und hier das TDSS log nach Löschung:

Code: Alles auswählenAufklappen

ATTFilter

17:02:06.0000 2284	TDSS rootkit removing tool 2.7.34.0 May  2 2012 09:59:18
17:02:08.0000 2284	============================================================
17:02:08.0000 2284	Current date / time: 2012/06/13 17:02:08.0000
17:02:08.0000 2284	SystemInfo:
17:02:08.0000 2284	
17:02:08.0000 2284	OS Version: 5.1.2600 ServicePack: 3.0
17:02:08.0000 2284	Product type: Workstation
17:02:08.0000 2284	ComputerName: PHYSIOCARE-1
17:02:08.0000 2284	UserName: Administrator
17:02:08.0000 2284	Windows directory: C:\WINDOWS
17:02:08.0000 2284	System windows directory: C:\WINDOWS
17:02:08.0000 2284	Processor architecture: Intel x86
17:02:08.0000 2284	Number of processors: 1
17:02:08.0000 2284	Page size: 0x1000
17:02:08.0000 2284	Boot type: Normal boot
17:02:08.0000 2284	============================================================
17:02:11.0921 2284	Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:02:11.0921 2284	Drive \Device\Harddisk1\DR2 - Size: 0xEEF00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:02:11.0921 2284	============================================================
17:02:11.0921 2284	\Device\Harddisk0\DR0:
17:02:11.0921 2284	MBR partitions:
17:02:11.0921 2284	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E
17:02:11.0921 2284	\Device\Harddisk1\DR2:
17:02:11.0921 2284	MBR partitions:
17:02:11.0921 2284	\Device\Harddisk1\DR2\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x7777E0
17:02:11.0921 2284	============================================================
17:02:12.0156 2284	C: <-> \Device\Harddisk0\DR0\Partition0
17:02:12.0156 2284	============================================================
17:02:12.0156 2284	Initialize success
17:02:12.0156 2284	============================================================
17:02:42.0390 2720	============================================================
17:02:42.0390 2720	Scan started
17:02:42.0390 2720	Mode: Manual; SigCheck; TDLFS; 
17:02:42.0390 2720	============================================================
17:02:47.0515 2720	Abiosdsk - ok
17:02:47.0515 2720	abp480n5 - ok
17:02:47.0578 2720	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:02:48.0218 2720	ACPI - ok
17:02:48.0265 2720	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:02:48.0531 2720	ACPIEC - ok
17:02:48.0531 2720	adpu160m - ok
17:02:48.0562 2720	aeaudio         (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
17:02:48.0687 2720	aeaudio - ok
17:02:48.0828 2720	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:02:49.0093 2720	aec - ok
17:02:49.0203 2720	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:02:49.0375 2720	AFD - ok
17:02:49.0390 2720	Aha154x - ok
17:02:49.0406 2720	aic78u2 - ok
17:02:49.0421 2720	aic78xx - ok
17:02:49.0562 2720	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
17:02:49.0937 2720	Alerter - ok
17:02:49.0968 2720	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
17:02:50.0171 2720	ALG - ok
17:02:50.0171 2720	AliIde - ok
17:02:50.0187 2720	amsint - ok
17:02:50.0296 2720	AppMgmt         (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
17:02:50.0500 2720	AppMgmt - ok
17:02:50.0500 2720	asc - ok
17:02:50.0515 2720	asc3350p - ok
17:02:50.0515 2720	asc3550 - ok
17:02:51.0265 2720	aspnet_state    (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
17:02:51.0343 2720	aspnet_state ( UnsignedFile.Multi.Generic ) - warning
17:02:51.0343 2720	aspnet_state - detected UnsignedFile.Multi.Generic (1)
17:02:51.0375 2720	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:02:51.0718 2720	AsyncMac - ok
17:02:51.0859 2720	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:02:52.0125 2720	atapi - ok
17:02:52.0140 2720	Atdisk - ok
17:02:52.0187 2720	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:02:52.0421 2720	Atmarpc - ok
17:02:52.0468 2720	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
17:02:52.0890 2720	AudioSrv - ok
17:02:52.0921 2720	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:02:53.0203 2720	audstub - ok
17:02:53.0531 2720	AVM WLAN Connection Service (06c3528e0686a58701367749b0145a4a) C:\Programme\avmwlanstick\WlanNetService.exe
17:02:53.0968 2720	AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
17:02:53.0968 2720	AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
17:02:54.0062 2720	avmeject        (263cf9d248fd5e020a1333ed4f7eaa88) C:\WINDOWS\system32\drivers\avmeject.sys
17:02:54.0312 2720	avmeject ( UnsignedFile.Multi.Generic ) - warning
17:02:54.0312 2720	avmeject - detected UnsignedFile.Multi.Generic (1)
