 | |
und hier das TDSS log nach Löschung: Code:
17:02:06.0000 2284 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
17:02:08.0000 2284 ============================================================
17:02:08.0000 2284 Current date / time: 2012/06/13 17:02:08.0000
17:02:08.0000 2284 SystemInfo:
17:02:08.0000 2284
17:02:08.0000 2284 OS Version: 5.1.2600 ServicePack: 3.0
17:02:08.0000 2284 Product type: Workstation
17:02:08.0000 2284 ComputerName: PHYSIOCARE-1
17:02:08.0000 2284 UserName: Administrator
17:02:08.0000 2284 Windows directory: C:\WINDOWS
17:02:08.0000 2284 System windows directory: C:\WINDOWS
17:02:08.0000 2284 Processor architecture: Intel x86
17:02:08.0000 2284 Number of processors: 1
17:02:08.0000 2284 Page size: 0x1000
17:02:08.0000 2284 Boot type: Normal boot
17:02:08.0000 2284 ============================================================
17:02:11.0921 2284 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:02:11.0921 2284 Drive \Device\Harddisk1\DR2 - Size: 0xEEF00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:02:11.0921 2284 ============================================================
17:02:11.0921 2284 \Device\Harddisk0\DR0:
17:02:11.0921 2284 MBR partitions:
17:02:11.0921 2284 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E
17:02:11.0921 2284 \Device\Harddisk1\DR2:
17:02:11.0921 2284 MBR partitions:
17:02:11.0921 2284 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x7777E0
17:02:11.0921 2284 ============================================================
17:02:12.0156 2284 C: <-> \Device\Harddisk0\DR0\Partition0
17:02:12.0156 2284 ============================================================
17:02:12.0156 2284 Initialize success
17:02:12.0156 2284 ============================================================
17:02:42.0390 2720 ============================================================
17:02:42.0390 2720 Scan started
17:02:42.0390 2720 Mode: Manual; SigCheck; TDLFS;
17:02:42.0390 2720 ============================================================
17:02:47.0515 2720 Abiosdsk - ok
17:02:47.0515 2720 abp480n5 - ok
17:02:47.0578 2720 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:02:48.0218 2720 ACPI - ok
17:02:48.0265 2720 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:02:48.0531 2720 ACPIEC - ok
17:02:48.0531 2720 adpu160m - ok
17:02:48.0562 2720 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
17:02:48.0687 2720 aeaudio - ok
17:02:48.0828 2720 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:02:49.0093 2720 aec - ok
17:02:49.0203 2720 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:02:49.0375 2720 AFD - ok
17:02:49.0390 2720 Aha154x - ok
17:02:49.0406 2720 aic78u2 - ok
17:02:49.0421 2720 aic78xx - ok
17:02:49.0562 2720 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
17:02:49.0937 2720 Alerter - ok
17:02:49.0968 2720 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
17:02:50.0171 2720 ALG - ok
17:02:50.0171 2720 AliIde - ok
17:02:50.0187 2720 amsint - ok
17:02:50.0296 2720 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
17:02:50.0500 2720 AppMgmt - ok
17:02:50.0500 2720 asc - ok
17:02:50.0515 2720 asc3350p - ok
17:02:50.0515 2720 asc3550 - ok
17:02:51.0265 2720 aspnet_state (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
17:02:51.0343 2720 aspnet_state ( UnsignedFile.Multi.Generic ) - warning
17:02:51.0343 2720 aspnet_state - detected UnsignedFile.Multi.Generic (1)
17:02:51.0375 2720 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:02:51.0718 2720 AsyncMac - ok
17:02:51.0859 2720 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:02:52.0125 2720 atapi - ok
17:02:52.0140 2720 Atdisk - ok
17:02:52.0187 2720 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:02:52.0421 2720 Atmarpc - ok
17:02:52.0468 2720 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
17:02:52.0890 2720 AudioSrv - ok
17:02:52.0921 2720 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:02:53.0203 2720 audstub - ok
17:02:53.0531 2720 AVM WLAN Connection Service (06c3528e0686a58701367749b0145a4a) C:\Programme\avmwlanstick\WlanNetService.exe
17:02:53.0968 2720 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
17:02:53.0968 2720 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
17:02:54.0062 2720 avmeject (263cf9d248fd5e020a1333ed4f7eaa88) C:\WINDOWS\system32\drivers\avmeject.sys
17:02:54.0312 2720 avmeject ( UnsignedFile.Multi.Generic ) - warning
17:02:54.0312 2720 avmeject - detected UnsignedFile.Multi.Generic (1)
