Mein PC ist vielleicht Infiziert.

Leon3221 · 17.04.2012, 19:39

Das andere und Danke nochmal das du mir bis jetzt so gut geholfen hast

!

20:22:43.0859 6020 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
20:22:44.0531 6020 ============================================================
20:22:44.0531 6020 Current date / time: 2012/04/17 20:22:44.0531
20:22:44.0531 6020 SystemInfo:
20:22:44.0531 6020
20:22:44.0531 6020 OS Version: 5.1.2600 ServicePack: 3.0
20:22:44.0531 6020 Product type: Workstation
20:22:44.0531 6020 ComputerName: LEON3221
20:22:44.0531 6020 UserName: Leon
20:22:44.0531 6020 Windows directory: C:\WINDOWS
20:22:44.0531 6020 System windows directory: C:\WINDOWS
20:22:44.0531 6020 Processor architecture: Intel x86
20:22:44.0531 6020 Number of processors: 2
20:22:44.0531 6020 Page size: 0x1000
20:22:44.0531 6020 Boot type: Normal boot
20:22:44.0531 6020 ============================================================
20:22:47.0984 6020 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:22:48.0062 6020 \Device\Harddisk0\DR0:
20:22:48.0062 6020 MBR used
20:22:48.0062 6020 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
20:22:48.0156 6020 Initialize success
20:22:48.0156 6020 ============================================================
20:22:49.0859 5696 ============================================================
20:22:49.0859 5696 Scan started
20:22:49.0859 5696 Mode: Manual;
20:22:49.0859 5696 ============================================================
20:22:50.0343 5696 Abiosdsk - ok
20:22:50.0359 5696 abp480n5 - ok
20:22:50.0390 5696 ACDaemon - ok
20:22:50.0437 5696 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:22:50.0437 5696 ACPI - ok
20:22:50.0500 5696 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:22:50.0500 5696 ACPIEC - ok
20:22:50.0531 5696 adpu160m - ok
20:22:50.0562 5696 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:22:50.0562 5696 aec - ok
20:22:50.0640 5696 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
20:22:50.0640 5696 Afc - ok
20:22:50.0687 5696 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:22:50.0703 5696 AFD - ok
20:22:50.0750 5696 Aha154x - ok
20:22:50.0781 5696 aic78u2 - ok
20:22:50.0796 5696 aic78xx - ok
20:22:50.0875 5696 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:22:50.0875 5696 Alerter - ok
20:22:50.0921 5696 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:22:50.0921 5696 ALG - ok
20:22:50.0937 5696 AliIde - ok
20:22:51.0046 5696 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
20:22:51.0093 5696 Ambfilt - ok
20:22:51.0203 5696 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
20:22:51.0203 5696 AmdPPM - ok
20:22:51.0218 5696 amsint - ok
20:22:51.0296 5696 AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Programme\Avira\AntiVir Desktop\sched.exe
20:22:51.0296 5696 AntiVirSchedulerService - ok
20:22:51.0312 5696 AntiVirService (72d90e56563165984224493069c69ed4) C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:22:51.0312 5696 AntiVirService - ok
20:22:51.0375 5696 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:22:51.0375 5696 AppMgmt - ok
20:22:51.0437 5696 ArcSoftKsUFilter (bf8470e29873dd3f725f18709928c85f) C:\WINDOWS\system32\DRIVERS\ArcSoftKsUFilter.sys
20:22:51.0437 5696 ArcSoftKsUFilter - ok
20:22:51.0468 5696 asc - ok
20:22:51.0515 5696 asc3350p - ok
20:22:51.0562 5696 asc3550 - ok
20:22:51.0640 5696 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:22:51.0640 5696 aspnet_state - ok
20:22:51.0703 5696 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:22:51.0703 5696 AsyncMac - ok
20:22:51.0750 5696 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:22:51.0750 5696 atapi - ok
20:22:51.0765 5696 Atdisk - ok
20:22:51.0843 5696 Ati HotKey Poller (bf4690ff029aaec1266f32bb3e9633e8) C:\WINDOWS\system32\Ati2evxx.exe
20:22:51.0859 5696 Ati HotKey Poller - ok
20:22:51.0937 5696 ATI Smart (fb796f8fe747225756b870e9564a469c) C:\WINDOWS\system32\ati2sgag.exe
20:22:51.0937 5696 ATI Smart - ok
20:22:52.0171 5696 ati2mtag (f27a0b0d1373d36d866f29b434b7aa92) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:22:52.0328 5696 ati2mtag - ok
20:22:52.0390 5696 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:22:52.0390 5696 Atmarpc - ok
20:22:52.0453 5696 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:22:52.0453 5696 AudioSrv - ok
