f5f0-b9fd-11db-9b2d-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5bb0f5f0-b9fd-11db-9b2d-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5bb0f5f0-b9fd-11db-9b2d-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5bb0f5f0-b9fd-11db-9b2d-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5bb0f5f0-b9fd-11db-9b2d-806d6172696f}\ not found.
File D:\ASUSACPI.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\aux1 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\aux2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\midi1 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\midi2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\mixer1 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\mixer2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\wave1 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\wave2 deleted successfully.
C:\Dokumente und Einstellungen\Weisi\Anwendungsdaten\Sewa folder moved successfully.
C:\Dokumente und Einstellungen\Weisi\Anwendungsdaten\Exby folder moved successfully.
C:\WINDOWS\System32\UAs folder moved successfully.
C:\WINDOWS\System32\kock folder moved successfully.
C:\WINDOWS\Tasks\utslqiiv.job moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 69783 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 21480583 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2976009 bytes
 
User: Vanessa
->Temp folder emptied: 4078373 bytes
->Temporary Internet Files folder emptied: 21158986 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 6022 bytes
 
User: Weisi
->Temp folder emptied: 1547669120 bytes
->Temporary Internet Files folder emptied: 103140289 bytes
->Java cache emptied: 72886057 bytes
->FireFox cache emptied: 106049291 bytes
->Flash cache emptied: 3791905 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1138908 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32935003 bytes
RecycleBin emptied: 1670 bytes
 
Total Files Cleaned = 1.829,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 01142012_162424

Files\Folders moved on Reboot...
File move failed. D:\autorun.inf scheduled to be moved on reboot.

Registry entries deleted on Reboot...

cosinus 14.01.2012 17:18
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

tax 14.01.2012 18:18
Unhide habe ich ausgeführt. Ohne Erfolg.

Hier das Log File vom TDSSKiller. Hat was gefunden.