17:02:54.0578 2720 b57w2k (4826fcf97c47b361a2e2f68cd487a19e) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
17:02:54.0812 2720 b57w2k - ok
17:02:55.0031 2720 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:02:55.0328 2720 Beep - ok
17:02:55.0578 2720 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
17:02:55.0875 2720 BITS - ok
17:02:56.0171 2720 bkn50USB (6d39682a1051a5be7437ec99f1bf9921) C:\WINDOWS\system32\DRIVERS\rt2500usb.sys
17:02:56.0390 2720 bkn50USB ( UnsignedFile.Multi.Generic ) - warning
17:02:56.0390 2720 bkn50USB - detected UnsignedFile.Multi.Generic (1)
17:02:56.0546 2720 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
17:02:56.0843 2720 Browser - ok
17:02:56.0890 2720 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:02:57.0203 2720 cbidf2k - ok
17:02:57.0203 2720 cd20xrnt - ok
17:02:57.0250 2720 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:02:57.0437 2720 Cdaudio - ok
17:02:57.0500 2720 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:02:57.0703 2720 Cdfs - ok
17:02:57.0796 2720 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:02:57.0984 2720 Cdrom - ok
17:02:58.0093 2720 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\WINDOWS\system32\drivers\cfwids.sys
17:03:09.0156 2720 cfwids - ok
17:03:09.0156 2720 Changer - ok
17:03:09.0203 2720 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
17:03:09.0468 2720 CiSvc - ok
17:03:09.0750 2720 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
17:03:10.0031 2720 ClipSrv - ok
17:03:10.0046 2720 CmdIde - ok
17:03:10.0046 2720 COMSysApp - ok
17:03:10.0062 2720 Cpqarray - ok
17:03:10.0140 2720 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
17:03:10.0437 2720 CryptSvc - ok
17:03:10.0453 2720 dac2w2k - ok
17:03:10.0453 2720 dac960nt - ok
17:03:11.0078 2720 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:03:11.0140 2720 DcomLaunch - ok
17:03:11.0187 2720 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
17:03:11.0343 2720 Dhcp - ok
17:03:11.0375 2720 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:03:11.0531 2720 Disk - ok
17:03:11.0546 2720 dmadmin - ok
17:03:11.0609 2720 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
17:03:12.0078 2720 dmboot - ok
17:03:12.0109 2720 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
17:03:12.0484 2720 dmio - ok
17:03:12.0500 2720 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:03:12.0671 2720 dmload - ok
17:03:12.0703 2720 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
17:03:12.0968 2720 dmserver - ok
17:03:13.0015 2720 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:03:13.0156 2720 DMusic - ok
17:03:13.0203 2720 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
17:03:13.0234 2720 Dnscache - ok
17:03:13.0281 2720 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
17:03:13.0437 2720 Dot3svc - ok
17:03:13.0453 2720 dpti2o - ok
17:03:13.0468 2720 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:03:13.0625 2720 drmkaud - ok
17:03:13.0671 2720 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
17:03:13.0984 2720 EapHost - ok
17:03:14.0031 2720 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
17:03:14.0281 2720 ERSvc - ok
17:03:14.0328 2720 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:03:14.0359 2720 Eventlog - ok
17:03:14.0406 2720 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
17:03:14.0437 2720 EventSystem - ok
17:03:14.0484 2720 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:03:14.0640 2720 Fastfat - ok
17:03:14.0687 2720 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:03:14.0734 2720 FastUserSwitchingCompatibility - ok
17:03:14.0765 2720 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:03:14.0906 2720 Fdc - ok
17:03:14.0937 2720 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
17:03:15.0343 2720 Fips - ok
17:03:15.0359 2720 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:03:15.0500 2720 Flpydisk - ok
17:03:15.0546 2720 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:03:15.0687 2720 FltMgr - ok
17:03:15.0750 2720 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:03:15.0890 2720 Fs_Rec - ok
17:03:15.0921 2720 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:03:16.0187 2720 Ftdisk - ok
17:03:16.0250 2720 FWLANUSB (41077d927c3654fd2d71549763525d75) C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
17:03:16.0406 2720 FWLANUSB - ok
17:03:16.0484 2720 fwlanusbn (fc06a5be1ab381cd47af3d69006e88f0) C:\WINDOWS\system32\DRIVERS\fwlanusbn.sys
17:03:16.0750 2720 fwlanusbn - ok