20:22:52.0484 5696 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:22:52.0484 5696 audstub - ok
20:22:52.0546 5696 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
20:22:52.0562 5696 avgio - ok
20:22:52.0593 5696 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:22:52.0609 5696 avgntflt - ok
20:22:52.0640 5696 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:22:52.0640 5696 avipbb - ok
20:22:52.0703 5696 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:22:52.0703 5696 Beep - ok
20:22:52.0750 5696 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:22:52.0765 5696 BITS - ok
20:22:52.0859 5696 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:22:52.0859 5696 Browser - ok
20:22:52.0859 5696 catchme - ok
20:22:52.0906 5696 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:22:52.0906 5696 cbidf2k - ok
20:22:52.0953 5696 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:22:52.0953 5696 CCDECODE - ok
20:22:53.0000 5696 cd20xrnt - ok
20:22:53.0031 5696 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:22:53.0062 5696 Cdaudio - ok
20:22:53.0109 5696 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:22:53.0140 5696 Cdfs - ok
20:22:53.0218 5696 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:22:53.0218 5696 Cdrom - ok
20:22:53.0265 5696 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
20:22:53.0281 5696 cercsr6 - ok
20:22:53.0312 5696 Changer - ok
20:22:53.0375 5696 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:22:53.0375 5696 CiSvc - ok
20:22:53.0421 5696 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:22:53.0421 5696 ClipSrv - ok
20:22:53.0500 5696 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:22:53.0500 5696 clr_optimization_v2.0.50727_32 - ok
20:22:53.0546 5696 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:22:53.0546 5696 clr_optimization_v4.0.30319_32 - ok
20:22:53.0578 5696 CmdIde - ok
20:22:53.0609 5696 COMSysApp - ok
20:22:53.0671 5696 Cpqarray - ok
20:22:53.0718 5696 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:22:53.0718 5696 CryptSvc - ok
20:22:53.0750 5696 dac2w2k - ok
20:22:53.0765 5696 dac960nt - ok
20:22:53.0843 5696 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:22:53.0859 5696 DcomLaunch - ok
20:22:53.0906 5696 dgderdrv (d0d4f3ca1d3a4400e1f40f36a800cd12) C:\WINDOWS\system32\drivers\dgderdrv.sys
20:22:53.0906 5696 dgderdrv - ok
20:22:53.0953 5696 dgdersvc (1f7baca7d1dd1b3d73b4c3934148fad3) C:\WINDOWS\system32\dgdersvc.exe
20:22:53.0953 5696 dgdersvc - ok
20:22:54.0000 5696 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:22:54.0000 5696 Dhcp - ok
20:22:54.0031 5696 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:22:54.0031 5696 Disk - ok
20:22:54.0046 5696 dmadmin - ok
20:22:54.0125 5696 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:22:54.0156 5696 dmboot - ok
20:22:54.0234 5696 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:22:54.0265 5696 dmio - ok
20:22:54.0296 5696 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:22:54.0312 5696 dmload - ok
20:22:54.0359 5696 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:22:54.0359 5696 dmserver - ok
20:22:54.0390 5696 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:22:54.0390 5696 DMusic - ok
20:22:54.0437 5696 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:22:54.0437 5696 Dnscache - ok
20:22:54.0484 5696 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:22:54.0484 5696 Dot3svc - ok
20:22:54.0500 5696 dpti2o - ok
20:22:54.0515 5696 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:22:54.0515 5696 drmkaud - ok
20:22:54.0562 5696 EagleNT - ok
20:22:54.0609 5696 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:22:54.0609 5696 EapHost - ok
20:22:54.0656 5696 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:22:54.0656 5696 ERSvc - ok
20:22:54.0718 5696 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:22:54.0718 5696 Eventlog - ok
20:22:54.0750 5696 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:22:54.0765 5696 EventSystem - ok
20:22:54.0812 5696 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:22:54.0843 5696 Fastfat - ok
20:22:54.0921 5696 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:22:54.0921 5696 FastUserSwitchingCompatibility - ok
20:22:54.0968 5696 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:22:54.0968 5696 Fdc - ok
