Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Spywaredoctor findet -Rootkit.TDSS.v3 im (https://www.trojaner-board.de/111957-spywaredoctor-findet-rootkit-tdss-v3.html)

Kult 20.03.2012 16:43
Spywaredoctor findet -Rootkit.TDSS.v3 im
 
Name der Bedrohung - Rootkit.TDSS.v3
Typ - Unknown
Risikostufe - Hoch
Infektion - Kernel Objects

(Kernel Treiber-Kernel Objects)

Verlangt nach löschen Restart,aber beim nochmaligen suchen ist es wieda da:(


p.s:Superantispyware,AVG und Malewarebytes finden nix:eek:

Biite um Hilfe!

cosinus 20.03.2012 17:32
Bitte trotzdem alle Logs von SASW Malwarebytes und AVG posten!

Kult 20.03.2012 18:44
Superantispyware

Zitat:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 03/20/2012 at 06:15 PM

Application Version : 5.0.1146

Core Rules Database Version : 8353
Trace Rules Database Version: 6165

Scan type : Complete Scan
Total Scan Time : 00:32:42

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 730
Memory threats detected : 0
Registry items scanned : 38156
Registry threats detected : 0
File items scanned : 42099
File threats detected : 0

Kult 20.03.2012 21:13
Malewarebytesscan:
Zitat:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.03.20.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
enan :: PROPHET-D72819D [Administrator]

20.03.2012 18:46:41
mbam-log-2012-03-20 (18-46-41).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 351011
Laufzeit: 1 Stunde(n), 48 Minute(n),

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
AVG SCANresults:

Zitat:
Scan "Gesamten Computer scannen" wurde beendet.
Bei diesem Scan wurde keine Infizierung gefunden
Für den Scanvorgang ausgewählte Ordner:;"Gesamten Computer scannen"
Start des Scans:;"Samstag, 25. Februar 2012, 22:33:05"
Scan beendet:;"Samstag, 25. Februar 2012, 23:11:14 (38 Minute(n) 9 Sekunde(n))"
Gesamtanzahl gescannter Objekte:;"868802"
Benutzer, der den Scan gestartet hat:;"enan"

cosinus 21.03.2012 15:04
Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Kult 21.03.2012 15:38
Ja,aber nicht seitdem ich das Betriebssystem vor ein paar Monaten neu aufgesetzt hab....

cosinus 21.03.2012 16:44
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Kult 21.03.2012 17:51
Kaspersky log

