Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner: 2048 bit pgp-rsa

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.05.2012, 18:56   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Zitat:
Dateien sind noch verschlüsselt
Ja was denn sonst?
Wie die entschlüsselt werden dazu gibt es hier genug Hinweise!!

Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen!
2.) Ordner MovedFiles in C:\_OTL in eine Datei zippen
3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten!

4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.05.2012, 19:59   #17
fharry
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Hallo Arne,
die Zip-Datei ist Hochgeladen
Gruß
Harry
__________________


Alt 04.05.2012, 09:24   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
__________________

Alt 04.05.2012, 18:50   #19
fharry
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Hallo Arne,
hie der Log vom TDSS
Code:
ATTFilter
 19:27:06.0490 1472	TDSS rootkit removing tool 2.7.34.0 May  2 2012 09:59:18
19:27:06.0850 1472	============================================================
19:27:06.0850 1472	Current date / time: 2012/05/04 19:27:06.0850
19:27:06.0850 1472	SystemInfo:
19:27:06.0850 1472	
19:27:06.0850 1472	OS Version: 5.1.2600 ServicePack: 3.0
19:27:06.0850 1472	Product type: Workstation
19:27:06.0850 1472	ComputerName: TUS
19:27:06.0850 1472	UserName: Admin
19:27:06.0850 1472	Windows directory: C:\WINDOWS
19:27:06.0850 1472	System windows directory: C:\WINDOWS
19:27:06.0850 1472	Processor architecture: Intel x86
19:27:06.0850 1472	Number of processors: 1
19:27:06.0850 1472	Page size: 0x1000
19:27:06.0850 1472	Boot type: Normal boot
19:27:06.0850 1472	============================================================
19:27:08.0444 1472	Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:27:08.0459 1472	Drive \Device\Harddisk1\DR1 - Size: 0xC0720000 (3.01 Gb), SectorSize: 0x200, Cylinders: 0x30E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x80, Type 'K0', Flags 0x00000054
19:27:08.0459 1472	============================================================
19:27:08.0459 1472	\Device\Harddisk0\DR0:
19:27:08.0459 1472	MBR partitions:
19:27:08.0459 1472	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1388AFC
19:27:08.0475 1472	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388B7A, BlocksNum 0x3700647
19:27:08.0475 1472	\Device\Harddisk1\DR1:
19:27:08.0475 1472	MBR partitions:
19:27:08.0475 1472	\Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x6038C1
19:27:08.0475 1472	============================================================
19:27:08.0709 1472	C: <-> \Device\Harddisk0\DR0\Partition0
19:27:08.0740 1472	D: <-> \Device\Harddisk0\DR0\Partition1
19:27:08.0756 1472	E: <-> \Device\Harddisk1\DR1\Partition0
19:27:08.0756 1472	============================================================
19:27:08.0756 1472	Initialize success
19:27:08.0756 1472	============================================================
19:27:17.0709 1548	============================================================
19:27:17.0709 1548	Scan started
19:27:17.0709 1548	Mode: Manual; SigCheck; TDLFS; 
19:27:17.0709 1548	============================================================
19:27:17.0959 1548	Abiosdsk - ok
19:27:17.0990 1548	abp480n5 - ok
19:27:18.0053 1548	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:27:18.0990 1548	ACPI - ok
19:27:19.0022 1548	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:27:19.0209 1548	ACPIEC - ok
19:27:19.0225 1548	adpu160m - ok
19:27:19.0256 1548	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:27:19.0459 1548	aec - ok
19:27:19.0506 1548	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:27:19.0553 1548	AFD - ok
19:27:19.0569 1548	Aha154x - ok
19:27:19.0600 1548	aic78u2 - ok
19:27:19.0615 1548	aic78xx - ok
19:27:19.0803 1548	ALCXWDM         (35045a23957a71ba649740741e69408c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:27:20.0178 1548	ALCXWDM - ok
19:27:20.0272 1548	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
19:27:20.0459 1548	Alerter - ok
19:27:20.0506 1548	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
19:27:20.0600 1548	ALG - ok
19:27:20.0631 1548	AliIde - ok
19:27:20.0662 1548	amsint - ok
19:27:20.0709 1548	AN983           (e2ad6cc7d407f2b5cb2899775cf84f51) C:\WINDOWS\system32\DRIVERS\AN983.sys
19:27:20.0772 1548	AN983 - ok
19:27:20.0881 1548	AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Programme\Avira\AntiVir Desktop\sched.exe
19:27:20.0912 1548	AntiVirSchedulerService - ok
19:27:20.0959 1548	AntiVirService  (df5a3016052755c910a206058b4a1729) C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:27:21.0006 1548	AntiVirService - ok
19:27:21.0022 1548	AppMgmt - ok
19:27:21.0037 1548	asc - ok
19:27:21.0053 1548	asc3350p - ok
19:27:21.0084 1548	asc3550 - ok
19:27:21.0178 1548	aspnet_state    (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
19:27:21.0209 1548	aspnet_state ( UnsignedFile.Multi.Generic ) - warning
19:27:21.0209 1548	aspnet_state - detected UnsignedFile.Multi.Generic (1)
19:27:21.0240 1548	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:27:21.0428 1548	AsyncMac - ok
19:27:21.0475 1548	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:27:21.0709 1548	atapi - ok
19:27:21.0725 1548	Atdisk - ok
19:27:21.0787 1548	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:27:22.0006 1548	Atmarpc - ok
19:27:22.0053 1548	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
19:27:22.0256 1548	AudioSrv - ok
19:27:22.0287 1548	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:27:22.0490 1548	audstub - ok
19:27:22.0537 1548	Automatisches LiveUpdate - Scheduler - ok
19:27:22.0584 1548	avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
19:27:22.0600 1548	avgio - ok
19:27:22.0631 1548	avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:27:22.0694 1548	avgntflt - ok
19:27:22.0725 1548	avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:27:22.0772 1548	avipbb - ok
19:27:22.0834 1548	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:27:23.0053 1548	Beep - ok
19:27:23.0115 1548	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
19:27:23.0381 1548	BITS - ok
19:27:23.0444 1548	Brother XP spl Service (d3facb34fff5db91adb70987838f8ba7) C:\WINDOWS\system32\brsvc01a.exe
19:27:23.0490 1548	Brother XP spl Service - ok
19:27:23.0537 1548	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
19:27:23.0756 1548	Browser - ok
19:27:23.0819 1548	BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
19:27:23.0881 1548	BrScnUsb - ok
19:27:23.0912 1548	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:27:24.0131 1548	cbidf2k - ok
19:27:24.0147 1548	cd20xrnt - ok
19:27:24.0194 1548	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:27:24.0412 1548	Cdaudio - ok
19:27:24.0475 1548	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:27:24.0694 1548	Cdfs - ok
19:27:24.0725 1548	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:27:24.0928 1548	Cdrom - ok
19:27:24.0944 1548	Changer - ok
19:27:25.0006 1548	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
19:27:25.0209 1548	CiSvc - ok
19:27:25.0256 1548	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
19:27:25.0490 1548	ClipSrv - ok
19:27:25.0506 1548	CmdIde - ok
19:27:25.0522 1548	COMSysApp - ok
19:27:25.0553 1548	Cpqarray - ok
19:27:25.0600 1548	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
19:27:25.0819 1548	CryptSvc - ok
19:27:25.0834 1548	dac2w2k - ok
19:27:25.0850 1548	dac960nt - ok
19:27:25.0928 1548	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:27:26.0006 1548	DcomLaunch - ok
19:27:26.0069 1548	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
19:27:26.0287 1548	Dhcp - ok
19:27:26.0319 1548	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:27:26.0537 1548	Disk - ok
19:27:26.0569 1548	dmadmin - ok
19:27:26.0662 1548	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
19:27:26.0944 1548	dmboot - ok
19:27:26.0975 1548	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
19:27:27.0225 1548	dmio - ok
19:27:27.0272 1548	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:27:27.0506 1548	dmload - ok
19:27:27.0537 1548	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
19:27:27.0756 1548	dmserver - ok
19:27:27.0803 1548	DMusic          (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
19:27:27.0944 1548	DMusic - ok
19:27:27.0990 1548	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
19:27:28.0037 1548	Dnscache - ok
19:27:28.0069 1548	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
19:27:28.0287 1548	Dot3svc - ok
19:27:28.0350 1548	Dot4            (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
19:27:28.0600 1548	Dot4 - ok
19:27:28.0647 1548	Dot4Print       (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
19:27:28.0850 1548	Dot4Print - ok
19:27:28.0897 1548	Dot4Scan        (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
19:27:29.0147 1548	Dot4Scan - ok
19:27:29.0162 1548	dpti2o - ok
19:27:29.0209 1548	drmkaud         (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
19:27:29.0350 1548	drmkaud - ok
19:27:29.0381 1548	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
19:27:29.0600 1548	EapHost - ok
19:27:29.0678 1548	EraserUtilRebootDrv - ok
19:27:29.0725 1548	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
19:27:29.0944 1548	ERSvc - ok
19:27:29.0975 1548	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:27:30.0022 1548	Eventlog - ok
19:27:30.0084 1548	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
19:27:30.0131 1548	EventSystem - ok
19:27:30.0209 1548	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:27:30.0412 1548	Fastfat - ok
19:27:30.0475 1548	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:27:30.0522 1548	FastUserSwitchingCompatibility - ok
19:27:30.0553 1548	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:27:30.0772 1548	Fdc - ok
19:27:30.0803 1548	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
19:27:31.0006 1548	Fips - ok
19:27:31.0037 1548	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:27:31.0272 1548	Flpydisk - ok
19:27:31.0319 1548	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:27:31.0522 1548	FltMgr - ok
19:27:31.0569 1548	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:27:31.0787 1548	Fs_Rec - ok
19:27:31.0850 1548	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:27:32.0037 1548	Ftdisk - ok
19:27:32.0115 1548	fwdrv           (1ff2eef447a177df2c544b80f8f7f879) C:\WINDOWS\system32\drivers\fwdrv.sys
19:27:32.0147 1548	fwdrv - ok
19:27:32.0194 1548	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:27:32.0412 1548	Gpc - ok
19:27:32.0537 1548	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
19:27:32.0553 1548	gupdate - ok
19:27:32.0569 1548	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
19:27:32.0600 1548	gupdatem - ok
19:27:32.0662 1548	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
19:27:32.0694 1548	gusvc - ok
19:27:32.0772 1548	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:27:32.0975 1548	helpsvc - ok
19:27:32.0990 1548	HidServ - ok