17:03:16.0781 2720 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:03:16.0953 2720 Gpc - ok
17:03:16.0953 2720 GTNDIS5 - ok
17:03:17.0062 2720 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
17:03:17.0078 2720 gupdate - ok
17:03:17.0093 2720 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
17:03:17.0109 2720 gupdatem - ok
17:03:17.0171 2720 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
17:03:17.0187 2720 gusvc - ok
17:03:17.0312 2720 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:03:17.0546 2720 helpsvc - ok
17:03:17.0593 2720 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
17:03:17.0859 2720 HidServ - ok
17:03:17.0890 2720 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:03:18.0031 2720 hidusb - ok
17:03:18.0062 2720 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
17:03:18.0328 2720 hkmsvc - ok
17:03:18.0343 2720 hpn - ok
17:03:18.0390 2720 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:03:18.0421 2720 HTTP - ok
17:03:18.0453 2720 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
17:03:18.0718 2720 HTTPFilter - ok
17:03:18.0718 2720 i2omgmt - ok
17:03:18.0734 2720 i2omp - ok
17:03:18.0890 2720 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\drivers\i8042prt.sys
17:03:19.0171 2720 i8042prt - ok
17:03:19.0250 2720 ialm (0acebb31989cbf9a5663fe4a33d28d21) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:03:19.0453 2720 ialm ( UnsignedFile.Multi.Generic ) - warning
17:03:19.0453 2720 ialm - detected UnsignedFile.Multi.Generic (1)
17:03:19.0578 2720 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:03:19.0765 2720 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:03:19.0765 2720 IDriverT - detected UnsignedFile.Multi.Generic (1)
17:03:19.0781 2720 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:03:19.0921 2720 Imapi - ok
17:03:19.0953 2720 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
17:03:20.0140 2720 ImapiService - ok
17:03:20.0140 2720 ini910u - ok
17:03:20.0171 2720 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:03:20.0578 2720 IntelIde - ok
17:03:20.0625 2720 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:03:21.0000 2720 intelppm - ok
17:03:21.0031 2720 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:03:21.0156 2720 Ip6Fw - ok
17:03:21.0218 2720 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:03:21.0359 2720 IpFilterDriver - ok
17:03:21.0406 2720 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:03:21.0546 2720 IpInIp - ok
17:03:21.0562 2720 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:03:21.0718 2720 IpNat - ok
17:03:21.0750 2720 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:03:21.0890 2720 IPSec - ok
17:03:21.0921 2720 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:03:22.0015 2720 IRENUM - ok
17:03:22.0046 2720 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:03:22.0296 2720 isapnp - ok
17:03:22.0421 2720 JavaQuickStarterService (5fd5865dc1a2100f8d4cf000ee5409a3) C:\Programme\Java\jre6\bin\jqs.exe
17:03:22.0593 2720 JavaQuickStarterService - ok
17:03:22.0625 2720 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:03:22.0937 2720 Kbdclass - ok
17:03:22.0968 2720 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:03:23.0343 2720 kbdhid - ok
17:03:23.0453 2720 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:03:23.0656 2720 kmixer - ok
17:03:23.0703 2720 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:03:23.0750 2720 KSecDD - ok
17:03:23.0796 2720 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
17:03:23.0828 2720 lanmanserver - ok
17:03:23.0875 2720 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
17:03:23.0890 2720 lanmanworkstation - ok
17:03:23.0906 2720 lbrtfdc - ok
17:03:23.0968 2720 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
17:03:24.0125 2720 LmHosts - ok
17:03:24.0156 2720 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
17:03:24.0281 2720 MBAMSwissArmy - ok
17:03:24.0375 2720 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) C:\Programme\McAfee\SiteAdvisor\McSACore.exe
17:03:24.0734 2720 McAfee SiteAdvisor Service - ok
17:03:24.0875 2720 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe
17:03:25.0000 2720 McMPFSvc - ok
17:03:25.0015 2720 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\McAfee\McSvcHost\McSvHost.exe
17:03:25.0031 2720 mcmscsvc - ok
17:03:25.0046 2720 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\McAfee\McSvcHost\McSvHost.exe
17:03:25.0093 2720 McNaiAnn - ok
17:03:25.0093 2720 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\McAfee\McSvcHost\McSvHost.exe