Code:
17:48:45.0000 2376        TDSS rootkit removing tool 2.7.21.0 Mar 21 2012 09:06:51
17:48:45.0140 2376        ============================================================
17:48:45.0140 2376        Current date / time: 2012/03/21 17:48:45.0140
17:48:45.0140 2376        SystemInfo:
17:48:45.0140 2376       
17:48:45.0140 2376        OS Version: 5.1.2600 ServicePack: 3.0
17:48:45.0140 2376        Product type: Workstation
17:48:45.0140 2376        ComputerName: PROPHET-D72819D
17:48:45.0140 2376        UserName: enan
17:48:45.0140 2376        Windows directory: C:\WINDOWS
17:48:45.0140 2376        System windows directory: C:\WINDOWS
17:48:45.0140 2376        Processor architecture: Intel x86
17:48:45.0140 2376        Number of processors: 2
17:48:45.0140 2376        Page size: 0x1000
17:48:45.0140 2376        Boot type: Normal boot
17:48:45.0140 2376        ============================================================
17:48:46.0515 2376        Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:48:46.0515 2376        Drive \Device\Harddisk1\DR3 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:48:46.0921 2376        \Device\Harddisk0\DR0:
17:48:46.0921 2376        MBR used
17:48:46.0921 2376        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x20F57535
17:48:46.0937 2376        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x20F575B3, BlocksNum 0x537AA54D
17:48:46.0937 2376        \Device\Harddisk1\DR3:
17:48:46.0937 2376        MBR used
17:48:46.0937 2376        \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA87AF0
17:48:47.0046 2376        Initialize success
17:48:47.0046 2376        ============================================================
17:48:56.0328 3944        ============================================================
17:48:56.0328 3944        Scan started
17:48:56.0328 3944        Mode: Manual; SigCheck; TDLFS;
17:48:56.0328 3944        ============================================================
17:48:56.0718 3944        Abiosdsk - ok
17:48:56.0734 3944        abp480n5 - ok
17:48:56.0734 3944        Abyssus03 - ok
17:48:56.0781 3944        ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:48:57.0875 3944        ACPI - ok
17:48:57.0921 3944        ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:48:58.0015 3944        ACPIEC - ok
17:48:58.0031 3944        adpu160m - ok
17:48:58.0046 3944        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:48:58.0125 3944        aec - ok
17:48:58.0156 3944        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:48:58.0187 3944        AFD - ok
17:48:58.0187 3944        Aha154x - ok
17:48:58.0203 3944        aic78u2 - ok
17:48:58.0203 3944        aic78xx - ok
17:48:58.0218 3944        AliIde - ok
17:48:58.0265 3944        Ambfilt        (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
17:48:58.0343 3944        Ambfilt - ok
17:48:58.0359 3944        amsint - ok
17:48:58.0406 3944        AnyDVD          (eb9a88895a822c13aa2bbc9dcd44280f) C:\WINDOWS\system32\Drivers\AnyDVD.sys
17:48:58.0421 3944        AnyDVD - ok
17:48:58.0421 3944        asc - ok
17:48:58.0421 3944        asc3350p - ok
17:48:58.0437 3944        asc3550 - ok
17:48:58.0453 3944        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:48:58.0531 3944        AsyncMac - ok
17:48:58.0562 3944        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:48:58.0640 3944        atapi - ok
17:48:58.0640 3944        Atdisk - ok
17:48:58.0656 3944        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:48:58.0734 3944        Atmarpc - ok
17:48:58.0750 3944        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:48:58.0812 3944        audstub - ok
17:48:58.0843 3944        AVGIDSDriver    (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
17:48:58.0859 3944        AVGIDSDriver - ok
17:48:58.0875 3944        AVGIDSEH        (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
17:48:58.0875 3944        AVGIDSEH - ok
17:48:58.0890 3944        AVGIDSFilter    (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
17:48:58.0890 3944        AVGIDSFilter - ok
17:48:58.0906 3944        AVGIDSShim      (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
17:48:58.0921 3944        AVGIDSShim - ok
17:48:58.0937 3944        Avgldx86        (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
17:48:58.0937 3944        Avgldx86 - ok
17:48:58.0953 3944        Avgmfx86        (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
17:48:58.0953 3944        Avgmfx86 - ok
17:48:58.0968 3944        Avgrkx86        (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
17:48:58.0968 3944        Avgrkx86 - ok
17:48:58.0984 3944        Avgtdix        (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
17:48:59.0000 3944        Avgtdix - ok
17:48:59.0015 3944        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:48:59.0078 3944        Beep - ok
17:48:59.0109 3944        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:48:59.0171 3944        cbidf2k - ok
17:48:59.0203 3944        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:48:59.0281 3944        CCDECODE - ok
17:48:59.0281 3944        cd20xrnt - ok
17:48:59.0296 3944        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:48:59.0359 3944        Cdaudio - ok
17:48:59.0390 3944        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:48:59.0468 3944        Cdfs - ok
17:48:59.0468 3944        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:48:59.0546 3944        Cdrom - ok
17:48:59.0546 3944        Changer - ok
17:48:59.0578 3944        CLBStor        (8ff465e99a6c1ffb24533b80afabdb65) C:\WINDOWS\system32\drivers\CLBStor.sys
17:48:59.0578 3944        CLBStor - ok
17:48:59.0593 3944        CLBUDF          (d7795739dd59375c90ad44d11f2b52ad) C:\WINDOWS\system32\drivers\CLBUDF.sys
17:48:59.0609 3944        CLBUDF - ok
17:48:59.0609 3944        CmdIde - ok
17:48:59.0625 3944        Cpqarray - ok
17:48:59.0640 3944        dac2w2k - ok
17:48:59.0640 3944        dac960nt - ok
17:48:59.0671 3944        dc3d            (91c1736e77cff029302728b431d0eedb) C:\WINDOWS\system32\DRIVERS\dc3d.sys
17:48:59.0687 3944        dc3d - ok
17:48:59.0703 3944        dgderdrv        (6216fd7fd227de454238a702b218cec7) C:\WINDOWS\system32\drivers\dgderdrv.sys
17:48:59.0718 3944        dgderdrv - ok
17:48:59.0734 3944        dg_ssudbus      (d8522960163fa593694e441194a9a574) C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:48:59.0750 3944        dg_ssudbus - ok
17:48:59.0765 3944        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:48:59.0828 3944        Disk - ok
17:48:59.0843 3944        dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:48:59.0937 3944        dmboot - ok
17:48:59.0937 3944        dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:49:00.0000 3944        dmio - ok
17:49:00.0015 3944        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:49:00.0078 3944        dmload - ok
17:49:00.0093 3944        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:49:00.0187 3944        DMusic - ok
17:49:00.0187 3944        dpti2o - ok
17:49:00.0203 3944        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:49:00.0281 3944        drmkaud - ok
17:49:00.0312 3944        ElbyCDIO        (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
17:49:00.0312 3944        ElbyCDIO - ok
17:49:00.0328 3944        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:49:00.0390 3944        Fastfat - ok
17:49:00.0406 3944        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:49:00.0468 3944        Fdc - ok
17:49:00.0531 3944        Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:49:00.0609 3944        Fips - ok
17:49:00.0640 3944        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:49:00.0703 3944        Flpydisk - ok
17:49:00.0734 3944        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:49:00.0812 3944        FltMgr - ok
17:49:00.0828 3944        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:49:00.0890 3944        Fs_Rec - ok
17:49:00.0906 3944        Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:49:00.0968 3944        Ftdisk - ok
17:49:00.0984 3944        FXDrv32 - ok
17:49:00.0984 3944        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:49:01.0046 3944        Gpc - ok
17:49:01.0093 3944        hcw66xxx        (3c7291e216f0cdb015728c2dc5e2ae60) C:\WINDOWS\system32\Drivers\hcw66xxx.sys
17:49:01.0140 3944        hcw66xxx - ok
17:49:01.0156 3944        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:49:01.0218 3944        HDAudBus - ok