Code:
17:43:03.0031 2144        TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05
17:43:03.0156 2144        ============================================================
17:43:03.0156 2144        Current date / time: 2012/01/14 17:43:03.0156
17:43:03.0156 2144        SystemInfo:
17:43:03.0156 2144       
17:43:03.0156 2144        OS Version: 5.1.2600 ServicePack: 3.0
17:43:03.0156 2144        Product type: Workstation
17:43:03.0156 2144        ComputerName: SHOOT
17:43:03.0156 2144        UserName: Weisi
17:43:03.0156 2144        Windows directory: C:\WINDOWS
17:43:03.0156 2144        System windows directory: C:\WINDOWS
17:43:03.0156 2144        Processor architecture: Intel x86
17:43:03.0156 2144        Number of processors: 1
17:43:03.0156 2144        Page size: 0x1000
17:43:03.0156 2144        Boot type: Normal boot
17:43:03.0156 2144        ============================================================
17:43:04.0468 2144        Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000, SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054
17:43:04.0562 2144        Initialize success
17:43:25.0343 2036        ============================================================
17:43:25.0343 2036        Scan started
17:43:25.0343 2036        Mode: Manual; SigCheck; TDLFS;
17:43:25.0343 2036        ============================================================
17:43:26.0125 2036        aadev          (6bfb6def4eb16b74c0179de110077920) C:\WINDOWS\system32\DRIVERS\aadev.sys
17:43:26.0250 2036        aadev ( UnsignedFile.Multi.Generic ) - warning
17:43:26.0250 2036        aadev - detected UnsignedFile.Multi.Generic (1)
17:43:26.0265 2036        Abiosdsk - ok
17:43:26.0281 2036        abp480n5 - ok
17:43:26.0328 2036        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:43:27.0609 2036        ACPI - ok
17:43:27.0718 2036        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:43:27.0875 2036        ACPIEC - ok
17:43:27.0890 2036        adpu160m - ok
17:43:27.0953 2036        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:43:28.0140 2036        aec - ok
17:43:28.0187 2036        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:43:28.0328 2036        AFD - ok
17:43:28.0359 2036        Aha154x - ok
17:43:28.0375 2036        aic78u2 - ok
17:43:28.0390 2036        aic78xx - ok
17:43:28.0500 2036        ALCXWDM        (933933288df5ed26d1928215c97d05c7) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
17:43:28.0718 2036        ALCXWDM - ok
17:43:28.0750 2036        AliIde - ok
17:43:28.0796 2036        AmdK8          (b9dbaae3219661f4d0c5e8dc0c2f987d) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:43:28.0828 2036        AmdK8 - ok
17:43:28.0843 2036        amsint - ok
17:43:28.0906 2036        AnyDVD          (44c905e4dfd93a8c49f97c14d9c399f3) C:\WINDOWS\system32\Drivers\AnyDVD.sys
17:43:28.0921 2036        AnyDVD ( UnsignedFile.Multi.Generic ) - warning
17:43:28.0921 2036        AnyDVD - detected UnsignedFile.Multi.Generic (1)
17:43:28.0937 2036        asc - ok
17:43:28.0968 2036        asc3350p - ok
17:43:28.0984 2036        asc3550 - ok
17:43:29.0000 2036        ASInsHelp      (33c171de483ee145f31234d93b078919) C:\WINDOWS\system32\drivers\AsInsHelp32.sys
17:43:29.0015 2036        ASInsHelp ( UnsignedFile.Multi.Generic ) - warning
17:43:29.0015 2036        ASInsHelp - detected UnsignedFile.Multi.Generic (1)
17:43:29.0046 2036        AsIO            (c959989e2ce8da9bde8cafddba84badf) C:\WINDOWS\system32\drivers\AsIO.sys
17:43:29.0078 2036        AsIO ( UnsignedFile.Multi.Generic ) - warning
17:43:29.0078 2036        AsIO - detected UnsignedFile.Multi.Generic (1)
17:43:29.0093 2036        aslm75          (71356a1370739e25375a1d17b6ae318f) C:\WINDOWS\system32\drivers\aslm75.sys
17:43:29.0109 2036        aslm75 ( UnsignedFile.Multi.Generic ) - warning
17:43:29.0109 2036        aslm75 - detected UnsignedFile.Multi.Generic (1)
17:43:29.0171 2036        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:43:29.0312 2036        AsyncMac - ok
17:43:29.0375 2036        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:43:29.0531 2036        atapi - ok
17:43:29.0546 2036        Atdisk - ok
17:43:29.0687 2036        ati2mtag        (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:43:29.0859 2036        ati2mtag ( UnsignedFile.Multi.Generic ) - warning
17:43:29.0859 2036        ati2mtag - detected UnsignedFile.Multi.Generic (1)
17:43:29.0921 2036        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:43:30.0093 2036        Atmarpc - ok
17:43:30.0125 2036        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:43:30.0265 2036        audstub - ok
17:43:30.0390 2036        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
17:43:30.0421 2036        avgio - ok
17:43:30.0484 2036        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:43:30.0593 2036        avgntflt - ok
17:43:30.0640 2036        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:43:30.0656 2036        avipbb - ok
17:43:30.0703 2036        AVMDSLPPPOE    (aa5874f64d6f2ffafa8c5fbc202ce6ef) C:\WINDOWS\system32\DRIVERS\avmdsloe.sys
17:43:30.0750 2036        AVMDSLPPPOE - ok
17:43:30.0765 2036        AVMNDSL        (140ba5bf4666c27c15368cce9df54a93) C:\WINDOWS\system32\DRIVERS\avmndsl.sys
17:43:30.0781 2036        AVMNDSL - ok
17:43:30.0812 2036        bdfdll - ok
17:43:30.0859 2036        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:43:31.0000 2036        Beep - ok
17:43:31.0046 2036        BlueletAudio    (31ff5b87c1dd907613cc613224b8e303) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
17:43:31.0078 2036        BlueletAudio ( UnsignedFile.Multi.Generic ) - warning
17:43:31.0078 2036        BlueletAudio - detected UnsignedFile.Multi.Generic (1)
17:43:31.0109 2036        Bonifay        (b63f6bc2f76db693e4ed51ebe7f34828) C:\WINDOWS\system32\DRIVERS\Bonifay.sys
17:43:31.0109 2036        Bonifay ( UnsignedFile.Multi.Generic ) - warning
17:43:31.0109 2036        Bonifay - detected UnsignedFile.Multi.Generic (1)
17:43:31.0156 2036        BT              (9da8abc4885aff4793d4aa420e40bb12) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
17:43:31.0171 2036        BT ( UnsignedFile.Multi.Generic ) - warning
17:43:31.0171 2036        BT - detected UnsignedFile.Multi.Generic (1)
17:43:31.0203 2036        Btcsrusb        (95a061d5217cbb6642e73a8fd9aa9734) C:\WINDOWS\system32\Drivers\btcusb.sys
17:43:31.0234 2036        Btcsrusb ( UnsignedFile.Multi.Generic ) - warning
17:43:31.0234 2036        Btcsrusb - detected UnsignedFile.Multi.Generic (1)
17:43:31.0281 2036        BthEnum        (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17:43:31.0453 2036        BthEnum - ok
17:43:31.0500 2036        BTHidEnum      (083ad7f6ff500d0a93c0bea2cf298c93) C:\WINDOWS\system32\DRIVERS\vbtenum.sys
17:43:31.0531 2036        BTHidEnum ( UnsignedFile.Multi.Generic ) - warning
17:43:31.0531 2036        BTHidEnum - detected UnsignedFile.Multi.Generic (1)
17:43:31.0546 2036        BTHidMgr        (f408264f6ad1dc7e7bdd4837440f115d) C:\WINDOWS\system32\Drivers\BTHidMgr.sys
17:43:31.0562 2036        BTHidMgr ( UnsignedFile.Multi.Generic ) - warning
17:43:31.0562 2036        BTHidMgr - detected UnsignedFile.Multi.Generic (1)
17:43:31.0593 2036        BTHMODEM        (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
17:43:31.0750 2036        BTHMODEM - ok
17:43:31.0781 2036        BthPan          (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:43:31.0953 2036        BthPan - ok
17:43:32.0000 2036        BTHPORT        (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
17:43:32.0046 2036        BTHPORT - ok
17:43:32.0078 2036        BTHUSB          (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
17:43:32.0250 2036        BTHUSB - ok
17:43:32.0296 2036        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:43:32.0437 2036        cbidf2k - ok
17:43:32.0515 2036        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:43:32.0718 2036        CCDECODE - ok
17:43:32.0734 2036        cd20xrnt - ok
17:43:32.0750 2036        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:43:32.0921 2036        Cdaudio - ok
17:43:32.0937 2036        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:43:33.0109 2036        Cdfs - ok
17:43:33.0140 2036        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:43:33.0406 2036        Cdrom - ok
17:43:33.0421 2036        Changer - ok
17:43:33.0484 2036        CmdIde - ok
17:43:33.0500 2036        Cpqarray - ok
17:43:33.0562 2036        ctxusbm        (cb6ff7012bb5d59d7c12350db795ce1f) C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
17:43:33.0578 2036        ctxusbm - ok
17:43:33.0593 2036        dac2w2k - ok
17:43:33.0609 2036        dac960nt - ok
17:43:33.0687 2036        dbustrcm - ok
17:43:33.0718 2036        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:43:33.0875 2036        Disk - ok
17:43:33.0937 2036        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
17:43:34.0140 2036        dmboot - ok
17:43:34.0156 2036        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
17:43:34.0328 2036        dmio - ok
17:43:34.0359 2036        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:43:34.0531 2036        dmload - ok
17:43:34.0609 2036        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:43:34.0765 2036        DMusic - ok
17:43:34.0812 2036        dpti2o - ok
17:43:34.0828 2036        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:43:34.0984 2036        drmkaud - ok
17:43:35.0031 2036        ElbyCDIO        (37c3a9fef349d13685ec9c2acaaeafce) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
17:43:35.0046 2036        ElbyCDIO ( UnsignedFile.Multi.Generic ) - warning
17:43:35.0046 2036        ElbyCDIO - detected UnsignedFile.Multi.Generic (1)
17:43:35.0078 2036        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:43:35.0218 2036        Fastfat - ok
17:43:35.0250 2036        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:43:35.0406 2036        Fdc - ok
17:43:35.0468 2036        FDSSBASE        (551a237a1ce44261dc0783661bcfb9a5) C:\WINDOWS\system32\DRIVERS\fdssbase.sys
17:43:35.0515 2036        FDSSBASE - ok
17:43:35.0546 2036        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
17:43:35.0703 2036        Fips - ok
17:43:35.0718 2036        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:43:35.0875 2036        Flpydisk - ok
17:43:35.0921 2036        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:43:36.0078 2036        FltMgr - ok
17:43:36.0109 2036        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:43:36.0265 2036        Fs_Rec - ok
17:43:36.0296 2036        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:43:36.0453 2036        Ftdisk - ok
17:43:36.0484 2036        gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:43:36.0625 2036        gameenum - ok
17:43:36.0671 2036        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:43:36.0687 2036        GEARAspiWDM - ok
17:43:36.0718 2036        Gonzales        (829870058335703af4b95cbc1f83affc) C:\WINDOWS\system32\DRIVERS\Gonzales.sys
17:43:36.0734 2036        Gonzales ( UnsignedFile.Multi.Generic ) - warning
17:43:36.0734 2036        Gonzales - detected UnsignedFile.Multi.Generic (1)
17:43:36.0750 2036        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:43:36.0890 2036        Gpc - ok
17:43:36.0921 2036        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:43:37.0093 2036        HidUsb - ok
17:43:37.0109 2036        hpn - ok
17:43:37.0125 2036        hpt3xx - ok
17:43:37.0171 2036        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:43:37.0250 2036        HTTP - ok
17:43:37.0265 2036        i2omgmt - ok
17:43:37.0281 2036        i2omp - ok
17:43:37.0312 2036        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:43:37.0484 2036        i8042prt - ok
17:43:37.0531 2036        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:43:37.0687 2036        Imapi - ok
17:43:37.0703 2036        ini910u - ok
17:43:37.0734 2036        IntelIde - ok
17:43:37.0781 2036        ip6fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:43:37.0937 2036        ip6fw - ok
17:43:37.0984 2036        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:43:38.0140 2036        IpFilterDriver - ok
17:43:38.0171 2036        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:43:38.0343 2036        IpInIp - ok
17:43:38.0359 2036        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:43:38.0515 2036        IpNat - ok
17:43:38.0546 2036        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:43:38.0687 2036        IPSec - ok
17:43:38.0781 2036        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:43:38.0859 2036        IRENUM - ok
17:43:38.0875 2036        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:43:39.0015 2036        isapnp - ok
17:43:39.0046 2036        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:43:39.0187 2036        Kbdclass - ok
17:43:39.0218 2036        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:43:39.0359 2036        kbdhid - ok
17:43:39.0390 2036        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:43:39.0562 2036        kmixer - ok
17:43:39.0578 2036        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:43:39.0671 2036        KSecDD - ok
17:43:39.0687 2036        lbrtfdc - ok
17:43:39.0734 2036        meiudf          (a4798cd432781bc382603499d301e176) C:\WINDOWS\system32\Drivers\meiudf.sys
17:43:39.0765 2036        meiudf ( UnsignedFile.Multi.Generic ) - warning
17:43:39.0765 2036        meiudf - detected UnsignedFile.Multi.Generic (1)
17:43:39.0828 2036        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:43:39.0968 2036        mnmdd - ok
17:43:40.0000 2036        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
17:43:40.0156 2036        Modem - ok
17:43:40.0187 2036        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:43:40.0343 2036        Mouclass - ok
17:43:40.0390 2036        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:43:40.0531 2036        mouhid - ok
17:43:40.0546 2036        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:43:40.0687 2036        MountMgr - ok
17:43:40.0703 2036        mraid35x - ok
17:43:40.0734 2036        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:43:40.0906 2036        MRxDAV - ok
17:43:40.0968 2036        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:43:41.0000 2036        MRxSmb - ok
17:43:41.0046 2036        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:43:41.0156 2036        Msfs - ok
17:43:41.0187 2036        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:43:41.0359 2036        MSKSSRV - ok
17:43:41.0375 2036        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:43:41.0515 2036        MSPCLOCK - ok
17:43:41.0546 2036        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:43:41.0703 2036        MSPQM - ok
17:43:41.0750 2036        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:43:41.0906 2036        mssmbios - ok
17:43:41.0953 2036        MSTEE          (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:43:42.0109 2036        MSTEE - ok
17:43:42.0156 2036        ms_mpu401      (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
17:43:42.0281 2036        ms_mpu401 - ok
17:43:42.0343 2036        MTsensor        (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
17:43:42.0359 2036        MTsensor ( UnsignedFile.Multi.Generic ) - warning
17:43:42.0359 2036        MTsensor - detected UnsignedFile.Multi.Generic (1)
17:43:42.0562 2036        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:43:42.0593 2036        Mup - ok
17:43:42.0625 2036        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:43:42.0781 2036        NABTSFEC - ok
17:43:42.0812 2036        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:43:42.0968 2036        NDIS - ok
17:43:43.0000 2036        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:43:43.0156 2036        NdisIP - ok
17:43:43.0187 2036        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:43:43.0218 2036        NdisTapi - ok
17:43:43.0234 2036        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:43:43.0375 2036        Ndisuio - ok
17:43:43.0406 2036        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:43:43.0546 2036        NdisWan - ok
17:43:43.0578 2036        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:43:43.0609 2036        NDProxy - ok
17:43:43.0640 2036        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:43:43.0781 2036        NetBIOS - ok
17:43:43.0828 2036        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:43:43.0984 2036        NetBT - ok
17:43:44.0062 2036        NETFWDSL        (a001e7d84da39a5e7aff3cb05e77e033) C:\WINDOWS\system32\DRIVERS\NETFWDSL.SYS
17:43:44.0093 2036        NETFWDSL ( UnsignedFile.Multi.Generic ) - warning
17:43:44.0093 2036        NETFWDSL - detected UnsignedFile.Multi.Generic (1)
17:43:44.0125 2036        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:43:44.0250 2036        Npfs - ok
17:43:44.0281 2036        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:43:44.0453 2036        Ntfs - ok
17:43:44.0484 2036        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:43:44.0609 2036        Null - ok
17:43:44.0765 2036        nv              (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:43:45.0062 2036        nv - ok
17:43:45.0171 2036        nvatabus        (3bfc1dea3076d9eaa282e9cc1e4d7a23) C:\WINDOWS\system32\DRIVERS\nvatabus.sys
17:43:45.0187 2036        nvatabus ( UnsignedFile.Multi.Generic ) - warning
17:43:45.0187 2036        nvatabus - detected UnsignedFile.Multi.Generic (1)
17:43:45.0234 2036        NVENETFD        (720cc533eecb65553bd86b139ca04433) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
17:43:45.0296 2036        NVENETFD - ok
17:43:45.0328 2036        nvnetbus        (5f9f545cc5904dd8765f84ee1d056406) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
17:43:45.0375 2036        nvnetbus - ok
17:43:45.0421 2036        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:43:45.0578 2036        NwlnkFlt - ok
17:43:45.0593 2036        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:43:45.0734 2036        NwlnkFwd - ok
17:43:45.0781 2036        ovt519          (4cdadec3dc1300ee1d313ea5494e6472) C:\WINDOWS\system32\Drivers\ov519vid.sys
17:43:45.0812 2036        ovt519 ( UnsignedFile.Multi.Generic ) - warning
17:43:45.0812 2036        ovt519 - detected UnsignedFile.Multi.Generic (1)
17:43:45.0859 2036        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
17:43:45.0984 2036        Parport - ok
17:43:46.0062 2036        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:43:46.0171 2036        PartMgr - ok
17:43:46.0218 2036        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
17:43:46.0359 2036        ParVdm - ok
17:43:46.0390 2036        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:43:46.0437 2036        pccsmcfd - ok
17:43:46.0453 2036        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
