Problem med datorvirus, olmarik tdl4 win32

January 21, 2012

Hej, har som sagt fått ett virus som heter olmarik och har haft det ca en månad nu kanske. Har ESET som virusprogram, men det går inte att ta bort med det programmet. Datorn har automatiskt ändrat aktivitetsfältet & startmenyn till det gamla, gråa som finns på de äldre operativsystemen. Har kört combofix och fått en logg. Vet inte vad jag ska göra härnäst, ska jag posta loggen som kanske är till hjälp för någon av er? Tack.

January 21, 2012

Välkommen

Säkrast är att vänta in Cecilia

Börja läs här: http://eforum.idg.se...ogram-i-datorn/

Tror att du kan prova TDSSKiller om du inte redan har gjort det: http://support.kaspe.../?qid=208283363

January 21, 2012

Efter att du har postat DDS-loggarna enligt länken som Thirteen hänvisade till kan du posta din befintliga ComboFix-logg (C:\ComboFix.txt). Posta även en logg från Esets program som visar i vilken fil och mapp som olmarik finns. Vänta med TDSSKiller så länge.

Det är inte meningen att man ska köra ComboFix på egen hand eftersom det programmet ibland kan göra datorn sämre, t ex att Windows inte kan starta.

January 22, 2012

Testa att köra Microsoft Safety Scanner: http://www.microsoft.com/security/scanner/sv-se/default.aspx

January 26, 2012

Jag ska posta loggarna nu. Från Eset, TDSS och Combofix.

January 26, 2012

COMBOFIX:

Körs från: c:\users\Alen\Desktop\ComboFix.exe

AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

FW: ESET personliga brandvägg *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\SM

c:\program files\SM\ChrExt.crx

c:\program files\SM\FF\chrome.manifest

c:\program files\SM\FF\components\util-script.js

c:\program files\SM\FF\content\addDialog.xul

c:\program files\SM\FF\content\firefoxOverlay.xul

c:\program files\SM\FF\content\globals.js

c:\program files\SM\FF\content\main.js

c:\program files\SM\FF\content\overlay.js

c:\program files\SM\FF\content\prefs.xul

c:\program files\SM\FF\defaults\preferences\my_addon.js

c:\program files\SM\FF\install.rdf

c:\program files\SM\FF\locale\en-US\manyffaddon.dtd

c:\program files\SM\FF\locale\en-US\manyffaddon.properties

c:\program files\SM\FF\locale\en-US\my_addon.dtd

c:\program files\SM\FF\skin\my_addon.css

c:\program files\SM\FF\skin\overlay.css

c:\program files\SM\FF\Subscription@helper.com

c:\program files\SM\SuBShelper.dll

c:\program files\SM\unins000.dat

c:\program files\SM\unins000.exe

c:\users\Alen\AppData\Roaming\Adobe\plugs

c:\users\Alen\AppData\Roaming\Adobe\shed

c:\windows\system32\Packet.dll

c:\windows\system32\pthreadVC.dll

c:\windows\system32\wpcap.dll

c:\windows\XSxS

.

((((((((((((((((((((((((((((((((((((((( Drivrutiner/Tjänster )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_NPF

.

(((((((((((((((((((((((( Filer skapade från 2011-12-21 till 2012-01-21 ))))))))))))))))))))))))))))))

.

2012-01-17 16:22 . 2012-01-17 16:22 -------- d-----w- C:\found.000

2012-01-11 19:24 . 2011-11-17 05:38 1037312 ----a-w- c:\windows\system32\lsasrv.dll

2012-01-11 19:24 . 2011-11-17 05:39 224768 ----a-w- c:\windows\system32\schannel.dll

2012-01-11 19:24 . 2011-11-17 05:48 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-01-11 19:24 . 2011-11-17 05:42 369352 ----a-w- c:\windows\system32\drivers\cng.sys

2012-01-11 19:24 . 2011-11-17 05:48 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-01-11 19:24 . 2011-11-17 05:39 314368 ----a-w- c:\windows\system32\webio.dll

2012-01-11 19:24 . 2011-11-17 05:39 99840 ----a-w- c:\windows\system32\sspicli.dll

2012-01-11 19:24 . 2011-11-17 05:36 22528 ----a-w- c:\windows\system32\lsass.exe

2012-01-11 19:24 . 2011-11-17 05:39 22016 ----a-w- c:\windows\system32\secur32.dll

2012-01-11 19:24 . 2011-11-17 05:39 15360 ----a-w- c:\windows\system32\sspisrv.dll

2012-01-11 16:09 . 2011-11-17 05:41 1288984 ----a-w- c:\windows\system32\ntdll.dll

2012-01-11 16:09 . 2011-11-19 14:06 67072 ----a-w- c:\windows\system32\packager.dll

2012-01-11 16:08 . 2011-10-26 04:28 1328640 ----a-w- c:\windows\system32\quartz.dll

2012-01-11 16:08 . 2011-10-26 04:28 514560 ----a-w- c:\windows\system32\qdvd.dll

2011-12-29 19:16 . 2011-12-29 19:16 -------- d-----w- c:\program files\Common Files\Macrovision Shared

2011-12-28 17:59 . 2011-12-28 17:59 -------- d-----w- c:\program files\iPod

2011-12-28 17:59 . 2011-12-28 18:01 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2011-12-28 17:53 . 2011-12-28 17:53 -------- d-----w- c:\program files\Apple Software Update

2011-12-28 17:49 . 2011-12-28 17:49 -------- d-----w- c:\program files\Bonjour

2011-12-24 21:20 . 2011-12-24 21:20 -------- d-----w- c:\program files\Maxis

2011-12-24 20:51 . 2011-12-24 20:51 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys

2011-12-24 20:51 . 2011-12-24 20:51 -------- d-----w- c:\users\Alen\AppData\Local\eSupport.com

2011-12-23 10:17 . 2011-12-23 10:17 -------- d-----w- c:\program files\Xenocode

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-15 00:56 . 2009-07-13 23:40 249856 ----a-w- c:\windows\system32\uxtheme.dll

2011-12-15 00:55 . 2009-07-13 23:39 37376 ----a-w- c:\windows\system32\themeservice.dll

2011-12-15 00:51 . 2009-07-13 23:42 20268032 ----a-w- c:\windows\system32\imageres.dll

2011-11-24 04:23 . 2011-12-15 15:09 2340352 ----a-w- c:\windows\system32\win32k.sys

2011-11-05 04:35 . 2011-12-15 15:12 981504 ----a-w- c:\windows\system32\wininet.dll

2011-11-05 04:34 . 2011-12-15 15:11 44544 ----a-w- c:\windows\system32\licmgr10.dll

2011-11-05 04:30 . 2011-12-15 15:15 2048 ----a-w- c:\windows\system32\tzres.dll

2011-11-05 03:28 . 2011-12-15 15:11 386048 ----a-w- c:\windows\system32\html.iec

2011-11-05 02:55 . 2011-12-15 15:11 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-10-26 04:25 . 2011-12-15 15:05 38912 ----a-w- c:\windows\system32\csrsrv.dll

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

*Not* tomma poster & legitima standardposter visas inte.