17:49:01.0250 3944        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:49:01.0312 3944        hidusb - ok
17:49:01.0312 3944        hpn - ok
17:49:01.0343 3944        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:49:01.0390 3944        HTTP - ok
17:49:01.0390 3944        i2omgmt - ok
17:49:01.0406 3944        i2omp - ok
17:49:01.0406 3944        i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:49:01.0484 3944        i8042prt - ok
17:49:01.0500 3944        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:49:01.0562 3944        Imapi - ok
17:49:01.0578 3944        ini910u - ok
17:49:01.0703 3944        IntcAzAudAddService (4716f7ee8fb7fd02596ece1ec70aff53) C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:49:01.0828 3944        IntcAzAudAddService - ok
17:49:01.0843 3944        IntelIde - ok
17:49:01.0843 3944        intelppm        (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:49:01.0906 3944        intelppm - ok
17:49:01.0921 3944        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:49:01.0984 3944        Ip6Fw - ok
17:49:02.0015 3944        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:49:02.0078 3944        IpFilterDriver - ok
17:49:02.0093 3944        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:49:02.0156 3944        IpInIp - ok
17:49:02.0171 3944        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:49:02.0234 3944        IpNat - ok
17:49:02.0265 3944        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:49:02.0328 3944        IPSec - ok
17:49:02.0343 3944        irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
17:49:02.0375 3944        irda - ok
17:49:02.0375 3944        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:49:02.0421 3944        IRENUM - ok
17:49:02.0453 3944        irsir          (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
17:49:02.0500 3944        irsir - ok
17:49:02.0546 3944        isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:49:02.0609 3944        isapnp - ok
17:49:02.0625 3944        Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:49:02.0687 3944        Kbdclass - ok
17:49:02.0703 3944        kbdhid          (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:49:02.0765 3944        kbdhid - ok
17:49:02.0781 3944        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:49:02.0859 3944        kmixer - ok
17:49:02.0859 3944        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:49:02.0890 3944        KSecDD - ok
17:49:02.0906 3944        lbrtfdc - ok
17:49:02.0921 3944        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:49:02.0984 3944        mnmdd - ok
17:49:03.0000 3944        Modem          (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:49:03.0062 3944        Modem - ok
17:49:03.0109 3944        Monfilt        (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
17:49:03.0171 3944        Monfilt - ok
17:49:03.0171 3944        Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:49:03.0234 3944        Mouclass - ok
17:49:03.0250 3944        mouhid          (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:49:03.0328 3944        mouhid - ok
17:49:03.0328 3944        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:49:03.0390 3944        MountMgr - ok
17:49:03.0421 3944        MPE            (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
17:49:03.0484 3944        MPE - ok
17:49:03.0515 3944        mraid35x - ok
17:49:03.0531 3944        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:49:03.0593 3944        MRxDAV - ok
17:49:03.0640 3944        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:49:03.0671 3944        MRxSmb - ok
17:49:03.0703 3944        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:49:03.0765 3944        Msfs - ok
17:49:03.0781 3944        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:49:03.0859 3944        MSKSSRV - ok
17:49:03.0875 3944        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:49:03.0937 3944        MSPCLOCK - ok
17:49:03.0953 3944        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:49:04.0015 3944        MSPQM - ok
17:49:04.0046 3944        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:49:04.0109 3944        mssmbios - ok
17:49:04.0125 3944        MSTEE          (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:49:04.0187 3944        MSTEE - ok
17:49:04.0203 3944        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:49:04.0218 3944        Mup - ok
17:49:04.0234 3944        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:49:04.0296 3944        NABTSFEC - ok
17:49:04.0312 3944        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:49:04.0390 3944        NDIS - ok
17:49:04.0390 3944        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:49:04.0453 3944        NdisIP - ok
17:49:04.0500 3944        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:49:04.0500 3944        NdisTapi - ok
17:49:04.0531 3944        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:49:04.0593 3944        Ndisuio - ok
17:49:04.0625 3944        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:49:04.0703 3944        NdisWan - ok
17:49:04.0734 3944        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:49:04.0750 3944        NDProxy - ok
17:49:04.0765 3944        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:49:04.0828 3944        NetBIOS - ok
17:49:04.0843 3944        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:49:04.0921 3944        NetBT - ok
17:49:04.0953 3944        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:49:05.0015 3944        Npfs - ok
17:49:05.0031 3944        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:49:05.0109 3944        Ntfs - ok
17:49:05.0125 3944        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:49:05.0187 3944        Null - ok
17:49:05.0406 3944        nv              (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:49:05.0859 3944        nv - ok
17:49:05.0906 3944        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:49:05.0968 3944        NwlnkFlt - ok
17:49:05.0968 3944        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:49:06.0046 3944        NwlnkFwd - ok
17:49:06.0062 3944        Parport        (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:49:06.0125 3944        Parport - ok
17:49:06.0156 3944        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:49:06.0218 3944        PartMgr - ok
17:49:06.0234 3944        ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:49:06.0296 3944        ParVdm - ok
17:49:06.0328 3944        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:49:06.0359 3944        pccsmcfd - ok
17:49:06.0375 3944        PCI            (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:49:06.0453 3944        PCI - ok
17:49:06.0453 3944        PCIDump - ok
17:49:06.0500 3944        PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:49:06.0593 3944        PCIIde - ok
17:49:06.0609 3944        Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:49:06.0687 3944        Pcmcia - ok
17:49:06.0687 3944        PDCOMP - ok
17:49:06.0703 3944        PDFRAME - ok
17:49:06.0703 3944        PDRELI - ok
17:49:06.0718 3944        PDRFRAME - ok
17:49:06.0718 3944        perc2 - ok
17:49:06.0734 3944        perc2hib - ok
17:49:06.0750 3944        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:49:06.0828 3944        PptpMiniport - ok
17:49:06.0828 3944        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:49:06.0890 3944        PSched - ok
17:49:06.0921 3944        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:49:06.0984 3944        Ptilink - ok
17:49:07.0015 3944        ql1080 - ok
17:49:07.0015 3944        Ql10wnt - ok
17:49:07.0015 3944        ql12160 - ok
17:49:07.0031 3944        ql1240 - ok
17:49:07.0031 3944        ql1280 - ok
17:49:07.0046 3944        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:49:07.0109 3944        RasAcd - ok
17:49:07.0140 3944        Rasirda        (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
17:49:07.0171 3944        Rasirda - ok
17:49:07.0187 3944        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:49:07.0250 3944        Rasl2tp - ok
17:49:07.0250 3944        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:49:07.0312 3944        RasPppoe - ok
17:49:07.0343 3944        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:49:07.0421 3944        Raspti - ok
17:49:07.0437 3944        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:49:07.0500 3944        Rdbss - ok