17:43:46.0609 2036        PCI - ok
17:43:46.0625 2036        PCIDump - ok
17:43:46.0656 2036        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:43:46.0781 2036        PCIIde - ok
17:43:46.0812 2036        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:43:46.0968 2036        Pcmcia - ok
17:43:46.0984 2036        PDCOMP - ok
17:43:47.0000 2036        PDFRAME - ok
17:43:47.0015 2036        PDRELI - ok
17:43:47.0046 2036        PDRFRAME - ok
17:43:47.0062 2036        perc2 - ok
17:43:47.0078 2036        perc2hib - ok
17:43:47.0140 2036        pfc            (ed2e7f396b4098608c95bc3806bdf6fc) C:\WINDOWS\system32\drivers\pfc.sys
17:43:47.0171 2036        pfc ( UnsignedFile.Multi.Generic ) - warning
17:43:47.0171 2036        pfc - detected UnsignedFile.Multi.Generic (1)
17:43:47.0203 2036        PLFF            (a20ac92609f3b246be3b761bb72fc6a5) C:\WINDOWS\system32\Drivers\PLFF.sys
17:43:47.0218 2036        PLFF ( UnsignedFile.Multi.Generic ) - warning
17:43:47.0218 2036        PLFF - detected UnsignedFile.Multi.Generic (1)
17:43:47.0265 2036        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:43:47.0390 2036        PptpMiniport - ok
17:43:47.0421 2036        Processor      (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
17:43:47.0578 2036        Processor - ok
17:43:47.0609 2036        prodrv06        (18d9789a4664bf417eea944d2776091a) C:\WINDOWS\System32\drivers\prodrv06.sys
17:43:47.0671 2036        prodrv06 ( UnsignedFile.Multi.Generic ) - warning
17:43:47.0671 2036        prodrv06 - detected UnsignedFile.Multi.Generic (1)
17:43:47.0687 2036        prohlp02        (8cc9671a7ed2902e747ee0892e1c8575) C:\WINDOWS\system32\drivers\prohlp02.sys
17:43:47.0718 2036        prohlp02 ( UnsignedFile.Multi.Generic ) - warning
17:43:47.0718 2036        prohlp02 - detected UnsignedFile.Multi.Generic (1)
17:43:47.0734 2036        prosync1        (960bce3ed38761b446aabac06c76badf) C:\WINDOWS\system32\drivers\prosync1.sys
17:43:47.0750 2036        prosync1 ( UnsignedFile.Multi.Generic ) - warning
17:43:47.0750 2036        prosync1 - detected UnsignedFile.Multi.Generic (1)
17:43:47.0765 2036        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:43:47.0906 2036        PSched - ok
17:43:47.0953 2036        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:43:48.0078 2036        Ptilink - ok
17:43:48.0125 2036        ql1080 - ok
17:43:48.0140 2036        Ql10wnt - ok
17:43:48.0156 2036        ql12160 - ok
17:43:48.0171 2036        ql1240 - ok
17:43:48.0187 2036        ql1280 - ok
17:43:48.0218 2036        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:43:48.0343 2036        RasAcd - ok
17:43:48.0375 2036        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:43:48.0515 2036        Rasl2tp - ok
17:43:48.0531 2036        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:43:48.0671 2036        RasPppoe - ok
17:43:48.0687 2036        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:43:48.0812 2036        Raspti - ok
17:43:48.0843 2036        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:43:48.0984 2036        Rdbss - ok
17:43:49.0000 2036        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:43:49.0140 2036        RDPCDD - ok
17:43:49.0171 2036        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:43:49.0328 2036        rdpdr - ok
17:43:49.0375 2036        RDPWD          (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
17:43:49.0421 2036        RDPWD - ok
17:43:49.0453 2036        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:43:49.0593 2036        redbook - ok
17:43:49.0640 2036        RFCOMM          (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:43:49.0781 2036        RFCOMM - ok
17:43:49.0812 2036        ROOTMODEM      (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
17:43:49.0953 2036        ROOTMODEM - ok
17:43:50.0015 2036        SaiNtHid        (a007103ef0e50fb0e0ed08b511d721d7) C:\WINDOWS\system32\DRIVERS\SaiNtHid.sys
17:43:50.0046 2036        SaiNtHid ( UnsignedFile.Multi.Generic ) - warning
17:43:50.0046 2036        SaiNtHid - detected UnsignedFile.Multi.Generic (1)
17:43:50.0078 2036        SCR3xx USB Smart Card Reader (60ab2853a89e7db562b2a56e8de2d0e7) C:\WINDOWS\system32\DRIVERS\SCR3XX2K.sys
17:43:50.0187 2036        SCR3xx USB Smart Card Reader - ok
17:43:50.0218 2036        SCR3XX2K        (60ab2853a89e7db562b2a56e8de2d0e7) C:\WINDOWS\system32\DRIVERS\SCR3XX2K.sys
17:43:50.0234 2036        SCR3XX2K - ok
17:43:50.0312 2036        SE4501D        (b84c83e5355c2aa96bb5c5fab9f5d3e4) C:\WINDOWS\system32\DRIVERS\SE4501D.sys
17:43:50.0343 2036        SE4501D ( UnsignedFile.Multi.Generic ) - warning
17:43:50.0343 2036        SE4501D - detected UnsignedFile.Multi.Generic (1)
17:43:50.0375 2036        Secdrv          (ba0d892d2f786bcebdf03b0a252b47f3) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:43:50.0390 2036        Secdrv ( UnsignedFile.Multi.Generic ) - warning
17:43:50.0390 2036        Secdrv - detected UnsignedFile.Multi.Generic (1)
17:43:50.0437 2036        Serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:43:50.0562 2036        Serenum - ok
17:43:50.0593 2036        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
17:43:50.0734 2036        Serial - ok
17:43:50.0828 2036        sfdrv01        (00de597b81b381053cb5b21a7f20e365) C:\WINDOWS\system32\drivers\sfdrv01.sys
17:43:50.0843 2036        sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
17:43:50.0843 2036        sfdrv01 - detected UnsignedFile.Multi.Generic (1)
17:43:50.0875 2036        sfhlp01        (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
17:43:50.0875 2036        sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
17:43:50.0875 2036        sfhlp01 - detected UnsignedFile.Multi.Generic (1)
17:43:50.0906 2036        sfhlp02        (64b9ab76f1b16eb059cb6cdd906c067a) C:\WINDOWS\system32\drivers\sfhlp02.sys
17:43:50.0921 2036        sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
17:43:50.0921 2036        sfhlp02 - detected UnsignedFile.Multi.Generic (1)
17:43:50.0937 2036        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:43:51.0062 2036        Sfloppy - ok
17:43:51.0093 2036        Simbad - ok
17:43:51.0125 2036        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:43:51.0281 2036        SLIP - ok
17:43:51.0296 2036        Sparrow - ok
17:43:51.0343 2036        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:43:51.0453 2036        splitter - ok
17:43:51.0468 2036        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
17:43:51.0546 2036        sr - ok
17:43:51.0609 2036        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:43:51.0671 2036        Srv - ok
17:43:51.0718 2036        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:43:51.0734 2036        ssmdrv - ok
17:43:51.0750 2036        STC2DFU - ok
17:43:51.0796 2036        STCFUx32        (68c00ee8c35e4ea63dca5ca7d572e25e) C:\WINDOWS\system32\DRIVERS\STCFUx32.SYS
17:43:51.0859 2036        STCFUx32 - ok
17:43:51.0875 2036        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:43:52.0031 2036        streamip - ok
17:43:52.0062 2036        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:43:52.0187 2036        swenum - ok
17:43:52.0218 2036        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:43:52.0375 2036        swmidi - ok
17:43:52.0406 2036        symc810 - ok
17:43:52.0421 2036        symc8xx - ok
17:43:52.0437 2036        sym_hi - ok
17:43:52.0453 2036        sym_u3 - ok
17:43:52.0484 2036        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:43:52.0640 2036        sysaudio - ok
17:43:52.0703 2036        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:43:52.0765 2036        Tcpip - ok
17:43:52.0796 2036        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:43:52.0921 2036        TDPIPE - ok
17:43:52.0953 2036        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:43:53.0093 2036        TDTCP - ok
17:43:53.0125 2036        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:43:53.0250 2036        TermDD - ok
17:43:53.0281 2036        TosIde - ok
17:43:53.0312 2036        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:43:53.0468 2036        Udfs - ok
17:43:53.0484 2036        ultra - ok
17:43:53.0546 2036        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:43:53.0703 2036        Update - ok
17:43:53.0750 2036        USBAAPL        (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:43:53.0812 2036        USBAAPL - ok
17:43:53.0843 2036        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:43:53.0984 2036        usbaudio - ok
17:43:54.0031 2036        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:43:54.0171 2036        usbccgp - ok
17:43:54.0203 2036        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:43:54.0359 2036        usbehci - ok
17:43:54.0437 2036        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:43:54.0562 2036        usbhub - ok
17:43:54.0578 2036        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:43:54.0703 2036        usbohci - ok
17:43:54.0734 2036        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:43:54.0875 2036        usbprint - ok
17:43:54.0890 2036        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:43:55.0015 2036        usbscan - ok
17:43:55.0031 2036        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:43:55.0171 2036        USBSTOR - ok
17:43:55.0203 2036        uxy9b.sys - ok
17:43:55.0234 2036        VComm          (9ebee4a060c5364a31aeaa04eac2af1e) C:\WINDOWS\system32\DRIVERS\VComm.sys
17:43:55.0265 2036        VComm ( UnsignedFile.Multi.Generic ) - warning
17:43:55.0265 2036        VComm - detected UnsignedFile.Multi.Generic (1)
17:43:55.0296 2036        VcommMgr        (ef0d45ed806b0c9ae9756bfeecb077ed) C:\WINDOWS\system32\Drivers\VcommMgr.sys
17:43:55.0312 2036        VcommMgr ( UnsignedFile.Multi.Generic ) - warning
17:43:55.0312 2036        VcommMgr - detected UnsignedFile.Multi.Generic (1)
17:43:55.0343 2036        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:43:55.0453 2036        VgaSave - ok
17:43:55.0468 2036        ViaIde - ok
17:43:55.0531 2036        vnccom          (b67632451f760797bb183e1fb99f4b39) C:\WINDOWS\system32\Drivers\vnccom.SYS
17:43:55.0546 2036        vnccom ( UnsignedFile.Multi.Generic ) - warning
17:43:55.0546 2036        vnccom - detected UnsignedFile.Multi.Generic (1)
17:43:55.0578 2036        vncdrv          (4ec979b157d1aa075330362acb5424e5) C:\WINDOWS\system32\DRIVERS\vncdrv.sys
17:43:55.0593 2036        vncdrv ( UnsignedFile.Multi.Generic ) - warning
17:43:55.0593 2036        vncdrv - detected UnsignedFile.Multi.Generic (1)
17:43:55.0609 2036        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
17:43:55.0750 2036        VolSnap - ok
17:43:55.0781 2036        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:43:55.0921 2036        Wanarp - ok
17:43:55.0953 2036        WDICA - ok
17:43:55.0968 2036        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:43:56.0109 2036        wdmaud - ok
17:43:56.0187 2036        WmBEnum        (bc3ecbcb40147bdae3ad2fd0b4b346d8) C:\WINDOWS\system32\drivers\WmBEnum.sys
17:43:56.0234 2036        WmBEnum - ok
17:43:56.0265 2036        WmFilter        (19f9881d8b3484fedb605d0216876898) C:\WINDOWS\system32\drivers\WmFilter.sys
17:43:56.0328 2036        WmFilter - ok
17:43:56.0359 2036        WmHidLo        (bb49902577091f634e752537181d2c19) C:\WINDOWS\system32\drivers\WmHidLo.sys
17:43:56.0375 2036        WmHidLo - ok
17:43:56.0421 2036        WmVirHid        (7a51545a6409a25eedbdbd97d019e8cc) C:\WINDOWS\system32\drivers\WmVirHid.sys
17:43:56.0453 2036        WmVirHid - ok
17:43:56.0531 2036        WmXlCore        (1f083b3bc73017e60c3ca85cf4a70753) C:\WINDOWS\system32\drivers\WmXlCore.sys
17:43:56.0546 2036        WmXlCore - ok
17:43:56.0578 2036        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:43:56.0656 2036        WpdUsb - ok
17:43:56.0703 2036        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:43:56.0828 2036        WS2IFSL - ok
17:43:56.0875 2036        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:43:57.0015 2036        WSTCODEC - ok
17:43:57.0078 2036        WudfPf          (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:43:57.0140 2036        WudfPf - ok
17:43:57.0187 2036        WudfRd          (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:43:57.0218 2036        WudfRd - ok
17:43:57.0234 2036        xcpip - ok
17:43:57.0265 2036        xpsec - ok
17:43:57.0343 2036        zlportio - ok
17:43:57.0406 2036        MBR (0x1B8)    (eeadaf356113e54427e990a5bcad82b5) \Device\Harddisk0\DR0
17:43:57.0406 2036        \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - infected
17:43:57.0406 2036        \Device\Harddisk0\DR0 - detected Backdoor.Win32.Sinowal.knf (0)
17:43:57.0484 2036        Boot (0x1200)  (76ae28f380934ee0dad55c95a523df03) \Device\Harddisk0\DR0\Partition0
17:43:57.0484 2036        \Device\Harddisk0\DR0\Partition0 - ok
17:43:57.0515 2036        Boot (0x1200)  (852b9f665a1f7c90b5737e2b210f086d) \Device\Harddisk0\DR0\Partition1
17:43:57.0515 2036        \Device\Harddisk0\DR0\Partition1 - ok
17:43:57.0546 2036        Boot (0x1200)  (0403679a73ca5dd9e147c2a422f00c8f) \Device\Harddisk0\DR0\Partition2
17:43:57.0562 2036        \Device\Harddisk0\DR0\Partition2 - ok
17:43:57.0562 2036        ============================================================
17:43:57.0562 2036        Scan finished
17:43:57.0562 2036        ============================================================
17:43:57.0687 2852        Detected object count: 35
17:43:57.0687 2852        Actual detected object count: 35
17:44:56.0281 2852        aadev ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0281 2852        aadev ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0281 2852        AnyDVD ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0281 2852        AnyDVD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0281 2852        ASInsHelp ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0281 2852        ASInsHelp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0281 2852        AsIO ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0281 2852        AsIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0281 2852        aslm75 ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0281 2852        aslm75 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0281 2852        ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0281 2852        ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0296 2852        BlueletAudio ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0296 2852        BlueletAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0296 2852        Bonifay ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0296 2852        Bonifay ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0296 2852        BT ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0296 2852        BT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0296 2852        Btcsrusb ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0296 2852        Btcsrusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0296 2852        BTHidEnum ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0296 2852        BTHidEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0296 2852        BTHidMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0296 2852        BTHidMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0296 2852        ElbyCDIO ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0296 2852        ElbyCDIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0296 2852        Gonzales ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0296 2852        Gonzales ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0312 2852        meiudf ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0312 2852        meiudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0312 2852        MTsensor ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0312 2852        MTsensor ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0312 2852        NETFWDSL ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0312 2852        NETFWDSL ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0312 2852        nvatabus ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0312 2852        nvatabus ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0312 2852        ovt519 ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0312 2852        ovt519 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0312 2852        pfc ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0312 2852        pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0312 2852        PLFF ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0312 2852        PLFF ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0312 2852        prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0312 2852        prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0312 2852        prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0328 2852        prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0328 2852        prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0328 2852        prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0328 2852        SaiNtHid ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0328 2852        SaiNtHid ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0328 2852        SE4501D ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0328 2852        SE4501D ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0328 2852        Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0328 2852        Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0328 2852        sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0328 2852        sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0328 2852        sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0328 2852        sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0328 2852        sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0328 2852        sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0328 2852        VComm ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0328 2852        VComm ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0328 2852        VcommMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0328 2852        VcommMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0343 2852        vnccom ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0343 2852        vnccom ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0343 2852        vncdrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:44:56.0343 2852        vncdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:44:56.0343 2852        \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - skipped by user
17:44:56.0343 2852        \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - User select action: Skip