17:03:25.0125 2720 McNASvc - ok
17:03:25.0203 2720 McODS (42117cbc4849a5cf11129912dabbdeca) C:\Programme\McAfee\VirusScan\mcods.exe
17:03:25.0218 2720 McODS - ok
17:03:25.0234 2720 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\McAfee\McSvcHost\McSvHost.exe
17:03:25.0250 2720 McProxy - ok
17:03:25.0546 2720 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\\mcshield.exe
17:03:25.0703 2720 McShield - ok
17:03:26.0000 2720 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
17:03:26.0421 2720 Messenger - ok
17:03:26.0515 2720 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\WINDOWS\system32\drivers\mfeapfk.sys
17:03:26.0687 2720 mfeapfk - ok
17:03:26.0828 2720 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\WINDOWS\system32\drivers\mfeavfk.sys
17:03:26.0968 2720 mfeavfk - ok
17:03:26.0984 2720 mfeavfk01 - ok
17:03:27.0093 2720 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\WINDOWS\system32\drivers\mfebopk.sys
17:03:27.0265 2720 mfebopk - ok
17:03:27.0453 2720 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\\mfefire.exe
17:03:27.0625 2720 mfefire - ok
17:03:27.0796 2720 mfefirek (4ea6ff90015424517843e931448e00f1) C:\WINDOWS\system32\drivers\mfefirek.sys
17:03:28.0015 2720 mfefirek - ok
17:03:28.0703 2720 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\WINDOWS\system32\drivers\mfehidk.sys
17:03:29.0328 2720 mfehidk - ok
17:03:29.0390 2720 mfendisk (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
17:03:29.0562 2720 mfendisk - ok
17:03:29.0593 2720 mfendiskmp (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
17:03:29.0671 2720 mfendiskmp - ok
17:03:29.0765 2720 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\WINDOWS\system32\drivers\mferkdet.sys
17:03:29.0921 2720 mferkdet - ok
17:03:30.0000 2720 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
17:03:30.0125 2720 mferkdk - ok
17:03:30.0187 2720 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
17:03:30.0500 2720 mfesmfk - ok
17:03:30.0546 2720 mfetdi2k (070d3faf2eac417c59d8674a8752f7a6) C:\WINDOWS\system32\drivers\mfetdi2k.sys
17:03:30.0718 2720 mfetdi2k - ok
17:03:30.0859 2720 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfevtps.exe
17:03:31.0046 2720 mfevtp - ok
17:03:31.0093 2720 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:03:31.0406 2720 mnmdd - ok
17:03:31.0468 2720 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
17:03:31.0734 2720 mnmsrvc - ok
17:03:31.0875 2720 MOBKbackup (aea8691282dd0afb4b753e378c5501f5) C:\Programme\McAfee Online Backup\MOBKbackup.exe
17:03:32.0062 2720 MOBKbackup - ok
17:03:32.0078 2720 MOBKFilter (e896775837a8bce436348df460522394) C:\WINDOWS\system32\DRIVERS\MOBK.sys
17:03:32.0562 2720 MOBKFilter - ok
17:03:32.0765 2720 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
17:03:33.0125 2720 Modem - ok
17:03:33.0218 2720 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:03:33.0562 2720 Mouclass - ok
17:03:33.0640 2720 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:03:33.0921 2720 mouhid - ok
17:03:34.0078 2720 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:03:34.0296 2720 MountMgr - ok
17:03:34.0500 2720 MozillaMaintenance (6380ff81dd4d78b23398752d2f46ea43) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
17:03:35.0937 2720 MozillaMaintenance - ok
17:03:36.0359 2720 mozybackup (55b717af54ac492fbd275835e5b485ad) C:\Programme\MozyHome\mozybackup.exe
17:03:36.0546 2720 mozybackup - ok
17:03:36.0921 2720 mozyFilter (8e5f185f04d4ff203afbb0fd2b609e88) C:\WINDOWS\system32\DRIVERS\mozy.sys
17:03:37.0296 2720 mozyFilter - ok
17:03:37.0312 2720 mraid35x - ok
17:03:38.0140 2720 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:03:38.0312 2720 MRxDAV - ok
17:03:38.0375 2720 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:03:38.0468 2720 MRxSmb - ok
17:03:38.0515 2720 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
17:03:38.0843 2720 MSDTC - ok
17:03:38.0890 2720 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:03:39.0031 2720 Msfs - ok
17:03:39.0046 2720 MSIServer - ok
17:03:39.0156 2720 MSK80Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe
17:03:39.0171 2720 MSK80Service - ok
17:03:39.0187 2720 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:03:39.0328 2720 MSKSSRV - ok
17:03:39.0343 2720 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:03:39.0484 2720 MSPCLOCK - ok
17:03:39.0500 2720 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:03:39.0640 2720 MSPQM - ok