17:49:07.0515 3944        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:49:07.0593 3944        RDPCDD - ok
17:49:07.0593 3944        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:49:07.0671 3944        rdpdr - ok
17:49:07.0703 3944        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:49:07.0734 3944        RDPWD - ok
17:49:07.0734 3944        redbook        (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:49:07.0796 3944        redbook - ok
17:49:07.0843 3944        RTLE8023xp      (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:49:07.0875 3944        RTLE8023xp - ok
17:49:07.0921 3944        RTLWUSB        (c3880bf1bad0b8eb69efb07a9c3fa7d9) C:\WINDOWS\system32\DRIVERS\wg111v2.sys
17:49:07.0953 3944        RTLWUSB - ok
17:49:07.0984 3944        SASDIFSV        (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:49:08.0000 3944        SASDIFSV - ok
17:49:08.0031 3944        SASKUTIL        (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:49:08.0031 3944        SASKUTIL - ok
17:49:08.0062 3944        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:49:08.0093 3944        Secdrv - ok
17:49:08.0109 3944        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:49:08.0171 3944        serenum - ok
17:49:08.0187 3944        Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:49:08.0250 3944        Serial - ok
17:49:08.0281 3944        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:49:08.0343 3944        Sfloppy - ok
17:49:08.0359 3944        Simbad - ok
17:49:08.0390 3944        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:49:08.0453 3944        SLIP - ok
17:49:08.0468 3944        SONYPVU1        (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
17:49:08.0531 3944        SONYPVU1 - ok
17:49:08.0546 3944        Sparrow - ok
17:49:08.0562 3944        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:49:08.0656 3944        splitter - ok
17:49:08.0703 3944        sptd            (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
17:49:08.0703 3944        Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
17:49:08.0703 3944        sptd ( LockedFile.Multi.Generic ) - warning
17:49:08.0703 3944        sptd - detected LockedFile.Multi.Generic (1)
17:49:08.0718 3944        sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:49:08.0750 3944        sr - ok
17:49:08.0781 3944        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:49:08.0843 3944        Srv - ok
17:49:08.0875 3944        ssudmdm        (1b4052f016ba5e087689aba536a0a927) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:49:08.0875 3944        ssudmdm - ok
17:49:08.0906 3944        StarOpen        (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
17:49:08.0937 3944        StarOpen ( UnsignedFile.Multi.Generic ) - warning
17:49:08.0937 3944        StarOpen - detected UnsignedFile.Multi.Generic (1)
17:49:08.0968 3944        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:49:09.0031 3944        streamip - ok
17:49:09.0031 3944        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:49:09.0093 3944        swenum - ok
17:49:09.0125 3944        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:49:09.0187 3944        swmidi - ok
17:49:09.0187 3944        symc810 - ok
17:49:09.0203 3944        symc8xx - ok
17:49:09.0203 3944        sym_hi - ok
17:49:09.0218 3944        sym_u3 - ok
17:49:09.0218 3944        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:49:09.0296 3944        sysaudio - ok
17:49:09.0343 3944        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:49:09.0390 3944        Tcpip - ok
17:49:09.0406 3944        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:49:09.0468 3944        TDPIPE - ok
17:49:09.0484 3944        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:49:09.0546 3944        TDTCP - ok
17:49:09.0578 3944        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:49:09.0656 3944        TermDD - ok
17:49:09.0671 3944        TosIde - ok
17:49:09.0671 3944        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:49:09.0734 3944        Udfs - ok
17:49:09.0750 3944        ultra - ok
17:49:09.0781 3944        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:49:09.0859 3944        Update - ok
17:49:09.0890 3944        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:49:09.0921 3944        USBAAPL - ok
17:49:09.0953 3944        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:49:10.0031 3944        usbaudio - ok
17:49:10.0031 3944        usbbus - ok
17:49:10.0046 3944        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:49:10.0125 3944        usbccgp - ok
17:49:10.0125 3944        UsbDiag - ok
17:49:10.0156 3944        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:49:10.0218 3944        usbehci - ok
17:49:10.0234 3944        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:49:10.0296 3944        usbhub - ok
17:49:10.0312 3944        USBModem - ok
17:49:10.0343 3944        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:49:10.0406 3944        usbprint - ok
17:49:10.0421 3944        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:49:10.0484 3944        usbscan - ok
17:49:10.0500 3944        usbstor        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:49:10.0562 3944        usbstor - ok
17:49:10.0578 3944        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:49:10.0656 3944        usbuhci - ok
17:49:10.0656 3944        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:49:10.0718 3944        VgaSave - ok
17:49:10.0734 3944        ViaIde - ok
17:49:10.0734 3944        VolSnap        (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:49:10.0796 3944        VolSnap - ok
17:49:10.0828 3944        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:49:10.0890 3944        Wanarp - ok
17:49:10.0921 3944        Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
17:49:10.0937 3944        Wdf01000 - ok
17:49:10.0937 3944        WDICA - ok
17:49:10.0984 3944        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:49:11.0046 3944        wdmaud - ok
17:49:11.0078 3944        WinUSB          (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
17:49:11.0093 3944        WinUSB - ok
17:49:11.0125 3944        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:49:11.0156 3944        WpdUsb - ok
17:49:11.0187 3944        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:49:11.0250 3944        WS2IFSL - ok
17:49:11.0281 3944        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:49:11.0359 3944        WSTCODEC - ok
17:49:11.0390 3944        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:49:11.0421 3944        WudfPf - ok
17:49:11.0437 3944        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:49:11.0453 3944        WudfRd - ok
17:49:11.0468 3944        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
17:49:11.0609 3944        \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:49:11.0609 3944        \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:49:11.0609 3944        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR3
17:49:12.0078 3944        \Device\Harddisk1\DR3 - ok
17:49:12.0078 3944        Boot (0x1200)  (0e829e8e5a4fab901c1b2c7c63c874f5) \Device\Harddisk0\DR0\Partition0
17:49:12.0078 3944        \Device\Harddisk0\DR0\Partition0 - ok
17:49:12.0093 3944        Boot (0x1200)  (9b6ad40cb8348fa926397d5b54ccf1e1) \Device\Harddisk0\DR0\Partition1
17:49:12.0093 3944        \Device\Harddisk0\DR0\Partition1 - ok
17:49:12.0109 3944        Boot (0x1200)  (6d3cfbc5a1b752d6df6ae8a1ee3af623) \Device\Harddisk1\DR3\Partition0
17:49:12.0109 3944        \Device\Harddisk1\DR3\Partition0 - ok
17:49:12.0109 3944        ============================================================
17:49:12.0109 3944        Scan finished
17:49:12.0109 3944        ============================================================
17:49:12.0218 1612        Detected object count: 3
17:49:12.0218 1612        Actual detected object count: 3
17:49:29.0078 1612        sptd ( LockedFile.Multi.Generic ) - skipped by user
17:49:29.0078 1612        sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:49:29.0078 1612        StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
17:49:29.0078 1612        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:49:29.0078 1612        \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:49:29.0078 1612        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