20:22:54.0984 5696 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:22:55.0015 5696 Fips - ok
20:22:55.0046 5696 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:22:55.0062 5696 Flpydisk - ok
20:22:55.0125 5696 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:22:55.0125 5696 FltMgr - ok
20:22:55.0218 5696 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:22:55.0218 5696 FontCache3.0.0.0 - ok
20:22:55.0250 5696 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:22:55.0343 5696 Fs_Rec - ok
20:22:55.0375 5696 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:22:55.0375 5696 Ftdisk - ok
20:22:55.0390 5696 FWLANUSB - ok
20:22:55.0421 5696 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:22:55.0421 5696 Gpc - ok
20:22:55.0453 5696 gupdate - ok
20:22:55.0453 5696 gupdatem - ok
20:22:55.0531 5696 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:22:55.0531 5696 HDAudBus - ok
20:22:55.0593 5696 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:22:55.0593 5696 helpsvc - ok
20:22:55.0609 5696 HidServ - ok
20:22:55.0671 5696 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:22:55.0671 5696 hkmsvc - ok
20:22:55.0703 5696 hpn - ok
20:22:55.0765 5696 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:22:55.0781 5696 HTTP - ok
20:22:55.0828 5696 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:22:55.0828 5696 HTTPFilter - ok
20:22:55.0859 5696 i2omgmt - ok
20:22:55.0906 5696 i2omp - ok
20:22:55.0968 5696 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:22:55.0968 5696 i8042prt - ok
20:22:56.0000 5696 ICQ Service - ok
20:22:56.0109 5696 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:22:56.0234 5696 idsvc - ok
20:22:56.0500 5696 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:22:56.0531 5696 Imapi - ok
20:22:56.0703 5696 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:22:56.0703 5696 ImapiService - ok
20:22:56.0718 5696 ini910u - ok
20:22:56.0921 5696 IntcAzAudAddService (4716f7ee8fb7fd02596ece1ec70aff53) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:22:57.0046 5696 IntcAzAudAddService - ok
20:22:57.0093 5696 IntelIde - ok
20:22:57.0156 5696 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:22:57.0156 5696 Ip6Fw - ok
20:22:57.0218 5696 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:22:57.0234 5696 IpFilterDriver - ok
20:22:57.0265 5696 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:22:57.0265 5696 IpInIp - ok
20:22:57.0296 5696 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:22:57.0296 5696 IpNat - ok
20:22:57.0328 5696 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:22:57.0328 5696 IPSec - ok
20:22:57.0359 5696 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:22:57.0359 5696 IRENUM - ok
20:22:57.0390 5696 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:22:57.0406 5696 isapnp - ok
20:22:57.0531 5696 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
20:22:57.0531 5696 JavaQuickStarterService - ok
20:22:57.0578 5696 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:22:57.0578 5696 Kbdclass - ok
20:22:57.0609 5696 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:22:57.0609 5696 kmixer - ok
20:22:57.0656 5696 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:22:57.0671 5696 KSecDD - ok
20:22:57.0734 5696 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:22:57.0734 5696 lanmanserver - ok
20:22:57.0781 5696 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:22:57.0796 5696 lanmanworkstation - ok
20:22:57.0796 5696 lbrtfdc - ok
20:22:57.0843 5696 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:22:57.0843 5696 LmHosts - ok
20:22:57.0875 5696 massfilter (09721f2c56681a83c93ecdfab8b102a9) C:\WINDOWS\system32\drivers\massfilter.sys
20:22:57.0875 5696 massfilter - ok
20:22:57.0921 5696 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:22:57.0921 5696 Messenger - ok
20:22:57.0984 5696 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:22:58.0000 5696 mnmdd - ok
20:22:58.0031 5696 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:22:58.0031 5696 mnmsrvc - ok
20:22:58.0046 5696 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:22:58.0062 5696 Modem - ok
20:22:58.0140 5696 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
20:22:58.0187 5696 Monfilt - ok
20:22:58.0234 5696 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:22:58.0234 5696 Mouclass - ok