17:03:39.0687 2720 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:03:39.0828 2720 mssmbios - ok
17:03:39.0875 2720 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:03:39.0906 2720 Mup - ok
17:03:40.0015 2720 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
17:03:40.0296 2720 napagent - ok
17:03:40.0328 2720 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:03:40.0484 2720 NDIS - ok
17:03:40.0578 2720 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:03:40.0640 2720 NdisTapi - ok
17:03:40.0687 2720 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:03:40.0937 2720 Ndisuio - ok
17:03:41.0015 2720 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:03:41.0203 2720 NdisWan - ok
17:03:41.0250 2720 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:03:41.0328 2720 NDProxy - ok
17:03:41.0609 2720 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:03:41.0765 2720 NetBIOS - ok
17:03:42.0234 2720 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:03:42.0500 2720 NetBT - ok
17:03:42.0765 2720 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:03:43.0843 2720 NetDDE - ok
17:03:43.0843 2720 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:03:44.0093 2720 NetDDEdsdm - ok
17:03:44.0328 2720 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:03:44.0546 2720 Netlogon - ok
17:03:45.0140 2720 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
17:03:45.0406 2720 Netman - ok
17:03:47.0296 2720 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
17:03:47.0546 2720 Nla - ok
17:03:47.0843 2720 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:03:48.0156 2720 Npfs - ok
17:03:48.0421 2720 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:03:48.0750 2720 Ntfs - ok
17:03:48.0750 2720 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:03:49.0078 2720 NtLmSsp - ok
17:03:49.0359 2720 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
17:03:49.0750 2720 NtmsSvc - ok
17:03:49.0796 2720 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:03:50.0140 2720 Null - ok
17:03:50.0187 2720 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:03:50.0515 2720 NwlnkFlt - ok
17:03:50.0531 2720 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:03:50.0875 2720 NwlnkFwd - ok
17:03:51.0109 2720 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
17:03:51.0156 2720 ose - ok
17:03:51.0234 2720 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
17:03:51.0750 2720 Parport - ok
17:03:51.0750 2720 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:03:52.0015 2720 PartMgr - ok
17:03:52.0078 2720 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
17:03:52.0515 2720 ParVdm - ok
17:03:52.0656 2720 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
17:03:53.0078 2720 PCI - ok
17:03:53.0078 2720 PCIDump - ok
17:03:53.0125 2720 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\drivers\PCIIde.sys
17:03:53.0500 2720 PCIIde - ok
17:03:53.0687 2720 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:03:54.0031 2720 Pcmcia - ok
17:03:54.0031 2720 PDCOMP - ok
17:03:54.0046 2720 PDFRAME - ok
17:03:54.0046 2720 PDRELI - ok
17:03:54.0062 2720 PDRFRAME - ok
17:03:54.0062 2720 perc2 - ok
17:03:54.0078 2720 perc2hib - ok
17:03:54.0187 2720 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:03:54.0312 2720 PlugPlay - ok
17:03:54.0312 2720 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:03:54.0578 2720 PolicyAgent - ok
17:03:54.0718 2720 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:03:55.0015 2720 PptpMiniport - ok
17:03:55.0171 2720 PRISM_A02 (57e95881e5f014816a8a53ad94ee0c48) C:\WINDOWS\system32\DRIVERS\WUSB20XP.sys
17:03:55.0468 2720 PRISM_A02 ( UnsignedFile.Multi.Generic ) - warning
17:03:55.0468 2720 PRISM_A02 - detected UnsignedFile.Multi.Generic (1)
17:03:55.0468 2720 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:03:55.0765 2720 ProtectedStorage - ok
17:03:55.0781 2720 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:03:56.0125 2720 PSched - ok
17:03:56.0156 2720 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:03:56.0468 2720 Ptilink - ok
17:03:56.0468 2720 ql1080 - ok
17:03:56.0484 2720 Ql10wnt - ok
17:03:56.0484 2720 ql12160 - ok
17:03:56.0500 2720 ql1240 - ok
17:03:56.0531 2720 ql1280 - ok
17:03:56.0562 2720 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:03:56.0828 2720 RasAcd - ok
17:03:56.0875 2720 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
17:03:57.0281 2720 RasAuto - ok
17:03:57.0312 2720 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:03:57.0468 2720 Rasl2tp - ok