cosinus 21.03.2012 18:16
Zitat:
17:49:29.0078 1612 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:49:29.0078 1612 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
Das TDSS File System bitte mit dem TDSS-Killer löschen lassen, starte Windows danach neu und mach ein neues Log mit diesem Tool. Poste es wieder mit CODE-Tags umschlossen.

Kult 21.03.2012 18:36
neuer Log

P.s:Nach Löschen schrieb er 1 neutralized und 5 in Quarantäne.


Code:
18:34:47.0078 1252        TDSS rootkit removing tool 2.7.21.0 Mar 21 2012 09:06:51
18:34:47.0156 1252        ============================================================
18:34:47.0156 1252        Current date / time: 2012/03/21 18:34:47.0156
18:34:47.0156 1252        SystemInfo:
18:34:47.0156 1252       
18:34:47.0156 1252        OS Version: 5.1.2600 ServicePack: 3.0
18:34:47.0156 1252        Product type: Workstation
18:34:47.0156 1252        ComputerName: PROPHET-D72819D
18:34:47.0156 1252        UserName: enan
18:34:47.0156 1252        Windows directory: C:\WINDOWS
18:34:47.0156 1252        System windows directory: C:\WINDOWS
18:34:47.0156 1252        Processor architecture: Intel x86
18:34:47.0156 1252        Number of processors: 2
18:34:47.0156 1252        Page size: 0x1000
18:34:47.0156 1252        Boot type: Normal boot
18:34:47.0156 1252        ============================================================
18:34:48.0093 1252        Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:34:48.0093 1252        Drive \Device\Harddisk1\DR3 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:48.0484 1252        \Device\Harddisk0\DR0:
18:34:48.0484 1252        MBR used
18:34:48.0484 1252        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x20F57535
18:34:48.0484 1252        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x20F575B3, BlocksNum 0x537AA54D
18:34:48.0484 1252        \Device\Harddisk1\DR3:
18:34:48.0484 1252        MBR used
18:34:48.0484 1252        \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA87AF0
18:34:48.0531 1252        Initialize success
18:34:48.0531 1252        ============================================================
18:34:53.0750 1224        ============================================================
18:34:53.0750 1224        Scan started
18:34:53.0750 1224        Mode: Manual; SigCheck; TDLFS;
18:34:53.0750 1224        ============================================================
18:34:54.0515 1224        Abiosdsk - ok
18:34:54.0531 1224        abp480n5 - ok
18:34:54.0546 1224        Abyssus03 - ok
18:34:54.0578 1224        ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:34:56.0781 1224        ACPI - ok
18:34:56.0906 1224        ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:34:57.0031 1224        ACPIEC - ok
18:34:57.0093 1224        adpu160m - ok
18:34:57.0171 1224        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:34:57.0281 1224        aec - ok
18:34:57.0343 1224        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:34:57.0453 1224        AFD - ok
18:34:57.0500 1224        Aha154x - ok
18:34:57.0515 1224        aic78u2 - ok
18:34:57.0546 1224        aic78xx - ok
18:34:57.0562 1224        AliIde - ok
18:34:57.0812 1224        Ambfilt        (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
18:34:58.0046 1224        Ambfilt - ok
18:34:58.0140 1224        amsint - ok
18:34:58.0250 1224        AnyDVD          (eb9a88895a822c13aa2bbc9dcd44280f) C:\WINDOWS\system32\Drivers\AnyDVD.sys
18:34:58.0250 1224        AnyDVD - ok
18:34:58.0281 1224        asc - ok
18:34:58.0312 1224        asc3350p - ok
18:34:58.0312 1224        asc3550 - ok
18:34:58.0375 1224        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:34:58.0468 1224        AsyncMac - ok
18:34:58.0500 1224        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:34:58.0593 1224        atapi - ok
18:34:58.0640 1224        Atdisk - ok
18:34:58.0671 1224        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:34:58.0765 1224        Atmarpc - ok
18:34:59.0140 1224        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:34:59.0250 1224        audstub - ok
18:34:59.0453 1224        AVGIDSDriver    (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
18:34:59.0468 1224        AVGIDSDriver - ok
18:34:59.0500 1224        AVGIDSEH        (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
18:34:59.0500 1224        AVGIDSEH - ok
18:34:59.0515 1224        AVGIDSFilter    (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
18:34:59.0531 1224        AVGIDSFilter - ok
18:34:59.0546 1224        AVGIDSShim      (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
18:34:59.0546 1224        AVGIDSShim - ok
18:34:59.0562 1224        Avgldx86        (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
18:34:59.0578 1224        Avgldx86 - ok
18:34:59.0578 1224        Avgmfx86        (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
18:34:59.0593 1224        Avgmfx86 - ok
18:34:59.0593 1224        Avgrkx86        (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
18:34:59.0609 1224        Avgrkx86 - ok
18:34:59.0765 1224        Avgtdix        (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
18:34:59.0781 1224        Avgtdix - ok
18:34:59.0812 1224        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:34:59.0937 1224        Beep - ok
18:34:59.0953 1224        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:35:00.0046 1224        cbidf2k - ok
18:35:00.0281 1224        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:35:00.0359 1224        CCDECODE - ok
18:35:00.0375 1224        cd20xrnt - ok
18:35:00.0375 1224        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:35:00.0484 1224        Cdaudio - ok
18:35:00.0500 1224        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:35:00.0593 1224        Cdfs - ok
18:35:00.0609 1224        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:35:00.0703 1224        Cdrom - ok
18:35:00.0703 1224        Changer - ok
18:35:00.0734 1224        CLBStor        (8ff465e99a6c1ffb24533b80afabdb65) C:\WINDOWS\system32\drivers\CLBStor.sys
18:35:00.0750 1224        CLBStor - ok
18:35:00.0765 1224        CLBUDF          (d7795739dd59375c90ad44d11f2b52ad) C:\WINDOWS\system32\drivers\CLBUDF.sys
18:35:00.0765 1224        CLBUDF - ok
18:35:00.0781 1224        CmdIde - ok
18:35:00.0796 1224        Cpqarray - ok
18:35:00.0796 1224        dac2w2k - ok
18:35:00.0796 1224        dac960nt - ok
18:35:00.0812 1224        dc3d            (91c1736e77cff029302728b431d0eedb) C:\WINDOWS\system32\DRIVERS\dc3d.sys
18:35:00.0828 1224        dc3d - ok
18:35:00.0859 1224        dgderdrv        (6216fd7fd227de454238a702b218cec7) C:\WINDOWS\system32\drivers\dgderdrv.sys
18:35:00.0859 1224        dgderdrv - ok
18:35:00.0890 1224        dg_ssudbus      (d8522960163fa593694e441194a9a574) C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:35:00.0890 1224        dg_ssudbus - ok
18:35:00.0937 1224        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:35:01.0062 1224        Disk - ok
18:35:01.0093 1224        dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
18:35:01.0187 1224        dmboot - ok
18:35:01.0203 1224        dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
18:35:01.0265 1224        dmio - ok
18:35:01.0281 1224        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:35:01.0375 1224        dmload - ok
18:35:01.0406 1224        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:35:01.0515 1224        DMusic - ok
18:35:01.0546 1224        dpti2o - ok
18:35:01.0578 1224        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:35:01.0656 1224        drmkaud - ok
18:35:01.0687 1224        ElbyCDIO        (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
18:35:01.0703 1224        ElbyCDIO - ok
18:35:01.0718 1224        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:35:01.0796 1224        Fastfat - ok
18:35:01.0828 1224        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:35:01.0890 1224        Fdc - ok
18:35:01.0906 1224        Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
18:35:02.0468 1224        Fips - ok
18:35:02.0500 1224        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:35:02.0578 1224        Flpydisk - ok
18:35:02.0625 1224        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:35:02.0687 1224        FltMgr - ok
18:35:02.0750 1224        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:35:02.0812 1224        Fs_Rec - ok
18:35:02.0828 1224        Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:35:02.0906 1224        Ftdisk - ok
18:35:02.0906 1224        FXDrv32 - ok
18:35:02.0937 1224        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:35:03.0046 1224        Gpc - ok