cosinus 14.01.2012 20:07
Zitat:
\Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf )
Den Sinowal (und NICHTS anderes!!) bitte mit dem TDSS-Killer löschen lassen, starte Windows danach neu und mach ein neues Log mit diesem Tool. Poste es wieder mit CODE-Tags umschlossen.

tax 14.01.2012 21:55
Code:
21:46:56.0953 2572        TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05
21:46:57.0187 2572        ============================================================
21:46:57.0187 2572        Current date / time: 2012/01/14 21:46:57.0187
21:46:57.0187 2572        SystemInfo:
21:46:57.0187 2572       
21:46:57.0187 2572        OS Version: 5.1.2600 ServicePack: 3.0
21:46:57.0187 2572        Product type: Workstation
21:46:57.0187 2572        ComputerName: SHOOT
21:46:57.0187 2572        UserName: Weisi
21:46:57.0187 2572        Windows directory: C:\WINDOWS
21:46:57.0187 2572        System windows directory: C:\WINDOWS
21:46:57.0187 2572        Processor architecture: Intel x86
21:46:57.0187 2572        Number of processors: 1
21:46:57.0187 2572        Page size: 0x1000
21:46:57.0187 2572        Boot type: Normal boot
21:46:57.0187 2572        ============================================================
21:46:58.0375 2572        Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000, SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054
21:46:58.0453 2572        Initialize success
21:47:04.0109 3432        ============================================================
21:47:04.0109 3432        Scan started
21:47:04.0109 3432        Mode: Manual; SigCheck; TDLFS;
21:47:04.0109 3432        ============================================================
21:47:05.0078 3432        aadev          (6bfb6def4eb16b74c0179de110077920) C:\WINDOWS\system32\DRIVERS\aadev.sys
21:47:05.0218 3432        aadev ( UnsignedFile.Multi.Generic ) - warning
21:47:05.0218 3432        aadev - detected UnsignedFile.Multi.Generic (1)
21:47:05.0234 3432        Abiosdsk - ok
21:47:05.0250 3432        abp480n5 - ok
21:47:05.0296 3432        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:47:05.0484 3432        ACPI - ok
21:47:05.0515 3432        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:47:05.0656 3432        ACPIEC - ok
21:47:05.0671 3432        adpu160m - ok
21:47:05.0718 3432        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:47:05.0875 3432        aec - ok
21:47:05.0953 3432        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:47:06.0015 3432        AFD - ok
21:47:06.0031 3432        Aha154x - ok
21:47:06.0062 3432        aic78u2 - ok
21:47:06.0078 3432        aic78xx - ok
21:47:06.0187 3432        ALCXWDM        (933933288df5ed26d1928215c97d05c7) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
21:47:06.0328 3432        ALCXWDM - ok
21:47:06.0359 3432        AliIde - ok
21:47:06.0406 3432        AmdK8          (b9dbaae3219661f4d0c5e8dc0c2f987d) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
21:47:06.0437 3432        AmdK8 - ok
21:47:06.0453 3432        amsint - ok
21:47:06.0515 3432        AnyDVD          (44c905e4dfd93a8c49f97c14d9c399f3) C:\WINDOWS\system32\Drivers\AnyDVD.sys
21:47:06.0531 3432        AnyDVD ( UnsignedFile.Multi.Generic ) - warning
21:47:06.0531 3432        AnyDVD - detected UnsignedFile.Multi.Generic (1)
21:47:06.0546 3432        asc - ok
21:47:06.0562 3432        asc3350p - ok
21:47:06.0578 3432        asc3550 - ok
21:47:06.0609 3432        ASInsHelp      (33c171de483ee145f31234d93b078919) C:\WINDOWS\system32\drivers\AsInsHelp32.sys
21:47:06.0625 3432        ASInsHelp ( UnsignedFile.Multi.Generic ) - warning
21:47:06.0625 3432        ASInsHelp - detected UnsignedFile.Multi.Generic (1)
21:47:06.0656 3432        AsIO            (c959989e2ce8da9bde8cafddba84badf) C:\WINDOWS\system32\drivers\AsIO.sys
21:47:06.0656 3432        AsIO ( UnsignedFile.Multi.Generic ) - warning
21:47:06.0656 3432        AsIO - detected UnsignedFile.Multi.Generic (1)
21:47:06.0687 3432        aslm75          (71356a1370739e25375a1d17b6ae318f) C:\WINDOWS\system32\drivers\aslm75.sys
21:47:06.0703 3432        aslm75 ( UnsignedFile.Multi.Generic ) - warning
21:47:06.0703 3432        aslm75 - detected UnsignedFile.Multi.Generic (1)
21:47:06.0765 3432        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:47:06.0906 3432        AsyncMac - ok
21:47:06.0921 3432        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:47:07.0062 3432        atapi - ok
21:47:07.0093 3432        Atdisk - ok
21:47:07.0250 3432        ati2mtag        (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:47:07.0406 3432        ati2mtag ( UnsignedFile.Multi.Generic ) - warning
21:47:07.0406 3432        ati2mtag - detected UnsignedFile.Multi.Generic (1)
21:47:07.0531 3432        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:47:07.0687 3432        Atmarpc - ok
21:47:07.0734 3432        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:47:07.0875 3432        audstub - ok
21:47:07.0968 3432        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
21:47:07.0984 3432        avgio - ok
21:47:08.0031 3432        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:47:08.0078 3432        avgntflt - ok
21:47:08.0171 3432        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:47:08.0203 3432        avipbb - ok
21:47:08.0234 3432        AVMDSLPPPOE    (aa5874f64d6f2ffafa8c5fbc202ce6ef) C:\WINDOWS\system32\DRIVERS\avmdsloe.sys
21:47:08.0250 3432        AVMDSLPPPOE - ok
21:47:08.0281 3432        AVMNDSL        (140ba5bf4666c27c15368cce9df54a93) C:\WINDOWS\system32\DRIVERS\avmndsl.sys
21:47:08.0296 3432        AVMNDSL - ok
21:47:08.0343 3432        bdfdll - ok
21:47:08.0375 3432        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:47:08.0562 3432        Beep - ok
21:47:08.0609 3432        BlueletAudio    (31ff5b87c1dd907613cc613224b8e303) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
21:47:08.0640 3432        BlueletAudio ( UnsignedFile.Multi.Generic ) - warning
21:47:08.0640 3432        BlueletAudio - detected UnsignedFile.Multi.Generic (1)
21:47:08.0656 3432        Bonifay        (b63f6bc2f76db693e4ed51ebe7f34828) C:\WINDOWS\system32\DRIVERS\Bonifay.sys
21:47:08.0671 3432        Bonifay ( UnsignedFile.Multi.Generic ) - warning
21:47:08.0671 3432        Bonifay - detected UnsignedFile.Multi.Generic (1)
21:47:08.0718 3432        BT              (9da8abc4885aff4793d4aa420e40bb12) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
21:47:08.0750 3432        BT ( UnsignedFile.Multi.Generic ) - warning
21:47:08.0750 3432        BT - detected UnsignedFile.Multi.Generic (1)
21:47:08.0781 3432        Btcsrusb        (95a061d5217cbb6642e73a8fd9aa9734) C:\WINDOWS\system32\Drivers\btcusb.sys
21:47:08.0796 3432        Btcsrusb ( UnsignedFile.Multi.Generic ) - warning
21:47:08.0796 3432        Btcsrusb - detected UnsignedFile.Multi.Generic (1)
21:47:08.0843 3432        BthEnum        (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
21:47:09.0000 3432        BthEnum - ok
21:47:09.0031 3432        BTHidEnum      (083ad7f6ff500d0a93c0bea2cf298c93) C:\WINDOWS\system32\DRIVERS\vbtenum.sys
21:47:09.0046 3432        BTHidEnum ( UnsignedFile.Multi.Generic ) - warning
21:47:09.0046 3432        BTHidEnum - detected UnsignedFile.Multi.Generic (1)
21:47:09.0078 3432        BTHidMgr        (f408264f6ad1dc7e7bdd4837440f115d) C:\WINDOWS\system32\Drivers\BTHidMgr.sys
21:47:09.0078 3432        BTHidMgr ( UnsignedFile.Multi.Generic ) - warning
21:47:09.0078 3432        BTHidMgr - detected UnsignedFile.Multi.Generic (1)
21:47:09.0109 3432        BTHMODEM        (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
21:47:09.0281 3432        BTHMODEM - ok
21:47:09.0328 3432        BthPan          (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
21:47:09.0500 3432        BthPan - ok
21:47:09.0562 3432        BTHPORT        (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
21:47:09.0593 3432        BTHPORT - ok
21:47:09.0625 3432        BTHUSB          (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
21:47:09.0781 3432        BTHUSB - ok
21:47:09.0812 3432        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:47:09.0953 3432        cbidf2k - ok
21:47:10.0015 3432        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:47:10.0171 3432        CCDECODE - ok
21:47:10.0234 3432        cd20xrnt - ok
21:47:10.0265 3432        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:47:10.0421 3432        Cdaudio - ok
21:47:10.0453 3432        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:47:10.0609 3432        Cdfs - ok
21:47:10.0640 3432        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:47:10.0796 3432        Cdrom - ok
21:47:10.0812 3432        Changer - ok
21:47:10.0843 3432        CmdIde - ok
21:47:10.0875 3432        Cpqarray - ok
21:47:10.0937 3432        ctxusbm        (cb6ff7012bb5d59d7c12350db795ce1f) C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
21:47:10.0937 3432        ctxusbm - ok
21:47:10.0968 3432        dac2w2k - ok
21:47:10.0984 3432        dac960nt - ok
21:47:11.0062 3432        dbustrcm - ok
21:47:11.0093 3432        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:47:11.0250 3432        Disk - ok
21:47:11.0312 3432        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
21:47:11.0546 3432        dmboot - ok
21:47:11.0562 3432        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
21:47:11.0734 3432        dmio - ok
21:47:11.0750 3432        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:47:11.0921 3432        dmload - ok
21:47:11.0953 3432        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:47:12.0093 3432        DMusic - ok
21:47:12.0109 3432        dpti2o - ok
21:47:12.0140 3432        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:47:12.0296 3432        drmkaud - ok
21:47:12.0343 3432        ElbyCDIO        (37c3a9fef349d13685ec9c2acaaeafce) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
21:47:12.0375 3432        ElbyCDIO ( UnsignedFile.Multi.Generic ) - warning
21:47:12.0375 3432        ElbyCDIO - detected UnsignedFile.Multi.Generic (1)
21:47:12.0406 3432        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:47:12.0546 3432        Fastfat - ok
21:47:12.0578 3432        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
21:47:12.0750 3432        Fdc - ok
21:47:12.0796 3432        FDSSBASE        (551a237a1ce44261dc0783661bcfb9a5) C:\WINDOWS\system32\DRIVERS\fdssbase.sys
21:47:12.0859 3432        FDSSBASE - ok
21:47:12.0875 3432        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
21:47:13.0031 3432        Fips - ok
21:47:13.0046 3432        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:47:13.0203 3432        Flpydisk - ok
21:47:13.0250 3432        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:47:13.0437 3432        FltMgr - ok
21:47:13.0515 3432        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:47:13.0656 3432        Fs_Rec - ok
21:47:13.0687 3432        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:47:13.0843 3432        Ftdisk - ok
21:47:13.0875 3432        gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
21:47:14.0031 3432        gameenum - ok
21:47:14.0078 3432        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:47:14.0078 3432        GEARAspiWDM - ok
21:47:14.0125 3432        Gonzales        (829870058335703af4b95cbc1f83affc) C:\WINDOWS\system32\DRIVERS\Gonzales.sys
21:47:14.0125 3432        Gonzales ( UnsignedFile.Multi.Generic ) - warning
21:47:14.0125 3432        Gonzales - detected UnsignedFile.Multi.Generic (1)
21:47:14.0171 3432        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:47:14.0296 3432        Gpc - ok
21:47:14.0328 3432        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:47:14.0484 3432        HidUsb - ok
21:47:14.0500 3432        hpn - ok
21:47:14.0531 3432        hpt3xx - ok
21:47:14.0578 3432        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:47:14.0625 3432        HTTP - ok
21:47:14.0640 3432        i2omgmt - ok
21:47:14.0656 3432        i2omp - ok
21:47:14.0703 3432        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:47:14.0859 3432        i8042prt - ok
21:47:14.0890 3432        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:47:15.0046 3432        Imapi - ok
21:47:15.0078 3432        ini910u - ok
21:47:15.0093 3432        IntelIde - ok
21:47:15.0140 3432        ip6fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:47:15.0296 3432        ip6fw - ok
21:47:15.0328 3432        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:47:15.0500 3432        IpFilterDriver - ok
21:47:15.0531 3432        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:47:15.0687 3432        IpInIp - ok
21:47:15.0734 3432        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:47:15.0890 3432        IpNat - ok
21:47:15.0937 3432        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:47:16.0109 3432        IPSec - ok
21:47:16.0140 3432        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:47:16.0218 3432        IRENUM - ok
21:47:16.0250 3432        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:47:16.0390 3432        isapnp - ok
21:47:16.0406 3432        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:47:16.0562 3432        Kbdclass - ok
21:47:16.0593 3432        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:47:16.0734 3432        kbdhid - ok
21:47:16.0765 3432        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:47:16.0906 3432        kmixer - ok
21:47:16.0937 3432        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:47:16.0984 3432        KSecDD - ok
21:47:17.0000 3432        lbrtfdc - ok
21:47:17.0062 3432        meiudf          (a4798cd432781bc382603499d301e176) C:\WINDOWS\system32\Drivers\meiudf.sys
21:47:17.0078 3432        meiudf ( UnsignedFile.Multi.Generic ) - warning
21:47:17.0078 3432        meiudf - detected UnsignedFile.Multi.Generic (1)
21:47:17.0125 3432        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:47:17.0265 3432        mnmdd - ok
21:47:17.0296 3432        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
21:47:17.0437 3432        Modem - ok
21:47:17.0468 3432        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:47:17.0609 3432        Mouclass - ok
21:47:17.0656 3432        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:47:17.0796 3432        mouhid - ok
21:47:17.0812 3432        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:47:17.0968 3432        MountMgr - ok
21:47:17.0984 3432        mraid35x - ok
21:47:18.0015 3432        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:47:18.0171 3432        MRxDAV - ok
21:47:18.0218 3432        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:47:18.0281 3432        MRxSmb - ok
21:47:18.0312 3432        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:47:18.0453 3432        Msfs - ok
21:47:18.0484 3432        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:47:18.0640 3432        MSKSSRV - ok
21:47:18.0671 3432        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:47:18.0796 3432        MSPCLOCK - ok
21:47:18.0828 3432        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:47:18.0984 3432        MSPQM - ok
21:47:19.0031 3432        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:47:19.0171 3432        mssmbios - ok
21:47:19.0187 3432        MSTEE          (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:47:19.0328 3432        MSTEE - ok
21:47:19.0375 3432        ms_mpu401      (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
21:47:19.0562 3432        ms_mpu401 - ok
21:47:19.0609 3432        MTsensor        (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
21:47:19.0625 3432        MTsensor ( UnsignedFile.Multi.Generic ) - warning
21:47:19.0625 3432        MTsensor - detected UnsignedFile.Multi.Generic (1)
21:47:19.0671 3432        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:47:19.0875 3432        Mup - ok
21:47:19.0890 3432        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:47:20.0046 3432        NABTSFEC - ok
21:47:20.0078 3432        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:47:20.0250 3432        NDIS - ok
21:47:20.0281 3432        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:47:20.0437 3432        NdisIP - ok
21:47:20.0484 3432        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:47:20.0515 3432        NdisTapi - ok
21:47:20.0546 3432        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:47:20.0687 3432        Ndisuio - ok
21:47:20.0734 3432        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:47:20.0875 3432        NdisWan - ok
21:47:20.0890 3432        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:47:20.0906 3432        NDProxy - ok
21:47:20.0937 3432        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:47:21.0078 3432        NetBIOS - ok
21:47:21.0109 3432        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:47:21.0250 3432        NetBT - ok
21:47:21.0296 3432        NETFWDSL        (a001e7d84da39a5e7aff3cb05e77e033) C:\WINDOWS\system32\DRIVERS\NETFWDSL.SYS
21:47:21.0312 3432        NETFWDSL ( UnsignedFile.Multi.Generic ) - warning
21:47:21.0312 3432        NETFWDSL - detected UnsignedFile.Multi.Generic (1)
21:47:21.0359 3432        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:47:21.0531 3432        Npfs - ok
21:47:21.0578 3432        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:47:21.0718 3432        Ntfs - ok
21:47:21.0750 3432        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:47:21.0875 3432        Null - ok
21:47:22.0031 3432        nv              (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:47:22.0187 3432        nv - ok
21:47:22.0281 3432        nvatabus        (3bfc1dea3076d9eaa282e9cc1e4d7a23) C:\WINDOWS\system32\DRIVERS\nvatabus.sys
21:47:22.0312 3432        nvatabus ( UnsignedFile.Multi.Generic ) - warning
21:47:22.0312 3432        nvatabus - detected UnsignedFile.Multi.Generic (1)
21:47:22.0359 3432        NVENETFD        (720cc533eecb65553bd86b139ca04433) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
21:47:22.0375 3432        NVENETFD - ok
21:47:22.0406 3432        nvnetbus        (5f9f545cc5904dd8765f84ee1d056406) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
21:47:22.0437 3432        nvnetbus - ok
21:47:22.0484 3432        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:47:22.0625 3432        NwlnkFlt - ok
21:47:22.0656 3432        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:47:22.0796 3432        NwlnkFwd - ok
21:47:22.0828 3432        ovt519          (4cdadec3dc1300ee1d313ea5494e6472) C:\WINDOWS\system32\Drivers\ov519vid.sys
21:47:22.0859 3432        ovt519 ( UnsignedFile.Multi.Generic ) - warning
21:47:22.0859 3432        ovt519 - detected UnsignedFile.Multi.Generic (1)
21:47:22.0906 3432        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
21:47:23.0062 3432        Parport - ok
21:47:23.0093 3432        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:47:23.0234 3432        PartMgr - ok
21:47:23.0265 3432        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
21:47:23.0390 3432        ParVdm - ok
21:47:23.0437 3432        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