17:03:58.0125 2720 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
17:03:58.0265 2720 RasMan - ok
17:03:58.0296 2720 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:03:58.0468 2720 RasPppoe - ok
17:03:58.0718 2720 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:03:58.0859 2720 Raspti - ok
17:03:59.0125 2720 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:03:59.0343 2720 Rdbss - ok
17:03:59.0375 2720 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:03:59.0515 2720 RDPCDD - ok
17:03:59.0578 2720 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:03:59.0765 2720 rdpdr - ok
17:04:00.0015 2720 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:04:00.0093 2720 RDPWD - ok
17:04:00.0140 2720 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
17:04:00.0328 2720 RDSessMgr - ok
17:04:00.0609 2720 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:04:01.0156 2720 redbook - ok
17:04:01.0265 2720 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
17:04:01.0687 2720 RemoteAccess - ok
17:04:01.0718 2720 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
17:04:02.0093 2720 RemoteRegistry - ok
17:04:02.0625 2720 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
17:04:03.0125 2720 RpcLocator - ok
17:04:03.0484 2720 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:04:03.0562 2720 RpcSs - ok
17:04:03.0984 2720 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
17:04:04.0468 2720 RSVP - ok
17:04:04.0500 2720 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:04:04.0750 2720 SamSs - ok
17:04:04.0812 2720 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
17:04:05.0296 2720 SCardSvr - ok
17:04:05.0390 2720 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
17:04:05.0796 2720 Schedule - ok
17:04:05.0828 2720 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:04:06.0046 2720 Secdrv - ok
17:04:06.0078 2720 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
17:04:06.0375 2720 seclogon - ok
17:04:06.0406 2720 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
17:04:06.0562 2720 SENS - ok
17:04:06.0640 2720 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:04:06.0781 2720 serenum - ok
17:04:06.0828 2720 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
17:04:07.0140 2720 Serial - ok
17:04:07.0187 2720 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
17:04:07.0390 2720 Sfloppy - ok
17:04:07.0593 2720 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
17:04:07.0906 2720 SharedAccess - ok
17:04:08.0078 2720 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:04:08.0156 2720 ShellHWDetection - ok
17:04:08.0156 2720 Simbad - ok
17:04:09.0031 2720 smwdm (4aa922332433cdeb8b82c072c212e32e) C:\WINDOWS\system32\drivers\smwdm.sys
17:04:10.0078 2720 smwdm - ok
17:04:10.0093 2720 Sparrow - ok
17:04:10.0328 2720 spkrmon (4a205d78d17e6234986ddcd0da2761e9) C:\Programme\Analog Devices\SoundMAX\spkrmon.exe
17:04:10.0468 2720 spkrmon ( UnsignedFile.Multi.Generic ) - warning
17:04:10.0468 2720 spkrmon - detected UnsignedFile.Multi.Generic (1)
17:04:10.0546 2720 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:04:10.0703 2720 splitter - ok
17:04:10.0734 2720 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:04:10.0781 2720 Spooler - ok
17:04:10.0812 2720 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
17:04:11.0171 2720 sr - ok
17:04:11.0359 2720 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
17:04:12.0578 2720 srservice - ok
17:04:12.0687 2720 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:04:13.0718 2720 Srv - ok
17:04:14.0656 2720 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
17:04:15.0484 2720 SSDPSRV - ok
17:04:15.0781 2720 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
17:04:16.0171 2720 stisvc - ok
17:04:18.0078 2720 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:04:18.0312 2720 swenum - ok
17:04:18.0375 2720 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:04:18.0718 2720 swmidi - ok
17:04:18.0718 2720 SwPrv - ok
17:04:18.0734 2720 symc810 - ok
17:04:18.0750 2720 symc8xx - ok
17:04:18.0750 2720 sym_hi - ok
17:04:18.0796 2720 sym_u3 - ok
17:04:18.0828 2720 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:04:19.0171 2720 sysaudio - ok
17:04:19.0265 2720 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
17:04:19.0765 2720 SysmonLog - ok
17:04:19.0937 2720 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
17:04:20.0234 2720 TapiSrv - ok
17:04:20.0578 2720 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:04:20.0656 2720 Tcpip - ok