18:35:03.0109 1224        hcw66xxx        (3c7291e216f0cdb015728c2dc5e2ae60) C:\WINDOWS\system32\Drivers\hcw66xxx.sys
18:35:03.0171 1224        hcw66xxx - ok
18:35:03.0218 1224        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:35:03.0296 1224        HDAudBus - ok
18:35:03.0359 1224        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:35:03.0437 1224        hidusb - ok
18:35:03.0468 1224        hpn - ok
18:35:03.0515 1224        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:35:03.0593 1224        HTTP - ok
18:35:03.0593 1224        i2omgmt - ok
18:35:03.0625 1224        i2omp - ok
18:35:03.0671 1224        i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:35:03.0750 1224        i8042prt - ok
18:35:03.0796 1224        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:35:03.0890 1224        Imapi - ok
18:35:03.0906 1224        ini910u - ok
18:35:04.0187 1224        IntcAzAudAddService (4716f7ee8fb7fd02596ece1ec70aff53) C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:35:04.0437 1224        IntcAzAudAddService - ok
18:35:04.0500 1224        IntelIde - ok
18:35:04.0531 1224        intelppm        (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:35:04.0609 1224        intelppm - ok
18:35:04.0656 1224        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:35:04.0734 1224        Ip6Fw - ok
18:35:04.0781 1224        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:35:04.0859 1224        IpFilterDriver - ok
18:35:04.0906 1224        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:35:05.0000 1224        IpInIp - ok
18:35:05.0031 1224        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:35:05.0109 1224        IpNat - ok
18:35:05.0156 1224        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:35:05.0234 1224        IPSec - ok
18:35:05.0296 1224        irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
18:35:05.0343 1224        irda - ok
18:35:05.0390 1224        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:35:05.0437 1224        IRENUM - ok
18:35:05.0500 1224        irsir          (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
18:35:05.0546 1224        irsir - ok
18:35:05.0671 1224        isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:35:05.0765 1224        isapnp - ok
18:35:05.0796 1224        Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:35:05.0875 1224        Kbdclass - ok
18:35:05.0890 1224        kbdhid          (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:35:05.0968 1224        kbdhid - ok
18:35:06.0000 1224        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:35:06.0093 1224        kmixer - ok
18:35:06.0140 1224        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:35:06.0203 1224        KSecDD - ok
18:35:06.0218 1224        lbrtfdc - ok
18:35:06.0265 1224        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:35:06.0343 1224        mnmdd - ok
18:35:06.0390 1224        Modem          (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
18:35:06.0484 1224        Modem - ok
18:35:06.0531 1224        Monfilt        (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
18:35:06.0609 1224        Monfilt - ok
18:35:06.0640 1224        Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:35:06.0734 1224        Mouclass - ok
18:35:06.0750 1224        mouhid          (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:35:06.0843 1224        mouhid - ok
18:35:06.0859 1224        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:35:06.0953 1224        MountMgr - ok
18:35:06.0984 1224        MPE            (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
18:35:07.0078 1224        MPE - ok
18:35:07.0078 1224        mraid35x - ok
18:35:07.0093 1224        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:35:07.0171 1224        MRxDAV - ok
18:35:07.0203 1224        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:35:07.0265 1224        MRxSmb - ok
18:35:07.0296 1224        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:35:07.0375 1224        Msfs - ok
18:35:07.0390 1224        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:35:07.0453 1224        MSKSSRV - ok
18:35:07.0468 1224        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:35:07.0546 1224        MSPCLOCK - ok
18:35:07.0546 1224        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:35:07.0656 1224        MSPQM - ok
18:35:07.0687 1224        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:35:07.0765 1224        mssmbios - ok
18:35:07.0781 1224        MSTEE          (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:35:07.0843 1224        MSTEE - ok
18:35:07.0859 1224        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:35:07.0890 1224        Mup - ok
18:35:07.0906 1224        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:35:07.0968 1224        NABTSFEC - ok
18:35:08.0031 1224        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:35:08.0203 1224        NDIS - ok
18:35:08.0218 1224        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:35:08.0281 1224        NdisIP - ok
18:35:08.0312 1224        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:35:08.0343 1224        NdisTapi - ok
18:35:08.0359 1224        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:35:08.0437 1224        Ndisuio - ok
18:35:08.0453 1224        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:35:08.0515 1224        NdisWan - ok
18:35:08.0562 1224        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:35:08.0593 1224        NDProxy - ok
18:35:08.0593 1224        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:35:08.0671 1224        NetBIOS - ok
18:35:08.0703 1224        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:35:08.0781 1224        NetBT - ok
18:35:08.0796 1224        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:35:08.0875 1224        Npfs - ok
18:35:08.0906 1224        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:35:08.0984 1224        Ntfs - ok
18:35:09.0000 1224        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:35:09.0062 1224        Null - ok
18:35:09.0281 1224        nv              (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:35:09.0750 1224        nv - ok
18:35:09.0781 1224        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:35:09.0843 1224        NwlnkFlt - ok
18:35:09.0843 1224        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:35:09.0937 1224        NwlnkFwd - ok
18:35:09.0953 1224        Parport        (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
18:35:10.0031 1224        Parport - ok
18:35:10.0031 1224        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:35:10.0109 1224        PartMgr - ok
18:35:10.0125 1224        ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:35:10.0187 1224        ParVdm - ok
18:35:10.0218 1224        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
18:35:10.0234 1224        pccsmcfd - ok
18:35:10.0250 1224        PCI            (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
18:35:10.0328 1224        PCI - ok
18:35:10.0343 1224        PCIDump - ok
18:35:10.0359 1224        PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:35:10.0437 1224        PCIIde - ok
18:35:10.0453 1224        Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:35:10.0531 1224        Pcmcia - ok
18:35:10.0531 1224        PDCOMP - ok
18:35:10.0546 1224        PDFRAME - ok
18:35:10.0546 1224        PDRELI - ok
18:35:10.0562 1224        PDRFRAME - ok
18:35:10.0562 1224        perc2 - ok
18:35:10.0578 1224        perc2hib - ok
18:35:10.0593 1224        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:35:10.0718 1224        PptpMiniport - ok
18:35:10.0734 1224        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:35:10.0812 1224        PSched - ok
18:35:10.0843 1224        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:35:10.0906 1224        Ptilink - ok
18:35:10.0921 1224        ql1080 - ok
18:35:10.0937 1224        Ql10wnt - ok
18:35:10.0937 1224        ql12160 - ok
18:35:10.0953 1224        ql1240 - ok
18:35:10.0953 1224        ql1280 - ok
18:35:10.0968 1224        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:35:11.0046 1224        RasAcd - ok
18:35:11.0078 1224        Rasirda        (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
18:35:11.0109 1224        Rasirda - ok
18:35:11.0125 1224        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:35:11.0187 1224        Rasl2tp - ok
18:35:11.0203 1224        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:35:11.0265 1224        RasPppoe - ok