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{2877A654-1C9F-4cb5-8438-16022B2FDD9C}"= "c:\program files\YoutubeDownloader.org\YouTubeDownloader\MFSearch.dll" [2011-10-26 388608]

.

[HKEY_CLASSES_ROOT\clsid\{2877a654-1c9f-4cb5-8438-16022b2fdd9c}]

[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD.1]

[HKEY_CLASSES_ROOT\TypeLib\{942926A2-CC3B-4970-9AD6-D9056D197CE6}]

[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD]

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2877A654-1C9F-4cb5-8438-16022B2FDD9C}]

2011-10-26 14:06 388608 ----a-w- c:\program files\YoutubeDownloader.org\YouTubeDownloader\MFSearch.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{2877A654-1C9F-4cb5-8438-16022B2FDD9C}"= "c:\program files\YoutubeDownloader.org\YouTubeDownloader\MFSearch.dll" [2011-10-26 388608]

.

[HKEY_CLASSES_ROOT\clsid\{2877a654-1c9f-4cb5-8438-16022b2fdd9c}]

[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD.1]

[HKEY_CLASSES_ROOT\TypeLib\{942926A2-CC3B-4970-9AD6-D9056D197CE6}]

[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Welcome Center"="c:\windows\system32\OobeFldr.dll" [2009-09-11 859648]

"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

"NETGATERegistryCleaner"="c:\program files\NETGATE\Registry Cleaner\RegistryCleaner.exe" [2010-07-26 1870488]

"YouTube Mini"="c:\program files\YoutubeDownloader.org\YouTubeDownloader\YouTube Mini.exe" [2011-12-16 157696]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]

"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]

"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]

"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]

"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]

"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]

"TNOD UP"="c:\program files\TNod User & Password Finder\TNODUP.exe" [2011-09-18 1892352]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Welcome Center"="c:\windows\system32\OobeFldr.dll" [2009-09-11 859648]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

.

c:\users\Alen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

BankID säkerhetsprogram.lnk - c:\program files\Personal\bin\Personal.exe [2011-10-25 1088920]

NETGEAR WNA3100 Smart Wizard.lnk - c:\program files\NETGEAR\WNA3100\WNA3100.exe [2011-8-20 4577760]

RocketDock.lnk - c:\program files\RocketDock\RocketDock.exe [2009-9-16 495616]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 0 (0x0)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

"NoSMBalloonTip"= 1 (0x1)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

"NoSMBalloonTip"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

R2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2009-07-14 9216]

R2 WSWNA3100;WSWNA3100;c:\program files\NETGEAR\WNA3100\WifiSvc.exe [2010-08-26 285152]

R3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5.SYS [2009-05-20 49904]

R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2011-12-24 23456]

R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]

R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-26 1343400]

S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 50624]

S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [2007-01-19 21728]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]

S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 33656]

S2 dlbc_device;dlbc_device;c:\windows\system32\dlbccoms.exe [2007-03-01 538096]

S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]

S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2011-09-22 974944]

S2 NGRegClnSrv;NETGATE Registry Cleaner Service;c:\program files\NETGATE\Registry Cleaner\RegistryCleanerSrv.exe [2009-09-02 440912]

S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh6.sys [2009-11-06 699896]

S3 UsbFltr;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2005-11-02 11596]

.

--- Övriga tjänster/drivrutiner i minnet ---

.

*NewlyCreated* - WS2IFSL

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.google.com/

mStart Page = hxxp://www.bigseekpro.com/solidyoutube/{9F5349DE-6312-4BAC-BBC8-F37F03989ECC}

uInternet Settings,ProxyOverride = *.local

IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201

IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204

IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202

IE: E&xportera till Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Alen\AppData\Roaming\Mozilla\Firefox\Profiles\d4064i5i.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official

FF - prefs.js: keyword.URL - hxxp://www.starwebsearch.com/results.php?q=

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

.

HKU-Default-Run-RTK - c:\programdata\58e3fd\RT58e_5608.exe

AddRemove-{654986E1-B6C9-4CA4-A478-B13025E739DE}_is1 - c:\program files\SM\unins000.exe

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLL'er som "laddats" under processer som körs ---------------------

.

- - - - - - - > 'Explorer.exe'(2796)

c:\program files\RocketDock\RocketDock.dll

.

------------------------ Andra processer som körs ------------------------

.

c:\windows\system32\WLANExt.exe

c:\windows\system32\conhost.exe

c:\windows\system32\taskhost.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\conhost.exe

c:\windows\system32\WUDFHost.exe

c:\program files\iPod\bin\iPodService.exe

c:\windows\system32\sppsvc.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\windows\System32\ping.exe

c:\windows\system32\conhost.exe

.

**************************************************************************

.

Sluttid: 2012-01-21 21:11:27 - datorn startades om.

ComboFix-quarantined-files.txt 2012-01-21 20:11

.

Före genomsökningen: 24 533 204 992 byte ledigt

Efter genomsökningen: 24 184 102 912 byte ledigt

.