19:27:33.0037 1548	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
19:27:33.0256 1548	hkmsvc - ok
19:27:33.0272 1548	hpn - ok
19:27:33.0350 1548	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:27:33.0412 1548	HTTP - ok
19:27:33.0459 1548	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
19:27:33.0678 1548	HTTPFilter - ok
19:27:33.0694 1548	i2omgmt - ok
19:27:33.0709 1548	i2omp - ok
19:27:33.0756 1548	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:27:33.0959 1548	i8042prt - ok
19:27:34.0069 1548	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:27:34.0100 1548	IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:27:34.0100 1548	IDriverT - detected UnsignedFile.Multi.Generic (1)
19:27:34.0147 1548	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:27:34.0365 1548	Imapi - ok
19:27:34.0412 1548	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
19:27:34.0615 1548	ImapiService - ok
19:27:34.0647 1548	ini910u - ok
19:27:34.0678 1548	IntelIde - ok
19:27:34.0725 1548	intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:27:34.0928 1548	intelppm - ok
19:27:34.0959 1548	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:27:35.0178 1548	Ip6Fw - ok
19:27:35.0240 1548	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:27:35.0444 1548	IpFilterDriver - ok
19:27:35.0490 1548	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:27:35.0709 1548	IpInIp - ok
19:27:35.0756 1548	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:27:35.0959 1548	IpNat - ok
19:27:36.0022 1548	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:27:36.0225 1548	IPSec - ok
19:27:36.0256 1548	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:27:36.0350 1548	IRENUM - ok
19:27:36.0412 1548	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:27:36.0615 1548	isapnp - ok
19:27:36.0740 1548	JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
19:27:36.0772 1548	JavaQuickStarterService - ok
19:27:36.0819 1548	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:27:37.0022 1548	Kbdclass - ok
19:27:37.0084 1548	khips           (304ce9fb3d64caa07b940bef4f8c2dcd) C:\WINDOWS\system32\drivers\khips.sys
19:27:37.0115 1548	khips - ok
19:27:37.0162 1548	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:27:37.0365 1548	kmixer - ok
19:27:37.0475 1548	KPF4            (9ef600c64435ccfdea01c991289e76ec) C:\Programme\Sunbelt Software\Personal Firewall\kpf4ss.exe
19:27:37.0615 1548	KPF4 - ok
19:27:37.0740 1548	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:27:37.0819 1548	KSecDD - ok
19:27:37.0865 1548	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
19:27:37.0928 1548	lanmanserver - ok
19:27:37.0975 1548	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
19:27:38.0022 1548	lanmanworkstation - ok
19:27:38.0037 1548	lbrtfdc - ok
19:27:38.0100 1548	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
19:27:38.0303 1548	LmHosts - ok
19:27:38.0350 1548	MBAMSwissArmy   (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
19:27:38.0365 1548	MBAMSwissArmy - ok
19:27:38.0475 1548	McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
19:27:38.0506 1548	McComponentHostService - ok
19:27:38.0553 1548	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
19:27:38.0756 1548	Messenger - ok
19:27:38.0803 1548	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:27:39.0022 1548	mnmdd - ok
19:27:39.0069 1548	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
19:27:39.0272 1548	mnmsrvc - ok
19:27:39.0303 1548	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
19:27:39.0506 1548	Modem - ok
19:27:39.0537 1548	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:27:39.0740 1548	Mouclass - ok
19:27:39.0756 1548	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:27:39.0928 1548	MountMgr - ok
19:27:39.0959 1548	mraid35x - ok
19:27:40.0006 1548	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:27:40.0209 1548	MRxDAV - ok
19:27:40.0272 1548	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:27:40.0350 1548	MRxSmb - ok
19:27:40.0381 1548	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
19:27:40.0569 1548	MSDTC - ok
19:27:40.0615 1548	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:27:40.0819 1548	Msfs - ok
19:27:40.0834 1548	MSIServer - ok
19:27:40.0881 1548	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:27:41.0084 1548	MSKSSRV - ok
19:27:41.0100 1548	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:27:41.0287 1548	MSPCLOCK - ok
19:27:41.0334 1548	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:27:41.0537 1548	MSPQM - ok
19:27:41.0584 1548	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:27:41.0772 1548	mssmbios - ok
19:27:41.0819 1548	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:27:41.0865 1548	Mup - ok
19:27:41.0912 1548	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
19:27:42.0115 1548	napagent - ok
19:27:42.0178 1548	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:27:42.0397 1548	NDIS - ok
19:27:42.0444 1548	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:27:42.0475 1548	NdisTapi - ok
19:27:42.0506 1548	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:27:42.0709 1548	Ndisuio - ok
19:27:42.0740 1548	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:27:42.0959 1548	NdisWan - ok
19:27:43.0006 1548	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:27:43.0053 1548	NDProxy - ok
19:27:43.0069 1548	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:27:43.0272 1548	NetBIOS - ok
19:27:43.0334 1548	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:27:43.0537 1548	NetBT - ok
19:27:43.0600 1548	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:27:43.0803 1548	NetDDE - ok
19:27:43.0834 1548	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:27:44.0006 1548	NetDDEdsdm - ok
19:27:44.0022 1548	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:27:44.0240 1548	Netlogon - ok
19:27:44.0272 1548	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
19:27:44.0475 1548	Netman - ok
19:27:44.0522 1548	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
19:27:44.0569 1548	Nla - ok
19:27:44.0615 1548	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:27:44.0803 1548	Npfs - ok
19:27:44.0881 1548	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:27:45.0115 1548	Ntfs - ok
19:27:45.0131 1548	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:27:45.0334 1548	NtLmSsp - ok
19:27:45.0381 1548	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
19:27:45.0615 1548	NtmsSvc - ok
19:27:45.0678 1548	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:27:45.0865 1548	Null - ok
19:27:45.0897 1548	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:27:46.0115 1548	NwlnkFlt - ok
19:27:46.0147 1548	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:27:46.0365 1548	NwlnkFwd - ok
19:27:46.0444 1548	ose             (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
19:27:46.0506 1548	ose - ok
19:27:46.0553 1548	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
19:27:46.0740 1548	Parport - ok
19:27:46.0772 1548	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:27:46.0975 1548	PartMgr - ok
19:27:47.0022 1548	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
19:27:47.0209 1548	ParVdm - ok
19:27:47.0256 1548	PCANDIS5        (d0084a9ade989fe703e4f22171f4e4dc) C:\PROGRA~1\T-DSLS~1\PCANDIS5.SYS
19:27:47.0287 1548	PCANDIS5 ( UnsignedFile.Multi.Generic ) - warning
19:27:47.0287 1548	PCANDIS5 - detected UnsignedFile.Multi.Generic (1)
19:27:47.0334 1548	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
19:27:47.0522 1548	PCI - ok
19:27:47.0553 1548	PCIDump - ok
19:27:47.0600 1548	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:27:47.0787 1548	PCIIde - ok
19:27:47.0819 1548	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:27:48.0022 1548	Pcmcia - ok
19:27:48.0037 1548	PDCOMP - ok
19:27:48.0069 1548	PDFRAME - ok
19:27:48.0084 1548	PDRELI - ok
19:27:48.0115 1548	PDRFRAME - ok
19:27:48.0131 1548	perc2 - ok
19:27:48.0162 1548	perc2hib - ok
19:27:48.0240 1548	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:27:48.0256 1548	PlugPlay - ok
19:27:48.0272 1548	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:27:48.0475 1548	PolicyAgent - ok
19:27:48.0506 1548	PortTalk        (7d5a2d755b6c6579f63657b527d6ff1b) C:\WINDOWS\system32\Drivers\PtbTalk.sys
19:27:48.0522 1548	PortTalk ( UnsignedFile.Multi.Generic ) - warning
19:27:48.0522 1548	PortTalk - detected UnsignedFile.Multi.Generic (1)
19:27:48.0569 1548	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:27:48.0756 1548	PptpMiniport - ok
19:27:48.0772 1548	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:27:48.0959 1548	ProtectedStorage - ok
19:27:48.0975 1548	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:27:49.0178 1548	PSched - ok
19:27:49.0240 1548	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:27:49.0412 1548	Ptilink - ok
19:27:49.0428 1548	ql1080 - ok
19:27:49.0444 1548	Ql10wnt - ok
19:27:49.0475 1548	ql12160 - ok
19:27:49.0490 1548	ql1240 - ok
19:27:49.0522 1548	ql1280 - ok
19:27:49.0553 1548	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:27:49.0740 1548	RasAcd - ok
19:27:49.0787 1548	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
19:27:50.0006 1548	RasAuto - ok
19:27:50.0037 1548	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:27:50.0225 1548	Rasl2tp - ok
19:27:50.0287 1548	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
19:27:50.0490 1548	RasMan - ok
19:27:50.0522 1548	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:27:50.0709 1548	RasPppoe - ok
19:27:50.0725 1548	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:27:50.0912 1548	Raspti - ok
19:27:50.0959 1548	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:27:51.0147 1548	Rdbss - ok
19:27:51.0194 1548	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:27:51.0412 1548	RDPCDD - ok
19:27:51.0459 1548	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
19:27:51.0522 1548	RDPWD - ok
19:27:51.0569 1548	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
19:27:51.0787 1548	RDSessMgr - ok
19:27:51.0850 1548	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:27:52.0037 1548	redbook - ok
19:27:52.0084 1548	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
19:27:52.0287 1548	RemoteAccess - ok
19:27:52.0334 1548	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
19:27:52.0553 1548	RpcLocator - ok
19:27:52.0615 1548	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:27:52.0662 1548	RpcSs - ok
19:27:52.0709 1548	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
19:27:52.0912 1548	RSVP - ok
19:27:52.0959 1548	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:27:53.0162 1548	rtl8139 - ok
19:27:53.0209 1548	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:27:53.0397 1548	SamSs - ok
19:27:53.0444 1548	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
19:27:53.0647 1548	SCardSvr - ok
19:27:53.0694 1548	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
19:27:53.0912 1548	Schedule - ok
19:27:53.0959 1548	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:27:54.0037 1548	Secdrv - ok