17:02:54.0578 2720	b57w2k          (4826fcf97c47b361a2e2f68cd487a19e) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
17:02:54.0812 2720	b57w2k - ok
17:02:55.0031 2720	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:02:55.0328 2720	Beep - ok
17:02:55.0578 2720	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
17:02:55.0875 2720	BITS - ok
17:02:56.0171 2720	bkn50USB        (6d39682a1051a5be7437ec99f1bf9921) C:\WINDOWS\system32\DRIVERS\rt2500usb.sys
17:02:56.0390 2720	bkn50USB ( UnsignedFile.Multi.Generic ) - warning
17:02:56.0390 2720	bkn50USB - detected UnsignedFile.Multi.Generic (1)
17:02:56.0546 2720	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
17:02:56.0843 2720	Browser - ok
17:02:56.0890 2720	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:02:57.0203 2720	cbidf2k - ok
17:02:57.0203 2720	cd20xrnt - ok
17:02:57.0250 2720	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:02:57.0437 2720	Cdaudio - ok
17:02:57.0500 2720	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:02:57.0703 2720	Cdfs - ok
17:02:57.0796 2720	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:02:57.0984 2720	Cdrom - ok
17:02:58.0093 2720	cfwids          (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\WINDOWS\system32\drivers\cfwids.sys
17:03:09.0156 2720	cfwids - ok
17:03:09.0156 2720	Changer - ok
17:03:09.0203 2720	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
17:03:09.0468 2720	CiSvc - ok
17:03:09.0750 2720	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
17:03:10.0031 2720	ClipSrv - ok
17:03:10.0046 2720	CmdIde - ok
17:03:10.0046 2720	COMSysApp - ok
17:03:10.0062 2720	Cpqarray - ok
17:03:10.0140 2720	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
17:03:10.0437 2720	CryptSvc - ok
17:03:10.0453 2720	dac2w2k - ok
17:03:10.0453 2720	dac960nt - ok
17:03:11.0078 2720	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:03:11.0140 2720	DcomLaunch - ok
17:03:11.0187 2720	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
17:03:11.0343 2720	Dhcp - ok
17:03:11.0375 2720	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:03:11.0531 2720	Disk - ok
17:03:11.0546 2720	dmadmin - ok
17:03:11.0609 2720	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
17:03:12.0078 2720	dmboot - ok
17:03:12.0109 2720	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
17:03:12.0484 2720	dmio - ok
17:03:12.0500 2720	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:03:12.0671 2720	dmload - ok
17:03:12.0703 2720	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
17:03:12.0968 2720	dmserver - ok
17:03:13.0015 2720	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:03:13.0156 2720	DMusic - ok
17:03:13.0203 2720	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
17:03:13.0234 2720	Dnscache - ok
17:03:13.0281 2720	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
17:03:13.0437 2720	Dot3svc - ok
17:03:13.0453 2720	dpti2o - ok
17:03:13.0468 2720	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:03:13.0625 2720	drmkaud - ok
17:03:13.0671 2720	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
17:03:13.0984 2720	EapHost - ok
17:03:14.0031 2720	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
17:03:14.0281 2720	ERSvc - ok
17:03:14.0328 2720	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:03:14.0359 2720	Eventlog - ok
17:03:14.0406 2720	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
17:03:14.0437 2720	EventSystem - ok
17:03:14.0484 2720	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:03:14.0640 2720	Fastfat - ok
17:03:14.0687 2720	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:03:14.0734 2720	FastUserSwitchingCompatibility - ok
17:03:14.0765 2720	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:03:14.0906 2720	Fdc - ok
17:03:14.0937 2720	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
17:03:15.0343 2720	Fips - ok
17:03:15.0359 2720	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:03:15.0500 2720	Flpydisk - ok
17:03:15.0546 2720	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:03:15.0687 2720	FltMgr - ok
17:03:15.0750 2720	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:03:15.0890 2720	Fs_Rec - ok
17:03:15.0921 2720	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:03:16.0187 2720	Ftdisk - ok
17:03:16.0250 2720	FWLANUSB        (41077d927c3654fd2d71549763525d75) C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
17:03:16.0406 2720	FWLANUSB - ok
17:03:16.0484 2720	fwlanusbn       (fc06a5be1ab381cd47af3d69006e88f0) C:\WINDOWS\system32\DRIVERS\fwlanusbn.sys
17:03:16.0750 2720	fwlanusbn - ok