- - End Of File - - 38A7EFD6DAFA92DF3862E04DBE1A0505

January 26, 2012

------------------------------------------------------------------------------ESET: ------------------------------------------------------------------------------

2012-01-26 19:01:37 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-26 17:59:47 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2012-01-25 18:08:12 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-25 18:06:56 Startskanner fil C:\Program Files\TNod User & Password Finder\TNODUP.exe Win32/RiskWare.HackAV.DM program rensad genom borttagning - i karantän

2012-01-24 20:28:22 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2012-01-23 18:18:33 Startskanner fil Arbetsminne » C:\Windows\temp\lpahwr\setup.exe en variant av Win32/Wigon.OW trojan rensad genom borttagning - i karantän

2012-01-23 18:18:13 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-23 18:17:57 Startskanner fil C:\ProgramData\xf9poa4vaz.exe en variant av Win32/Kryptik.ZIA trojan rensad genom borttagning - i karantän

2012-01-23 17:14:57 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2012-01-23 17:08:22 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2012-01-21 20:41:22 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-21 18:26:53 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-20 16:50:22 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2012-01-20 16:50:16 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-20 16:50:05 Startskanner fil C:\Windows\system32\config\systemprofile\AppData\Local\rugoima.dll en variant av Win32/TrojanProxy.Agent.NIF trojan rensad genom borttagning - i karantän

2012-01-19 16:24:31 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2012-01-18 18:39:06 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-17 18:30:23 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-17 17:28:01 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2012-01-16 16:05:05 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-15 15:25:39 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-14 14:07:42 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-14 13:05:11 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2012-01-12 19:11:52 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-11 17:01:35 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-11 16:59:08 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2012-01-09 18:36:21 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-08 18:23:26 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2012-01-06 14:56:26 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2012-01-05 10:44:32 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2012-01-01 20:42:27 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-31 12:42:39 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-29 19:02:56 Skydd av filsystemet i realtid fil C:\downloads\Adobe Indesign Cs4\Activation\CS4MCLG.EXE troligen en variant av Win32/Spy.Agent.FFETUNH trojan rensad genom borttagning - i karantän Alen-PC\Alen Uppstod på en fil som ändrades av programmet: C:\Program Files\uTorrent\uTorrent.exe.

2011-12-29 17:58:20 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-28 10:41:25 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-26 20:41:47 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-24 12:19:26 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-22 15:24:14 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-12-21 14:25:57 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-12-20 15:19:17 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-20 13:50:07 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-12-18 21:06:06 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-12-17 20:45:09 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-12-17 11:24:56 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-16 19:25:30 Skydd av filsystemet i realtid fil C:\Users\Alen\AppData\Local\Mozilla\Firefox\Profiles\d4064i5i.default\Cache\8BC4ABB1d01 en variant av Win32/Adware.Toolbar.Dealio program borttagen - i karantän Alen-PC\Alen Uppstod på en ny fil som skapades av programmet: C:\Program Files\Mozilla Firefox\firefox.exe.

2011-12-16 19:24:03 Skydd av filsystemet i realtid fil C:\Users\Alen\AppData\Local\Temp\O0A+4wBr.exe.part en variant av Win32/Adware.Toolbar.Dealio program borttagen - i karantän Alen-PC\Alen Uppstod på en fil som ändrades av programmet: C:\Program Files\Mozilla Firefox\firefox.exe.

2011-12-16 19:15:40 HTTP-filter fil http://www.youtubedo...aderSetup34.exe en variant av Win32/Adware.Toolbar.Dealio program anslutningen avslutades - i karantän Alen-PC\Alen Ett hot upptäcktes när programmet försökte få tillgång till webben: C:\Program Files\Mozilla Firefox\firefox.exe.

2011-12-16 19:13:38 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-12-15 21:42:57 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-15 16:53:05 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-12-14 17:06:20 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-13 21:01:00 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-12-12 17:14:15 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-12-12 17:12:06 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-11 12:18:17 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-12-11 11:17:33 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-09 15:20:05 Startskanner fil Arbetsminne » C:\Users\Alen\ylxkrwhfv3.exe en variant av Win32/Kryptik.VTV trojan rensad genom borttagning - i karantän

2011-12-09 15:19:12 Startskanner fil Arbetsminne » C:\Users\Alen\ylxkrwhfv3.exe troligen en variant av Win32/Wigon.OW trojan det gick inte att rensa

2011-12-09 15:18:53 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-12-08 13:18:00 Startskanner fil Arbetsminne troligen en variant av Win32/Wigon.OW trojan det gick inte att rensa Alen-PC\Alen

2011-12-08 13:17:04 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-08 12:50:12 Startskanner fil Arbetsminne troligen en variant av Win32/Wigon.OW trojan det gick inte att rensa Alen-PC\Alen

2011-12-04 21:03:18 Startskanner fil Arbetsminne en variant av Win32/Wigon.OW trojan det gick inte att rensa Alen-PC\Alen

2011-12-04 21:03:11 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-12-01 19:04:46 Startskanner fil Arbetsminne en variant av Win32/Wigon.OW trojan det gick inte att rensa Alen-PC\Alen

2011-12-01 19:04:34 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-26 20:18:21 Startskanner fil Arbetsminne troligen en variant av Win32/Wigon.OW trojan det gick inte att rensa Alen-PC\Alen

2011-11-26 20:18:16 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-26 14:03:01 Skydd av filsystemet i realtid fil C:\downloads\Adobe Indesign Cs4\Activation\CS4MCLG.EXE troligen en variant av Win32/Spy.Agent.FFETUNH trojan rensad genom borttagning - i karantän Uppstod vid ett försök att komma åt filen från programmet: C:\Windows\Explorer.EXE.

2011-11-25 23:57:58 Skydd av filsystemet i realtid fil C:\downloads\Adobe Indesign Cs4\Activation\CS4MCLG.EXE troligen en variant av Win32/Spy.Agent.FFETUNH trojan rensad genom borttagning - i karantän Uppstod på en fil som ändrades av programmet: C:\Program Files\uTorrent\uTorrent.exe.

2011-11-25 23:56:29 Skydd av filsystemet i realtid fil C:\downloads\Adobe Indesign Cs4\Activation\CS4MCLG.EXE troligen en variant av Win32/Spy.Agent.FFETUNH trojan rensad genom borttagning - i karantän Uppstod på en ny fil som skapades av programmet: C:\Program Files\uTorrent\uTorrent.exe.