17:04:20.0843 2720 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:04:21.0000 2720 TDPIPE - ok
17:04:21.0031 2720 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:04:21.0234 2720 TDTCP - ok
17:04:21.0281 2720 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:04:21.0500 2720 TermDD - ok
17:04:22.0468 2720 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
17:04:22.0734 2720 TermService - ok
17:04:24.0218 2720 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:04:24.0312 2720 Themes - ok
17:04:24.0437 2720 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
17:04:24.0656 2720 TlntSvr - ok
17:04:24.0671 2720 TosIde - ok
17:04:24.0875 2720 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
17:04:25.0187 2720 TrkWks - ok
17:04:25.0265 2720 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:04:25.0453 2720 Udfs - ok
17:04:25.0468 2720 ultra - ok
17:04:26.0109 2720 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:04:26.0500 2720 Update - ok
17:04:26.0718 2720 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
17:04:26.0953 2720 upnphost - ok
17:04:26.0984 2720 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
17:04:27.0265 2720 UPS - ok
17:04:27.0296 2720 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:04:27.0656 2720 usbehci - ok
17:04:27.0687 2720 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:04:27.0843 2720 usbhub - ok
17:04:27.0875 2720 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:04:28.0078 2720 usbprint - ok
17:04:28.0109 2720 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:04:28.0265 2720 USBSTOR - ok
17:04:28.0281 2720 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:04:28.0562 2720 usbuhci - ok
17:04:28.0578 2720 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:04:28.0796 2720 VgaSave - ok
17:04:28.0812 2720 ViaIde - ok
17:04:28.0859 2720 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
17:04:29.0312 2720 VolSnap - ok
17:04:29.0546 2720 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
17:04:29.0750 2720 VSS - ok
17:04:29.0875 2720 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
17:04:30.0125 2720 W32Time - ok
17:04:30.0296 2720 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:04:30.0437 2720 Wanarp - ok
17:04:30.0437 2720 WDICA - ok
17:04:30.0468 2720 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:04:30.0625 2720 wdmaud - ok
17:04:30.0671 2720 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
17:04:31.0000 2720 WebClient - ok
17:04:31.0250 2720 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:04:31.0500 2720 winmgmt - ok
17:04:31.0546 2720 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:04:31.0593 2720 WmdmPmSN - ok
17:04:33.0156 2720 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
17:04:33.0281 2720 Wmi - ok
17:04:33.0375 2720 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:04:33.0546 2720 WmiApSrv - ok
17:04:34.0312 2720 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
17:04:34.0750 2720 WMPNetworkSvc - ok
17:04:34.0828 2720 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
17:04:35.0031 2720 WpdUsb - ok
17:04:35.0078 2720 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:04:35.0421 2720 WS2IFSL - ok
17:04:35.0453 2720 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
17:04:35.0937 2720 wscsvc - ok
17:04:35.0968 2720 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
17:04:37.0000 2720 wuauserv - ok
17:04:37.0046 2720 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:04:37.0109 2720 WudfPf - ok
17:04:37.0140 2720 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:04:37.0203 2720 WudfRd - ok
17:04:37.0234 2720 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
17:04:37.0281 2720 WudfSvc - ok
17:04:37.0343 2720 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
17:04:37.0609 2720 WZCSVC - ok
17:04:37.0640 2720 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
17:04:37.0796 2720 xmlprov - ok
17:04:37.0828 2720 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
17:04:37.0859 2720 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
17:04:37.0859 2720 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
17:04:37.0890 2720 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
17:04:38.0015 2720 \Device\Harddisk1\DR2 - ok
17:04:38.0031 2720 Boot (0x1200) (beaff209fcf932c1d7ff731f54d95dc9) \Device\Harddisk0\DR0\Partition0
17:04:38.0031 2720 \Device\Harddisk0\DR0\Partition0 - ok
17:04:38.0031 2720 Boot (0x1200) (03db26b74f1015c63ae2e7b6cbcb7005) \Device\Harddisk1\DR2\Partition0