18:35:11.0265 1224        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:35:11.0343 1224        Raspti - ok
18:35:11.0375 1224        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:35:11.0437 1224        Rdbss - ok
18:35:11.0453 1224        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:35:11.0515 1224        RDPCDD - ok
18:35:11.0531 1224        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:35:11.0593 1224        rdpdr - ok
18:35:11.0625 1224        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
18:35:11.0656 1224        RDPWD - ok
18:35:11.0671 1224        redbook        (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:35:11.0734 1224        redbook - ok
18:35:11.0765 1224        RTLE8023xp      (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:35:11.0781 1224        RTLE8023xp - ok
18:35:11.0812 1224        RTLWUSB        (c3880bf1bad0b8eb69efb07a9c3fa7d9) C:\WINDOWS\system32\DRIVERS\wg111v2.sys
18:35:11.0843 1224        RTLWUSB - ok
18:35:11.0875 1224        SASDIFSV        (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:35:11.0890 1224        SASDIFSV - ok
18:35:11.0906 1224        SASKUTIL        (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:35:11.0921 1224        SASKUTIL - ok
18:35:11.0937 1224        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:35:11.0968 1224        Secdrv - ok
18:35:11.0984 1224        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:35:12.0062 1224        serenum - ok
18:35:12.0062 1224        Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
18:35:12.0125 1224        Serial - ok
18:35:12.0171 1224        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:35:12.0250 1224        Sfloppy - ok
18:35:12.0250 1224        Simbad - ok
18:35:12.0281 1224        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:35:12.0359 1224        SLIP - ok
18:35:12.0390 1224        SONYPVU1        (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
18:35:12.0468 1224        SONYPVU1 - ok
18:35:12.0468 1224        Sparrow - ok
18:35:12.0500 1224        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:35:12.0578 1224        splitter - ok
18:35:12.0625 1224        sptd            (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
18:35:12.0625 1224        Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
18:35:12.0625 1224        sptd ( LockedFile.Multi.Generic ) - warning
18:35:12.0625 1224        sptd - detected LockedFile.Multi.Generic (1)
18:35:12.0625 1224        sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
18:35:12.0671 1224        sr - ok
18:35:12.0687 1224        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:35:12.0718 1224        Srv - ok
18:35:12.0750 1224        ssudmdm        (1b4052f016ba5e087689aba536a0a927) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
18:35:12.0750 1224        ssudmdm - ok
18:35:12.0796 1224        StarOpen        (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
18:35:12.0812 1224        StarOpen ( UnsignedFile.Multi.Generic ) - warning
18:35:12.0812 1224        StarOpen - detected UnsignedFile.Multi.Generic (1)
18:35:12.0843 1224        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:35:12.0906 1224        streamip - ok
18:35:12.0937 1224        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:35:13.0000 1224        swenum - ok
18:35:13.0031 1224        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:35:13.0093 1224        swmidi - ok
18:35:13.0109 1224        symc810 - ok
18:35:13.0109 1224        symc8xx - ok
18:35:13.0125 1224        sym_hi - ok
18:35:13.0125 1224        sym_u3 - ok
18:35:13.0140 1224        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:35:13.0218 1224        sysaudio - ok
18:35:13.0265 1224        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:35:13.0296 1224        Tcpip - ok
18:35:13.0312 1224        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:35:13.0375 1224        TDPIPE - ok
18:35:13.0390 1224        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:35:13.0453 1224        TDTCP - ok
18:35:13.0468 1224        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:35:13.0531 1224        TermDD - ok
18:35:13.0546 1224        TosIde - ok
18:35:13.0562 1224        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:35:13.0625 1224        Udfs - ok
18:35:13.0640 1224        ultra - ok
18:35:13.0671 1224        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:35:13.0750 1224        Update - ok
18:35:13.0765 1224        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
18:35:13.0796 1224        USBAAPL - ok
18:35:13.0828 1224        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
18:35:13.0890 1224        usbaudio - ok
18:35:13.0890 1224        usbbus - ok
18:35:13.0937 1224        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:35:14.0000 1224        usbccgp - ok
18:35:14.0000 1224        UsbDiag - ok
18:35:14.0031 1224        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:35:14.0093 1224        usbehci - ok
18:35:14.0109 1224        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:35:14.0171 1224        usbhub - ok
18:35:14.0187 1224        USBModem - ok
18:35:14.0218 1224        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:35:14.0281 1224        usbprint - ok
18:35:14.0296 1224        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:35:14.0359 1224        usbscan - ok
18:35:14.0390 1224        usbstor        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:35:14.0468 1224        usbstor - ok
18:35:14.0484 1224        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:35:14.0546 1224        usbuhci - ok
18:35:14.0562 1224        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:35:14.0625 1224        VgaSave - ok
18:35:14.0640 1224        ViaIde - ok
18:35:14.0640 1224        VolSnap        (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
18:35:14.0718 1224        VolSnap - ok
18:35:14.0734 1224        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:35:14.0796 1224        Wanarp - ok
18:35:14.0843 1224        Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
18:35:14.0859 1224        Wdf01000 - ok
18:35:14.0875 1224        WDICA - ok
18:35:14.0906 1224        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:35:15.0046 1224        wdmaud - ok
18:35:15.0250 1224        WinUSB          (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
18:35:15.0265 1224        WinUSB - ok
18:35:15.0484 1224        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:35:15.0593 1224        WpdUsb - ok
18:35:15.0640 1224        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:35:15.0718 1224        WS2IFSL - ok
18:35:15.0781 1224        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:35:15.0859 1224        WSTCODEC - ok
18:35:16.0000 1224        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:35:16.0015 1224        WudfPf - ok
18:35:16.0046 1224        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:35:16.0062 1224        WudfRd - ok
18:35:16.0078 1224        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
18:35:16.0515 1224        \Device\Harddisk0\DR0 - ok
18:35:16.0515 1224        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR3
18:35:17.0000 1224        \Device\Harddisk1\DR3 - ok
18:35:17.0000 1224        Boot (0x1200)  (0e829e8e5a4fab901c1b2c7c63c874f5) \Device\Harddisk0\DR0\Partition0
18:35:17.0000 1224        \Device\Harddisk0\DR0\Partition0 - ok
18:35:17.0000 1224        Boot (0x1200)  (9b6ad40cb8348fa926397d5b54ccf1e1) \Device\Harddisk0\DR0\Partition1
18:35:17.0000 1224        \Device\Harddisk0\DR0\Partition1 - ok
18:35:17.0000 1224        Boot (0x1200)  (6d3cfbc5a1b752d6df6ae8a1ee3af623) \Device\Harddisk1\DR3\Partition0
18:35:17.0000 1224        \Device\Harddisk1\DR3\Partition0 - ok
18:35:17.0000 1224        ============================================================
18:35:17.0000 1224        Scan finished
18:35:17.0000 1224        ============================================================
18:35:17.0109 0464        Detected object count: 2
18:35:17.0109 0464        Actual detected object count: 2
18:35:20.0546 0464        sptd ( LockedFile.Multi.Generic ) - skipped by user
18:35:20.0546 0464        sptd ( LockedFile.Multi.Generic ) - User select action: Skip
18:35:20.0546 0464        StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
18:35:20.0546 0464        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 21.03.2012 20:49
Da du neu aufgesetzt hast vor Kurzem sollte es das gewesen sein
Lass mich bitte wissen wie genau du neu aufgesetzt hast. Hast du alles formatiert also manuell gemacht oder hattest du per Recovery neu aufgesetzt?