2011-11-25 23:55:43 Skydd av filsystemet i realtid fil C:\downloads\Adobe Indesign Cs4\Activation\CS4MCLG.EXE troligen en variant av Win32/Agent.GINQDLO trojan rensad genom borttagning - i karantän Uppstod på en fil som ändrades av programmet: C:\Program Files\uTorrent\uTorrent.exe.

2011-11-25 17:08:02 Startskanner fil Arbetsminne en variant av Win32/Wigon.OW trojan det gick inte att rensa Alen-PC\Alen

2011-11-25 17:07:51 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-21 17:31:33 Startskanner fil Arbetsminne en variant av Win32/Wigon.OW trojan det gick inte att rensa Alen-PC\Alen

2011-11-21 17:31:26 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-19 10:41:36 Startskanner fil Arbetsminne en variant av Win32/Wigon.OW trojan det gick inte att rensa Alen-PC\Alen

2011-11-19 10:41:17 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-16 17:14:41 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-13 13:51:53 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-12 13:47:46 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-09 16:25:50 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-07 20:12:28 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-05 18:38:33 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-04 10:38:10 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-02 17:39:41 Skydd av filsystemet i realtid fil C:\downloads\Corel Draw X5 with Keygen\Keygen.exe en variant av Win32/Keygen.AF program rensad genom borttagning - i karantän Uppstod på en fil som ändrades av programmet: C:\Program Files\uTorrent\uTorrent.exe.

2011-11-02 11:19:16 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-11-01 22:14:18 Skydd av filsystemet i realtid fil C:\Users\Alen\AppData\Local\Temp\Rar$EX02.784\InDesign_CS4[hamlet][www.DivxTotaL.com]\keygen.exe en variant av Win32/Keygen.BH program rensad genom borttagning - i karantän Uppstod på en ny fil som skapades av programmet: C:\Program Files\WinRAR\WinRAR.exe.

2011-11-01 13:06:16 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa

2011-10-30 13:44:22 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

2011-10-28 19:06:46 Startskanner arbetsminne Arbetsminne Win32/Olmarik.TDL4 trojan det gick inte att rensa Alen-PC\Alen

January 26, 2012

-----------------------------------------------------------------------TDSS:--------------------------------------------------------------------------------

21:04:51.0287 0756 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27

21:04:53.0292 0756 ============================================================

21:04:53.0292 0756 Current date / time: 2012/01/26 21:04:53.0292

21:04:53.0293 0756 SystemInfo:

21:04:53.0293 0756

21:04:53.0293 0756 OS Version: 6.1.7600 ServicePack: 0.0

21:04:53.0293 0756 Product type: Workstation

21:04:53.0293 0756 ComputerName: ALEN-PC

21:04:53.0293 0756 UserName: Alen

21:04:53.0293 0756 Windows directory: C:\Windows

21:04:53.0293 0756 System windows directory: C:\Windows

21:04:53.0293 0756 Processor architecture: Intel x86

21:04:53.0293 0756 Number of processors: 2

21:04:53.0293 0756 Page size: 0x1000

21:04:53.0293 0756 Boot type: Normal boot

21:04:53.0293 0756 ============================================================

21:05:00.0499 0756 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

21:05:01.0996 0756 Initialize success

21:09:41.0181 0108 ============================================================

21:09:41.0181 0108 Scan started

21:09:41.0181 0108 Mode: Manual;

21:09:41.0181 0108 ============================================================

21:09:44.0160 0108 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys

21:09:44.0170 0108 1394ohci - ok

21:09:44.0220 0108 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys

21:09:44.0238 0108 ACPI - ok

21:09:44.0283 0108 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys

21:09:44.0288 0108 AcpiPmi - ok

21:09:44.0339 0108 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

21:09:44.0365 0108 adp94xx - ok

21:09:44.0416 0108 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

21:09:44.0491 0108 adpahci - ok

21:09:44.0578 0108 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

21:09:44.0587 0108 adpu320 - ok

21:09:44.0794 0108 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys

21:09:44.0812 0108 AFD - ok

21:09:44.0892 0108 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys

21:09:44.0894 0108 agp440 - ok

21:09:44.0929 0108 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

21:09:44.0946 0108 aic78xx - ok

21:09:45.0034 0108 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys

21:09:45.0051 0108 aliide - ok

21:09:45.0279 0108 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys

21:09:45.0282 0108 amdagp - ok

21:09:45.0323 0108 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys

21:09:45.0325 0108 amdide - ok

21:09:45.0415 0108 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

21:09:45.0439 0108 AmdK8 - ok

21:09:45.0530 0108 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

21:09:45.0534 0108 AmdPPM - ok

21:09:45.0621 0108 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys

21:09:45.0624 0108 amdsata - ok

21:09:45.0721 0108 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

21:09:45.0730 0108 amdsbs - ok

21:09:45.0832 0108 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys

21:09:45.0878 0108 amdxata - ok

21:09:45.0942 0108 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys

21:09:45.0946 0108 AppID - ok

21:09:46.0017 0108 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

21:09:46.0020 0108 arc - ok

21:09:46.0055 0108 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

21:09:46.0060 0108 arcsas - ok

21:09:46.0109 0108 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

21:09:46.0151 0108 AsyncMac - ok

21:09:46.0249 0108 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys

21:09:46.0250 0108 atapi - ok

21:09:46.0408 0108 atikmdag (712d8a95e45b070114c5309ada7358ff) C:\Windows\system32\DRIVERS\atikmdag.sys

21:09:46.0591 0108 atikmdag - ok

21:09:46.0718 0108 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

21:09:46.0761 0108 b06bdrv - ok

21:09:46.0813 0108 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

21:09:46.0957 0108 b57nd60x - ok

21:09:47.0058 0108 BCMH43XX (601259276b934f0c938bff4f558c5691) C:\Windows\system32\DRIVERS\bcmwlhigh6.sys