17:03:16.0781 2720	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:03:16.0953 2720	Gpc - ok
17:03:16.0953 2720	GTNDIS5 - ok
17:03:17.0062 2720	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
17:03:17.0078 2720	gupdate - ok
17:03:17.0093 2720	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
17:03:17.0109 2720	gupdatem - ok
17:03:17.0171 2720	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
17:03:17.0187 2720	gusvc - ok
17:03:17.0312 2720	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:03:17.0546 2720	helpsvc - ok
17:03:17.0593 2720	HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
17:03:17.0859 2720	HidServ - ok
17:03:17.0890 2720	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:03:18.0031 2720	hidusb - ok
17:03:18.0062 2720	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
17:03:18.0328 2720	hkmsvc - ok
17:03:18.0343 2720	hpn - ok
17:03:18.0390 2720	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:03:18.0421 2720	HTTP - ok
17:03:18.0453 2720	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
17:03:18.0718 2720	HTTPFilter - ok
17:03:18.0718 2720	i2omgmt - ok
17:03:18.0734 2720	i2omp - ok
17:03:18.0890 2720	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\drivers\i8042prt.sys
17:03:19.0171 2720	i8042prt - ok
17:03:19.0250 2720	ialm            (0acebb31989cbf9a5663fe4a33d28d21) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:03:19.0453 2720	ialm ( UnsignedFile.Multi.Generic ) - warning
17:03:19.0453 2720	ialm - detected UnsignedFile.Multi.Generic (1)
17:03:19.0578 2720	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:03:19.0765 2720	IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:03:19.0765 2720	IDriverT - detected UnsignedFile.Multi.Generic (1)
17:03:19.0781 2720	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:03:19.0921 2720	Imapi - ok
17:03:19.0953 2720	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
17:03:20.0140 2720	ImapiService - ok
17:03:20.0140 2720	ini910u - ok
17:03:20.0171 2720	IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:03:20.0578 2720	IntelIde - ok
17:03:20.0625 2720	intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:03:21.0000 2720	intelppm - ok
17:03:21.0031 2720	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:03:21.0156 2720	Ip6Fw - ok
17:03:21.0218 2720	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:03:21.0359 2720	IpFilterDriver - ok
17:03:21.0406 2720	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:03:21.0546 2720	IpInIp - ok
17:03:21.0562 2720	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:03:21.0718 2720	IpNat - ok
17:03:21.0750 2720	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:03:21.0890 2720	IPSec - ok
17:03:21.0921 2720	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:03:22.0015 2720	IRENUM - ok
17:03:22.0046 2720	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:03:22.0296 2720	isapnp - ok
17:03:22.0421 2720	JavaQuickStarterService (5fd5865dc1a2100f8d4cf000ee5409a3) C:\Programme\Java\jre6\bin\jqs.exe
17:03:22.0593 2720	JavaQuickStarterService - ok
17:03:22.0625 2720	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:03:22.0937 2720	Kbdclass - ok
17:03:22.0968 2720	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:03:23.0343 2720	kbdhid - ok
17:03:23.0453 2720	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:03:23.0656 2720	kmixer - ok
17:03:23.0703 2720	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:03:23.0750 2720	KSecDD - ok
17:03:23.0796 2720	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
17:03:23.0828 2720	lanmanserver - ok
17:03:23.0875 2720	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
17:03:23.0890 2720	lanmanworkstation - ok
17:03:23.0906 2720	lbrtfdc - ok
17:03:23.0968 2720	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
17:03:24.0125 2720	LmHosts - ok
17:03:24.0156 2720	MBAMSwissArmy   (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
17:03:24.0281 2720	MBAMSwissArmy - ok
17:03:24.0375 2720	McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) C:\Programme\McAfee\SiteAdvisor\McSACore.exe
17:03:24.0734 2720	McAfee SiteAdvisor Service - ok
17:03:24.0875 2720	McMPFSvc        (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe
17:03:25.0000 2720	McMPFSvc - ok
17:03:25.0015 2720	mcmscsvc        (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\McAfee\McSvcHost\McSvHost.exe
17:03:25.0031 2720	mcmscsvc - ok
17:03:25.0046 2720	McNaiAnn        (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\McAfee\McSvcHost\McSvHost.exe
17:03:25.0093 2720	McNaiAnn - ok