19:27:54.0100 1548	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
19:27:54.0303 1548	seclogon - ok
19:27:54.0334 1548	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
19:27:54.0522 1548	SENS - ok
19:27:54.0553 1548	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:27:54.0756 1548	serenum - ok
19:27:54.0819 1548	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
19:27:54.0990 1548	Serial - ok
19:27:55.0037 1548	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:27:55.0225 1548	Sfloppy - ok
19:27:55.0272 1548	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
19:27:55.0490 1548	SharedAccess - ok
19:27:55.0553 1548	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:27:55.0584 1548	ShellHWDetection - ok
19:27:55.0600 1548	Simbad - ok
19:27:55.0662 1548	SiS315          (7469858341a5b6f22dedd2995f4d2ff2) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
19:27:55.0725 1548	SiS315 - ok
19:27:55.0756 1548	SiSkp           (9a0f86efa0ef99115a23c8624e2e6bc7) C:\WINDOWS\system32\DRIVERS\srvkp.sys
19:27:55.0803 1548	SiSkp - ok
19:27:55.0819 1548	Sparrow - ok
19:27:55.0865 1548	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:27:56.0053 1548	splitter - ok
19:27:56.0100 1548	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:27:56.0147 1548	Spooler - ok
19:27:56.0194 1548	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
19:27:56.0303 1548	sr - ok
19:27:56.0365 1548	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
19:27:56.0459 1548	srservice - ok
19:27:56.0522 1548	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:27:56.0584 1548	Srv - ok
19:27:56.0647 1548	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
19:27:56.0756 1548	SSDPSRV - ok
19:27:56.0803 1548	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:27:56.0819 1548	ssmdrv - ok
19:27:56.0881 1548	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
19:27:57.0115 1548	stisvc - ok
19:27:57.0147 1548	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:27:57.0350 1548	swenum - ok
19:27:57.0412 1548	swmidi          (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
19:27:57.0428 1548	swmidi ( UnsignedFile.Multi.Generic ) - warning
19:27:57.0428 1548	swmidi - detected UnsignedFile.Multi.Generic (1)
19:27:57.0428 1548	SwPrv - ok
19:27:57.0459 1548	symc810 - ok
19:27:57.0490 1548	symc8xx - ok
19:27:57.0537 1548	symlcbrd        (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
19:27:57.0569 1548	symlcbrd - ok
19:27:57.0584 1548	sym_hi - ok
19:27:57.0600 1548	sym_u3 - ok
19:27:57.0647 1548	sysaudio        (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
19:27:57.0787 1548	sysaudio - ok
19:27:57.0834 1548	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
19:27:58.0053 1548	SysmonLog - ok
19:27:58.0100 1548	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
19:27:58.0287 1548	TapiSrv - ok
19:27:58.0350 1548	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:27:58.0428 1548	Tcpip - ok
19:27:58.0475 1548	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:27:58.0662 1548	TDPIPE - ok
19:27:58.0709 1548	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:27:58.0928 1548	TDTCP - ok
19:27:58.0975 1548	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:27:59.0178 1548	TermDD - ok
19:27:59.0240 1548	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
19:27:59.0459 1548	TermService - ok
19:27:59.0506 1548	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:27:59.0537 1548	Themes - ok
19:27:59.0647 1548	TNPacket        (52ab2f2b0d2fd7cc2fdb489c449feb8e) C:\Programme\T-DSL SpeedManager\TNPACKET.SYS
19:27:59.0662 1548	TNPacket ( UnsignedFile.Multi.Generic ) - warning
19:27:59.0662 1548	TNPacket - detected UnsignedFile.Multi.Generic (1)
19:27:59.0694 1548	TosIde - ok
19:27:59.0756 1548	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
19:27:59.0944 1548	TrkWks - ok
19:27:59.0975 1548	TSMService      (bf2236a5a39b21f694ccd7b5a6639e71) C:\Programme\T-DSL SpeedManager\tsmsvc.exe
19:28:00.0006 1548	TSMService ( UnsignedFile.Multi.Generic ) - warning
19:28:00.0006 1548	TSMService - detected UnsignedFile.Multi.Generic (1)
19:28:00.0053 1548	uagp35          (49c805d42d75eddc9b6a7130999c9054) C:\WINDOWS\system32\DRIVERS\uagp35.sys
19:28:00.0209 1548	uagp35 - ok
19:28:00.0240 1548	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:28:00.0428 1548	Udfs - ok
19:28:00.0444 1548	ultra - ok
19:28:00.0490 1548	UMWdf           (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe
19:28:00.0537 1548	UMWdf - ok
19:28:00.0615 1548	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:28:00.0834 1548	Update - ok
19:28:00.0897 1548	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
19:28:01.0022 1548	upnphost - ok
19:28:01.0069 1548	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
19:28:01.0287 1548	UPS - ok
19:28:01.0350 1548	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:28:01.0522 1548	usbccgp - ok
19:28:01.0569 1548	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:28:01.0772 1548	usbehci - ok
19:28:01.0819 1548	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:28:02.0006 1548	usbhub - ok
19:28:02.0053 1548	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:28:02.0240 1548	usbohci - ok
19:28:02.0287 1548	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:28:02.0459 1548	usbprint - ok
19:28:02.0506 1548	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:28:02.0709 1548	USBSTOR - ok
19:28:02.0756 1548	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:28:02.0944 1548	VgaSave - ok
19:28:02.0959 1548	ViaIde - ok
19:28:03.0022 1548	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
19:28:03.0194 1548	VolSnap - ok
19:28:03.0256 1548	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
19:28:03.0365 1548	VSS - ok
19:28:03.0428 1548	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
19:28:03.0631 1548	W32Time - ok
19:28:03.0678 1548	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:28:03.0865 1548	Wanarp - ok
19:28:03.0881 1548	WDICA - ok
19:28:03.0944 1548	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:28:04.0131 1548	wdmaud - ok
19:28:04.0178 1548	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
19:28:04.0365 1548	WebClient - ok
19:28:04.0428 1548	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:28:04.0631 1548	winmgmt - ok
19:28:04.0694 1548	WmdmPmSN        (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\MsPMSNSv.dll
19:28:04.0772 1548	WmdmPmSN - ok
19:28:04.0819 1548	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:28:05.0037 1548	WmiApSrv - ok
19:28:05.0365 1548	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
19:28:05.0553 1548	wscsvc - ok
19:28:05.0600 1548	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
19:28:05.0787 1548	wuauserv - ok
19:28:05.0850 1548	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
19:28:06.0100 1548	WZCSVC - ok
19:28:06.0131 1548	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
19:28:06.0334 1548	xmlprov - ok
19:28:06.0381 1548	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
19:28:06.0709 1548	\Device\Harddisk0\DR0 - ok
19:28:06.0740 1548	MBR (0x1B8)     (672d49b92adfa952c7ad0fb98d4ad10b) \Device\Harddisk1\DR1
19:28:08.0600 1548	\Device\Harddisk1\DR1 - ok
19:28:08.0631 1548	Boot (0x1200)   (ab4fc60439735b5e605b431d684929ce) \Device\Harddisk0\DR0\Partition0
19:28:08.0631 1548	\Device\Harddisk0\DR0\Partition0 - ok
19:28:08.0662 1548	Boot (0x1200)   (08a5f8063296affba09d99ec332eaefa) \Device\Harddisk0\DR0\Partition1
19:28:08.0662 1548	\Device\Harddisk0\DR0\Partition1 - ok
19:28:08.0678 1548	Boot (0x1200)   (8596dc2f1ffbde405285adfb8f432d16) \Device\Harddisk1\DR1\Partition0
19:28:08.0678 1548	\Device\Harddisk1\DR1\Partition0 - ok
19:28:08.0694 1548	============================================================
19:28:08.0694 1548	Scan finished
19:28:08.0694 1548	============================================================
19:28:08.0834 2416	Detected object count: 7
19:28:08.0834 2416	Actual detected object count: 7
19:30:44.0490 2416	C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe - copied to quarantine
19:30:44.0490 2416	aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:30:44.0662 2416	C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine
19:30:44.0662 2416	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:30:44.0772 2416	C:\PROGRA~1\T-DSLS~1\PCANDIS5.SYS - copied to quarantine
19:30:44.0772 2416	PCANDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:30:44.0850 2416	C:\WINDOWS\system32\Drivers\PtbTalk.sys - copied to quarantine
19:30:44.0850 2416	PortTalk ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:30:44.0944 2416	C:\WINDOWS\system32\drivers\swmidi.sys - copied to quarantine
19:30:44.0944 2416	swmidi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:30:44.0990 2416	C:\Programme\T-DSL SpeedManager\TNPACKET.SYS - copied to quarantine
19:30:44.0990 2416	TNPacket ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:30:45.0084 2416	C:\Programme\T-DSL SpeedManager\tsmsvc.exe - copied to quarantine
19:30:45.0084 2416	TSMService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:31:05.0037 4040	============================================================
19:31:05.0037 4040	Scan started
19:31:05.0037 4040	Mode: Manual; SigCheck; TDLFS; 
19:31:05.0037 4040	============================================================
19:31:05.0225 4040	Abiosdsk - ok
19:31:05.0240 4040	abp480n5 - ok
19:31:05.0319 4040	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:31:05.0600 4040	ACPI - ok
19:31:05.0647 4040	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:31:05.0850 4040	ACPIEC - ok
19:31:05.0865 4040	adpu160m - ok
19:31:05.0912 4040	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:31:06.0131 4040	aec - ok
19:31:06.0194 4040	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:31:06.0225 4040	AFD - ok
19:31:06.0256 4040	Aha154x - ok
19:31:06.0272 4040	aic78u2 - ok
19:31:06.0303 4040	aic78xx - ok
19:31:06.0459 4040	ALCXWDM         (35045a23957a71ba649740741e69408c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:31:06.0709 4040	ALCXWDM - ok
19:31:06.0819 4040	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
19:31:07.0037 4040	Alerter - ok
19:31:07.0069 4040	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
19:31:07.0162 4040	ALG - ok
19:31:07.0194 4040	AliIde - ok
19:31:07.0209 4040	amsint - ok
19:31:07.0272 4040	AN983           (e2ad6cc7d407f2b5cb2899775cf84f51) C:\WINDOWS\system32\DRIVERS\AN983.sys
19:31:07.0303 4040	AN983 - ok
19:31:07.0412 4040	AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Programme\Avira\AntiVir Desktop\sched.exe
19:31:07.0428 4040	AntiVirSchedulerService - ok
19:31:07.0490 4040	AntiVirService  (df5a3016052755c910a206058b4a1729) C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:31:07.0506 4040	AntiVirService - ok
19:31:07.0522 4040	AppMgmt - ok
19:31:07.0553 4040	asc - ok
19:31:07.0553 4040	asc3350p - ok
19:31:07.0584 4040	asc3550 - ok
19:31:07.0678 4040	aspnet_state    (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
19:31:07.0709 4040	aspnet_state ( UnsignedFile.Multi.Generic ) - warning