20:22:58.0250 5696 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:22:58.0265 5696 MountMgr - ok
20:22:58.0296 5696 mraid35x - ok
20:22:58.0343 5696 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:22:58.0343 5696 MRxDAV - ok
20:22:58.0406 5696 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:22:58.0421 5696 MRxSmb - ok
20:22:58.0578 5696 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:22:58.0578 5696 MSDTC - ok
20:22:58.0609 5696 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:22:58.0609 5696 Msfs - ok
20:22:58.0625 5696 MSIServer - ok
20:22:58.0656 5696 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:22:58.0656 5696 MSKSSRV - ok
20:22:58.0703 5696 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:22:58.0703 5696 MSPCLOCK - ok
20:22:58.0750 5696 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:22:58.0750 5696 MSPQM - ok
20:22:58.0781 5696 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:22:58.0781 5696 mssmbios - ok
20:22:58.0828 5696 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:22:58.0828 5696 MSTEE - ok
20:22:58.0890 5696 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:22:58.0921 5696 Mup - ok
20:22:58.0984 5696 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:22:58.0984 5696 NABTSFEC - ok
20:22:59.0031 5696 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:22:59.0046 5696 napagent - ok
20:22:59.0109 5696 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:22:59.0109 5696 NDIS - ok
20:22:59.0187 5696 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:22:59.0187 5696 NdisIP - ok
20:22:59.0234 5696 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:22:59.0234 5696 NdisTapi - ok
20:22:59.0265 5696 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:22:59.0265 5696 Ndisuio - ok
20:22:59.0281 5696 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:22:59.0281 5696 NdisWan - ok
20:22:59.0328 5696 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:22:59.0328 5696 NDProxy - ok
20:22:59.0359 5696 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:22:59.0359 5696 NetBIOS - ok
20:22:59.0406 5696 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:22:59.0406 5696 NetBT - ok
20:22:59.0468 5696 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:22:59.0468 5696 NetDDE - ok
20:22:59.0468 5696 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:22:59.0468 5696 NetDDEdsdm - ok
20:22:59.0531 5696 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:22:59.0531 5696 Netlogon - ok
20:22:59.0593 5696 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:22:59.0609 5696 Netman - ok
20:22:59.0671 5696 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:22:59.0671 5696 NetTcpPortSharing - ok
20:22:59.0734 5696 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:22:59.0750 5696 Nla - ok
20:22:59.0781 5696 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:22:59.0812 5696 Npfs - ok
20:22:59.0843 5696 npggsvc - ok
20:22:59.0921 5696 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
20:22:59.0921 5696 NPPTNT2 - ok
20:22:59.0968 5696 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:22:59.0984 5696 Ntfs - ok
20:23:00.0031 5696 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:23:00.0031 5696 NtLmSsp - ok
20:23:00.0078 5696 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:23:00.0078 5696 NtmsSvc - ok
20:23:00.0109 5696 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:23:00.0109 5696 Null - ok
20:23:00.0140 5696 NWCWorkstation (c34a6a72dec2c317d67355dc18f87090) C:\WINDOWS\System32\nwwks.dll
20:23:00.0156 5696 NWCWorkstation - ok
20:23:00.0187 5696 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:23:00.0187 5696 NwlnkFlt - ok
20:23:00.0234 5696 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:23:00.0234 5696 NwlnkFwd - ok
20:23:00.0281 5696 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
20:23:00.0281 5696 NwlnkIpx - ok
20:23:00.0312 5696 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
20:23:00.0312 5696 NwlnkNb - ok
20:23:00.0343 5696 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
20:23:00.0343 5696 NwlnkSpx - ok
20:23:00.0390 5696 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
20:23:00.0390 5696 NWRDR - ok
20:23:00.0421 5696 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:23:00.0421 5696 Parport - ok
20:23:00.0437 5696 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:23:00.0453 5696 PartMgr - ok