17:03:25.0093 2720	McNASvc         (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\McAfee\McSvcHost\McSvHost.exe
17:03:25.0125 2720	McNASvc - ok
17:03:25.0203 2720	McODS           (42117cbc4849a5cf11129912dabbdeca) C:\Programme\McAfee\VirusScan\mcods.exe
17:03:25.0218 2720	McODS - ok
17:03:25.0234 2720	McProxy         (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\McAfee\McSvcHost\McSvHost.exe
17:03:25.0250 2720	McProxy - ok
17:03:25.0546 2720	McShield        (593fa4c378818ece76ba64a11ad56cf2) C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\\mcshield.exe
17:03:25.0703 2720	McShield - ok
17:03:26.0000 2720	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
17:03:26.0421 2720	Messenger - ok
17:03:26.0515 2720	mfeapfk         (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\WINDOWS\system32\drivers\mfeapfk.sys
17:03:26.0687 2720	mfeapfk - ok
17:03:26.0828 2720	mfeavfk         (c1dc5f42d3367f33b6451be78b38bd46) C:\WINDOWS\system32\drivers\mfeavfk.sys
17:03:26.0968 2720	mfeavfk - ok
17:03:26.0984 2720	mfeavfk01 - ok
17:03:27.0093 2720	mfebopk         (0435c43f4c2be01b84868ad2a906397b) C:\WINDOWS\system32\drivers\mfebopk.sys
17:03:27.0265 2720	mfebopk - ok
17:03:27.0453 2720	mfefire         (7e1f8b1bdc8240f08bd358b3a466c005) C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\\mfefire.exe
17:03:27.0625 2720	mfefire - ok
17:03:27.0796 2720	mfefirek        (4ea6ff90015424517843e931448e00f1) C:\WINDOWS\system32\drivers\mfefirek.sys
17:03:28.0015 2720	mfefirek - ok
17:03:28.0703 2720	mfehidk         (d1e998748ba24a731106611d535c6bbf) C:\WINDOWS\system32\drivers\mfehidk.sys
17:03:29.0328 2720	mfehidk - ok
17:03:29.0390 2720	mfendisk        (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
17:03:29.0562 2720	mfendisk - ok
17:03:29.0593 2720	mfendiskmp      (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
17:03:29.0671 2720	mfendiskmp - ok
17:03:29.0765 2720	mferkdet        (f454a13377f0a006d20a8c14a753c432) C:\WINDOWS\system32\drivers\mferkdet.sys
17:03:29.0921 2720	mferkdet - ok
17:03:30.0000 2720	mferkdk         (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
17:03:30.0125 2720	mferkdk - ok
17:03:30.0187 2720	mfesmfk         (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
17:03:30.0500 2720	mfesmfk - ok
17:03:30.0546 2720	mfetdi2k        (070d3faf2eac417c59d8674a8752f7a6) C:\WINDOWS\system32\drivers\mfetdi2k.sys
17:03:30.0718 2720	mfetdi2k - ok
17:03:30.0859 2720	mfevtp          (b10c4efd40810c08f4b44df2efcb54f7) C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfevtps.exe
17:03:31.0046 2720	mfevtp - ok
17:03:31.0093 2720	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:03:31.0406 2720	mnmdd - ok
17:03:31.0468 2720	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
17:03:31.0734 2720	mnmsrvc - ok
17:03:31.0875 2720	MOBKbackup      (aea8691282dd0afb4b753e378c5501f5) C:\Programme\McAfee Online Backup\MOBKbackup.exe
17:03:32.0062 2720	MOBKbackup - ok
17:03:32.0078 2720	MOBKFilter      (e896775837a8bce436348df460522394) C:\WINDOWS\system32\DRIVERS\MOBK.sys
17:03:32.0562 2720	MOBKFilter - ok
17:03:32.0765 2720	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
17:03:33.0125 2720	Modem - ok
17:03:33.0218 2720	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:03:33.0562 2720	Mouclass - ok
17:03:33.0640 2720	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:03:33.0921 2720	mouhid - ok
17:03:34.0078 2720	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:03:34.0296 2720	MountMgr - ok
17:03:34.0500 2720	MozillaMaintenance (6380ff81dd4d78b23398752d2f46ea43) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
17:03:35.0937 2720	MozillaMaintenance - ok
17:03:36.0359 2720	mozybackup      (55b717af54ac492fbd275835e5b485ad) C:\Programme\MozyHome\mozybackup.exe
17:03:36.0546 2720	mozybackup - ok
17:03:36.0921 2720	mozyFilter      (8e5f185f04d4ff203afbb0fd2b609e88) C:\WINDOWS\system32\DRIVERS\mozy.sys
17:03:37.0296 2720	mozyFilter - ok
17:03:37.0312 2720	mraid35x - ok
17:03:38.0140 2720	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:03:38.0312 2720	MRxDAV - ok
17:03:38.0375 2720	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:03:38.0468 2720	MRxSmb - ok
17:03:38.0515 2720	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
17:03:38.0843 2720	MSDTC - ok
17:03:38.0890 2720	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:03:39.0031 2720	Msfs - ok
17:03:39.0046 2720	MSIServer - ok
17:03:39.0156 2720	MSK80Service    (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe
17:03:39.0171 2720	MSK80Service - ok
17:03:39.0187 2720	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:03:39.0328 2720	MSKSSRV - ok