19:31:07.0709 4040	aspnet_state - detected UnsignedFile.Multi.Generic (1)
19:31:07.0772 4040	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:31:07.0959 4040	AsyncMac - ok
19:31:08.0006 4040	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:31:08.0256 4040	atapi - ok
19:31:08.0272 4040	Atdisk - ok
19:31:08.0303 4040	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:31:08.0506 4040	Atmarpc - ok
19:31:08.0537 4040	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
19:31:08.0740 4040	AudioSrv - ok
19:31:08.0772 4040	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:31:08.0975 4040	audstub - ok
19:31:09.0022 4040	Automatisches LiveUpdate - Scheduler - ok
19:31:09.0069 4040	avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
19:31:09.0084 4040	avgio - ok
19:31:09.0131 4040	avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:31:09.0162 4040	avgntflt - ok
19:31:09.0194 4040	avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:31:09.0209 4040	avipbb - ok
19:31:09.0256 4040	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:31:09.0444 4040	Beep - ok
19:31:09.0522 4040	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
19:31:09.0725 4040	BITS - ok
19:31:09.0787 4040	Brother XP spl Service (d3facb34fff5db91adb70987838f8ba7) C:\WINDOWS\system32\brsvc01a.exe
19:31:09.0819 4040	Brother XP spl Service - ok
19:31:09.0865 4040	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
19:31:10.0084 4040	Browser - ok
19:31:10.0147 4040	BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
19:31:10.0178 4040	BrScnUsb - ok
19:31:10.0240 4040	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:31:10.0444 4040	cbidf2k - ok
19:31:10.0459 4040	cd20xrnt - ok
19:31:10.0506 4040	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:31:10.0709 4040	Cdaudio - ok
19:31:10.0756 4040	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:31:10.0959 4040	Cdfs - ok
19:31:10.0990 4040	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:31:11.0209 4040	Cdrom - ok
19:31:11.0225 4040	Changer - ok
19:31:11.0272 4040	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
19:31:11.0459 4040	CiSvc - ok
19:31:11.0490 4040	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
19:31:11.0709 4040	ClipSrv - ok
19:31:11.0725 4040	CmdIde - ok
19:31:11.0740 4040	COMSysApp - ok
19:31:11.0772 4040	Cpqarray - ok
19:31:11.0819 4040	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
19:31:12.0037 4040	CryptSvc - ok
19:31:12.0053 4040	dac2w2k - ok
19:31:12.0069 4040	dac960nt - ok
19:31:12.0147 4040	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:31:12.0209 4040	DcomLaunch - ok
19:31:12.0287 4040	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
19:31:12.0475 4040	Dhcp - ok
19:31:12.0537 4040	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:31:12.0756 4040	Disk - ok
19:31:12.0772 4040	dmadmin - ok
19:31:12.0865 4040	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
19:31:13.0069 4040	dmboot - ok
19:31:13.0131 4040	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
19:31:13.0350 4040	dmio - ok
19:31:13.0381 4040	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:31:13.0584 4040	dmload - ok
19:31:13.0631 4040	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
19:31:13.0834 4040	dmserver - ok
19:31:13.0881 4040	DMusic          (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
19:31:14.0022 4040	DMusic - ok
19:31:14.0069 4040	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
19:31:14.0100 4040	Dnscache - ok
19:31:14.0162 4040	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
19:31:14.0365 4040	Dot3svc - ok
19:31:14.0428 4040	Dot4            (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
19:31:14.0631 4040	Dot4 - ok
19:31:14.0662 4040	Dot4Print       (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
19:31:14.0865 4040	Dot4Print - ok
19:31:14.0912 4040	Dot4Scan        (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
19:31:15.0115 4040	Dot4Scan - ok
19:31:15.0131 4040	dpti2o - ok
19:31:15.0178 4040	drmkaud         (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
19:31:15.0319 4040	drmkaud - ok
19:31:15.0381 4040	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
19:31:15.0600 4040	EapHost - ok
19:31:15.0678 4040	EraserUtilRebootDrv - ok
19:31:15.0725 4040	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
19:31:15.0912 4040	ERSvc - ok
19:31:15.0959 4040	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:31:15.0990 4040	Eventlog - ok
19:31:16.0037 4040	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
19:31:16.0084 4040	EventSystem - ok
19:31:16.0131 4040	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:31:16.0334 4040	Fastfat - ok
19:31:16.0381 4040	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:31:16.0412 4040	FastUserSwitchingCompatibility - ok
19:31:16.0459 4040	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:31:16.0662 4040	Fdc - ok
19:31:16.0709 4040	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
19:31:16.0912 4040	Fips - ok
19:31:16.0944 4040	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:31:17.0162 4040	Flpydisk - ok
19:31:17.0209 4040	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:31:17.0381 4040	FltMgr - ok
19:31:17.0444 4040	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:31:17.0647 4040	Fs_Rec - ok
19:31:17.0678 4040	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:31:17.0881 4040	Ftdisk - ok
19:31:17.0928 4040	fwdrv           (1ff2eef447a177df2c544b80f8f7f879) C:\WINDOWS\system32\drivers\fwdrv.sys
19:31:17.0959 4040	fwdrv - ok
19:31:18.0006 4040	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:31:18.0209 4040	Gpc - ok
19:31:18.0334 4040	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
19:31:18.0365 4040	gupdate - ok
19:31:18.0381 4040	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
19:31:18.0412 4040	gupdatem - ok
19:31:18.0475 4040	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
19:31:18.0490 4040	gusvc - ok
19:31:18.0569 4040	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:31:18.0756 4040	helpsvc - ok
19:31:18.0772 4040	HidServ - ok
19:31:18.0819 4040	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
19:31:19.0022 4040	hkmsvc - ok
19:31:19.0037 4040	hpn - ok
19:31:19.0100 4040	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:31:19.0162 4040	HTTP - ok
19:31:19.0209 4040	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
19:31:19.0428 4040	HTTPFilter - ok
19:31:19.0444 4040	i2omgmt - ok
19:31:19.0475 4040	i2omp - ok
19:31:19.0506 4040	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:31:19.0694 4040	i8042prt - ok
19:31:19.0819 4040	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:31:19.0850 4040	IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:31:19.0850 4040	IDriverT - detected UnsignedFile.Multi.Generic (1)
19:31:19.0881 4040	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:31:20.0084 4040	Imapi - ok
19:31:20.0131 4040	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
19:31:20.0319 4040	ImapiService - ok
19:31:20.0350 4040	ini910u - ok
19:31:20.0381 4040	IntelIde - ok
19:31:20.0428 4040	intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:31:20.0615 4040	intelppm - ok
19:31:20.0662 4040	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:31:20.0865 4040	Ip6Fw - ok
19:31:20.0912 4040	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:31:21.0100 4040	IpFilterDriver - ok
19:31:21.0162 4040	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:31:21.0365 4040	IpInIp - ok
19:31:21.0412 4040	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:31:21.0600 4040	IpNat - ok
19:31:21.0647 4040	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:31:21.0850 4040	IPSec - ok
19:31:21.0881 4040	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:31:21.0990 4040	IRENUM - ok
19:31:22.0053 4040	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:31:22.0256 4040	isapnp - ok
19:31:22.0365 4040	JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
19:31:22.0381 4040	JavaQuickStarterService - ok
19:31:22.0428 4040	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:31:22.0615 4040	Kbdclass - ok
19:31:22.0662 4040	khips           (304ce9fb3d64caa07b940bef4f8c2dcd) C:\WINDOWS\system32\drivers\khips.sys
19:31:22.0678 4040	khips - ok
19:31:22.0740 4040	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:31:22.0928 4040	kmixer - ok
19:31:23.0037 4040	KPF4            (9ef600c64435ccfdea01c991289e76ec) C:\Programme\Sunbelt Software\Personal Firewall\kpf4ss.exe
19:31:23.0147 4040	KPF4 - ok
19:31:23.0256 4040	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:31:23.0287 4040	KSecDD - ok
19:31:23.0350 4040	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
19:31:23.0381 4040	lanmanserver - ok
19:31:23.0444 4040	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
19:31:23.0475 4040	lanmanworkstation - ok
19:31:23.0490 4040	lbrtfdc - ok
19:31:23.0537 4040	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
19:31:23.0725 4040	LmHosts - ok
19:31:23.0772 4040	MBAMSwissArmy   (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
19:31:23.0803 4040	MBAMSwissArmy - ok
19:31:23.0897 4040	McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
19:31:23.0912 4040	McComponentHostService - ok
19:31:23.0959 4040	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
19:31:24.0147 4040	Messenger - ok
19:31:24.0194 4040	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:31:24.0397 4040	mnmdd - ok
19:31:24.0444 4040	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
19:31:24.0631 4040	mnmsrvc - ok
19:31:24.0662 4040	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
19:31:24.0865 4040	Modem - ok
19:31:24.0897 4040	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:31:25.0100 4040	Mouclass - ok
19:31:25.0131 4040	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:31:25.0350 4040	MountMgr - ok
19:31:25.0365 4040	mraid35x - ok
19:31:25.0412 4040	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:31:25.0584 4040	MRxDAV - ok
19:31:25.0647 4040	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:31:25.0694 4040	MRxSmb - ok
19:31:25.0725 4040	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
19:31:25.0912 4040	MSDTC - ok
19:31:25.0959 4040	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:31:26.0147 4040	Msfs - ok
19:31:26.0162 4040	MSIServer - ok
19:31:26.0194 4040	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:31:26.0397 4040	MSKSSRV - ok
19:31:26.0428 4040	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:31:26.0600 4040	MSPCLOCK - ok
19:31:26.0631 4040	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:31:26.0819 4040	MSPQM - ok
19:31:26.0865 4040	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:31:27.0022 4040	mssmbios - ok
19:31:27.0084 4040	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:31:27.0115 4040	Mup - ok
19:31:27.0209 4040	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
19:31:27.0397 4040	napagent - ok
19:31:27.0475 4040	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:31:27.0662 4040	NDIS - ok