21:47:23.0468 3432        pccsmcfd - ok
21:47:23.0500 3432        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
21:47:23.0640 3432        PCI - ok
21:47:23.0656 3432        PCIDump - ok
21:47:23.0687 3432        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:47:23.0812 3432        PCIIde - ok
21:47:23.0843 3432        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:47:24.0000 3432        Pcmcia - ok
21:47:24.0015 3432        PDCOMP - ok
21:47:24.0031 3432        PDFRAME - ok
21:47:24.0062 3432        PDRELI - ok
21:47:24.0078 3432        PDRFRAME - ok
21:47:24.0093 3432        perc2 - ok
21:47:24.0109 3432        perc2hib - ok
21:47:24.0156 3432        pfc            (ed2e7f396b4098608c95bc3806bdf6fc) C:\WINDOWS\system32\drivers\pfc.sys
21:47:24.0171 3432        pfc ( UnsignedFile.Multi.Generic ) - warning
21:47:24.0171 3432        pfc - detected UnsignedFile.Multi.Generic (1)
21:47:24.0218 3432        PLFF            (a20ac92609f3b246be3b761bb72fc6a5) C:\WINDOWS\system32\Drivers\PLFF.sys
21:47:24.0234 3432        PLFF ( UnsignedFile.Multi.Generic ) - warning
21:47:24.0234 3432        PLFF - detected UnsignedFile.Multi.Generic (1)
21:47:24.0265 3432        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:47:24.0406 3432        PptpMiniport - ok
21:47:24.0437 3432        Processor      (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
21:47:24.0578 3432        Processor - ok
21:47:24.0640 3432        prodrv06        (18d9789a4664bf417eea944d2776091a) C:\WINDOWS\System32\drivers\prodrv06.sys
21:47:24.0687 3432        prodrv06 ( UnsignedFile.Multi.Generic ) - warning
21:47:24.0687 3432        prodrv06 - detected UnsignedFile.Multi.Generic (1)
21:47:24.0718 3432        prohlp02        (8cc9671a7ed2902e747ee0892e1c8575) C:\WINDOWS\system32\drivers\prohlp02.sys
21:47:24.0750 3432        prohlp02 ( UnsignedFile.Multi.Generic ) - warning
21:47:24.0750 3432        prohlp02 - detected UnsignedFile.Multi.Generic (1)
21:47:24.0781 3432        prosync1        (960bce3ed38761b446aabac06c76badf) C:\WINDOWS\system32\drivers\prosync1.sys
21:47:24.0781 3432        prosync1 ( UnsignedFile.Multi.Generic ) - warning
21:47:24.0781 3432        prosync1 - detected UnsignedFile.Multi.Generic (1)
21:47:24.0812 3432        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:47:24.0953 3432        PSched - ok
21:47:25.0000 3432        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:47:25.0125 3432        Ptilink - ok
21:47:25.0156 3432        ql1080 - ok
21:47:25.0171 3432        Ql10wnt - ok
21:47:25.0187 3432        ql12160 - ok
21:47:25.0203 3432        ql1240 - ok
21:47:25.0218 3432        ql1280 - ok
21:47:25.0250 3432        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:47:25.0375 3432        RasAcd - ok
21:47:25.0390 3432        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:47:25.0578 3432        Rasl2tp - ok
21:47:25.0625 3432        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:47:25.0765 3432        RasPppoe - ok
21:47:25.0781 3432        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:47:25.0906 3432        Raspti - ok
21:47:25.0937 3432        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:47:26.0093 3432        Rdbss - ok
21:47:26.0125 3432        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:47:26.0234 3432        RDPCDD - ok
21:47:26.0265 3432        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:47:26.0406 3432        rdpdr - ok
21:47:26.0453 3432        RDPWD          (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:47:26.0468 3432        RDPWD - ok
21:47:26.0500 3432        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:47:26.0640 3432        redbook - ok
21:47:26.0687 3432        RFCOMM          (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
21:47:26.0843 3432        RFCOMM - ok
21:47:26.0906 3432        ROOTMODEM      (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
21:47:27.0031 3432        ROOTMODEM - ok
21:47:27.0093 3432        SaiNtHid        (a007103ef0e50fb0e0ed08b511d721d7) C:\WINDOWS\system32\DRIVERS\SaiNtHid.sys
21:47:27.0109 3432        SaiNtHid ( UnsignedFile.Multi.Generic ) - warning
21:47:27.0109 3432        SaiNtHid - detected UnsignedFile.Multi.Generic (1)
21:47:27.0156 3432        SCR3xx USB Smart Card Reader (60ab2853a89e7db562b2a56e8de2d0e7) C:\WINDOWS\system32\DRIVERS\SCR3XX2K.sys
21:47:27.0187 3432        SCR3xx USB Smart Card Reader - ok
21:47:27.0203 3432        SCR3XX2K        (60ab2853a89e7db562b2a56e8de2d0e7) C:\WINDOWS\system32\DRIVERS\SCR3XX2K.sys
21:47:27.0218 3432        SCR3XX2K - ok
21:47:27.0265 3432        SE4501D        (b84c83e5355c2aa96bb5c5fab9f5d3e4) C:\WINDOWS\system32\DRIVERS\SE4501D.sys
21:47:27.0296 3432        SE4501D ( UnsignedFile.Multi.Generic ) - warning
21:47:27.0296 3432        SE4501D - detected UnsignedFile.Multi.Generic (1)
21:47:27.0343 3432        Secdrv          (ba0d892d2f786bcebdf03b0a252b47f3) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:47:27.0359 3432        Secdrv ( UnsignedFile.Multi.Generic ) - warning
21:47:27.0359 3432        Secdrv - detected UnsignedFile.Multi.Generic (1)
21:47:27.0421 3432        Serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:47:27.0578 3432        Serenum - ok
21:47:27.0609 3432        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
21:47:27.0734 3432        Serial - ok
21:47:27.0812 3432        sfdrv01        (00de597b81b381053cb5b21a7f20e365) C:\WINDOWS\system32\drivers\sfdrv01.sys
21:47:27.0812 3432        sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
21:47:27.0812 3432        sfdrv01 - detected UnsignedFile.Multi.Generic (1)
21:47:27.0843 3432        sfhlp01        (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
21:47:27.0859 3432        sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
21:47:27.0859 3432        sfhlp01 - detected UnsignedFile.Multi.Generic (1)
21:47:27.0906 3432        sfhlp02        (64b9ab76f1b16eb059cb6cdd906c067a) C:\WINDOWS\system32\drivers\sfhlp02.sys
21:47:27.0906 3432        sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
21:47:27.0906 3432        sfhlp02 - detected UnsignedFile.Multi.Generic (1)
21:47:27.0921 3432        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:47:28.0078 3432        Sfloppy - ok
21:47:28.0093 3432        Simbad - ok
21:47:28.0125 3432        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:47:28.0281 3432        SLIP - ok
21:47:28.0296 3432        Sparrow - ok
21:47:28.0328 3432        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:47:28.0437 3432        splitter - ok
21:47:28.0453 3432        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
21:47:28.0531 3432        sr - ok
21:47:28.0593 3432        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:47:28.0625 3432        Srv - ok
21:47:28.0687 3432        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
21:47:28.0703 3432        ssmdrv - ok
21:47:28.0765 3432        STC2DFU - ok
21:47:28.0812 3432        STCFUx32        (68c00ee8c35e4ea63dca5ca7d572e25e) C:\WINDOWS\system32\DRIVERS\STCFUx32.SYS
21:47:28.0843 3432        STCFUx32 - ok
21:47:28.0875 3432        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:47:29.0015 3432        streamip - ok
21:47:29.0031 3432        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:47:29.0171 3432        swenum - ok
21:47:29.0203 3432        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:47:29.0343 3432        swmidi - ok
21:47:29.0359 3432        symc810 - ok
21:47:29.0375 3432        symc8xx - ok
21:47:29.0406 3432        sym_hi - ok
21:47:29.0421 3432        sym_u3 - ok
21:47:29.0437 3432        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:47:29.0593 3432        sysaudio - ok
21:47:29.0656 3432        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:47:29.0687 3432        Tcpip - ok
21:47:29.0703 3432        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:47:29.0859 3432        TDPIPE - ok
21:47:29.0906 3432        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:47:30.0046 3432        TDTCP - ok
21:47:30.0078 3432        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:47:30.0203 3432        TermDD - ok
21:47:30.0234 3432        TosIde - ok
21:47:30.0265 3432        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:47:30.0390 3432        Udfs - ok
21:47:30.0406 3432        ultra - ok
21:47:30.0484 3432        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:47:30.0640 3432        Update - ok
21:47:30.0687 3432        USBAAPL        (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
21:47:30.0718 3432        USBAAPL - ok
21:47:30.0765 3432        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
21:47:30.0906 3432        usbaudio - ok
21:47:30.0953 3432        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:47:31.0093 3432        usbccgp - ok
21:47:31.0109 3432        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:47:31.0250 3432        usbehci - ok
21:47:31.0296 3432        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:47:31.0421 3432        usbhub - ok
21:47:31.0437 3432        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:47:31.0562 3432        usbohci - ok
21:47:31.0593 3432        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:47:31.0703 3432        usbprint - ok
21:47:31.0750 3432        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:47:31.0875 3432        usbscan - ok
21:47:31.0906 3432        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:47:32.0046 3432        USBSTOR - ok
21:47:32.0062 3432        uxy9b.sys - ok
21:47:32.0109 3432        VComm          (9ebee4a060c5364a31aeaa04eac2af1e) C:\WINDOWS\system32\DRIVERS\VComm.sys
21:47:32.0125 3432        VComm ( UnsignedFile.Multi.Generic ) - warning
21:47:32.0125 3432        VComm - detected UnsignedFile.Multi.Generic (1)
21:47:32.0156 3432        VcommMgr        (ef0d45ed806b0c9ae9756bfeecb077ed) C:\WINDOWS\system32\Drivers\VcommMgr.sys
21:47:32.0187 3432        VcommMgr ( UnsignedFile.Multi.Generic ) - warning
21:47:32.0187 3432        VcommMgr - detected UnsignedFile.Multi.Generic (1)
21:47:32.0203 3432        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:47:32.0328 3432        VgaSave - ok
21:47:32.0328 3432        ViaIde - ok
21:47:32.0375 3432        vnccom          (b67632451f760797bb183e1fb99f4b39) C:\WINDOWS\system32\Drivers\vnccom.SYS
21:47:32.0390 3432        vnccom ( UnsignedFile.Multi.Generic ) - warning
21:47:32.0390 3432        vnccom - detected UnsignedFile.Multi.Generic (1)
21:47:32.0421 3432        vncdrv          (4ec979b157d1aa075330362acb5424e5) C:\WINDOWS\system32\DRIVERS\vncdrv.sys
21:47:32.0453 3432        vncdrv ( UnsignedFile.Multi.Generic ) - warning
21:47:32.0453 3432        vncdrv - detected UnsignedFile.Multi.Generic (1)
21:47:32.0484 3432        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
21:47:32.0609 3432        VolSnap - ok
21:47:32.0671 3432        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:47:32.0796 3432        Wanarp - ok
21:47:32.0812 3432        WDICA - ok
21:47:32.0890 3432        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:47:33.0031 3432        wdmaud - ok
21:47:33.0093 3432        WmBEnum        (bc3ecbcb40147bdae3ad2fd0b4b346d8) C:\WINDOWS\system32\drivers\WmBEnum.sys
21:47:33.0109 3432        WmBEnum - ok
21:47:33.0156 3432        WmFilter        (19f9881d8b3484fedb605d0216876898) C:\WINDOWS\system32\drivers\WmFilter.sys
21:47:33.0171 3432        WmFilter - ok
21:47:33.0203 3432        WmHidLo        (bb49902577091f634e752537181d2c19) C:\WINDOWS\system32\drivers\WmHidLo.sys
21:47:33.0218 3432        WmHidLo - ok
21:47:33.0265 3432        WmVirHid        (7a51545a6409a25eedbdbd97d019e8cc) C:\WINDOWS\system32\drivers\WmVirHid.sys
21:47:33.0281 3432        WmVirHid - ok
21:47:33.0312 3432        WmXlCore        (1f083b3bc73017e60c3ca85cf4a70753) C:\WINDOWS\system32\drivers\WmXlCore.sys
21:47:33.0328 3432        WmXlCore - ok
21:47:33.0359 3432        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:47:33.0390 3432        WpdUsb - ok
21:47:33.0437 3432        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:47:33.0609 3432        WS2IFSL - ok
21:47:33.0656 3432        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:47:33.0796 3432        WSTCODEC - ok
21:47:33.0843 3432        WudfPf          (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:47:33.0875 3432        WudfPf - ok
21:47:33.0937 3432        WudfRd          (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:47:33.0953 3432        WudfRd - ok
21:47:33.0968 3432        xcpip - ok
21:47:34.0000 3432        xpsec - ok
21:47:34.0062 3432        zlportio - ok
21:47:34.0093 3432        MBR (0x1B8)    (eeadaf356113e54427e990a5bcad82b5) \Device\Harddisk0\DR0
21:47:34.0093 3432        \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - infected
21:47:34.0093 3432        \Device\Harddisk0\DR0 - detected Backdoor.Win32.Sinowal.knf (0)
21:47:34.0171 3432        Boot (0x1200)  (76ae28f380934ee0dad55c95a523df03) \Device\Harddisk0\DR0\Partition0
21:47:34.0171 3432        \Device\Harddisk0\DR0\Partition0 - ok
21:47:34.0203 3432        Boot (0x1200)  (852b9f665a1f7c90b5737e2b210f086d) \Device\Harddisk0\DR0\Partition1
21:47:34.0203 3432        \Device\Harddisk0\DR0\Partition1 - ok
21:47:34.0218 3432        Boot (0x1200)  (0403679a73ca5dd9e147c2a422f00c8f) \Device\Harddisk0\DR0\Partition2
21:47:34.0218 3432        \Device\Harddisk0\DR0\Partition2 - ok
21:47:34.0234 3432        ============================================================
21:47:34.0234 3432        Scan finished
21:47:34.0234 3432        ============================================================
21:47:34.0359 3920        Detected object count: 35
21:47:34.0359 3920        Actual detected object count: 35
21:50:17.0203 3920        aadev ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0203 3920        aadev ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0203 3920        AnyDVD ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0203 3920        AnyDVD ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0218 3920        ASInsHelp ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0218 3920        ASInsHelp ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0218 3920        AsIO ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0218 3920        AsIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0218 3920        aslm75 ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0218 3920        aslm75 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0218 3920        ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0218 3920        ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0218 3920        BlueletAudio ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0218 3920        BlueletAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0218 3920        Bonifay ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0218 3920        Bonifay ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0218 3920        BT ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0218 3920        BT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0218 3920        Btcsrusb ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0218 3920        Btcsrusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0234 3920        BTHidEnum ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0234 3920        BTHidEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0234 3920        BTHidMgr ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0234 3920        BTHidMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0234 3920        ElbyCDIO ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0234 3920        ElbyCDIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0234 3920        Gonzales ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0234 3920        Gonzales ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0234 3920        meiudf ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0234 3920        meiudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0234 3920        MTsensor ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0234 3920        MTsensor ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0234 3920        NETFWDSL ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0234 3920        NETFWDSL ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0234 3920        nvatabus ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0234 3920        nvatabus ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0250 3920        ovt519 ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0250 3920        ovt519 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0250 3920        pfc ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0250 3920        pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0250 3920        PLFF ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0250 3920        PLFF ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0250 3920        prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0250 3920        prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0250 3920        prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0250 3920        prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0250 3920        prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0250 3920        prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0250 3920        SaiNtHid ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0250 3920        SaiNtHid ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0250 3920        SE4501D ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0250 3920        SE4501D ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0250 3920        Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0265 3920        Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0265 3920        sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0265 3920        sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0265 3920        sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0265 3920        sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0265 3920        sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0265 3920        sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0265 3920        VComm ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0265 3920        VComm ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0265 3920        VcommMgr ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0265 3920        VcommMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0265 3920        vnccom ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0265 3920        vnccom ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0265 3920        vncdrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:50:17.0265 3920        vncdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:50:17.0296 3920        \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - will be cured on reboot
21:50:17.0296 3920        \Device\Harddisk0\DR0 - ok
21:50:17.0296 3920        \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - User select action: Cure
21:50:21.0515 2720        Deinitialize success