17:03:39.0343 2720	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:03:39.0484 2720	MSPCLOCK - ok
17:03:39.0500 2720	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:03:39.0640 2720	MSPQM - ok
17:03:39.0687 2720	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:03:39.0828 2720	mssmbios - ok
17:03:39.0875 2720	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:03:39.0906 2720	Mup - ok
17:03:40.0015 2720	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
17:03:40.0296 2720	napagent - ok
17:03:40.0328 2720	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:03:40.0484 2720	NDIS - ok
17:03:40.0578 2720	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:03:40.0640 2720	NdisTapi - ok
17:03:40.0687 2720	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:03:40.0937 2720	Ndisuio - ok
17:03:41.0015 2720	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:03:41.0203 2720	NdisWan - ok
17:03:41.0250 2720	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:03:41.0328 2720	NDProxy - ok
17:03:41.0609 2720	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:03:41.0765 2720	NetBIOS - ok
17:03:42.0234 2720	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:03:42.0500 2720	NetBT - ok
17:03:42.0765 2720	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:03:43.0843 2720	NetDDE - ok
17:03:43.0843 2720	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:03:44.0093 2720	NetDDEdsdm - ok
17:03:44.0328 2720	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:03:44.0546 2720	Netlogon - ok
17:03:45.0140 2720	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
17:03:45.0406 2720	Netman - ok
17:03:47.0296 2720	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
17:03:47.0546 2720	Nla - ok
17:03:47.0843 2720	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:03:48.0156 2720	Npfs - ok
17:03:48.0421 2720	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:03:48.0750 2720	Ntfs - ok
17:03:48.0750 2720	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:03:49.0078 2720	NtLmSsp - ok
17:03:49.0359 2720	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
17:03:49.0750 2720	NtmsSvc - ok
17:03:49.0796 2720	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:03:50.0140 2720	Null - ok
17:03:50.0187 2720	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:03:50.0515 2720	NwlnkFlt - ok
17:03:50.0531 2720	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:03:50.0875 2720	NwlnkFwd - ok
17:03:51.0109 2720	ose             (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
17:03:51.0156 2720	ose - ok
17:03:51.0234 2720	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
17:03:51.0750 2720	Parport - ok
17:03:51.0750 2720	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:03:52.0015 2720	PartMgr - ok
17:03:52.0078 2720	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
17:03:52.0515 2720	ParVdm - ok
17:03:52.0656 2720	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
17:03:53.0078 2720	PCI - ok
17:03:53.0078 2720	PCIDump - ok
17:03:53.0125 2720	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\drivers\PCIIde.sys
17:03:53.0500 2720	PCIIde - ok
17:03:53.0687 2720	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:03:54.0031 2720	Pcmcia - ok
17:03:54.0031 2720	PDCOMP - ok
17:03:54.0046 2720	PDFRAME - ok
17:03:54.0046 2720	PDRELI - ok
17:03:54.0062 2720	PDRFRAME - ok
17:03:54.0062 2720	perc2 - ok
17:03:54.0078 2720	perc2hib - ok
17:03:54.0187 2720	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:03:54.0312 2720	PlugPlay - ok
17:03:54.0312 2720	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:03:54.0578 2720	PolicyAgent - ok
17:03:54.0718 2720	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:03:55.0015 2720	PptpMiniport - ok
17:03:55.0171 2720	PRISM_A02       (57e95881e5f014816a8a53ad94ee0c48) C:\WINDOWS\system32\DRIVERS\WUSB20XP.sys
17:03:55.0468 2720	PRISM_A02 ( UnsignedFile.Multi.Generic ) - warning
17:03:55.0468 2720	PRISM_A02 - detected UnsignedFile.Multi.Generic (1)
17:03:55.0468 2720	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:03:55.0765 2720	ProtectedStorage - ok
17:03:55.0781 2720	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:03:56.0125 2720	PSched - ok
17:03:56.0156 2720	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:03:56.0468 2720	Ptilink - ok
17:03:56.0468 2720	ql1080 - ok
17:03:56.0484 2720	Ql10wnt - ok
17:03:56.0484 2720	ql12160 - ok
17:03:56.0500 2720	ql1240 - ok
17:03:56.0531 2720	ql1280 - ok
17:03:56.0562 2720	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:03:56.0828 2720	RasAcd - ok