21:09:47.0085 0108 BCMH43XX - ok

21:09:47.0182 0108 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

21:09:47.0185 0108 Beep - ok

21:09:47.0250 0108 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

21:09:47.0304 0108 blbdrive - ok

21:09:47.0426 0108 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys

21:09:47.0490 0108 bowser - ok

21:09:47.0607 0108 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

21:09:47.0610 0108 BrFiltLo - ok

21:09:47.0661 0108 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

21:09:47.0663 0108 BrFiltUp - ok

21:09:47.0765 0108 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys

21:09:47.0810 0108 BridgeMP - ok

21:09:47.0952 0108 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

21:09:47.0969 0108 Brserid - ok

21:09:48.0016 0108 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

21:09:48.0019 0108 BrSerWdm - ok

21:09:48.0064 0108 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

21:09:48.0067 0108 BrUsbMdm - ok

21:09:48.0116 0108 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

21:09:48.0119 0108 BrUsbSer - ok

21:09:48.0171 0108 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

21:09:48.0174 0108 BTHMODEM - ok

21:09:48.0265 0108 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS

21:09:48.0268 0108 BVRPMPR5 - ok

21:09:48.0409 0108 CamDrL (0f5ca31bb3fdb5c1e63c170cfbecc93b) C:\Windows\system32\DRIVERS\Camdrl.sys

21:09:48.0526 0108 CamDrL - ok

21:09:48.0822 0108 catchme - ok

21:09:48.0926 0108 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

21:09:48.0978 0108 cdfs - ok

21:09:49.0035 0108 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys

21:09:49.0112 0108 cdrom - ok

21:09:49.0246 0108 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

21:09:49.0249 0108 circlass - ok

21:09:49.0296 0108 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

21:09:49.0305 0108 CLFS - ok

21:09:49.0355 0108 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

21:09:49.0357 0108 CmBatt - ok

21:09:49.0399 0108 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys

21:09:49.0403 0108 cmdide - ok

21:09:49.0503 0108 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys

21:09:49.0613 0108 CNG - ok

21:09:49.0695 0108 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

21:09:49.0699 0108 Compbatt - ok

21:09:49.0730 0108 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys

21:09:49.0735 0108 CompositeBus - ok

21:09:49.0801 0108 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

21:09:49.0803 0108 crcdisk - ok

21:09:49.0864 0108 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys

21:09:49.0958 0108 CSC - ok

21:09:50.0119 0108 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys

21:09:50.0145 0108 DfsC - ok

21:09:50.0255 0108 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

21:09:50.0257 0108 discache - ok

21:09:50.0291 0108 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

21:09:50.0320 0108 Disk - ok

21:09:50.0437 0108 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

21:09:50.0486 0108 drmkaud - ok

21:09:50.0656 0108 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys

21:09:50.0658 0108 DrvAgent32 - ok

21:09:50.0757 0108 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys

21:09:50.0783 0108 DXGKrnl - ok

21:09:50.0929 0108 E100B (20de769b84960606d8dbb2aec123021a) C:\Windows\system32\DRIVERS\e100b325.sys

21:09:50.0937 0108 E100B - ok

21:09:51.0070 0108 eamonm (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys

21:09:51.0220 0108 eamonm - ok

21:09:51.0429 0108 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

21:09:51.0503 0108 ebdrv - ok

21:09:51.0593 0108 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys

21:09:51.0650 0108 ehdrv - ok

21:09:51.0825 0108 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

21:09:51.0864 0108 elxstor - ok

21:09:51.0943 0108 epfw (5ba193ca0ae31209aaa39939ce6736b2) C:\Windows\system32\DRIVERS\epfw.sys

21:09:51.0988 0108 epfw - ok

21:09:52.0037 0108 EpfwLWF (9cefd59c8e5ebfb48165aef54617f539) C:\Windows\system32\DRIVERS\EpfwLWF.sys

21:09:52.0104 0108 EpfwLWF - ok

21:09:52.0197 0108 epfwwfp (7144a06ac105a2a7302944602e415ec1) C:\Windows\system32\DRIVERS\epfwwfp.sys

21:09:52.0259 0108 epfwwfp - ok

21:09:52.0343 0108 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys

21:09:52.0345 0108 ErrDev - ok

21:09:52.0470 0108 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

21:09:52.0480 0108 exfat - ok

21:09:52.0554 0108 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

21:09:52.0572 0108 fastfat - ok

21:09:52.0643 0108 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

21:09:52.0645 0108 fdc - ok

21:09:52.0754 0108 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

21:09:52.0821 0108 FileInfo - ok

21:09:52.0894 0108 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

21:09:52.0948 0108 Filetrace - ok

21:09:53.0084 0108 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

21:09:53.0086 0108 flpydisk - ok

21:09:53.0137 0108 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

21:09:53.0187 0108 FltMgr - ok

21:09:53.0252 0108 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

21:09:53.0277 0108 FsDepends - ok

21:09:53.0375 0108 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

21:09:53.0378 0108 Fs_Rec - ok

21:09:53.0460 0108 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys

21:09:53.0471 0108 fvevol - ok

21:09:53.0509 0108 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

21:09:53.0521 0108 gagp30kx - ok

21:09:53.0596 0108 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

21:09:53.0684 0108 GEARAspiWDM - ok

21:09:53.0804 0108 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

21:09:53.0807 0108 hcw85cir - ok

21:09:53.0872 0108 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys

21:09:53.0988 0108 HdAudAddService - ok

21:09:54.0108 0108 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys

21:09:54.0112 0108 HDAudBus - ok

21:09:54.0157 0108 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

21:09:54.0159 0108 HidBatt - ok

21:09:54.0205 0108 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

21:09:54.0208 0108 HidBth - ok

21:09:54.0256 0108 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

21:09:54.0260 0108 HidIr - ok

21:09:54.0308 0108 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys

21:09:54.0336 0108 HidUsb - ok

21:09:54.0441 0108 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys

21:09:54.0445 0108 HpSAMD - ok

21:09:54.0527 0108 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys

21:09:54.0548 0108 HTTP - ok

21:09:54.0585 0108 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys

21:09:54.0588 0108 hwpolicy - ok

21:09:54.0629 0108 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys

21:09:54.0632 0108 i8042prt - ok

21:09:54.0769 0108 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys

21:09:54.0787 0108 iaStorV - ok

21:09:54.0855 0108 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

21:09:54.0858 0108 iirsp - ok

21:09:54.0904 0108 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys

21:09:54.0930 0108 intelide - ok

21:09:54.0961 0108 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

21:09:54.0990 0108 intelppm - ok

21:09:55.0054 0108 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:09:55.0108 0108 IpFilterDriver - ok