19:31:27.0694 4040	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:31:27.0725 4040	NdisTapi - ok
19:31:27.0756 4040	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:31:27.0944 4040	Ndisuio - ok
19:31:27.0990 4040	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:31:28.0194 4040	NdisWan - ok
19:31:28.0240 4040	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:31:28.0272 4040	NDProxy - ok
19:31:28.0303 4040	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:31:28.0475 4040	NetBIOS - ok
19:31:28.0537 4040	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:31:28.0709 4040	NetBT - ok
19:31:28.0772 4040	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:31:28.0959 4040	NetDDE - ok
19:31:28.0959 4040	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:31:29.0178 4040	NetDDEdsdm - ok
19:31:29.0209 4040	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:31:29.0412 4040	Netlogon - ok
19:31:29.0459 4040	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
19:31:29.0647 4040	Netman - ok
19:31:29.0694 4040	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
19:31:29.0725 4040	Nla - ok
19:31:29.0772 4040	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:31:29.0959 4040	Npfs - ok
19:31:30.0037 4040	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:31:30.0256 4040	Ntfs - ok
19:31:30.0272 4040	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:31:30.0459 4040	NtLmSsp - ok
19:31:30.0506 4040	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
19:31:30.0709 4040	NtmsSvc - ok
19:31:30.0756 4040	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:31:30.0928 4040	Null - ok
19:31:30.0975 4040	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:31:31.0178 4040	NwlnkFlt - ok
19:31:31.0225 4040	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:31:31.0412 4040	NwlnkFwd - ok
19:31:31.0490 4040	ose             (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
19:31:31.0506 4040	ose - ok
19:31:31.0569 4040	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
19:31:31.0756 4040	Parport - ok
19:31:31.0787 4040	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:31:32.0006 4040	PartMgr - ok
19:31:32.0053 4040	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
19:31:32.0225 4040	ParVdm - ok
19:31:32.0287 4040	PCANDIS5        (d0084a9ade989fe703e4f22171f4e4dc) C:\PROGRA~1\T-DSLS~1\PCANDIS5.SYS
19:31:32.0319 4040	PCANDIS5 ( UnsignedFile.Multi.Generic ) - warning
19:31:32.0319 4040	PCANDIS5 - detected UnsignedFile.Multi.Generic (1)
19:31:32.0365 4040	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
19:31:32.0569 4040	PCI - ok
19:31:32.0584 4040	PCIDump - ok
19:31:32.0647 4040	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:31:32.0834 4040	PCIIde - ok
19:31:32.0881 4040	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:31:33.0069 4040	Pcmcia - ok
19:31:33.0084 4040	PDCOMP - ok
19:31:33.0115 4040	PDFRAME - ok
19:31:33.0131 4040	PDRELI - ok
19:31:33.0162 4040	PDRFRAME - ok
19:31:33.0194 4040	perc2 - ok
19:31:33.0209 4040	perc2hib - ok
19:31:33.0287 4040	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:31:33.0319 4040	PlugPlay - ok
19:31:33.0334 4040	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:31:33.0537 4040	PolicyAgent - ok
19:31:33.0569 4040	PortTalk        (7d5a2d755b6c6579f63657b527d6ff1b) C:\WINDOWS\system32\Drivers\PtbTalk.sys
19:31:33.0584 4040	PortTalk ( UnsignedFile.Multi.Generic ) - warning
19:31:33.0584 4040	PortTalk - detected UnsignedFile.Multi.Generic (1)
19:31:33.0631 4040	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:31:33.0819 4040	PptpMiniport - ok
19:31:33.0850 4040	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:31:34.0022 4040	ProtectedStorage - ok
19:31:34.0053 4040	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:31:34.0240 4040	PSched - ok
19:31:34.0287 4040	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:31:34.0475 4040	Ptilink - ok
19:31:34.0490 4040	ql1080 - ok
19:31:34.0522 4040	Ql10wnt - ok
19:31:34.0537 4040	ql12160 - ok
19:31:34.0569 4040	ql1240 - ok
19:31:34.0584 4040	ql1280 - ok
19:31:34.0615 4040	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:31:34.0803 4040	RasAcd - ok
19:31:34.0850 4040	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
19:31:35.0053 4040	RasAuto - ok
19:31:35.0069 4040	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:31:35.0272 4040	Rasl2tp - ok
19:31:35.0334 4040	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
19:31:35.0522 4040	RasMan - ok
19:31:35.0537 4040	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:31:35.0725 4040	RasPppoe - ok
19:31:35.0756 4040	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:31:35.0912 4040	Raspti - ok
19:31:35.0975 4040	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:31:36.0147 4040	Rdbss - ok
19:31:36.0194 4040	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:31:36.0365 4040	RDPCDD - ok
19:31:36.0412 4040	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
19:31:36.0459 4040	RDPWD - ok
19:31:36.0506 4040	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
19:31:36.0694 4040	RDSessMgr - ok
19:31:36.0756 4040	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:31:36.0944 4040	redbook - ok
19:31:36.0990 4040	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
19:31:37.0178 4040	RemoteAccess - ok
19:31:37.0225 4040	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
19:31:37.0412 4040	RpcLocator - ok
19:31:37.0475 4040	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:31:37.0522 4040	RpcSs - ok
19:31:37.0584 4040	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
19:31:37.0756 4040	RSVP - ok
19:31:37.0819 4040	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:31:37.0975 4040	rtl8139 - ok
19:31:38.0037 4040	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:31:38.0225 4040	SamSs - ok
19:31:38.0272 4040	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
19:31:38.0444 4040	SCardSvr - ok
19:31:38.0490 4040	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
19:31:38.0662 4040	Schedule - ok
19:31:38.0709 4040	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:31:38.0787 4040	Secdrv - ok
19:31:38.0850 4040	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
19:31:39.0022 4040	seclogon - ok
19:31:39.0069 4040	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
19:31:39.0240 4040	SENS - ok
19:31:39.0287 4040	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:31:39.0506 4040	serenum - ok
19:31:39.0537 4040	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
19:31:39.0709 4040	Serial - ok
19:31:39.0740 4040	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:31:39.0928 4040	Sfloppy - ok
19:31:39.0990 4040	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
19:31:40.0209 4040	SharedAccess - ok
19:31:40.0256 4040	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:31:40.0272 4040	ShellHWDetection - ok
19:31:40.0287 4040	Simbad - ok
19:31:40.0350 4040	SiS315          (7469858341a5b6f22dedd2995f4d2ff2) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
19:31:40.0397 4040	SiS315 - ok
19:31:40.0412 4040	SiSkp           (9a0f86efa0ef99115a23c8624e2e6bc7) C:\WINDOWS\system32\DRIVERS\srvkp.sys
19:31:40.0444 4040	SiSkp - ok
19:31:40.0475 4040	Sparrow - ok
19:31:40.0506 4040	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:31:40.0694 4040	splitter - ok
19:31:40.0740 4040	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:31:40.0787 4040	Spooler - ok
19:31:40.0834 4040	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
19:31:40.0928 4040	sr - ok
19:31:40.0959 4040	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
19:31:41.0069 4040	srservice - ok
19:31:41.0115 4040	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:31:41.0178 4040	Srv - ok
19:31:41.0240 4040	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
19:31:41.0334 4040	SSDPSRV - ok
19:31:41.0365 4040	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:31:41.0381 4040	ssmdrv - ok
19:31:41.0459 4040	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
19:31:41.0662 4040	stisvc - ok
19:31:41.0709 4040	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:31:41.0912 4040	swenum - ok
19:31:41.0959 4040	swmidi          (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
19:31:41.0975 4040	swmidi ( UnsignedFile.Multi.Generic ) - warning
19:31:41.0975 4040	swmidi - detected UnsignedFile.Multi.Generic (1)
19:31:41.0990 4040	SwPrv - ok
19:31:42.0022 4040	symc810 - ok
19:31:42.0053 4040	symc8xx - ok
19:31:42.0100 4040	symlcbrd        (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
19:31:42.0115 4040	symlcbrd - ok
19:31:42.0131 4040	sym_hi - ok
19:31:42.0162 4040	sym_u3 - ok
19:31:42.0209 4040	sysaudio        (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
19:31:42.0334 4040	sysaudio - ok
19:31:42.0397 4040	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
19:31:42.0584 4040	SysmonLog - ok
19:31:42.0631 4040	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
19:31:42.0819 4040	TapiSrv - ok
19:31:42.0897 4040	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:31:42.0944 4040	Tcpip - ok
19:31:43.0006 4040	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:31:43.0178 4040	TDPIPE - ok
19:31:43.0225 4040	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:31:43.0428 4040	TDTCP - ok
19:31:43.0475 4040	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:31:43.0662 4040	TermDD - ok
19:31:43.0740 4040	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
19:31:43.0912 4040	TermService - ok
19:31:43.0959 4040	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:31:43.0990 4040	Themes - ok
19:31:44.0084 4040	TNPacket        (52ab2f2b0d2fd7cc2fdb489c449feb8e) C:\Programme\T-DSL SpeedManager\TNPACKET.SYS
19:31:44.0100 4040	TNPacket ( UnsignedFile.Multi.Generic ) - warning
19:31:44.0100 4040	TNPacket - detected UnsignedFile.Multi.Generic (1)
19:31:44.0115 4040	TosIde - ok
19:31:44.0178 4040	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
19:31:44.0381 4040	TrkWks - ok
19:31:44.0428 4040	TSMService      (bf2236a5a39b21f694ccd7b5a6639e71) C:\Programme\T-DSL SpeedManager\tsmsvc.exe
19:31:44.0444 4040	TSMService ( UnsignedFile.Multi.Generic ) - warning
19:31:44.0444 4040	TSMService - detected UnsignedFile.Multi.Generic (1)
19:31:44.0506 4040	uagp35          (49c805d42d75eddc9b6a7130999c9054) C:\WINDOWS\system32\DRIVERS\uagp35.sys
19:31:44.0647 4040	uagp35 - ok
19:31:44.0694 4040	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:31:44.0850 4040	Udfs - ok
19:31:44.0865 4040	ultra - ok
19:31:44.0912 4040	UMWdf           (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe
19:31:44.0944 4040	UMWdf - ok
19:31:45.0006 4040	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:31:45.0225 4040	Update - ok
19:31:45.0272 4040	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
19:31:45.0381 4040	upnphost - ok
19:31:45.0428 4040	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
19:31:45.0600 4040	UPS - ok
19:31:45.0662 4040	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:31:45.0834 4040	usbccgp - ok