17:03:56.0875 2720	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
17:03:57.0281 2720	RasAuto - ok
17:03:57.0312 2720	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:03:57.0468 2720	Rasl2tp - ok
17:03:58.0125 2720	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
17:03:58.0265 2720	RasMan - ok
17:03:58.0296 2720	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:03:58.0468 2720	RasPppoe - ok
17:03:58.0718 2720	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:03:58.0859 2720	Raspti - ok
17:03:59.0125 2720	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:03:59.0343 2720	Rdbss - ok
17:03:59.0375 2720	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:03:59.0515 2720	RDPCDD - ok
17:03:59.0578 2720	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:03:59.0765 2720	rdpdr - ok
17:04:00.0015 2720	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:04:00.0093 2720	RDPWD - ok
17:04:00.0140 2720	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
17:04:00.0328 2720	RDSessMgr - ok
17:04:00.0609 2720	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:04:01.0156 2720	redbook - ok
17:04:01.0265 2720	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
17:04:01.0687 2720	RemoteAccess - ok
17:04:01.0718 2720	RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
17:04:02.0093 2720	RemoteRegistry - ok
17:04:02.0625 2720	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
17:04:03.0125 2720	RpcLocator - ok
17:04:03.0484 2720	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:04:03.0562 2720	RpcSs - ok
17:04:03.0984 2720	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
17:04:04.0468 2720	RSVP - ok
17:04:04.0500 2720	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:04:04.0750 2720	SamSs - ok
17:04:04.0812 2720	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
17:04:05.0296 2720	SCardSvr - ok
17:04:05.0390 2720	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
17:04:05.0796 2720	Schedule - ok
17:04:05.0828 2720	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:04:06.0046 2720	Secdrv - ok
17:04:06.0078 2720	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
17:04:06.0375 2720	seclogon - ok
17:04:06.0406 2720	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
17:04:06.0562 2720	SENS - ok
17:04:06.0640 2720	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:04:06.0781 2720	serenum - ok
17:04:06.0828 2720	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
17:04:07.0140 2720	Serial - ok
17:04:07.0187 2720	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
17:04:07.0390 2720	Sfloppy - ok
17:04:07.0593 2720	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
17:04:07.0906 2720	SharedAccess - ok
17:04:08.0078 2720	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:04:08.0156 2720	ShellHWDetection - ok
17:04:08.0156 2720	Simbad - ok
17:04:09.0031 2720	smwdm           (4aa922332433cdeb8b82c072c212e32e) C:\WINDOWS\system32\drivers\smwdm.sys
17:04:10.0078 2720	smwdm - ok
17:04:10.0093 2720	Sparrow - ok
17:04:10.0328 2720	spkrmon         (4a205d78d17e6234986ddcd0da2761e9) C:\Programme\Analog Devices\SoundMAX\spkrmon.exe
17:04:10.0468 2720	spkrmon ( UnsignedFile.Multi.Generic ) - warning
17:04:10.0468 2720	spkrmon - detected UnsignedFile.Multi.Generic (1)
17:04:10.0546 2720	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:04:10.0703 2720	splitter - ok
17:04:10.0734 2720	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:04:10.0781 2720	Spooler - ok
17:04:10.0812 2720	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
17:04:11.0171 2720	sr - ok
17:04:11.0359 2720	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
17:04:12.0578 2720	srservice - ok
17:04:12.0687 2720	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:04:13.0718 2720	Srv - ok
17:04:14.0656 2720	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
17:04:15.0484 2720	SSDPSRV - ok
17:04:15.0781 2720	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
17:04:16.0171 2720	stisvc - ok
17:04:18.0078 2720	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:04:18.0312 2720	swenum - ok
17:04:18.0375 2720	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:04:18.0718 2720	swmidi - ok
17:04:18.0718 2720	SwPrv - ok
17:04:18.0734 2720	symc810 - ok
17:04:18.0750 2720	symc8xx - ok
17:04:18.0750 2720	sym_hi - ok
17:04:18.0796 2720	sym_u3 - ok
17:04:18.0828 2720	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:04:19.0171 2720	sysaudio - ok
17:04:19.0265 2720	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
17:04:19.0765 2720	SysmonLog - ok
17:04:19.0937 2720	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