21:09:55.0242 0108 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys

21:09:55.0245 0108 IPMIDRV - ok

21:09:55.0299 0108 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

21:09:55.0347 0108 IPNAT - ok

21:09:55.0431 0108 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

21:09:55.0454 0108 IRENUM - ok

21:09:55.0497 0108 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys

21:09:55.0500 0108 isapnp - ok

21:09:55.0542 0108 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys

21:09:55.0551 0108 iScsiPrt - ok

21:09:55.0633 0108 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys

21:09:55.0688 0108 kbdclass - ok

21:09:55.0790 0108 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys

21:09:55.0835 0108 kbdhid - ok

21:09:55.0932 0108 KMWDFILTERx86 (4476fe98aaf505acdcd3ee6360aabec1) C:\Windows\system32\DRIVERS\KMWDFILTER.sys

21:09:55.0957 0108 KMWDFILTERx86 - ok

21:09:56.0030 0108 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys

21:09:56.0064 0108 KSecDD - ok

21:09:56.0173 0108 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys

21:09:56.0235 0108 KSecPkg - ok

21:09:56.0326 0108 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

21:09:56.0373 0108 lltdio - ok

21:09:56.0494 0108 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

21:09:56.0498 0108 LSI_FC - ok

21:09:56.0573 0108 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

21:09:56.0576 0108 LSI_SAS - ok

21:09:56.0612 0108 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

21:09:56.0615 0108 LSI_SAS2 - ok

21:09:56.0655 0108 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

21:09:56.0659 0108 LSI_SCSI - ok

21:09:56.0731 0108 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

21:09:56.0735 0108 luafv - ok

21:09:56.0813 0108 LVUSBSta (e0feba3178cabf337ee08f6a499a0fb3) C:\Windows\system32\drivers\LVUSBSta.sys

21:09:56.0858 0108 LVUSBSta - ok

21:09:56.0988 0108 MBAMProtector - ok

21:09:57.0091 0108 MBAMSwissArmy - ok

21:09:57.0166 0108 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

21:09:57.0170 0108 megasas - ok

21:09:57.0216 0108 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

21:09:57.0226 0108 MegaSR - ok

21:09:57.0297 0108 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

21:09:57.0321 0108 Modem - ok

21:09:57.0365 0108 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

21:09:57.0368 0108 monitor - ok

21:09:57.0441 0108 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys

21:09:57.0467 0108 mouclass - ok

21:09:57.0495 0108 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

21:09:57.0523 0108 mouhid - ok

21:09:57.0566 0108 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys

21:09:57.0569 0108 mountmgr - ok

21:09:57.0611 0108 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys

21:09:57.0614 0108 mpio - ok

21:09:57.0658 0108 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

21:09:57.0688 0108 mpsdrv - ok

21:09:57.0793 0108 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys

21:09:57.0797 0108 MRxDAV - ok

21:09:57.0888 0108 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys

21:09:57.0963 0108 mrxsmb - ok

21:09:58.0060 0108 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:09:58.0122 0108 mrxsmb10 - ok

21:09:58.0230 0108 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:09:58.0293 0108 mrxsmb20 - ok

21:09:58.0374 0108 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys

21:09:58.0377 0108 msahci - ok

21:09:58.0458 0108 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys

21:09:58.0462 0108 msdsm - ok

21:09:58.0561 0108 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

21:09:58.0564 0108 Msfs - ok

21:09:58.0677 0108 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

21:09:58.0680 0108 mshidkmdf - ok

21:09:58.0723 0108 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys

21:09:58.0747 0108 msisadrv - ok

21:09:58.0819 0108 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

21:09:58.0826 0108 MSKSSRV - ok

21:09:58.0956 0108 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

21:09:59.0013 0108 MSPCLOCK - ok

21:09:59.0067 0108 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

21:09:59.0097 0108 MSPQM - ok

21:09:59.0154 0108 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

21:09:59.0163 0108 MsRPC - ok

21:09:59.0225 0108 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys

21:09:59.0228 0108 mssmbios - ok

21:09:59.0303 0108 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

21:09:59.0357 0108 MSTEE - ok

21:09:59.0420 0108 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

21:09:59.0423 0108 MTConfig - ok

21:09:59.0463 0108 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

21:09:59.0494 0108 Mup - ok

21:09:59.0598 0108 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

21:09:59.0639 0108 NativeWifiP - ok

21:09:59.0717 0108 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys

21:09:59.0744 0108 NDIS - ok

21:09:59.0779 0108 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

21:09:59.0805 0108 NdisCap - ok

21:09:59.0864 0108 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

21:09:59.0869 0108 NdisTapi - ok

21:09:59.0902 0108 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys

21:09:59.0971 0108 Ndisuio - ok

21:10:00.0051 0108 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys

21:10:00.0075 0108 NdisWan - ok

21:10:00.0130 0108 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys

21:10:00.0134 0108 NDProxy - ok

21:10:00.0166 0108 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

21:10:00.0207 0108 NetBIOS - ok

21:10:00.0304 0108 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys

21:10:00.0322 0108 NetBT - ok

21:10:00.0425 0108 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

21:10:00.0428 0108 nfrd960 - ok

21:10:00.0534 0108 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

21:10:00.0537 0108 Npfs - ok

21:10:00.0573 0108 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

21:10:00.0577 0108 nsiproxy - ok

21:10:00.0690 0108 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys

21:10:00.0724 0108 Ntfs - ok

21:10:00.0872 0108 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

21:10:00.0874 0108 Null - ok

21:10:01.0043 0108 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys

21:10:01.0047 0108 nvraid - ok

21:10:01.0120 0108 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys

21:10:01.0129 0108 nvstor - ok

21:10:01.0169 0108 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys

21:10:01.0173 0108 nv_agp - ok

21:10:01.0284 0108 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys

21:10:01.0289 0108 ohci1394 - ok

21:10:01.0398 0108 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

21:10:01.0402 0108 Parport - ok

21:10:01.0463 0108 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys

21:10:01.0510 0108 partmgr - ok

21:10:01.0559 0108 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

21:10:01.0561 0108 Parvdm - ok

21:10:01.0632 0108 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys

21:10:01.0673 0108 pci - ok

21:10:01.0756 0108 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys

21:10:01.0759 0108 pciide - ok

21:10:01.0819 0108 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

21:10:01.0836 0108 pcmcia - ok

21:10:01.0873 0108 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

21:10:01.0936 0108 pcw - ok

21:10:02.0063 0108 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

21:10:02.0087 0108 PEAUTH - ok

21:10:02.0222 0108 PhilCam8116 (a3a4d50051ddbcf390e5918c43c167ef) C:\Windows\system32\DRIVERS\CamDrL21.sys