17:04:38.0031 2720 \Device\Harddisk1\DR2\Partition0 - ok
17:04:38.0046 2720 ============================================================
17:04:38.0046 2720 Scan finished
17:04:38.0046 2720 ============================================================
17:04:38.0062 3020 Detected object count: 9
17:04:38.0062 3020 Actual detected object count: 9
17:46:13.0093 3020 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe - copied to quarantine
17:46:13.0109 3020 HKLM\SYSTEM\ControlSet001\services\aspnet_state - will be deleted on reboot
17:46:13.0109 3020 HKLM\SYSTEM\ControlSet003\services\aspnet_state - will be deleted on reboot
17:46:13.0125 3020 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe - will be deleted on reboot
17:46:13.0125 3020 aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:46:13.0421 3020 C:\Programme\avmwlanstick\WlanNetService.exe - copied to quarantine
17:46:13.0765 3020 HKLM\SYSTEM\ControlSet001\services\AVM WLAN Connection Service - will be deleted on reboot
17:46:13.0765 3020 HKLM\SYSTEM\ControlSet003\services\AVM WLAN Connection Service - will be deleted on reboot
17:46:13.0781 3020 C:\Programme\avmwlanstick\WlanNetService.exe - will be deleted on reboot
17:46:13.0781 3020 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:46:13.0921 3020 C:\WINDOWS\system32\drivers\avmeject.sys - copied to quarantine
17:46:14.0171 3020 HKLM\SYSTEM\ControlSet001\services\avmeject - will be deleted on reboot
17:46:14.0171 3020 HKLM\SYSTEM\ControlSet003\services\avmeject - will be deleted on reboot
17:46:14.0171 3020 C:\WINDOWS\system32\drivers\avmeject.sys - will be deleted on reboot
17:46:14.0171 3020 avmeject ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:46:14.0343 3020 C:\WINDOWS\system32\DRIVERS\rt2500usb.sys - copied to quarantine
17:46:14.0546 3020 HKLM\SYSTEM\ControlSet001\services\bkn50USB - will be deleted on reboot
17:46:14.0546 3020 HKLM\SYSTEM\ControlSet003\services\bkn50USB - will be deleted on reboot
17:46:14.0546 3020 C:\WINDOWS\system32\DRIVERS\rt2500usb.sys - will be deleted on reboot
17:46:14.0546 3020 bkn50USB ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:46:14.0718 3020 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys - copied to quarantine
17:46:14.0781 3020 HKLM\SYSTEM\ControlSet001\services\ialm - will be deleted on reboot
17:46:14.0796 3020 HKLM\SYSTEM\ControlSet003\services\ialm - will be deleted on reboot
17:46:14.0796 3020 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys - will be deleted on reboot
17:46:14.0796 3020 ialm ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:46:15.0000 3020 C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine
17:46:15.0250 3020 HKLM\SYSTEM\ControlSet001\services\IDriverT - will be deleted on reboot
17:46:15.0265 3020 HKLM\SYSTEM\ControlSet003\services\IDriverT - will be deleted on reboot
17:46:15.0265 3020 C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe - will be deleted on reboot
17:46:15.0265 3020 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:46:15.0468 3020 C:\WINDOWS\system32\DRIVERS\WUSB20XP.sys - copied to quarantine
17:46:15.0718 3020 HKLM\SYSTEM\ControlSet001\services\PRISM_A02 - will be deleted on reboot
17:46:15.0718 3020 HKLM\SYSTEM\ControlSet003\services\PRISM_A02 - will be deleted on reboot
17:46:15.0718 3020 C:\WINDOWS\system32\DRIVERS\WUSB20XP.sys - will be deleted on reboot
17:46:15.0718 3020 PRISM_A02 ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:46:15.0906 3020 C:\Programme\Analog Devices\SoundMAX\spkrmon.exe - copied to quarantine
17:46:16.0187 3020 HKLM\SYSTEM\ControlSet001\services\spkrmon - will be deleted on reboot
17:46:16.0187 3020 HKLM\SYSTEM\ControlSet003\services\spkrmon - will be deleted on reboot
17:46:16.0187 3020 C:\Programme\Analog Devices\SoundMAX\spkrmon.exe - will be deleted on reboot
17:46:16.0187 3020 spkrmon ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:46:16.0640 3020 \Device\Harddisk0\DR0\# - copied to quarantine
17:46:16.0656 3020 \Device\Harddisk0\DR0 - copied to quarantine
17:46:16.0671 3020 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
17:46:16.0687 3020 \Device\Harddisk0\DR0 - ok
17:46:16.0687 3020 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
17:46:27.0671 0824 Deinitialize success
|
Na toll, ich hab gesagt du sollst den SInowal-Eintrag löschen und du löscht alle Einträge :stirn: |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 18:19 Uhr. | |
Copyright ©2000-2025, Trojaner-Board
Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.