19:31:45.0881 4040	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:31:46.0069 4040	usbehci - ok
19:31:46.0115 4040	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:31:46.0303 4040	usbhub - ok
19:31:46.0350 4040	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:31:46.0522 4040	usbohci - ok
19:31:46.0569 4040	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:31:46.0772 4040	usbprint - ok
19:31:46.0803 4040	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:31:46.0975 4040	USBSTOR - ok
19:31:47.0022 4040	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:31:47.0209 4040	VgaSave - ok
19:31:47.0240 4040	ViaIde - ok
19:31:47.0287 4040	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
19:31:47.0459 4040	VolSnap - ok
19:31:47.0522 4040	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
19:31:47.0615 4040	VSS - ok
19:31:47.0678 4040	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
19:31:47.0834 4040	W32Time - ok
19:31:47.0897 4040	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:31:48.0100 4040	Wanarp - ok
19:31:48.0115 4040	WDICA - ok
19:31:48.0162 4040	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:31:48.0334 4040	wdmaud - ok
19:31:48.0381 4040	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
19:31:48.0553 4040	WebClient - ok
19:31:48.0647 4040	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:31:48.0819 4040	winmgmt - ok
19:31:48.0881 4040	WmdmPmSN        (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\MsPMSNSv.dll
19:31:48.0928 4040	WmdmPmSN - ok
19:31:48.0990 4040	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:31:49.0178 4040	WmiApSrv - ok
19:31:49.0240 4040	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
19:31:49.0412 4040	wscsvc - ok
19:31:49.0459 4040	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
19:31:49.0631 4040	wuauserv - ok
19:31:49.0694 4040	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
19:31:49.0897 4040	WZCSVC - ok
19:31:49.0928 4040	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
19:31:50.0115 4040	xmlprov - ok
19:31:50.0147 4040	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
19:31:50.0459 4040	\Device\Harddisk0\DR0 - ok
19:31:50.0475 4040	MBR (0x1B8)     (672d49b92adfa952c7ad0fb98d4ad10b) \Device\Harddisk1\DR1
19:31:52.0334 4040	\Device\Harddisk1\DR1 - ok
19:31:52.0365 4040	Boot (0x1200)   (ab4fc60439735b5e605b431d684929ce) \Device\Harddisk0\DR0\Partition0
19:31:52.0365 4040	\Device\Harddisk0\DR0\Partition0 - ok
19:31:52.0397 4040	Boot (0x1200)   (08a5f8063296affba09d99ec332eaefa) \Device\Harddisk0\DR0\Partition1
19:31:52.0397 4040	\Device\Harddisk0\DR0\Partition1 - ok
19:31:52.0428 4040	Boot (0x1200)   (8596dc2f1ffbde405285adfb8f432d16) \Device\Harddisk1\DR1\Partition0
19:31:52.0428 4040	\Device\Harddisk1\DR1\Partition0 - ok
19:31:52.0444 4040	============================================================
19:31:52.0444 4040	Scan finished
19:31:52.0444 4040	============================================================
19:31:52.0475 4068	Detected object count: 7
19:31:52.0475 4068	Actual detected object count: 7
19:32:06.0412 4068	C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe - copied to quarantine
19:32:06.0412 4068	aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:32:06.0553 4068	C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine
19:32:06.0553 4068	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:32:06.0647 4068	C:\PROGRA~1\T-DSLS~1\PCANDIS5.SYS - copied to quarantine
19:32:06.0647 4068	PCANDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:32:06.0725 4068	C:\WINDOWS\system32\Drivers\PtbTalk.sys - copied to quarantine
19:32:06.0725 4068	PortTalk ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:32:06.0834 4068	C:\WINDOWS\system32\drivers\swmidi.sys - copied to quarantine
19:32:06.0850 4068	swmidi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:32:06.0881 4068	C:\Programme\T-DSL SpeedManager\TNPACKET.SYS - copied to quarantine
19:32:06.0881 4068	TNPacket ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:32:06.0959 4068	C:\Programme\T-DSL SpeedManager\tsmsvc.exe - copied to quarantine
19:32:06.0959 4068	TSMService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 
19:32:22.0725 2176	Deinitialize success
         
Gruß
Harry

Alt 04.05.2012, 18:54   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Was bitte hast du eigentlich an diesem Hinweis nicht verstanden?!

Zitat:
Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!
Du solltest erstmal jeden Fund mit dem TDSS-Killer nur überspringen (skippen) und nichts anderes machen!!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.05.2012, 23:40   #21
fharry
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Hallo Arne,
ich habe nichts gelöscht nur in Quarantie gelegt.
Hier ein neuer lauf vom TDSS
Code:
ATTFilter
00:26:51.0878 2264	TDSS rootkit removing tool 2.7.34.0 May  2 2012 09:59:18
00:26:53.0878 2264	============================================================
00:26:53.0878 2264	Current date / time: 2012/05/05 00:26:53.0878
00:26:53.0878 2264	SystemInfo:
00:26:53.0878 2264	
00:26:53.0878 2264	OS Version: 5.1.2600 ServicePack: 3.0
00:26:53.0878 2264	Product type: Workstation
00:26:53.0878 2264	ComputerName: TUS
00:26:53.0878 2264	UserName: Admin
00:26:53.0878 2264	Windows directory: C:\WINDOWS
00:26:53.0878 2264	System windows directory: C:\WINDOWS
00:26:53.0878 2264	Processor architecture: Intel x86
00:26:53.0878 2264	Number of processors: 1
00:26:53.0878 2264	Page size: 0x1000
00:26:53.0878 2264	Boot type: Normal boot
00:26:53.0878 2264	============================================================
00:27:07.0300 2264	Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:27:07.0316 2264	Drive \Device\Harddisk1\DR1 - Size: 0xC0720000 (3.01 Gb), SectorSize: 0x200, Cylinders: 0x30E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x80, Type 'K0', Flags 0x00000054
00:27:07.0425 2264	============================================================
00:27:07.0425 2264	\Device\Harddisk0\DR0:
00:27:07.0503 2264	MBR partitions:
00:27:07.0503 2264	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1388AFC
00:27:07.0550 2264	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388B7A, BlocksNum 0x3700647
00:27:07.0550 2264	\Device\Harddisk1\DR1:
00:27:07.0597 2264	MBR partitions:
00:27:07.0597 2264	\Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x6038C1
00:27:07.0597 2264	============================================================
00:27:07.0769 2264	C: <-> \Device\Harddisk0\DR0\Partition0
00:27:07.0988 2264	D: <-> \Device\Harddisk0\DR0\Partition1
00:27:08.0082 2264	E: <-> \Device\Harddisk1\DR1\Partition0
00:27:08.0253 2264	============================================================
00:27:08.0253 2264	Initialize success
00:27:08.0253 2264	============================================================
00:27:15.0754 2716	============================================================
00:27:15.0754 2716	Scan started
00:27:15.0754 2716	Mode: Manual; SigCheck; TDLFS; 
00:27:15.0754 2716	============================================================
00:27:17.0394 2716	Abiosdsk - ok
00:27:17.0410 2716	abp480n5 - ok
00:27:17.0785 2716	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:27:22.0442 2716	ACPI - ok
00:27:22.0504 2716	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
00:27:22.0863 2716	ACPIEC - ok
00:27:22.0879 2716	adpu160m - ok
00:27:23.0238 2716	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
00:27:23.0535 2716	aec - ok
00:27:23.0848 2716	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
00:27:24.0004 2716	AFD - ok
00:27:24.0020 2716	Aha154x - ok
00:27:24.0035 2716	aic78u2 - ok
00:27:24.0067 2716	aic78xx - ok
00:27:28.0332 2716	ALCXWDM         (35045a23957a71ba649740741e69408c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
00:27:29.0848 2716	ALCXWDM - ok
00:27:32.0083 2716	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
00:27:32.0317 2716	Alerter - ok
00:27:32.0426 2716	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
00:27:32.0614 2716	ALG - ok
00:27:32.0770 2716	AliIde - ok
00:27:32.0786 2716	amsint - ok
00:27:32.0973 2716	AN983           (e2ad6cc7d407f2b5cb2899775cf84f51) C:\WINDOWS\system32\DRIVERS\AN983.sys
00:27:33.0223 2716	AN983 - ok
00:27:34.0255 2716	AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Programme\Avira\AntiVir Desktop\sched.exe
00:27:34.0411 2716	AntiVirSchedulerService - ok
00:27:34.0942 2716	AntiVirService  (df5a3016052755c910a206058b4a1729) C:\Programme\Avira\AntiVir Desktop\avguard.exe
00:27:35.0036 2716	AntiVirService - ok
00:27:35.0036 2716	AppMgmt - ok
00:27:35.0051 2716	asc - ok
00:27:35.0083 2716	asc3350p - ok
00:27:35.0098 2716	asc3550 - ok
00:27:35.0426 2716	aspnet_state    (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
00:27:35.0552 2716	aspnet_state ( UnsignedFile.Multi.Generic ) - warning
00:27:35.0552 2716	aspnet_state - detected UnsignedFile.Multi.Generic (1)
00:27:35.0708 2716	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:27:35.0958 2716	AsyncMac - ok
00:27:36.0114 2716	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
00:27:36.0348 2716	atapi - ok
00:27:36.0380 2716	Atdisk - ok
00:27:36.0911 2716	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:27:37.0192 2716	Atmarpc - ok
00:27:37.0286 2716	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
00:27:37.0520 2716	AudioSrv - ok
00:27:37.0630 2716	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
00:27:37.0880 2716	audstub - ok
00:27:38.0036 2716	Automatisches LiveUpdate - Scheduler - ok
00:27:38.0114 2716	avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
00:27:38.0145 2716	avgio - ok
00:27:38.0708 2716	avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
00:27:38.0927 2716	avgntflt - ok
00:27:39.0364 2716	avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
00:27:39.0458 2716	avipbb - ok
00:27:39.0536 2716	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
00:27:39.0770 2716	Beep - ok
00:27:40.0505 2716	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
00:27:41.0114 2716	BITS - ok
00:27:41.0224 2716	Brother XP spl Service (d3facb34fff5db91adb70987838f8ba7) C:\WINDOWS\system32\brsvc01a.exe
00:27:41.0286 2716	Brother XP spl Service - ok
00:27:41.0614 2716	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
00:27:41.0911 2716	Browser - ok
00:27:41.0974 2716	BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
00:27:42.0130 2716	BrScnUsb - ok
00:27:42.0255 2716	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
00:27:42.0646 2716	cbidf2k - ok
00:27:42.0661 2716	cd20xrnt - ok
00:27:42.0708 2716	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
00:27:42.0974 2716	Cdaudio - ok
00:27:43.0052 2716	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
00:27:43.0302 2716	Cdfs - ok
00:27:43.0411 2716	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:27:43.0692 2716	Cdrom - ok
00:27:43.0692 2716	Changer - ok
00:27:43.0802 2716	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
00:27:44.0021 2716	CiSvc - ok
00:27:44.0099 2716	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
00:27:44.0396 2716	ClipSrv - ok