cosinus 16.01.2012 15:55
Sry aber du solltest neu starten und dann ein neues erstelltes Log posten...

tax 16.01.2012 16:29
Du meinst den TDSSKiller noch mal ausführen? Falls ja mit welchen Einstellungen?

cosinus 16.01.2012 16:35
ja wie in #20 genannt

tax 16.01.2012 17:30
Aber jetzt

Code:
17:24:06.0093 3524        TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05
17:24:07.0546 3524        ============================================================
17:24:07.0546 3524        Current date / time: 2012/01/16 17:24:07.0546
17:24:07.0546 3524        SystemInfo:
17:24:07.0546 3524       
17:24:07.0546 3524        OS Version: 5.1.2600 ServicePack: 3.0
17:24:07.0546 3524        Product type: Workstation
17:24:07.0546 3524        ComputerName: SHOOT
17:24:07.0546 3524        UserName: Weisi
17:24:07.0546 3524        Windows directory: C:\WINDOWS
17:24:07.0546 3524        System windows directory: C:\WINDOWS
17:24:07.0546 3524        Processor architecture: Intel x86
17:24:07.0546 3524        Number of processors: 1
17:24:07.0546 3524        Page size: 0x1000
17:24:07.0546 3524        Boot type: Normal boot
17:24:07.0546 3524        ============================================================
17:24:08.0828 3524        Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000, SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054
17:24:08.0937 3524        Initialize success
17:24:15.0703 3576        ============================================================
17:24:15.0703 3576        Scan started
17:24:15.0703 3576        Mode: Manual; SigCheck; TDLFS;
17:24:15.0703 3576        ============================================================
17:24:16.0296 3576        aadev          (6bfb6def4eb16b74c0179de110077920) C:\WINDOWS\system32\DRIVERS\aadev.sys
17:24:16.0421 3576        aadev ( UnsignedFile.Multi.Generic ) - warning
17:24:16.0421 3576        aadev - detected UnsignedFile.Multi.Generic (1)
17:24:16.0453 3576        Abiosdsk - ok
17:24:16.0468 3576        abp480n5 - ok
17:24:16.0515 3576        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:24:17.0531 3576        ACPI - ok
17:24:17.0640 3576        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:24:17.0828 3576        ACPIEC - ok
17:24:17.0875 3576        adpu160m - ok
17:24:17.0921 3576        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:24:18.0078 3576        aec - ok
17:24:18.0125 3576        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:24:18.0187 3576        AFD - ok
17:24:18.0218 3576        Aha154x - ok
17:24:18.0234 3576        aic78u2 - ok
17:24:18.0250 3576        aic78xx - ok
17:24:18.0359 3576        ALCXWDM        (933933288df5ed26d1928215c97d05c7) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
17:24:18.0531 3576        ALCXWDM - ok
17:24:18.0562 3576        AliIde - ok
17:24:18.0593 3576        AmdK8          (b9dbaae3219661f4d0c5e8dc0c2f987d) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:24:18.0640 3576        AmdK8 - ok
17:24:18.0656 3576        amsint - ok
17:24:18.0734 3576        AnyDVD          (44c905e4dfd93a8c49f97c14d9c399f3) C:\WINDOWS\system32\Drivers\AnyDVD.sys
17:24:18.0765 3576        AnyDVD ( UnsignedFile.Multi.Generic ) - warning
17:24:18.0765 3576        AnyDVD - detected UnsignedFile.Multi.Generic (1)
17:24:18.0796 3576        asc - ok
17:24:18.0812 3576        asc3350p - ok
17:24:18.0828 3576        asc3550 - ok
17:24:18.0875 3576        ASInsHelp      (33c171de483ee145f31234d93b078919) C:\WINDOWS\system32\drivers\AsInsHelp32.sys
17:24:18.0890 3576        ASInsHelp ( UnsignedFile.Multi.Generic ) - warning
17:24:18.0890 3576        ASInsHelp - detected UnsignedFile.Multi.Generic (1)
17:24:18.0921 3576        AsIO            (c959989e2ce8da9bde8cafddba84badf) C:\WINDOWS\system32\drivers\AsIO.sys
17:24:18.0953 3576        AsIO ( UnsignedFile.Multi.Generic ) - warning
17:24:18.0953 3576        AsIO - detected UnsignedFile.Multi.Generic (1)
17:24:18.0984 3576        aslm75          (71356a1370739e25375a1d17b6ae318f) C:\WINDOWS\system32\drivers\aslm75.sys
17:24:19.0000 3576        aslm75 ( UnsignedFile.Multi.Generic ) - warning
17:24:19.0000 3576        aslm75 - detected UnsignedFile.Multi.Generic (1)
17:24:19.0062 3576        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:24:19.0203 3576        AsyncMac - ok
17:24:19.0234 3576        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:24:19.0390 3576        atapi - ok
17:24:19.0406 3576        Atdisk - ok
17:24:19.0546 3576        ati2mtag        (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:24:19.0734 3576        ati2mtag ( UnsignedFile.Multi.Generic ) - warning
17:24:19.0734 3576        ati2mtag - detected UnsignedFile.Multi.Generic (1)
17:24:19.0843 3576        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:24:20.0015 3576        Atmarpc - ok
17:24:20.0046 3576        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:24:20.0203 3576        audstub - ok
17:24:20.0312 3576        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
17:24:20.0328 3576        avgio - ok
17:24:20.0375 3576        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:24:20.0421 3576        avgntflt - ok
17:24:20.0468 3576        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:24:20.0484 3576        avipbb - ok
17:24:20.0531 3576        AVMDSLPPPOE    (aa5874f64d6f2ffafa8c5fbc202ce6ef) C:\WINDOWS\system32\DRIVERS\avmdsloe.sys
17:24:20.0578 3576        AVMDSLPPPOE - ok
17:24:20.0593 3576        AVMNDSL        (140ba5bf4666c27c15368cce9df54a93) C:\WINDOWS\system32\DRIVERS\avmndsl.sys
17:24:20.0609 3576        AVMNDSL - ok
17:24:20.0640 3576        bdfdll - ok
17:24:20.0687 3576        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:24:20.0828 3576        Beep - ok
17:24:20.0875 3576        BlueletAudio    (31ff5b87c1dd907613cc613224b8e303) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
17:24:20.0906 3576        BlueletAudio ( UnsignedFile.Multi.Generic ) - warning
17:24:20.0906 3576        BlueletAudio - detected UnsignedFile.Multi.Generic (1)
17:24:20.0921 3576        Bonifay        (b63f6bc2f76db693e4ed51ebe7f34828) C:\WINDOWS\system32\DRIVERS\Bonifay.sys
17:24:20.0937 3576        Bonifay ( UnsignedFile.Multi.Generic ) - warning
17:24:20.0937 3576        Bonifay - detected UnsignedFile.Multi.Generic (1)
17:24:20.0984 3576        BT              (9da8abc4885aff4793d4aa420e40bb12) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
17:24:21.0015 3576        BT ( UnsignedFile.Multi.Generic ) - warning
17:24:21.0015 3576        BT - detected UnsignedFile.Multi.Generic (1)
17:24:21.0046 3576        Btcsrusb        (95a061d5217cbb6642e73a8fd9aa9734) C:\WINDOWS\system32\Drivers\btcusb.sys
17:24:21.0062 3576        Btcsrusb ( UnsignedFile.Multi.Generic ) - warning
17:24:21.0062 3576        Btcsrusb - detected UnsignedFile.Multi.Generic (1)
17:24:21.0109 3576        BthEnum        (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17:24:21.0250 3576        BthEnum - ok
17:24:21.0281 3576        BTHidEnum      (083ad7f6ff500d0a93c0bea2cf298c93) C:\WINDOWS\system32\DRIVERS\vbtenum.sys
17:24:21.0296 3576        BTHidEnum ( UnsignedFile.Multi.Generic ) - warning
17:24:21.0296 3576        BTHidEnum - detected UnsignedFile.Multi.Generic (1)
17:24:21.0328 3576        BTHidMgr        (f408264f6ad1dc7e7bdd4837440f115d) C:\WINDOWS\system32\Drivers\BTHidMgr.sys
17:24:21.0328 3576        BTHidMgr ( UnsignedFile.Multi.Generic ) - warning
17:24:21.0328 3576        BTHidMgr - detected UnsignedFile.Multi.Generic (1)
17:24:21.0375 3576        BTHMODEM        (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
17:24:21.0515 3576        BTHMODEM - ok
17:24:21.0546 3576        BthPan          (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:24:21.0703 3576        BthPan - ok
17:24:21.0750 3576        BTHPORT        (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
17:24:21.0812 3576        BTHPORT - ok
17:24:21.0843 3576        BTHUSB          (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
17:24:22.0000 3576        BTHUSB - ok
17:24:22.0031 3576        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:24:22.0171 3576        cbidf2k - ok
17:24:22.0218 3576        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:24:22.0359 3576        CCDECODE - ok
17:24:22.0375 3576        cd20xrnt - ok
17:24:22.0406 3576        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:24:22.0562 3576        Cdaudio - ok
17:24:22.0593 3576        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:24:22.0734 3576        Cdfs - ok
17:24:22.0765 3576        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:24:22.0921 3576        Cdrom - ok
17:24:22.0953 3576        Changer - ok
17:24:23.0000 3576        CmdIde - ok
17:24:23.0031 3576        Cpqarray - ok
17:24:23.0078 3576        ctxusbm        (cb6ff7012bb5d59d7c12350db795ce1f) C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
17:24:23.0093 3576        ctxusbm - ok
17:24:23.0109 3576        dac2w2k - ok
17:24:23.0125 3576        dac960nt - ok
17:24:23.0203 3576        dbustrcm - ok
17:24:23.0234 3576        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:24:23.0390 3576        Disk - ok
17:24:23.0437 3576        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
17:24:23.0625 3576        dmboot - ok
17:24:23.0656 3576        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
17:24:23.0812 3576        dmio - ok
17:24:23.0843 3576        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:24:24.0000 3576        dmload - ok
17:24:24.0031 3576        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:24:24.0171 3576        DMusic - ok
17:24:24.0203 3576        dpti2o - ok
17:24:24.0234 3576        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:24:24.0375 3576        drmkaud - ok
17:24:24.0421 3576        ElbyCDIO        (37c3a9fef349d13685ec9c2acaaeafce) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
17:24:24.0421 3576        ElbyCDIO ( UnsignedFile.Multi.Generic ) - warning
17:24:24.0421 3576        ElbyCDIO - detected UnsignedFile.Multi.Generic (1)
17:24:24.0468 3576        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:24:24.0609 3576        Fastfat - ok
17:24:24.0640 3576        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:24:24.0796 3576        Fdc - ok
17:24:24.0859 3576        FDSSBASE        (551a237a1ce44261dc0783661bcfb9a5) C:\WINDOWS\system32\DRIVERS\fdssbase.sys
17:24:24.0921 3576        FDSSBASE - ok
17:24:24.0953 3576        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
17:24:25.0093 3576        Fips - ok
17:24:25.0109 3576        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:24:25.0250 3576        Flpydisk - ok
17:24:25.0296 3576        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:24:25.0453 3576        FltMgr - ok
17:24:25.0500 3576        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:24:25.0656 3576        Fs_Rec - ok
17:24:25.0703 3576        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:24:25.0859 3576        Ftdisk - ok
17:24:25.0875 3576        gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:24:26.0343 3576        gameenum - ok
17:24:26.0359 3576        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:24:26.0375 3576        GEARAspiWDM - ok
17:24:26.0406 3576        Gonzales        (829870058335703af4b95cbc1f83affc) C:\WINDOWS\system32\DRIVERS\Gonzales.sys
17:24:26.0406 3576        Gonzales ( UnsignedFile.Multi.Generic ) - warning
17:24:26.0406 3576        Gonzales - detected UnsignedFile.Multi.Generic (1)
17:24:26.0437 3576        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:24:26.0593 3576        Gpc - ok
17:24:26.0625 3576        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:24:26.0781 3576        HidUsb - ok
17:24:26.0796 3576        hpn - ok
17:24:26.0828 3576        hpt3xx - ok
17:24:26.0859 3576        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:24:26.0937 3576        HTTP - ok
17:24:26.0953 3576        i2omgmt - ok
17:24:26.0984 3576        i2omp - ok
17:24:27.0015 3576        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:24:27.0156 3576        i8042prt - ok
17:24:27.0187 3576        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:24:27.0343 3576        Imapi - ok
17:24:27.0375 3576        ini910u - ok
17:24:27.0390 3576        IntelIde - ok
17:24:27.0437 3576        ip6fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:24:27.0609 3576        ip6fw - ok
17:24:27.0640 3576        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:24:27.0796 3576        IpFilterDriver - ok
17:24:27.0828 3576        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:24:27.0984 3576        IpInIp - ok
17:24:28.0015 3576        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:24:28.0156 3576        IpNat - ok
17:24:28.0187 3576        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:24:28.0328 3576        IPSec - ok
17:24:28.0375 3576        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:24:28.0437 3576        IRENUM - ok
17:24:28.0468 3576        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:24:28.0593 3576        isapnp - ok
17:24:28.0640 3576        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:24:28.0781 3576        Kbdclass - ok
17:24:28.0812 3576        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:24:28.0953 3576        kbdhid - ok
17:24:28.0984 3576        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:24:29.0140 3576        kmixer - ok
17:24:29.0171 3576        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:24:29.0265 3576        KSecDD - ok
17:24:29.0296 3576        lbrtfdc - ok
17:24:29.0328 3576        meiudf          (a4798cd432781bc382603499d301e176) C:\WINDOWS\system32\Drivers\meiudf.sys
17:24:29.0359 3576        meiudf ( UnsignedFile.Multi.Generic ) - warning
17:24:29.0359 3576        meiudf - detected UnsignedFile.Multi.Generic (1)
17:24:29.0390 3576        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:24:29.0531 3576        mnmdd - ok
17:24:29.0562 3576        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
17:24:29.0703 3576        Modem - ok
17:24:29.0750 3576        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:24:29.0890 3576        Mouclass - ok
17:24:29.0937 3576        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:24:30.0078 3576        mouhid - ok
17:24:30.0093 3576        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:24:30.0234 3576        MountMgr - ok
17:24:30.0250 3576        mraid35x - ok
17:24:30.0281 3576        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:24:30.0437 3576        MRxDAV - ok
17:24:30.0484 3576        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:24:30.0562 3576        MRxSmb - ok
17:24:30.0593 3576        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:24:30.0734 3576        Msfs - ok
17:24:30.0765 3576        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:24:30.0906 3576        MSKSSRV - ok
17:24:30.0937 3576        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:24:31.0078 3576        MSPCLOCK - ok
17:24:31.0093 3576        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:24:31.0234 3576        MSPQM - ok
17:24:31.0281 3576        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:24:31.0406 3576        mssmbios - ok
17:24:31.0453 3576        MSTEE          (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:24:31.0609 3576        MSTEE - ok
17:24:31.0656 3576        ms_mpu401      (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
17:24:31.0796 3576        ms_mpu401 - ok
17:24:31.0843 3576        MTsensor        (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
17:24:31.0859 3576        MTsensor ( UnsignedFile.Multi.Generic ) - warning
17:24:31.0859 3576        MTsensor - detected UnsignedFile.Multi.Generic (1)
17:24:31.0906 3576        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:24:31.0937 3576        Mup - ok
17:24:31.0953 3576        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:24:32.0109 3576        NABTSFEC - ok
17:24:32.0140 3576        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:24:32.0296 3576        NDIS - ok
17:24:32.0328 3576        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:24:32.0453 3576        NdisIP - ok
17:24:32.0500 3576        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:24:32.0546 3576        NdisTapi - ok
17:24:32.0578 3576        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:24:32.0718 3576        Ndisuio - ok
17:24:32.0750 3576        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:24:32.0875 3576        NdisWan - ok
17:24:32.0906 3576        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:24:32.0953 3576        NDProxy - ok
17:24:32.0984 3576        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:24:33.0125 3576        NetBIOS - ok
17:24:33.0171 3576        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:24:33.0312 3576        NetBT - ok
17:24:33.0359 3576        NETFWDSL        (a001e7d84da39a5e7aff3cb05e77e033) C:\WINDOWS\system32\DRIVERS\NETFWDSL.SYS
17:24:33.0390 3576        NETFWDSL ( UnsignedFile.Multi.Generic ) - warning
17:24:33.0390 3576        NETFWDSL - detected UnsignedFile.Multi.Generic (1)
17:24:33.0421 3576        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:24:33.0562 3576        Npfs - ok
17:24:33.0609 3576        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:24:33.0750 3576        Ntfs - ok
17:24:33.0781 3576        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:24:33.0921 3576        Null - ok
17:24:34.0078 3576        nv              (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:24:34.0312 3576        nv - ok
17:24:34.0421 3576        nvatabus        (3bfc1dea3076d9eaa282e9cc1e4d7a23) C:\WINDOWS\system32\DRIVERS\nvatabus.sys
17:24:34.0437 3576        nvatabus ( UnsignedFile.Multi.Generic ) - warning
17:24:34.0437 3576        nvatabus - detected UnsignedFile.Multi.Generic (1)
17:24:34.0468 3576        NVENETFD        (720cc533eecb65553bd86b139ca04433) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
17:24:34.0531 3576        NVENETFD - ok
17:24:34.0578 3576        nvnetbus        (5f9f545cc5904dd8765f84ee1d056406) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
17:24:34.0625 3576        nvnetbus - ok
17:24:34.0703 3576        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:24:34.0859 3576        NwlnkFlt - ok
17:24:34.0890 3576        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:24:35.0031 3576        NwlnkFwd - ok
17:24:35.0078 3576        ovt519          (4cdadec3dc1300ee1d313ea5494e6472) C:\WINDOWS\system32\Drivers\ov519vid.sys
17:24:35.0109 3576        ovt519 ( UnsignedFile.Multi.Generic ) - warning
17:24:35.0109 3576        ovt519 - detected UnsignedFile.Multi.Generic (1)
17:24:35.0156 3576        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
17:24:35.0296 3576        Parport - ok
17:24:35.0312 3576        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:24:35.0453 3576        PartMgr - ok