21:10:02.0262 0108 PhilCam8116 - ok

21:10:02.0427 0108 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

21:10:02.0457 0108 PptpMiniport - ok

21:10:02.0507 0108 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

21:10:02.0523 0108 Processor - ok

21:10:02.0605 0108 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

21:10:02.0608 0108 Psched - ok

21:10:02.0776 0108 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

21:10:02.0810 0108 ql2300 - ok

21:10:02.0920 0108 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

21:10:02.0924 0108 ql40xx - ok

21:10:02.0980 0108 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

21:10:02.0983 0108 QWAVEdrv - ok

21:10:03.0065 0108 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

21:10:03.0123 0108 RasAcd - ok

21:10:03.0196 0108 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

21:10:03.0249 0108 RasAgileVpn - ok

21:10:03.0377 0108 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

21:10:03.0407 0108 Rasl2tp - ok

21:10:03.0466 0108 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

21:10:03.0494 0108 RasPppoe - ok

21:10:03.0588 0108 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

21:10:03.0618 0108 RasSstp - ok

21:10:03.0676 0108 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys

21:10:04.0858 0108 rdbss - ok

21:10:05.0020 0108 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

21:10:05.0051 0108 rdpbus - ok

21:10:05.0087 0108 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys

21:10:05.0089 0108 RDPCDD - ok

21:10:05.0141 0108 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys

21:10:05.0193 0108 RDPDR - ok

21:10:05.0260 0108 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

21:10:05.0263 0108 RDPENCDD - ok

21:10:05.0314 0108 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

21:10:05.0316 0108 RDPREFMP - ok

21:10:05.0427 0108 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys

21:10:05.0436 0108 RDPWD - ok

21:10:05.0483 0108 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys

21:10:05.0585 0108 rdyboost - ok

21:10:05.0700 0108 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

21:10:05.0744 0108 rspndr - ok

21:10:05.0836 0108 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys

21:10:05.0841 0108 s3cap - ok

21:10:05.0898 0108 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys

21:10:05.0901 0108 sbp2port - ok

21:10:05.0949 0108 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys

21:10:05.0953 0108 scfilter - ok

21:10:06.0055 0108 SCMNdisP (3b68015683c27cb00c7a6b60a37cbcfd) C:\Windows\system32\DRIVERS\scmndisp.sys

21:10:06.0080 0108 SCMNdisP - ok

21:10:06.0197 0108 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

21:10:06.0199 0108 secdrv - ok

21:10:06.0260 0108 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

21:10:06.0263 0108 Serenum - ok

21:10:06.0308 0108 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

21:10:06.0331 0108 Serial - ok

21:10:06.0395 0108 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

21:10:06.0397 0108 sermouse - ok

21:10:06.0498 0108 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys

21:10:06.0501 0108 sffdisk - ok

21:10:06.0552 0108 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys

21:10:06.0557 0108 sffp_mmc - ok

21:10:06.0607 0108 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\drivers\sffp_sd.sys

21:10:06.0610 0108 sffp_sd - ok

21:10:06.0668 0108 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

21:10:06.0671 0108 sfloppy - ok

21:10:06.0863 0108 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys

21:10:06.0866 0108 sisagp - ok

21:10:06.0914 0108 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

21:10:06.0916 0108 SiSRaid2 - ok

21:10:06.0955 0108 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

21:10:06.0959 0108 SiSRaid4 - ok

21:10:06.0999 0108 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

21:10:07.0027 0108 Smb - ok

21:10:07.0153 0108 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

21:10:07.0156 0108 spldr - ok

21:10:07.0263 0108 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys

21:10:07.0264 0108 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9

21:10:07.0266 0108 sptd ( LockedFile.Multi.Generic ) - warning

21:10:07.0267 0108 sptd - detected LockedFile.Multi.Generic (1)

21:10:07.0346 0108 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys

21:10:07.0415 0108 srv - ok

21:10:07.0539 0108 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys

21:10:07.0621 0108 srv2 - ok

21:10:07.0718 0108 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys

21:10:07.0764 0108 srvnet - ok

21:10:07.0875 0108 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

21:10:07.0878 0108 stexstor - ok

21:10:07.0911 0108 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys

21:10:07.0940 0108 storflt - ok

21:10:07.0980 0108 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys

21:10:07.0985 0108 storvsc - ok

21:10:08.0024 0108 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys

21:10:08.0029 0108 swenum - ok

21:10:08.0220 0108 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys

21:10:08.0367 0108 Tcpip - ok

21:10:08.0495 0108 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys

21:10:08.0508 0108 TCPIP6 - ok

21:10:08.0582 0108 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys

21:10:08.0632 0108 tcpipreg - ok

21:10:08.0724 0108 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys

21:10:08.0749 0108 TDPIPE - ok

21:10:08.0784 0108 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys

21:10:08.0811 0108 TDTCP - ok

21:10:08.0946 0108 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys

21:10:08.0995 0108 tdx - ok

21:10:09.0063 0108 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys

21:10:09.0074 0108 TermDD - ok

21:10:09.0166 0108 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys

21:10:09.0229 0108 tssecsrv - ok

21:10:09.0323 0108 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys

21:10:09.0371 0108 tunnel - ok

21:10:09.0423 0108 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

21:10:09.0426 0108 uagp35 - ok

21:10:09.0471 0108 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys

21:10:09.0519 0108 udfs - ok

21:10:09.0640 0108 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys

21:10:09.0643 0108 uliagpkx - ok

21:10:09.0693 0108 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys

21:10:09.0720 0108 umbus - ok

21:10:09.0758 0108 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

21:10:09.0761 0108 UmPass - ok

21:10:09.0807 0108 upperdev - ok

21:10:09.0881 0108 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys

21:10:09.0906 0108 USBAAPL - ok

21:10:10.0027 0108 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys

21:10:10.0032 0108 usbaudio - ok

21:10:10.0116 0108 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys

21:10:10.0160 0108 usbccgp - ok

21:10:10.0274 0108 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys

21:10:10.0278 0108 usbcir - ok

21:10:10.0357 0108 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys

21:10:10.0383 0108 usbehci - ok

21:10:10.0456 0108 UsbFltr (ca349e24ecde0e0005dac5a2dc9931a2) C:\Windows\system32\drivers\copperhd.sys