17:04:20.0234 2720	TapiSrv - ok
17:04:20.0578 2720	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:04:20.0656 2720	Tcpip - ok
17:04:20.0843 2720	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:04:21.0000 2720	TDPIPE - ok
17:04:21.0031 2720	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:04:21.0234 2720	TDTCP - ok
17:04:21.0281 2720	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:04:21.0500 2720	TermDD - ok
17:04:22.0468 2720	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
17:04:22.0734 2720	TermService - ok
17:04:24.0218 2720	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:04:24.0312 2720	Themes - ok
17:04:24.0437 2720	TlntSvr         (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
17:04:24.0656 2720	TlntSvr - ok
17:04:24.0671 2720	TosIde - ok
17:04:24.0875 2720	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
17:04:25.0187 2720	TrkWks - ok
17:04:25.0265 2720	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:04:25.0453 2720	Udfs - ok
17:04:25.0468 2720	ultra - ok
17:04:26.0109 2720	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:04:26.0500 2720	Update - ok
17:04:26.0718 2720	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
17:04:26.0953 2720	upnphost - ok
17:04:26.0984 2720	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
17:04:27.0265 2720	UPS - ok
17:04:27.0296 2720	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:04:27.0656 2720	usbehci - ok
17:04:27.0687 2720	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:04:27.0843 2720	usbhub - ok
17:04:27.0875 2720	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:04:28.0078 2720	usbprint - ok
17:04:28.0109 2720	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:04:28.0265 2720	USBSTOR - ok
17:04:28.0281 2720	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:04:28.0562 2720	usbuhci - ok
17:04:28.0578 2720	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:04:28.0796 2720	VgaSave - ok
17:04:28.0812 2720	ViaIde - ok
17:04:28.0859 2720	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
17:04:29.0312 2720	VolSnap - ok
17:04:29.0546 2720	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
17:04:29.0750 2720	VSS - ok
17:04:29.0875 2720	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
17:04:30.0125 2720	W32Time - ok
17:04:30.0296 2720	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:04:30.0437 2720	Wanarp - ok
17:04:30.0437 2720	WDICA - ok
17:04:30.0468 2720	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:04:30.0625 2720	wdmaud - ok
17:04:30.0671 2720	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
17:04:31.0000 2720	WebClient - ok
17:04:31.0250 2720	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:04:31.0500 2720	winmgmt - ok
17:04:31.0546 2720	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:04:31.0593 2720	WmdmPmSN - ok
17:04:33.0156 2720	Wmi             (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
17:04:33.0281 2720	Wmi - ok
17:04:33.0375 2720	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:04:33.0546 2720	WmiApSrv - ok
17:04:34.0312 2720	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
17:04:34.0750 2720	WMPNetworkSvc - ok
17:04:34.0828 2720	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
17:04:35.0031 2720	WpdUsb - ok
17:04:35.0078 2720	WS2IFSL         (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:04:35.0421 2720	WS2IFSL - ok
17:04:35.0453 2720	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
17:04:35.0937 2720	wscsvc - ok
17:04:35.0968 2720	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
17:04:37.0000 2720	wuauserv - ok
17:04:37.0046 2720	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:04:37.0109 2720	WudfPf - ok
17:04:37.0140 2720	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:04:37.0203 2720	WudfRd - ok
17:04:37.0234 2720	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
17:04:37.0281 2720	WudfSvc - ok
17:04:37.0343 2720	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
17:04:37.0609 2720	WZCSVC - ok
17:04:37.0640 2720	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
17:04:37.0796 2720	xmlprov - ok
17:04:37.0828 2720	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
17:04:37.0859 2720	\Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
17:04:37.0859 2720	\Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
17:04:37.0890 2720	MBR (0x1B8)     (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
17:04:38.0015 2720	\Device\Harddisk1\DR2 - ok
17:04:38.0031 2720	Boot (0x1200)   (beaff209fcf932c1d7ff731f54d95dc9) \Device\Harddisk0\DR0\Partition0