17:24:35.0484 3576        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
17:24:35.0625 3576        ParVdm - ok
17:24:35.0656 3576        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:24:35.0718 3576        pccsmcfd - ok
17:24:35.0750 3576        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
17:24:35.0890 3576        PCI - ok
17:24:35.0906 3576        PCIDump - ok
17:24:35.0937 3576        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:24:36.0062 3576        PCIIde - ok
17:24:36.0093 3576        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:24:36.0234 3576        Pcmcia - ok
17:24:36.0250 3576        PDCOMP - ok
17:24:36.0265 3576        PDFRAME - ok
17:24:36.0281 3576        PDRELI - ok
17:24:36.0296 3576        PDRFRAME - ok
17:24:36.0312 3576        perc2 - ok
17:24:36.0343 3576        perc2hib - ok
17:24:36.0406 3576        pfc            (ed2e7f396b4098608c95bc3806bdf6fc) C:\WINDOWS\system32\drivers\pfc.sys
17:24:36.0421 3576        pfc ( UnsignedFile.Multi.Generic ) - warning
17:24:36.0421 3576        pfc - detected UnsignedFile.Multi.Generic (1)
17:24:36.0468 3576        PLFF            (a20ac92609f3b246be3b761bb72fc6a5) C:\WINDOWS\system32\Drivers\PLFF.sys
17:24:36.0484 3576        PLFF ( UnsignedFile.Multi.Generic ) - warning
17:24:36.0484 3576        PLFF - detected UnsignedFile.Multi.Generic (1)
17:24:36.0531 3576        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:24:36.0656 3576        PptpMiniport - ok
17:24:36.0703 3576        Processor      (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
17:24:36.0828 3576        Processor - ok
17:24:36.0859 3576        prodrv06        (18d9789a4664bf417eea944d2776091a) C:\WINDOWS\System32\drivers\prodrv06.sys
17:24:36.0906 3576        prodrv06 ( UnsignedFile.Multi.Generic ) - warning
17:24:36.0921 3576        prodrv06 - detected UnsignedFile.Multi.Generic (1)
17:24:36.0937 3576        prohlp02        (8cc9671a7ed2902e747ee0892e1c8575) C:\WINDOWS\system32\drivers\prohlp02.sys
17:24:36.0968 3576        prohlp02 ( UnsignedFile.Multi.Generic ) - warning
17:24:36.0968 3576        prohlp02 - detected UnsignedFile.Multi.Generic (1)
17:24:36.0984 3576        prosync1        (960bce3ed38761b446aabac06c76badf) C:\WINDOWS\system32\drivers\prosync1.sys
17:24:37.0000 3576        prosync1 ( UnsignedFile.Multi.Generic ) - warning
17:24:37.0000 3576        prosync1 - detected UnsignedFile.Multi.Generic (1)
17:24:37.0031 3576        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:24:37.0171 3576        PSched - ok
17:24:37.0203 3576        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:24:37.0328 3576        Ptilink - ok
17:24:37.0343 3576        ql1080 - ok
17:24:37.0375 3576        Ql10wnt - ok
17:24:37.0390 3576        ql12160 - ok
17:24:37.0406 3576        ql1240 - ok
17:24:37.0421 3576        ql1280 - ok
17:24:37.0437 3576        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:24:37.0687 3576        RasAcd - ok
17:24:37.0718 3576        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:24:37.0859 3576        Rasl2tp - ok
17:24:37.0875 3576        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:24:38.0000 3576        RasPppoe - ok
17:24:38.0015 3576        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:24:38.0140 3576        Raspti - ok
17:24:38.0171 3576        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:24:38.0312 3576        Rdbss - ok
17:24:38.0328 3576        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:24:38.0468 3576        RDPCDD - ok
17:24:38.0500 3576        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:24:38.0656 3576        rdpdr - ok
17:24:38.0718 3576        RDPWD          (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
17:24:38.0765 3576        RDPWD - ok
17:24:38.0796 3576        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:24:38.0921 3576        redbook - ok
17:24:38.0984 3576        RFCOMM          (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:24:39.0140 3576        RFCOMM - ok
17:24:39.0171 3576        ROOTMODEM      (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
17:24:39.0296 3576        ROOTMODEM - ok
17:24:39.0359 3576        SaiNtHid        (a007103ef0e50fb0e0ed08b511d721d7) C:\WINDOWS\system32\DRIVERS\SaiNtHid.sys
17:24:39.0375 3576        SaiNtHid ( UnsignedFile.Multi.Generic ) - warning
17:24:39.0375 3576        SaiNtHid - detected UnsignedFile.Multi.Generic (1)
17:24:39.0437 3576        SCR3xx USB Smart Card Reader (60ab2853a89e7db562b2a56e8de2d0e7) C:\WINDOWS\system32\DRIVERS\SCR3XX2K.sys
17:24:39.0484 3576        SCR3xx USB Smart Card Reader - ok
17:24:39.0500 3576        SCR3XX2K        (60ab2853a89e7db562b2a56e8de2d0e7) C:\WINDOWS\system32\DRIVERS\SCR3XX2K.sys
17:24:39.0500 3576        SCR3XX2K - ok
17:24:39.0562 3576        SE4501D        (b84c83e5355c2aa96bb5c5fab9f5d3e4) C:\WINDOWS\system32\DRIVERS\SE4501D.sys
17:24:39.0578 3576        SE4501D ( UnsignedFile.Multi.Generic ) - warning
17:24:39.0578 3576        SE4501D - detected UnsignedFile.Multi.Generic (1)
17:24:39.0625 3576        Secdrv          (ba0d892d2f786bcebdf03b0a252b47f3) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:24:39.0640 3576        Secdrv ( UnsignedFile.Multi.Generic ) - warning
17:24:39.0640 3576        Secdrv - detected UnsignedFile.Multi.Generic (1)
17:24:39.0703 3576        Serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:24:39.0828 3576        Serenum - ok
17:24:39.0843 3576        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
17:24:39.0984 3576        Serial - ok
17:24:40.0062 3576        sfdrv01        (00de597b81b381053cb5b21a7f20e365) C:\WINDOWS\system32\drivers\sfdrv01.sys
17:24:40.0078 3576        sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
17:24:40.0078 3576        sfdrv01 - detected UnsignedFile.Multi.Generic (1)
17:24:40.0109 3576        sfhlp01        (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
17:24:40.0125 3576        sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
17:24:40.0125 3576        sfhlp01 - detected UnsignedFile.Multi.Generic (1)
17:24:40.0140 3576        sfhlp02        (64b9ab76f1b16eb059cb6cdd906c067a) C:\WINDOWS\system32\drivers\sfhlp02.sys
17:24:40.0171 3576        sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
17:24:40.0171 3576        sfhlp02 - detected UnsignedFile.Multi.Generic (1)
17:24:40.0187 3576        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:24:40.0312 3576        Sfloppy - ok
17:24:40.0343 3576        Simbad - ok
17:24:40.0375 3576        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:24:40.0515 3576        SLIP - ok
17:24:40.0531 3576        Sparrow - ok
17:24:40.0562 3576        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:24:40.0687 3576        splitter - ok
17:24:40.0703 3576        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
17:24:40.0781 3576        sr - ok
17:24:40.0828 3576        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:24:40.0921 3576        Srv - ok
17:24:40.0984 3576        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:24:41.0000 3576        ssmdrv - ok
17:24:41.0015 3576        STC2DFU - ok
17:24:41.0062 3576        STCFUx32        (68c00ee8c35e4ea63dca5ca7d572e25e) C:\WINDOWS\system32\DRIVERS\STCFUx32.SYS
17:24:41.0109 3576        STCFUx32 - ok
17:24:41.0140 3576        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:24:41.0265 3576        streamip - ok
17:24:41.0281 3576        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:24:41.0421 3576        swenum - ok
17:24:41.0453 3576        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:24:41.0593 3576        swmidi - ok
17:24:41.0609 3576        symc810 - ok
17:24:41.0625 3576        symc8xx - ok
17:24:41.0656 3576        sym_hi - ok
17:24:41.0671 3576        sym_u3 - ok
17:24:41.0703 3576        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:24:41.0843 3576        sysaudio - ok
17:24:41.0906 3576        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:24:41.0968 3576        Tcpip - ok
17:24:42.0000 3576        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:24:42.0125 3576        TDPIPE - ok
17:24:42.0140 3576        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:24:42.0281 3576        TDTCP - ok
17:24:42.0312 3576        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:24:42.0437 3576        TermDD - ok
17:24:42.0468 3576        TosIde - ok
17:24:42.0515 3576        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:24:42.0656 3576        Udfs - ok
17:24:42.0671 3576        ultra - ok
17:24:42.0734 3576        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:24:42.0890 3576        Update - ok
17:24:42.0937 3576        USBAAPL        (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:24:42.0984 3576        USBAAPL - ok
17:24:43.0031 3576        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:24:43.0187 3576        usbaudio - ok
17:24:43.0218 3576        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:24:43.0359 3576        usbccgp - ok
17:24:43.0375 3576        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:24:43.0515 3576        usbehci - ok
17:24:43.0562 3576        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:24:43.0687 3576        usbhub - ok
17:24:43.0703 3576        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:24:43.0828 3576        usbohci - ok
17:24:43.0875 3576        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:24:44.0000 3576        usbprint - ok
17:24:44.0015 3576        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:24:44.0140 3576        usbscan - ok
17:24:44.0171 3576        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:24:44.0296 3576        USBSTOR - ok
17:24:44.0312 3576        uxy9b.sys - ok
17:24:44.0343 3576        VComm          (9ebee4a060c5364a31aeaa04eac2af1e) C:\WINDOWS\system32\DRIVERS\VComm.sys
17:24:44.0375 3576        VComm ( UnsignedFile.Multi.Generic ) - warning
17:24:44.0375 3576        VComm - detected UnsignedFile.Multi.Generic (1)
17:24:44.0421 3576        VcommMgr        (ef0d45ed806b0c9ae9756bfeecb077ed) C:\WINDOWS\system32\Drivers\VcommMgr.sys
17:24:44.0437 3576        VcommMgr ( UnsignedFile.Multi.Generic ) - warning
17:24:44.0437 3576        VcommMgr - detected UnsignedFile.Multi.Generic (1)
17:24:44.0468 3576        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:24:44.0593 3576        VgaSave - ok
17:24:44.0609 3576        ViaIde - ok
17:24:44.0656 3576        vnccom          (b67632451f760797bb183e1fb99f4b39) C:\WINDOWS\system32\Drivers\vnccom.SYS
17:24:44.0687 3576        vnccom ( UnsignedFile.Multi.Generic ) - warning
17:24:44.0687 3576        vnccom - detected UnsignedFile.Multi.Generic (1)
17:24:44.0718 3576        vncdrv          (4ec979b157d1aa075330362acb5424e5) C:\WINDOWS\system32\DRIVERS\vncdrv.sys
17:24:44.0734 3576        vncdrv ( UnsignedFile.Multi.Generic ) - warning
17:24:44.0734 3576        vncdrv - detected UnsignedFile.Multi.Generic (1)
17:24:44.0765 3576        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
17:24:44.0890 3576        VolSnap - ok
17:24:44.0921 3576        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:24:45.0046 3576        Wanarp - ok
17:24:45.0062 3576        WDICA - ok
17:24:45.0093 3576        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:24:45.0218 3576        wdmaud - ok
17:24:45.0296 3576        WmBEnum        (bc3ecbcb40147bdae3ad2fd0b4b346d8) C:\WINDOWS\system32\drivers\WmBEnum.sys
17:24:45.0328 3576        WmBEnum - ok
17:24:45.0359 3576        WmFilter        (19f9881d8b3484fedb605d0216876898) C:\WINDOWS\system32\drivers\WmFilter.sys
17:24:45.0421 3576        WmFilter - ok
17:24:45.0437 3576        WmHidLo        (bb49902577091f634e752537181d2c19) C:\WINDOWS\system32\drivers\WmHidLo.sys
17:24:45.0453 3576        WmHidLo - ok
17:24:45.0515 3576        WmVirHid        (7a51545a6409a25eedbdbd97d019e8cc) C:\WINDOWS\system32\drivers\WmVirHid.sys
17:24:45.0546 3576        WmVirHid - ok
17:24:45.0578 3576        WmXlCore        (1f083b3bc73017e60c3ca85cf4a70753) C:\WINDOWS\system32\drivers\WmXlCore.sys
17:24:45.0593 3576        WmXlCore - ok
17:24:45.0640 3576        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:24:45.0718 3576        WpdUsb - ok
17:24:45.0750 3576        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:24:45.0906 3576        WS2IFSL - ok
17:24:45.0937 3576        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:24:46.0078 3576        WSTCODEC - ok
17:24:46.0125 3576        WudfPf          (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:24:46.0171 3576        WudfPf - ok
17:24:46.0203 3576        WudfRd          (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:24:46.0218 3576        WudfRd - ok
17:24:46.0250 3576        xcpip - ok
17:24:46.0281 3576        xpsec - ok
17:24:46.0343 3576        zlportio - ok
17:24:46.0406 3576        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
17:24:46.0687 3576        \Device\Harddisk0\DR0 - ok
17:24:46.0718 3576        Boot (0x1200)  (76ae28f380934ee0dad55c95a523df03) \Device\Harddisk0\DR0\Partition0
17:24:46.0718 3576        \Device\Harddisk0\DR0\Partition0 - ok
17:24:46.0750 3576        Boot (0x1200)  (852b9f665a1f7c90b5737e2b210f086d) \Device\Harddisk0\DR0\Partition1
17:24:46.0750 3576        \Device\Harddisk0\DR0\Partition1 - ok
17:24:46.0781 3576        Boot (0x1200)  (0403679a73ca5dd9e147c2a422f00c8f) \Device\Harddisk0\DR0\Partition2
17:24:46.0781 3576        \Device\Harddisk0\DR0\Partition2 - ok
17:24:46.0781 3576        ============================================================
17:24:46.0781 3576        Scan finished
17:24:46.0781 3576        ============================================================
17:24:46.0906 3568        Detected object count: 34
17:24:46.0906 3568        Actual detected object count: 34
17:27:17.0359 3568        aadev ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0359 3568        aadev ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0359 3568        AnyDVD ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0359 3568        AnyDVD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0359 3568        ASInsHelp ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0359 3568        ASInsHelp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0359 3568        AsIO ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0359 3568        AsIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0375 3568        aslm75 ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0375 3568        aslm75 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0375 3568        ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0375 3568        ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0375 3568        BlueletAudio ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0375 3568        BlueletAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0375 3568        Bonifay ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0375 3568        Bonifay ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0375 3568        BT ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0375 3568        BT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0375 3568        Btcsrusb ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0375 3568        Btcsrusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0375 3568        BTHidEnum ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0375 3568        BTHidEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0375 3568        BTHidMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0375 3568        BTHidMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0390 3568        ElbyCDIO ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0390 3568        ElbyCDIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0390 3568        Gonzales ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0390 3568        Gonzales ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0390 3568        meiudf ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0390 3568        meiudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0390 3568        MTsensor ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0390 3568        MTsensor ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0390 3568        NETFWDSL ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0390 3568        NETFWDSL ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0390 3568        nvatabus ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0390 3568        nvatabus ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0390 3568        ovt519 ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0390 3568        ovt519 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0390 3568        pfc ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0390 3568        pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0406 3568        PLFF ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0406 3568        PLFF ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0406 3568        prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0406 3568        prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0406 3568        prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0406 3568        prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0406 3568        prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0406 3568        prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0406 3568        SaiNtHid ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0406 3568        SaiNtHid ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0406 3568        SE4501D ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0406 3568        SE4501D ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0406 3568        Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0406 3568        Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0406 3568        sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0406 3568        sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0421 3568        sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0421 3568        sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0421 3568        sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0421 3568        sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0421 3568        VComm ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0421 3568        VComm ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0421 3568        VcommMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0421 3568        VcommMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0421 3568        vnccom ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0421 3568        vnccom ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:17.0421 3568        vncdrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:27:17.0421 3568        vncdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:27:25.0421 3520        Deinitialize success