20:23:00.0500 5696 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:23:00.0500 5696 ParVdm - ok
20:23:00.0531 5696 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:23:00.0531 5696 PCI - ok
20:23:00.0546 5696 PCIDump - ok
20:23:00.0671 5696 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:23:00.0671 5696 PCIIde - ok
20:23:00.0718 5696 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:23:00.0718 5696 Pcmcia - ok
20:23:00.0750 5696 PDCOMP - ok
20:23:00.0765 5696 PDFRAME - ok
20:23:00.0781 5696 PDRELI - ok
20:23:00.0796 5696 PDRFRAME - ok
20:23:00.0828 5696 perc2 - ok
20:23:00.0859 5696 perc2hib - ok
20:23:00.0921 5696 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:23:00.0921 5696 PlugPlay - ok
20:23:00.0937 5696 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:23:00.0937 5696 PolicyAgent - ok
20:23:00.0984 5696 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:23:00.0984 5696 PptpMiniport - ok
20:23:01.0000 5696 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
20:23:01.0000 5696 Processor - ok
20:23:01.0031 5696 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:23:01.0031 5696 ProtectedStorage - ok
20:23:01.0062 5696 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:23:01.0062 5696 PSched - ok
20:23:01.0093 5696 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:23:01.0093 5696 Ptilink - ok
20:23:01.0125 5696 ql1080 - ok
20:23:01.0140 5696 Ql10wnt - ok
20:23:01.0171 5696 ql12160 - ok
20:23:01.0203 5696 ql1240 - ok
20:23:01.0234 5696 ql1280 - ok
20:23:01.0265 5696 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:23:01.0265 5696 RasAcd - ok
20:23:01.0328 5696 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:23:01.0328 5696 RasAuto - ok
20:23:01.0359 5696 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:23:01.0359 5696 Rasl2tp - ok
20:23:01.0406 5696 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:23:01.0406 5696 RasMan - ok
20:23:01.0406 5696 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:23:01.0421 5696 RasPppoe - ok
20:23:01.0453 5696 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:23:01.0453 5696 Raspti - ok
20:23:01.0468 5696 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:23:01.0468 5696 Rdbss - ok
20:23:01.0484 5696 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:23:01.0484 5696 RDPCDD - ok
20:23:01.0515 5696 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:23:01.0515 5696 rdpdr - ok
20:23:01.0578 5696 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:23:01.0593 5696 RDPWD - ok
20:23:01.0656 5696 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:23:01.0687 5696 RDSessMgr - ok
20:23:01.0718 5696 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:23:01.0718 5696 redbook - ok
20:23:01.0750 5696 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:23:01.0765 5696 RemoteAccess - ok
20:23:01.0781 5696 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:23:01.0796 5696 RemoteRegistry - ok
20:23:01.0843 5696 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
20:23:01.0843 5696 ROOTMODEM - ok
20:23:01.0875 5696 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:23:01.0875 5696 RpcLocator - ok
20:23:01.0921 5696 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
20:23:01.0921 5696 RpcSs - ok
20:23:01.0937 5696 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:23:01.0937 5696 RSVP - ok
20:23:01.0984 5696 RTL8023xp (8e34400ffc7d647946d9c820678775af) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:23:01.0984 5696 RTL8023xp - ok
20:23:02.0015 5696 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:23:02.0031 5696 rtl8139 - ok
20:23:02.0078 5696 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:23:02.0078 5696 SamSs - ok
20:23:02.0140 5696 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:23:02.0140 5696 SCardSvr - ok
20:23:02.0187 5696 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:23:02.0203 5696 Schedule - ok
20:23:02.0265 5696 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:23:02.0265 5696 Secdrv - ok
20:23:02.0312 5696 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:23:02.0312 5696 seclogon - ok
20:23:02.0343 5696 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:23:02.0343 5696 SENS - ok
20:23:02.0375 5696 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:23:02.0375 5696 serenum - ok