Kult 21.03.2012 23:16
Hab alles manuell aufgesetzt,also ganz gründlich(langes formatieren,partitionieren,etc..)...

Die zwei anderen Einträge beim Kasperskylog bedeuten nichts?
Kann ich das Kaspersky wieda löschen und was passiert dann mit den 5 Files in der Quarantäne?


Aber schonmal Vielen Dank!:abklatsch:

Hmmm.Spywaredoctor zeigte noch immer ROOTKID TDSS.3???Kann es sein,dass er das anzeigt,weils bei Kaspersky in Quarantäne is?
Kaspersky mit Update listet folgendes auf:



Code:
23:06:51.0890 5720        Detected object count: 4
23:06:51.0890 5720        Actual detected object count: 4
23:07:15.0546 5720        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:07:15.0546 5720        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:07:15.0546 5720        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:07:15.0546 5720        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:07:15.0546 5720        sptd ( LockedFile.Multi.Generic ) - skipped by user
23:07:15.0546 5720        sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:07:15.0546 5720        StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
23:07:15.0546 5720        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 22.03.2012 12:21
Zitat:
Hab alles manuell aufgesetzt,also ganz gründlich(langes formatieren,partitionieren,etc..)...
Langes formatieren oder Quickformat ist bei einer Neuinstallation völlig egal. Beim langen Formatieren wird nur noch lesenderweise der Datenträger bzw. das Dateisystem auf Fehler überprüft. Das ist aber in den allermeisten Fällen reine Zeitverschwendung.
Wichtiger ist, dass man sich bei einer "gründlichen" Neuinstallation auch um den MBR kümmert. Eigentlich sollte das Windows-Setup den MBR neu schreiben, hat's aber nicht getan. :balla:

Zitat:
Die zwei anderen Einträge beim Kasperskylog bedeuten nichts?
Was meinst du wohl warum ich gepostet hab, dass erstmal grundsätzlich alles nur geskipped werden soll? Der TDSS-Killer listet u.a. auch viele gute und wichtige Einträge auf!

Zitat:
Hmmm.Spywaredoctor zeigte noch immer ROOTKID TDSS.3???Kann es sein,dass er das anzeigt,weils bei Kaspersky in Quarantäne is?
Ohne das Log von dem Tool werd ich das wohl nicht sagen können :balla:
Also poste das Log und mach auch noch einen Check mit aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Kult 22.03.2012 17:36
aswMBRlog

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-22 15:11:32
-----------------------------
15:11:32.453    OS Version: Windows 5.1.2600 Service Pack 3
15:11:32.453    Number of processors: 2 586 0x170A
15:11:32.453    ComputerName: PROPHET-D72819D  UserName: enan
15:11:36.437    Initialize success
15:12:17.437    AVAST engine defs: 12032000
15:12:34.109    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-5
15:12:34.109    Disk 0 Vendor: ST31000333AS CC1H Size: 953869MB BusType: 3
15:12:34.140    Disk 0 MBR read successfully
15:12:34.140    Disk 0 MBR scan
15:12:34.171    Disk 0 Windows XP default MBR code
15:12:34.171    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS      269998 MB offset 63
15:12:34.171    Disk 0 Partition - 00    0F Extended LBA            683860 MB offset 552957300
15:12:34.187    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      683860 MB offset 552957363
15:12:34.187    Disk 0 scanning sectors +1953504000
15:12:34.265    Disk 0 scanning C:\WINDOWS\system32\drivers
15:12:42.515    Service scanning
15:12:45.937    Service FXDrv32 I:\FXDrv32.sys **LOCKED** 21
15:12:52.406    Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
15:12:55.109    Modules scanning
15:12:58.953    Disk 0 trace - called modules:
15:12:58.968    ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys ACPI.sys hal.dll atapi.sys spoe.sys >>UNKNOWN [0x8aef7938]<<
15:12:58.968    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ae01ab8]
15:12:58.968    3 CLASSPNP.SYS[b80e8fd7] -> nt!IofCallDriver -> [0x8ae9b920]
15:12:58.984    5 PCTCore.sys[b7d37407] -> nt!IofCallDriver -> \Device\00000077[0x8aeb99e8]
15:12:58.984    7 ACPI.sys[b7e54620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-5[0x8ae06940]
15:13:01.531    AVAST engine scan C:\
16:39:27.750    File: C:\TDSSKiller_Quarantine\21.03.2012_18.30.08\tdlfs0000\tsk0004.dta  **INFECTED** Win32:DNSChanger-VJ [Trj]
17:30:43.312    Scan finished successfully
17:32:48.812    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\enan\Desktop\MBR.dat"
17:32:48.812    The log file has been saved successfully to "C:\Documents and Settings\enan\Desktop\aswMBR.txt"
Spywaredoclog

Code:
22.03.2012 15:00:12:78       
Scan gestartet
Scantyp - Intelli-Scan
22.03.2012 15:03:21:609       
Infektion wurde auf diesem Computer gefunden
Name der Bedrohung - Rootkit.TDSS.v3
Typ - Unknown
Risikostufe - Hoch
Infektion - Kernel Objects
22.03.2012 15:03:21:906       
Scan beendet
Scantyp - Intelli-Scan
Bearbeitete Elemente - 498905
Gefundene Bedrohungen - 1
Gefundene Infektionen - 1
Büdddeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
Erbarmennnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn

Dieser Scan hat 5 Stunden lang gedauert,jetzt hab ich Computer seitdem ncith mehr ausgeschlatet,weil wegen Entfernung der Infektionen.:lmaa:

cosinus 23.03.2012 20:46
Zitat:
File: C:\TDSSKiller_Quarantine\21.03.2012_18.30.08\tdlfs0000\tsk0004.dta **INFECTED** Win32:DNSChanger-VJ [Trj]
Wenn der nur da gefunden wurd eist das harmlos. Ist ja auch die Quarantäne vom TDSS-Killer!


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:17 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131