00:27:44.0411 2716	CmdIde - ok
00:27:44.0443 2716	COMSysApp - ok
00:27:44.0474 2716	Cpqarray - ok
00:27:44.0864 2716	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
00:27:45.0114 2716	CryptSvc - ok
00:27:45.0114 2716	dac2w2k - ok
00:27:45.0146 2716	dac960nt - ok
00:27:46.0083 2716	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
00:27:46.0318 2716	DcomLaunch - ok
00:27:46.0646 2716	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
00:27:46.0896 2716	Dhcp - ok
00:27:47.0083 2716	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
00:27:47.0380 2716	Disk - ok
00:27:47.0396 2716	dmadmin - ok
00:27:48.0943 2716	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
00:27:49.0583 2716	dmboot - ok
00:27:49.0927 2716	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
00:27:50.0287 2716	dmio - ok
00:27:50.0412 2716	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
00:27:50.0662 2716	dmload - ok
00:27:50.0802 2716	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
00:27:51.0099 2716	dmserver - ok
00:27:51.0177 2716	DMusic          (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
00:27:51.0349 2716	DMusic - ok
00:27:51.0583 2716	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
00:27:51.0740 2716	Dnscache - ok
00:27:52.0146 2716	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
00:27:52.0443 2716	Dot3svc - ok
00:27:52.0896 2716	Dot4            (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
00:27:53.0209 2716	Dot4 - ok
00:27:53.0287 2716	Dot4Print       (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
00:27:53.0537 2716	Dot4Print - ok
00:27:53.0787 2716	Dot4Scan        (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
00:27:54.0037 2716	Dot4Scan - ok
00:27:54.0052 2716	dpti2o - ok
00:27:54.0099 2716	drmkaud         (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
00:27:54.0271 2716	drmkaud - ok
00:27:54.0505 2716	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
00:27:54.0787 2716	EapHost - ok
00:27:54.0990 2716	EraserUtilRebootDrv - ok
00:27:55.0146 2716	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
00:27:55.0381 2716	ERSvc - ok
00:27:56.0177 2716	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
00:27:56.0240 2716	Eventlog - ok
00:27:56.0677 2716	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
00:27:56.0865 2716	EventSystem - ok
00:27:57.0099 2716	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
00:27:57.0381 2716	Fastfat - ok
00:27:57.0896 2716	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
00:27:58.0146 2716	FastUserSwitchingCompatibility - ok
00:27:58.0349 2716	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
00:27:58.0709 2716	Fdc - ok
00:27:58.0943 2716	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
00:27:59.0240 2716	Fips - ok
00:27:59.0318 2716	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:27:59.0568 2716	Flpydisk - ok
00:27:59.0834 2716	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
00:28:00.0193 2716	FltMgr - ok
00:28:00.0365 2716	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:28:00.0615 2716	Fs_Rec - ok
00:28:01.0553 2716	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:28:01.0928 2716	Ftdisk - ok
00:28:02.0475 2716	fwdrv           (1ff2eef447a177df2c544b80f8f7f879) C:\WINDOWS\system32\drivers\fwdrv.sys
00:28:02.0646 2716	fwdrv - ok
00:28:02.0709 2716	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:28:02.0943 2716	Gpc - ok
00:28:03.0365 2716	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
00:28:03.0443 2716	gupdate - ok
00:28:03.0459 2716	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
00:28:03.0490 2716	gupdatem - ok
00:28:03.0912 2716	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
00:28:04.0100 2716	gusvc - ok
00:28:04.0162 2716	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:28:05.0303 2716	helpsvc - ok
00:28:05.0318 2716	HidServ - ok
00:28:05.0803 2716	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
00:28:09.0241 2716	hkmsvc - ok
00:28:09.0272 2716	hpn - ok
00:28:09.0350 2716	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
00:28:09.0522 2716	HTTP - ok
00:28:09.0584 2716	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
00:28:10.0787 2716	HTTPFilter - ok
00:28:10.0803 2716	i2omgmt - ok
00:28:10.0819 2716	i2omp - ok
00:28:10.0944 2716	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:28:11.0225 2716	i8042prt - ok
00:28:11.0553 2716	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:28:11.0725 2716	IDriverT ( UnsignedFile.Multi.Generic ) - warning
00:28:11.0756 2716	IDriverT - detected UnsignedFile.Multi.Generic (1)
00:28:11.0944 2716	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
00:28:12.0209 2716	Imapi - ok
00:28:12.0709 2716	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
00:28:19.0335 2716	ImapiService - ok
00:28:19.0366 2716	ini910u - ok
00:28:19.0397 2716	IntelIde - ok
00:28:19.0710 2716	intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:28:20.0022 2716	intelppm - ok
00:28:20.0116 2716	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
00:28:20.0397 2716	Ip6Fw - ok
00:28:20.0475 2716	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:28:20.0741 2716	IpFilterDriver - ok
00:28:20.0975 2716	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:28:21.0288 2716	IpInIp - ok
00:28:21.0757 2716	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:28:22.0054 2716	IpNat - ok
00:28:22.0335 2716	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:28:22.0616 2716	IPSec - ok
00:28:22.0694 2716	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
00:28:22.0819 2716	IRENUM - ok
00:28:23.0116 2716	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:28:23.0366 2716	isapnp - ok
00:28:24.0491 2716	JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
00:28:25.0116 2716	JavaQuickStarterService - ok
00:28:25.0647 2716	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:28:25.0944 2716	Kbdclass - ok
00:28:26.0585 2716	khips           (304ce9fb3d64caa07b940bef4f8c2dcd) C:\WINDOWS\system32\drivers\khips.sys
00:28:26.0710 2716	khips - ok
00:28:28.0069 2716	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
00:28:28.0491 2716	kmixer - ok
00:28:32.0023 2716	KPF4            (9ef600c64435ccfdea01c991289e76ec) C:\Programme\Sunbelt Software\Personal Firewall\kpf4ss.exe
00:28:33.0210 2716	KPF4 - ok
00:28:34.0617 2716	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
00:28:34.0929 2716	KSecDD - ok
00:28:35.0335 2716	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
00:28:35.0554 2716	lanmanserver - ok
00:28:35.0851 2716	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
00:28:36.0132 2716	lanmanworkstation - ok
00:28:36.0148 2716	lbrtfdc - ok
00:28:36.0226 2716	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
00:28:36.0507 2716	LmHosts - ok
00:28:36.0789 2716	MBAMSwissArmy   (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
00:28:36.0898 2716	MBAMSwissArmy - ok
00:28:37.0382 2716	McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
00:28:37.0507 2716	McComponentHostService - ok
00:28:37.0601 2716	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
00:28:37.0836 2716	Messenger - ok
00:28:37.0898 2716	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
00:28:38.0132 2716	mnmdd - ok
00:28:38.0414 2716	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
00:28:38.0711 2716	mnmsrvc - ok
00:28:38.0867 2716	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
00:28:39.0164 2716	Modem - ok
00:28:39.0289 2716	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:28:39.0539 2716	Mouclass - ok
00:28:39.0851 2716	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
00:28:40.0086 2716	MountMgr - ok
00:28:40.0117 2716	mraid35x - ok
00:28:40.0258 2716	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:28:40.0476 2716	MRxDAV - ok
00:28:40.0883 2716	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:28:41.0242 2716	MRxSmb - ok
00:28:41.0304 2716	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
00:28:41.0586 2716	MSDTC - ok
00:28:41.0664 2716	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
00:28:41.0898 2716	Msfs - ok
00:28:41.0914 2716	MSIServer - ok
00:28:41.0976 2716	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:28:42.0195 2716	MSKSSRV - ok
00:28:42.0258 2716	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:28:42.0523 2716	MSPCLOCK - ok
00:28:42.0586 2716	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
00:28:42.0820 2716	MSPQM - ok
00:28:42.0883 2716	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:28:43.0133 2716	mssmbios - ok
00:28:43.0226 2716	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
00:28:43.0398 2716	Mup - ok
00:28:43.0742 2716	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
00:28:43.0992 2716	napagent - ok
00:28:44.0101 2716	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
00:28:44.0351 2716	NDIS - ok
00:28:44.0430 2716	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:28:44.0539 2716	NdisTapi - ok
00:28:44.0570 2716	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:28:44.0789 2716	Ndisuio - ok
00:28:44.0867 2716	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:28:45.0133 2716	NdisWan - ok
00:28:45.0227 2716	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
00:28:45.0320 2716	NDProxy - ok
00:28:45.0398 2716	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
00:28:45.0617 2716	NetBIOS - ok
00:28:45.0742 2716	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
00:28:45.0977 2716	NetBT - ok
00:28:46.0055 2716	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
00:28:46.0289 2716	NetDDE - ok
00:28:46.0305 2716	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
00:28:46.0539 2716	NetDDEdsdm - ok
00:28:46.0586 2716	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
00:28:46.0852 2716	Netlogon - ok
00:28:47.0352 2716	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
00:28:47.0711 2716	Netman - ok
00:28:47.0961 2716	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
00:28:48.0133 2716	Nla - ok
00:28:48.0227 2716	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
00:28:48.0477 2716	Npfs - ok
00:28:48.0961 2716	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
00:28:49.0570 2716	Ntfs - ok
00:28:49.0586 2716	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
00:28:49.0820 2716	NtLmSsp - ok
00:28:50.0008 2716	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
00:28:50.0305 2716	NtmsSvc - ok
00:28:50.0336 2716	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
00:28:50.0586 2716	Null - ok
00:28:50.0633 2716	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:28:50.0867 2716	NwlnkFlt - ok
00:28:50.0992 2716	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:28:51.0289 2716	NwlnkFwd - ok
00:28:51.0508 2716	ose             (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
00:28:51.0633 2716	ose - ok
00:28:51.0774 2716	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
00:28:52.0055 2716	Parport - ok
00:28:52.0086 2716	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
00:28:52.0336 2716	PartMgr - ok