20:23:02.0406 5696 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:23:02.0406 5696 Serial - ok
20:23:02.0468 5696 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:23:02.0468 5696 Sfloppy - ok
20:23:02.0515 5696 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:23:02.0515 5696 SharedAccess - ok
20:23:02.0578 5696 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:23:02.0578 5696 ShellHWDetection - ok
20:23:02.0578 5696 Simbad - ok
20:23:02.0625 5696 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:23:02.0625 5696 SLIP - ok
20:23:03.0000 5696 SNP2STD (97b19508eb11097eac08f0c195ee948d) C:\WINDOWS\system32\DRIVERS\snp2sxp.sys
20:23:03.0234 5696 SNP2STD - ok
20:23:03.0281 5696 Sparrow - ok
20:23:03.0328 5696 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:23:03.0328 5696 splitter - ok
20:23:03.0406 5696 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:23:03.0406 5696 Spooler - ok
20:23:03.0421 5696 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:23:03.0421 5696 sr - ok
20:23:03.0484 5696 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:23:03.0500 5696 srservice - ok
20:23:03.0546 5696 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:23:03.0562 5696 Srv - ok
20:23:03.0609 5696 ssadbus (406776fe3c2b66796bac1a7afb9ac8a1) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
20:23:03.0609 5696 ssadbus - ok
20:23:03.0656 5696 ssadmdfl (b19532d015a5d295e2aa34bb521202cf) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
20:23:03.0656 5696 ssadmdfl - ok
20:23:03.0687 5696 ssadmdm (2aebf9108e6f435458b9499c27394da4) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
20:23:03.0703 5696 ssadmdm - ok
20:23:03.0734 5696 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:23:03.0734 5696 SSDPSRV - ok
20:23:03.0843 5696 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:23:03.0843 5696 ssmdrv - ok
20:23:03.0890 5696 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:23:03.0890 5696 stisvc - ok
20:23:03.0921 5696 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:23:03.0937 5696 streamip - ok
20:23:03.0968 5696 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:23:03.0968 5696 swenum - ok
20:23:04.0000 5696 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:23:04.0000 5696 swmidi - ok
20:23:04.0015 5696 SwPrv - ok
20:23:04.0031 5696 symc810 - ok
20:23:04.0062 5696 symc8xx - ok
20:23:04.0062 5696 sym_hi - ok
20:23:04.0125 5696 sym_u3 - ok
20:23:04.0156 5696 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:23:04.0156 5696 sysaudio - ok
20:23:04.0187 5696 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:23:04.0187 5696 SysmonLog - ok
20:23:04.0234 5696 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:23:04.0250 5696 TapiSrv - ok
20:23:04.0312 5696 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:23:04.0312 5696 Tcpip - ok
20:23:04.0359 5696 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:23:04.0375 5696 TDPIPE - ok
20:23:04.0406 5696 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:23:04.0421 5696 TDTCP - ok
20:23:04.0453 5696 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:23:04.0453 5696 TermDD - ok
20:23:04.0515 5696 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:23:04.0515 5696 TermService - ok
20:23:04.0578 5696 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:23:04.0578 5696 Themes - ok
20:23:04.0625 5696 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
20:23:04.0625 5696 TlntSvr - ok
20:23:04.0640 5696 TosIde - ok
20:23:04.0687 5696 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:23:04.0687 5696 TrkWks - ok
20:23:04.0718 5696 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:23:04.0718 5696 Udfs - ok
20:23:04.0828 5696 UI Assistant Service (13bff97e926bf8d9c1230cecc371a0c0) C:\Programme\1&1 Surf-Stick\AssistantServices.exe
20:23:04.0890 5696 UI Assistant Service - ok
20:23:04.0921 5696 ultra - ok
20:23:04.0968 5696 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:23:04.0968 5696 Update - ok
20:23:04.0984 5696 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:23:05.0000 5696 upnphost - ok
20:23:05.0015 5696 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:23:05.0015 5696 UPS - ok
20:23:05.0062 5696 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:23:05.0062 5696 usbccgp - ok
20:23:05.0093 5696 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:23:05.0093 5696 usbehci - ok