21:10:10.0480 0108 UsbFltr - ok

21:10:10.0549 0108 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys

21:10:10.0594 0108 usbhub - ok

21:10:10.0727 0108 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys

21:10:10.0730 0108 usbohci - ok

21:10:10.0783 0108 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

21:10:10.0808 0108 usbprint - ok

21:10:10.0934 0108 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:10:10.0959 0108 USBSTOR - ok

21:10:11.0086 0108 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys

21:10:11.0112 0108 usbuhci - ok

21:10:11.0166 0108 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys

21:10:11.0193 0108 vdrvroot - ok

21:10:11.0271 0108 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

21:10:11.0296 0108 vga - ok

21:10:11.0352 0108 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

21:10:11.0354 0108 VgaSave - ok

21:10:11.0404 0108 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys

21:10:11.0413 0108 vhdmp - ok

21:10:11.0491 0108 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys

21:10:11.0494 0108 viaagp - ok

21:10:11.0566 0108 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

21:10:11.0569 0108 ViaC7 - ok

21:10:11.0623 0108 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys

21:10:11.0627 0108 viaide - ok

21:10:11.0686 0108 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys

21:10:11.0720 0108 vmbus - ok

21:10:11.0764 0108 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys

21:10:11.0768 0108 VMBusHID - ok

21:10:11.0828 0108 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys

21:10:11.0856 0108 volmgr - ok

21:10:11.0945 0108 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

21:10:11.0962 0108 volmgrx - ok

21:10:12.0035 0108 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys

21:10:12.0090 0108 volsnap - ok

21:10:12.0201 0108 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

21:10:12.0221 0108 vsmraid - ok

21:10:12.0266 0108 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys

21:10:12.0289 0108 vwifibus - ok

21:10:12.0458 0108 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys

21:10:12.0505 0108 vwififlt - ok

21:10:12.0566 0108 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

21:10:12.0569 0108 WacomPen - ok

21:10:12.0609 0108 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

21:10:12.0634 0108 WANARP - ok

21:10:12.0643 0108 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

21:10:12.0645 0108 Wanarpv6 - ok

21:10:12.0704 0108 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

21:10:12.0707 0108 Wd - ok

21:10:12.0788 0108 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

21:10:12.0913 0108 Wdf01000 - ok

21:10:13.0064 0108 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

21:10:13.0092 0108 WfpLwf - ok

21:10:13.0192 0108 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

21:10:13.0215 0108 WIMMount - ok

21:10:13.0331 0108 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys

21:10:13.0336 0108 WinUsb - ok

21:10:13.0392 0108 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys

21:10:13.0395 0108 WmiAcpi - ok

21:10:13.0535 0108 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

21:10:13.0538 0108 ws2ifsl - ok

21:10:13.0628 0108 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys

21:10:13.0652 0108 WudfPf - ok

21:10:13.0705 0108 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys

21:10:13.0725 0108 WUDFRd - ok

21:10:13.0764 0108 MBR (0x1B8) (de1996b5390bac8242e23168f828c750) \Device\Harddisk0\DR0

21:10:13.0797 0108 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected

21:10:13.0797 0108 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)

21:10:13.0833 0108 Boot (0x1200) (eeed27973404de86790448a70ac9d340) \Device\Harddisk0\DR0\Partition0

21:10:13.0834 0108 \Device\Harddisk0\DR0\Partition0 - ok

21:10:13.0850 0108 Boot (0x1200) (e988f7fb0271066721ee1dccf47b041e) \Device\Harddisk0\DR0\Partition1

21:10:13.0852 0108 \Device\Harddisk0\DR0\Partition1 - ok

21:10:13.0855 0108 ============================================================

21:10:13.0855 0108 Scan finished

21:10:13.0855 0108 ============================================================

21:10:13.0878 1924 Detected object count: 2

21:10:13.0878 1924 Actual detected object count: 2

21:10:29.0315 1924 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot

21:10:29.0367 1924 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot

21:10:29.0380 1924 C:\Windows\System32\Drivers\sptd.sys - will be deleted on reboot

21:10:29.0380 1924 sptd ( LockedFile.Multi.Generic ) - User select action: Delete

21:10:29.0438 1924 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot

21:10:29.0439 1924 \Device\Harddisk0\DR0 - ok

21:10:29.0517 1924 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure

January 26, 2012

Det verkar som att du inte har betalat för ESET Smart Security utan använder en crackad version. Om man inte kan lita på att ens antivirusprogram inte är modifierat kan man inte heller lita på att det upptäcker allt som programmet normalt kan hitta. Om detta stämmer så avinstallera ESET Smart Security, starta om datorn och kör DDS enligt tidigare anvisning.

Om du inte vill betala för ett antivirusprogram så är det bättre att du använder gratis produkter. När det gäller antivirusprogram så finns t ex gratis Avast som är minst lika bra som Esets. Det finns också gratis brandväggar som är bättre än Esets.

Sign In

Problem med datorvirus, olmarik tdl4 win32

Recommended Posts

Alen

Link to comment

Share on other sites

Thirteen

Link to comment

Share on other sites

Cecilia

Link to comment

Share on other sites

Kranis-97

Link to comment

Share on other sites

Alen

Link to comment

Share on other sites

Alen

Link to comment

Share on other sites

Alen

Link to comment

Share on other sites

Alen

Link to comment

Share on other sites

Cecilia

Link to comment

Share on other sites

Archived

Who's Online 0 Members, 0 Anonymous, 55 Guests (See full list)

Popular Contributors

Announcements

Recently Browsing

Senaste inlägg

Forums

Activity

pcforalla.se