cosinus 16.01.2012 20:41
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

tax 16.01.2012 21:30
Habe ComboFix ausgeführt.

Während des Scans kam die Meldung "PEV.exe hat ein Problem festgestellt und muss beendet werden".
Das Fenster im Hintergrund von ComboFix stand bei Stufe50.
Nachdem ich die Meldung geschlossen habe, lief ComboFix weiter durch.

Und welch Wunder, die Taskleiste und die Desktop Symbole sind wieder da!
Ich sag :dankeschoen: ! :dankeschoen: ! :dankeschoen: !
Das hast du spitzemäßig hinbekommen! :knuddel:

Wars das gewesen, oder müssen wir noch was machen?

Hier das Logfile:

Code:
ComboFix 12-01-16.02 - Weisi 16.01.2012  21:13:18.2.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.2815.2398 [GMT 1:00]
ausgeführt von:: C:\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Weisi\Anwendungsdaten\PnkBstrB.exe
c:\dokumente und einstellungen\Weisi\Lokale Einstellungen\Anwendungsdaten\.#
c:\dokumente und einstellungen\Weisi\Lokale Einstellungen\Anwendungsdaten\.#\MBX@F84@8834D8.###
c:\dokumente und einstellungen\Weisi\Lokale Einstellungen\Anwendungsdaten\assembly\tmp
c:\dokumente und einstellungen\Weisi\WINDOWS
c:\programme\xp-AntiSpy
c:\programme\xp-AntiSpy\sponsoring\ebay.ico
c:\programme\xp-AntiSpy\sponsoring\ebay_hover.ico
c:\programme\xp-AntiSpy\uninst.exe
c:\programme\xp-AntiSpy\xp-AntiSpy.chm
c:\programme\xp-AntiSpy\xp-AntiSpy.exe
c:\programme\xp-AntiSpy\xp-AntiSpy.url
c:\temp\1cb
c:\temp\1cb\syscheck.log
c:\windows\alcrmv.exe
c:\windows\IsUn0407.exe
c:\windows\run.log
c:\windows\system\BCBSMP35.BPL
c:\windows\system\VCL35.BPL
c:\windows\system32\CddbCdda.dll
c:\windows\system32\CoolXPProgress.ocx
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\explorer.exe
c:\windows\system32\hNWEKRqr.ini
c:\windows\system32\hNWEKRqr.ini2
c:\windows\system32\HotFixQ0306270.exe
c:\windows\system32\WindowsXP-KB829558-x86-DEU.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-12-16 bis 2012-01-16  ))))))))))))))))))))))))))))))
.
.
2012-01-14 16:46 . 2012-01-14 16:46        684297        ----a-w-        C:\unhide.exe
2012-01-14 16:42 . 2012-01-14 16:42        1972528        ----a-w-        C:\tdsskiller.exe
2012-01-14 15:24 . 2012-01-14 15:24        --------        d-----w-        C:\_OTL
2012-01-13 20:28 . 2012-01-13 20:28        584192        ----a-w-        C:\OTL.exe
2012-01-12 21:01 . 2012-01-12 21:01        --------        d-----w-        c:\programme\ESET
2012-01-10 22:41 . 2008-04-14 03:22        1036800        ----a-w-        c:\windows\explorer.exe
2012-01-10 00:20 . 2012-01-10 06:43        --------        d---a-w-        C:\Kaspersky Rescue Disk 10.0
2012-01-03 18:47 . 2012-01-03 18:47        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter
2012-01-03 18:47 . 2012-01-03 18:49        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\CanonIJPLM
2012-01-03 18:30 . 2012-01-03 18:30        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\CanonBJ
2012-01-03 18:30 . 2009-03-24 04:00        70656        ----a-w-        c:\windows\system32\Spool\prtprocs\w32x86\CNMPPA1.DLL
2012-01-03 18:30 . 2009-03-24 04:00        27648        ----a-w-        c:\windows\system32\Spool\prtprocs\w32x86\CNMPDA1.DLL
2012-01-03 18:30 . 2009-03-24 04:00        272384        ----a-w-        c:\windows\system32\CNMLMA1.DLL
2012-01-03 18:30 . 2012-01-03 18:30        --------        d-----w-        c:\windows\system32\CanonIJ Uninstaller Information
2012-01-03 18:30 . 2009-03-18 09:09        178176        ----a-w-        c:\windows\system32\CNMIUA1.DLL
2012-01-03 18:29 . 2012-01-03 18:29        --------        d-----w-        c:\programme\CanonBJ
2012-01-03 18:25 . 2008-04-13 23:17        25856        -c--a-w-        c:\windows\system32\dllcache\usbprint.sys
2012-01-03 18:25 . 2008-04-13 23:17        25856        ----a-w-        c:\windows\system32\drivers\usbprint.sys
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-08 16:12 . 2007-11-11 13:34        138520        ----a-w-        c:\windows\system32\drivers\PnkBstrK.sys
2012-01-08 16:12 . 2009-07-16 17:43        234536        ----a-w-        c:\windows\system32\PnkBstrB.xtr
2012-01-08 16:12 . 2007-11-11 13:34        234536        ----a-w-        c:\windows\system32\PnkBstrB.exe
2012-01-06 14:45 . 2001-08-23 11:00        12400        ----a-w-        c:\windows\system32\drivers\secdrv.sys
2012-01-05 18:30 . 2005-06-22 21:45        60416        ----a-w-        c:\windows\ALCFDRTM.VER
2011-12-10 14:24 . 2009-02-07 14:01        20464        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-11-23 14:40 . 2001-08-23 11:00        1859712        ----a-w-        c:\windows\system32\win32k.sys
2011-11-22 21:36 . 2011-08-14 20:24        414368        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-20 12:40 . 2005-10-21 12:31        43520        ----a-w-        c:\windows\system32\CmdLineExt03.dll
2011-11-04 19:13 . 2001-08-23 11:00        916992        ----a-w-        c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2001-08-23 11:00        43520        ----a-w-        c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2001-08-23 11:00        1469440        ------w-        c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2005-06-22 16:15        385024        ----a-w-        c:\windows\system32\html.iec
2011-11-01 16:07 . 2001-08-23 11:00        1288704        ----a-w-        c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2001-08-23 11:00        33280        ----a-w-        c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2001-08-23 11:00        2195072        ----a-w-        c:\windows\system32\ntoskrnl.exe
2011-10-26 10:49 . 2001-08-18 04:28        2071680        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2010-10-12 15:33 . 2010-10-12 15:33        124344        ----a-w-        c:\programme\mozilla firefox\plugins\CCMSDK.dll
2010-10-12 17:15 . 2010-10-12 17:15        13240        ----a-w-        c:\programme\mozilla firefox\plugins\cgpcfg.dll
2010-10-12 15:37 . 2010-10-12 15:37        70592        ----a-w-        c:\programme\mozilla firefox\plugins\CgpCore.dll
2010-10-12 15:35 . 2010-10-12 15:35        91576        ----a-w-        c:\programme\mozilla firefox\plugins\confmgr.dll
2010-10-12 15:34 . 2010-10-12 15:34        22464        ----a-w-        c:\programme\mozilla firefox\plugins\ctxlogging.dll
2010-10-12 15:32 . 2010-10-12 15:32        255416        ----a-w-        c:\programme\mozilla firefox\plugins\ctxmui.dll
2010-10-12 15:35 . 2010-10-12 15:35        31672        ----a-w-        c:\programme\mozilla firefox\plugins\icafile.dll
2010-10-12 15:34 . 2010-10-12 15:34        40384        ----a-w-        c:\programme\mozilla firefox\plugins\icalogon.dll
2010-07-14 11:42 . 2010-07-14 11:42        898480        ----a-w-        c:\programme\mozilla firefox\plugins\sslsdk_b.dll
2010-10-12 15:37 . 2010-10-12 15:37        24000        ----a-w-        c:\programme\mozilla firefox\plugins\TcpPServ.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="c:\programme\Ahead\Nero BackItUp\NBJ.exe" [2003-11-04 1720320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ElbyCheckAnyDVD"="c:\programme\SlySoft\AnyDVD\ElbyCheck.exe" [2003-09-20 45056]
"ASUS Probe"="c:\programme\ASUS\Probe\AsusProb.exe" [2002-12-06 617984]
"CORSAIR_PLUtil"="c:\programme\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe" [2004-11-11 90112]
"OpwareSE2"="c:\programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"LexwareInfoService"="c:\programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe" [2010-09-15 339312]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2009-11-10 417792]
"ConnectionCenter"="c:\programme\Citrix\ICA Client\concentr.exe" [2010-10-12 304568]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"CanonMyPrinter"="c:\programme\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"="c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll" [2011-12-24 1080904]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
Microsoft Office.lnk - c:\programme\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2006-1-5 155648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
2010-12-30 14:37        281768        ----a-w-        c:\programme\Avira\AntiVir Desktop\avgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AWatch]
2003-06-10 13:52        507904        ----a-w-        c:\programme\FRITZ!DSL\AWatch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-02-15 17:07        141608        ----a-w-        c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-12-03 11:47        1205760        ----a-w-        c:\programme\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rfxsrvtray]
2010-01-13 11:24        686344        ----a-w-        c:\programme\Tobit Radio.fx\Client\rfx-tray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2004-04-23 12:28        77824        ----a-w-        c:\programme\Logitech\Profiler\LWEMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AntiVirService"=2 (0x2)
"AntiVirSchedulerService"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"e:\\Spiele\\Battlefield 2\\BF2.exe"=
"c:\\Programme\\GameSpy Arcade\\Aphex.exe"=
"e:\\Spiele\\Battlefield 1942\\BF1942.exe"=
"e:\\Spiele\\Return to Castle Wolfenstein\\WolfMP.exe"=
"e:\\Spiele\\Wolfenstein - Enemy Territory\\ET.exe"=
"e:\\Spiele\\Sudden Strike II\\game\\code\\Release\\game_exe.exe"=
"c:\\Programme\\THQ\\Company of Heroes\\BugReport\\BugReport.exe"=
"e:\\Spiele\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Programme\\THQ\\Company of Heroes\\RelicCOH.exe"=
"c:\\Programme\\UltraVNC\\vncviewer.exe"=
"c:\\Programme\\Real\\RealPlayer\\realplay.exe"=
"c:\\Programme\\fotobuch.de AG\\Designer 2.0\\Designer.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programme\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programme\\Tobit Radio.fx\\Server\\rfx-server.exe"=
"c:\\Programme\\Tobit Radio.fx\\Client\\rfx-client.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"e:\\Spiele\\Steam\\Steam.exe"=
"c:\\Programme\\THQ\\Relic Entertainment\\Company of Heroes Online\\Game\\RelicCoHOWW.exe"=
"c:\\Dokumente und Einstellungen\\Weisi\\Lokale Einstellungen\\Apps\\2.0\\BM2ZNJ6X.QHP\\PHOMJ3MO.R9H\\coho..tion_4fdd38d166a17713_0001.0001_2ea3ae6aea32b9ef\\CoHOLauncher.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"e:\\Spiele\\Battlefield Vietnam\\bfvietnam.exe"=
"e:\\Spiele\\Landwirtschafts Simulator 2011\\FarmingSimulator2011.exe"=
"e:\\Spiele\\Landwirtschafts Simulator 2011\\game.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"e:\\Spiele\\Battlefield 2\\forgottenhope2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"17496:TCP"= 17496:TCP:BitComet 17496 TCP
"17496:UDP"= 17496:UDP:BitComet 17496 UDP
.
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [14.07.2010 12:51 65584]
R2 aadev;AVM ADSL Adapter Device;c:\windows\system32\drivers\Aadev.sys [22.06.2005 18:34 27648]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [27.11.2009 22:05 136360]
R2 vnccom;vnccom;c:\windows\system32\drivers\vnccom.SYS [26.03.2007 20:03 6016]
R3 AVMDSLPPPOE;AVM DSL PPPoE CAPI Treiber;c:\windows\system32\drivers\avmdsloe.sys [27.06.2003 01:00 39552]
R3 AVMNDSL;AVM DSL NDIS WAN CAPI Treiber;c:\windows\system32\drivers\avmndsl.sys [27.06.2003 01:00 38992]
R3 Bonifay;Bonifay;c:\windows\system32\drivers\Bonifay.sys [23.10.2007 16:32 12928]
R3 FDSSBASE;AVM FRITZ!Card DSL SL (WinXP/2000);c:\windows\system32\drivers\fdssbase.sys [27.06.2003 01:00 665600]
S0 PLFF;USB Flash Disk Driver;c:\windows\system32\drivers\plff.sys [30.08.2005 18:41 7424]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.03.2010 13:16 130384]
S3 Gonzales;Gonzales;c:\windows\system32\drivers\Gonzales.sys [23.10.2007 16:32 7040]
S3 NETFWDSL;AVM FRITZ!web DSL PPP;c:\windows\system32\drivers\NETFWDSL.SYS [22.06.2005 18:34 336384]
S3 Radio.fx;Radio.fx Server;c:\programme\Tobit Radio.fx\Server\rfx-server.exe [13.12.2009 09:34 2452232]
S3 SCR3xx USB Smart Card Reader;SCR3xx USB Smart Card Reader;c:\windows\system32\drivers\SCR3XX2K.sys [25.10.2009 09:14 57600]
S3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\drivers\SCR3XX2K.sys [25.10.2009 09:14 57600]
S3 SE4501D;Gigaset USB Adapter 54 Driver;c:\windows\system32\drivers\SE4501D.sys [26.03.2006 17:10 346656]
S3 STC2DFU;STCII DFU Adapter;c:\windows\system32\DRIVERS\Stc2Dfu.SYS --> c:\windows\system32\DRIVERS\Stc2Dfu.SYS [?]
S3 STCFUx32;STC DFU Driver;c:\windows\system32\drivers\STCFUx32.sys [13.11.2008 14:10 7680]
S3 uxy9b.sys;uxy9b.sys;\??\c:\windows\system32\drivers\uxy9b.sys --> c:\windows\system32\drivers\uxy9b.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.03.2010 13:16 753504]
S3 xcpip;TCP/IP-Protokolltreiber;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]
S3 xpsec;IPSEC-Treiber;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]
S3 zlportio;zlportio;\??\c:\programme\UltraStar Deluxe\zlportio.sys --> c:\programme\UltraStar Deluxe\zlportio.sys [?]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 33242191
*Deregistered* - 33242191
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2012-01-16 c:\windows\Tasks\User_Feed_Synchronization-{5B2A5CDB-E6AE-431D-9038-90B3EEABA11D}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uSearchMigratedDefaultURL = hxxp://search.msn.de/spresults.aspx?q={searchTerms}
uInternet Settings,ProxyOverride = *.local
IE: &Alles mit BitComet herunterladen - c:\programme\BitComet\BitComet.exe/AddAllLink.htm
IE: Alle &Videos mit BitComet herunterladen - c:\programme\BitComet\BitComet.exe/AddVideo.htm
IE: Alles mit FlashGet laden - c:\programme\FlashGet\jc_all.htm
IE: Easy-WebPrint Drucken - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Easy-WebPrint Schnelldruck - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Vorschau - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Zu Druckliste hinzufügen - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Mit BitComet herunter&laden - c:\programme\BitComet\BitComet.exe/AddLink.htm
IE: Mit FlashGet laden - c:\programme\FlashGet\jc_link.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: ltow.de\ag
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{20D67A27-0516-4A6D-B1B4-A2FA3F12F385}: NameServer = 192.168.122.252,192.168.122.253
DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} - hxxp://www.o2c.de/download/o2cplayer.cab
FF - ProfilePath - c:\dokumente und einstellungen\Weisi\Anwendungsdaten\Mozilla\Firefox\Profiles\3hez5sd9.default\
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programme\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{7836159E-1915-4FDF-BCEB-F541C4517016} - c:\windows\system32\rqRKEWNh.dll
HKLM-Run-PLFFAP - c:\windows\system32\HotfixQ0306270.exe
HKLM-Run-SunJavaUpdateSched - c:\programme\Java\jre6\bin\jusched.exe
AddRemove-AnyDVD - c:\programme\SlySoft\AnyDVD\AnyDVD-uninst.exe
AddRemove-Easy-PhotoPrint - c:\windows\ISUN0407.EXE
AddRemove-Easy-PhotoPrint Plus - c:\windows\ISUN0407.EXE
AddRemove-Easy-WebPrint - c:\windows\IsUn0407.exe
AddRemove-Formular-Manager - c:\windows\IsUn0407.exe
AddRemove-FRITZ!DSL - c:\windows\IsUn0407.exe
AddRemove-HaufeReader - c:\windows\IsUn0407.exe
AddRemove-Runtime - c:\windows\IsUn0407.exe
AddRemove-xp-AntiSpy - c:\programme\xp-AntiSpy\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-01-16 21:18
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-515967899-1229272821-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|ù•Ñw*]
"7040210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*]
"7040210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(720)
c:\windows\system32\Ati2evxx.dll
.
Zeit der Fertigstellung: 2012-01-16  21:19:54
ComboFix-quarantined-files.txt  2012-01-16 20:19
ComboFix2.txt  2009-01-26 20:40
.
Vor Suchlauf: 17 Verzeichnis(se), 20.627.304.448 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 20.710.989.824 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 97C148514A49E68B76965E2D80F69871

cosinus 16.01.2012 21:36
Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:
File::
c:\windows\system32\drivers\uxy9b.sys
c:\windows\system32\drivers\xcpip.sys
c:\windows\system32\drivers\xpsec.sys

Driver::
uxy9b.sys
xcpip
xpsec
3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.

http://users.pandora.be/bluepatchy/m...s/CFScript.gif

6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:26 Uhr.
Seite 2 von 4 1 2 34
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131