20:23:05.0125 5696 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:23:05.0140 5696 usbhub - ok
20:23:05.0156 5696 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:23:05.0156 5696 usbohci - ok
20:23:05.0171 5696 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:23:05.0187 5696 usbstor - ok
20:23:05.0203 5696 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:23:05.0203 5696 VgaSave - ok
20:23:05.0218 5696 ViaIde - ok
20:23:05.0250 5696 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:23:05.0250 5696 VolSnap - ok
20:23:05.0281 5696 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:23:05.0281 5696 VSS - ok
20:23:05.0328 5696 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:23:05.0328 5696 W32Time - ok
20:23:05.0375 5696 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:23:05.0375 5696 Wanarp - ok
20:23:05.0390 5696 wbymj4iz.sys - ok
20:23:05.0437 5696 WDICA - ok
20:23:05.0468 5696 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:23:05.0468 5696 wdmaud - ok
20:23:05.0500 5696 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:23:05.0500 5696 WebClient - ok
20:23:05.0546 5696 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:23:05.0562 5696 winmgmt - ok
20:23:05.0609 5696 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
20:23:05.0609 5696 WmdmPmSN - ok
20:23:05.0687 5696 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:23:05.0703 5696 Wmi - ok
20:23:05.0750 5696 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:23:05.0765 5696 WmiApSrv - ok
20:23:05.0843 5696 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:23:05.0937 5696 WMPNetworkSvc - ok
20:23:06.0015 5696 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:23:06.0015 5696 WpdUsb - ok
20:23:06.0125 5696 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:23:06.0171 5696 WPFFontCache_v0400 - ok
20:23:06.0203 5696 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:23:06.0234 5696 WS2IFSL - ok
20:23:06.0250 5696 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:23:06.0250 5696 wscsvc - ok
20:23:06.0265 5696 WSearch - ok
20:23:06.0312 5696 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:23:06.0312 5696 WSTCODEC - ok
20:23:06.0359 5696 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:23:06.0359 5696 wuauserv - ok
20:23:06.0406 5696 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:23:06.0406 5696 WudfPf - ok
20:23:06.0421 5696 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:23:06.0421 5696 WudfRd - ok
20:23:06.0453 5696 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:23:06.0453 5696 WudfSvc - ok
20:23:06.0500 5696 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:23:06.0515 5696 WZCSVC - ok
20:23:06.0546 5696 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:23:06.0546 5696 xmlprov - ok
20:23:06.0578 5696 xpsec - ok
20:23:06.0625 5696 yukonwxp (4322c32ced8c4772e039616dcbf01d3f) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:23:06.0640 5696 yukonwxp - ok
20:23:06.0703 5696 ZTEusbmdm6k (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
20:23:06.0703 5696 ZTEusbmdm6k - ok
20:23:06.0734 5696 ZTEusbnmea (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
20:23:06.0734 5696 ZTEusbnmea - ok
20:23:06.0781 5696 ZTEusbser6k (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
20:23:06.0781 5696 ZTEusbser6k - ok
20:23:06.0812 5696 MBR (0x1B8) (eeadaf356113e54427e990a5bcad82b5) \Device\Harddisk0\DR0
20:23:06.0812 5696 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
20:23:06.0812 5696 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
20:23:06.0812 5696 Boot (0x1200) (52f8e7d5a3c4541149f103f5aa567709) \Device\Harddisk0\DR0\Partition0
20:23:06.0812 5696 \Device\Harddisk0\DR0\Partition0 - ok
20:23:06.0812 5696 ============================================================
20:23:06.0812 5696 Scan finished
20:23:06.0812 5696 ============================================================
20:23:06.0828 5588 Detected object count: 1
20:23:06.0828 5588 Actual detected object count: 1
20:24:29.0062 5588 \Device\Harddisk0\DR0\# - copied to quarantine
20:24:29.0078 5588 \Device\Harddisk0\DR0 - copied to quarantine
20:24:29.0093 5588 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
20:24:29.0187 5588 \Device\Harddisk0\DR0 - ok
20:24:29.0187 5588 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
20:25:46.0578 5964 Deinitialize success