17:04:38.0031 2720	\Device\Harddisk0\DR0\Partition0 - ok
17:04:38.0031 2720	Boot (0x1200)   (03db26b74f1015c63ae2e7b6cbcb7005) \Device\Harddisk1\DR2\Partition0
17:04:38.0031 2720	\Device\Harddisk1\DR2\Partition0 - ok
17:04:38.0046 2720	============================================================
17:04:38.0046 2720	Scan finished
17:04:38.0046 2720	============================================================
17:04:38.0062 3020	Detected object count: 9
17:04:38.0062 3020	Actual detected object count: 9
17:46:13.0093 3020	C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe - copied to quarantine
17:46:13.0109 3020	HKLM\SYSTEM\ControlSet001\services\aspnet_state - will be deleted on reboot
17:46:13.0109 3020	HKLM\SYSTEM\ControlSet003\services\aspnet_state - will be deleted on reboot
17:46:13.0125 3020	C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe - will be deleted on reboot
17:46:13.0125 3020	aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Delete 
17:46:13.0421 3020	C:\Programme\avmwlanstick\WlanNetService.exe - copied to quarantine
17:46:13.0765 3020	HKLM\SYSTEM\ControlSet001\services\AVM WLAN Connection Service - will be deleted on reboot
17:46:13.0765 3020	HKLM\SYSTEM\ControlSet003\services\AVM WLAN Connection Service - will be deleted on reboot
17:46:13.0781 3020	C:\Programme\avmwlanstick\WlanNetService.exe - will be deleted on reboot
17:46:13.0781 3020	AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Delete 
17:46:13.0921 3020	C:\WINDOWS\system32\drivers\avmeject.sys - copied to quarantine
17:46:14.0171 3020	HKLM\SYSTEM\ControlSet001\services\avmeject - will be deleted on reboot
17:46:14.0171 3020	HKLM\SYSTEM\ControlSet003\services\avmeject - will be deleted on reboot
17:46:14.0171 3020	C:\WINDOWS\system32\drivers\avmeject.sys - will be deleted on reboot
17:46:14.0171 3020	avmeject ( UnsignedFile.Multi.Generic ) - User select action: Delete 
17:46:14.0343 3020	C:\WINDOWS\system32\DRIVERS\rt2500usb.sys - copied to quarantine
17:46:14.0546 3020	HKLM\SYSTEM\ControlSet001\services\bkn50USB - will be deleted on reboot
17:46:14.0546 3020	HKLM\SYSTEM\ControlSet003\services\bkn50USB - will be deleted on reboot
17:46:14.0546 3020	C:\WINDOWS\system32\DRIVERS\rt2500usb.sys - will be deleted on reboot
17:46:14.0546 3020	bkn50USB ( UnsignedFile.Multi.Generic ) - User select action: Delete 
17:46:14.0718 3020	C:\WINDOWS\system32\DRIVERS\ialmnt5.sys - copied to quarantine
17:46:14.0781 3020	HKLM\SYSTEM\ControlSet001\services\ialm - will be deleted on reboot
17:46:14.0796 3020	HKLM\SYSTEM\ControlSet003\services\ialm - will be deleted on reboot
17:46:14.0796 3020	C:\WINDOWS\system32\DRIVERS\ialmnt5.sys - will be deleted on reboot
17:46:14.0796 3020	ialm ( UnsignedFile.Multi.Generic ) - User select action: Delete 
17:46:15.0000 3020	C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine
17:46:15.0250 3020	HKLM\SYSTEM\ControlSet001\services\IDriverT - will be deleted on reboot
17:46:15.0265 3020	HKLM\SYSTEM\ControlSet003\services\IDriverT - will be deleted on reboot
17:46:15.0265 3020	C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe - will be deleted on reboot
17:46:15.0265 3020	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Delete 
17:46:15.0468 3020	C:\WINDOWS\system32\DRIVERS\WUSB20XP.sys - copied to quarantine
17:46:15.0718 3020	HKLM\SYSTEM\ControlSet001\services\PRISM_A02 - will be deleted on reboot
17:46:15.0718 3020	HKLM\SYSTEM\ControlSet003\services\PRISM_A02 - will be deleted on reboot
17:46:15.0718 3020	C:\WINDOWS\system32\DRIVERS\WUSB20XP.sys - will be deleted on reboot
17:46:15.0718 3020	PRISM_A02 ( UnsignedFile.Multi.Generic ) - User select action: Delete 
17:46:15.0906 3020	C:\Programme\Analog Devices\SoundMAX\spkrmon.exe - copied to quarantine
17:46:16.0187 3020	HKLM\SYSTEM\ControlSet001\services\spkrmon - will be deleted on reboot
17:46:16.0187 3020	HKLM\SYSTEM\ControlSet003\services\spkrmon - will be deleted on reboot
17:46:16.0187 3020	C:\Programme\Analog Devices\SoundMAX\spkrmon.exe - will be deleted on reboot
17:46:16.0187 3020	spkrmon ( UnsignedFile.Multi.Generic ) - User select action: Delete 
17:46:16.0640 3020	\Device\Harddisk0\DR0\# - copied to quarantine
17:46:16.0656 3020	\Device\Harddisk0\DR0 - copied to quarantine
17:46:16.0671 3020	\Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
17:46:16.0687 3020	\Device\Harddisk0\DR0 - ok
17:46:16.0687 3020	\Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure 
17:46:27.0671 0824	Deinitialize success
         

Na toll, ich hab gesagt du sollst den SInowal-Eintrag löschen und du löscht alle Einträge