markusg · 17.04.2012, 20:20

nutzt du das gerät für onlinebanking einkäufe, sonstige zahlungsabwicklungen, oder ähnlich wichtiges, wie berufliches?

Leon3221 · 18.04.2012, 05:34

Nein ich bin erst 15 ich Spiele nur ab und an und versau mir meinen PC...
Aber sag mal was war das den für ein Virus und ist dieser noch da ?

lg Leon

markusg · 18.04.2012, 10:08

dies war ein rootkit.
da solche rootkits enderungen am pc vor nehmen können, wie wir nicht mehr zurück verfolgen können, sollten wir das gerät neu aufsetzen:
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:

deaktiviere Autorun: http://www.trojaner-board.de/83238-a...sschalten.html
dann sichere Daten auf nen externen datenträger: http://www.trojaner-board.de/82533-d...ted-magic.html
Bilder, Dokumente, Musik Videos (persönliches) http://www.trojaner-board.de/71715-k...iendungen.html

2. Formatieren, Windows neu instalieren:

nutzt du eine Windows CD: http://www.trojaner-board.de/51262-a...sicherung.html
recovery cd oder recovery partition.
falls dies ein fertig pc ist, nenne hersteller + typ.
Keine Windows 7 DVD? http://www.trojaner-board.de/100776-...-download.html

3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.

Leon3221 · 18.04.2012, 17:11

Okay werde den PC neu aufsetzen kann es sein das meine Externe festplatte auch im arsch ist ? also das da der Rootkit auch drauf ist kann nähmlich sein das ich so doof war und die platte an den PC angeschlossen hatte als ich den Virus runter geldaden hatte ?

markusg · 18.04.2012, 17:14

nein, aber wir werden die platte, wenn das system abgesichert ist, prüfen

Leon3221 · 18.04.2012, 17:21

okay wie Teste ich die einfach tdsskiller drauf und auslesen lassen ?

markusg · 18.04.2012, 17:33

nein.
aber mach dir jetzt keinen kopf darüber, wenn das system noch nicht mal neu aufgesetzt ist.
eines nach dem andern, also erst mal daten retten

Leon3221 · 18.04.2012, 17:41

Okay danke mache ich

So bin an meinem Leptop. Mein PC Formatiert grade.

Habe grade mit avira und tdsskiller meine Externe Festplatte abgesucht sollte nicht drauf sein hat nicht angeschlagen.

Also Clean oder ?

17.04.2012, 20:20	#17
markusg /// Malware-holic	Mein PC ist vielleicht Infiziert. nutzt du das gerät für onlinebanking einkäufe, sonstige zahlungsabwicklungen, oder ähnlich wichtiges, wie berufliches? __________________ __________________

18.04.2012, 17:14	#21
markusg /// Malware-holic	Mein PC ist vielleicht Infiziert. nein, aber wir werden die platte, wenn das system abgesichert ist, prüfen __________________ --> Mein PC ist vielleicht Infiziert.

Mein PC ist vielleicht Infiziert.

Log-Analyse und Auswertung: Mein PC ist vielleicht Infiziert.