00:28:52.0414 2716	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
00:28:52.0602 2716	ParVdm - ok
00:28:52.0727 2716	PCANDIS5        (d0084a9ade989fe703e4f22171f4e4dc) C:\PROGRA~1\T-DSLS~1\PCANDIS5.SYS
00:28:52.0805 2716	PCANDIS5 ( UnsignedFile.Multi.Generic ) - warning
00:28:52.0805 2716	PCANDIS5 - detected UnsignedFile.Multi.Generic (1)
00:28:52.0883 2716	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
00:28:53.0117 2716	PCI - ok
00:28:53.0133 2716	PCIDump - ok
00:28:53.0164 2716	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
00:28:53.0399 2716	PCIIde - ok
00:28:53.0492 2716	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
00:28:53.0711 2716	Pcmcia - ok
00:28:53.0727 2716	PDCOMP - ok
00:28:53.0758 2716	PDFRAME - ok
00:28:53.0774 2716	PDRELI - ok
00:28:53.0805 2716	PDRFRAME - ok
00:28:53.0821 2716	perc2 - ok
00:28:53.0836 2716	perc2hib - ok
00:28:53.0993 2716	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
00:28:54.0071 2716	PlugPlay - ok
00:28:54.0086 2716	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
00:28:54.0305 2716	PolicyAgent - ok
00:28:54.0399 2716	PortTalk        (7d5a2d755b6c6579f63657b527d6ff1b) C:\WINDOWS\system32\Drivers\PtbTalk.sys
00:28:54.0446 2716	PortTalk ( UnsignedFile.Multi.Generic ) - warning
00:28:54.0446 2716	PortTalk - detected UnsignedFile.Multi.Generic (1)
00:28:54.0571 2716	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:28:54.0805 2716	PptpMiniport - ok
00:28:54.0836 2716	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
00:28:55.0008 2716	ProtectedStorage - ok
00:28:55.0227 2716	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
00:28:55.0477 2716	PSched - ok
00:28:55.0539 2716	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:28:55.0758 2716	Ptilink - ok
00:28:55.0774 2716	ql1080 - ok
00:28:55.0789 2716	Ql10wnt - ok
00:28:55.0821 2716	ql12160 - ok
00:28:55.0836 2716	ql1240 - ok
00:28:55.0852 2716	ql1280 - ok
00:28:55.0899 2716	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:28:56.0118 2716	RasAcd - ok
00:28:56.0211 2716	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
00:28:56.0446 2716	RasAuto - ok
00:28:56.0540 2716	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:28:56.0758 2716	Rasl2tp - ok
00:28:56.0993 2716	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
00:28:57.0243 2716	RasMan - ok
00:28:57.0321 2716	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:28:57.0555 2716	RasPppoe - ok
00:28:57.0586 2716	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
00:28:57.0805 2716	Raspti - ok
00:28:57.0977 2716	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:28:58.0227 2716	Rdbss - ok
00:28:58.0290 2716	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:28:58.0524 2716	RDPCDD - ok
00:28:58.0696 2716	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
00:28:58.0836 2716	RDPWD - ok
00:28:58.0930 2716	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
00:28:59.0133 2716	RDSessMgr - ok
00:28:59.0227 2716	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
00:28:59.0477 2716	redbook - ok
00:28:59.0555 2716	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
00:28:59.0774 2716	RemoteAccess - ok
00:28:59.0821 2716	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
00:29:00.0055 2716	RpcLocator - ok
00:29:00.0415 2716	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
00:29:00.0555 2716	RpcSs - ok
00:29:00.0696 2716	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
00:29:00.0930 2716	RSVP - ok
00:29:01.0118 2716	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
00:29:01.0399 2716	rtl8139 - ok
00:29:01.0430 2716	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
00:29:01.0618 2716	SamSs - ok
00:29:01.0680 2716	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
00:29:01.0930 2716	SCardSvr - ok
00:29:02.0102 2716	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
00:29:02.0321 2716	Schedule - ok
00:29:02.0415 2716	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:29:02.0540 2716	Secdrv - ok
00:29:02.0634 2716	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
00:29:02.0868 2716	seclogon - ok
00:29:02.0930 2716	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
00:29:03.0134 2716	SENS - ok
00:29:03.0180 2716	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
00:29:03.0462 2716	serenum - ok
00:29:03.0602 2716	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
00:29:03.0852 2716	Serial - ok
00:29:03.0884 2716	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
00:29:04.0118 2716	Sfloppy - ok
00:29:04.0446 2716	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
00:29:04.0759 2716	SharedAccess - ok
00:29:04.0899 2716	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
00:29:05.0009 2716	ShellHWDetection - ok
00:29:05.0024 2716	Simbad - ok
00:29:05.0352 2716	SiS315          (7469858341a5b6f22dedd2995f4d2ff2) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
00:29:05.0477 2716	SiS315 - ok
00:29:05.0540 2716	SiSkp           (9a0f86efa0ef99115a23c8624e2e6bc7) C:\WINDOWS\system32\DRIVERS\srvkp.sys
00:29:05.0602 2716	SiSkp - ok
00:29:05.0602 2716	Sparrow - ok
00:29:05.0665 2716	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
00:29:05.0915 2716	splitter - ok
00:29:05.0977 2716	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
00:29:06.0040 2716	Spooler - ok
00:29:06.0165 2716	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
00:29:06.0274 2716	sr - ok
00:29:06.0524 2716	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
00:29:06.0649 2716	srservice - ok
00:29:07.0040 2716	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
00:29:07.0290 2716	Srv - ok
00:29:07.0415 2716	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
00:29:07.0524 2716	SSDPSRV - ok
00:29:07.0603 2716	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
00:29:07.0634 2716	ssmdrv - ok
00:29:07.0931 2716	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
00:29:08.0228 2716	stisvc - ok
00:29:08.0368 2716	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
00:29:08.0634 2716	swenum - ok
00:29:08.0728 2716	swmidi          (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
00:29:08.0774 2716	swmidi ( UnsignedFile.Multi.Generic ) - warning
00:29:08.0774 2716	swmidi - detected UnsignedFile.Multi.Generic (1)
00:29:08.0790 2716	SwPrv - ok
00:29:08.0837 2716	symc810 - ok
00:29:08.0853 2716	symc8xx - ok
00:29:08.0931 2716	symlcbrd        (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
00:29:08.0962 2716	symlcbrd - ok
00:29:08.0978 2716	sym_hi - ok
00:29:08.0993 2716	sym_u3 - ok
00:29:09.0103 2716	sysaudio        (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
00:29:09.0290 2716	sysaudio - ok
00:29:09.0368 2716	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
00:29:09.0603 2716	SysmonLog - ok
00:29:09.0884 2716	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
00:29:10.0149 2716	TapiSrv - ok
00:29:10.0384 2716	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:29:10.0650 2716	Tcpip - ok
00:29:10.0712 2716	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
00:29:10.0946 2716	TDPIPE - ok
00:29:11.0009 2716	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
00:29:11.0243 2716	TDTCP - ok
00:29:11.0306 2716	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
00:29:11.0525 2716	TermDD - ok
00:29:11.0837 2716	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
00:29:12.0165 2716	TermService - ok
00:29:12.0337 2716	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
00:29:12.0400 2716	Themes - ok
00:29:12.0556 2716	TNPacket        (52ab2f2b0d2fd7cc2fdb489c449feb8e) C:\Programme\T-DSL SpeedManager\TNPACKET.SYS
00:29:12.0587 2716	TNPacket ( UnsignedFile.Multi.Generic ) - warning
00:29:12.0587 2716	TNPacket - detected UnsignedFile.Multi.Generic (1)
00:29:12.0618 2716	TosIde - ok
00:29:12.0696 2716	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
00:29:12.0915 2716	TrkWks - ok
00:29:13.0150 2716	TSMService      (bf2236a5a39b21f694ccd7b5a6639e71) C:\Programme\T-DSL SpeedManager\tsmsvc.exe
00:29:13.0228 2716	TSMService ( UnsignedFile.Multi.Generic ) - warning
00:29:13.0228 2716	TSMService - detected UnsignedFile.Multi.Generic (1)
00:29:13.0337 2716	uagp35          (49c805d42d75eddc9b6a7130999c9054) C:\WINDOWS\system32\DRIVERS\uagp35.sys
00:29:13.0525 2716	uagp35 - ok
00:29:13.0618 2716	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
00:29:13.0822 2716	Udfs - ok
00:29:13.0853 2716	ultra - ok
00:29:13.0947 2716	UMWdf           (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe
00:29:14.0009 2716	UMWdf - ok
00:29:14.0368 2716	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
00:29:14.0728 2716	Update - ok
00:29:14.0853 2716	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
00:29:14.0978 2716	upnphost - ok
00:29:15.0040 2716	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
00:29:15.0306 2716	UPS - ok
00:29:15.0431 2716	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:29:15.0665 2716	usbccgp - ok
00:29:15.0728 2716	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:29:15.0947 2716	usbehci - ok
00:29:16.0025 2716	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:29:16.0259 2716	usbhub - ok
00:29:16.0337 2716	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
00:29:16.0540 2716	usbohci - ok
00:29:16.0650 2716	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:29:16.0900 2716	usbprint - ok
00:29:16.0978 2716	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:29:17.0197 2716	USBSTOR - ok
00:29:17.0337 2716	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
00:29:17.0540 2716	VgaSave - ok
00:29:17.0556 2716	ViaIde - ok
00:29:17.0665 2716	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
00:29:17.0900 2716	VolSnap - ok
00:29:18.0197 2716	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
00:29:18.0415 2716	VSS - ok
00:29:18.0603 2716	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
00:29:18.0806 2716	W32Time - ok
00:29:18.0978 2716	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:29:19.0244 2716	Wanarp - ok
00:29:19.0275 2716	WDICA - ok
00:29:19.0384 2716	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
00:29:19.0603 2716	wdmaud - ok
00:29:19.0759 2716	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
00:29:19.0978 2716	WebClient - ok
00:29:20.0228 2716	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
00:29:20.0431 2716	winmgmt - ok
00:29:20.0494 2716	WmdmPmSN        (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\MsPMSNSv.dll
00:29:20.0603 2716	WmdmPmSN - ok
00:29:20.0744 2716	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:29:20.0978 2716	WmiApSrv - ok
00:29:21.0166 2716	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
00:29:21.0431 2716	wscsvc - ok
00:29:21.0494 2716	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
00:29:21.0775 2716	wuauserv - ok
00:29:22.0228 2716	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
00:29:22.0572 2716	WZCSVC - ok
00:29:22.0666 2716	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
00:29:22.0916 2716	xmlprov - ok
00:29:22.0978 2716	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
00:29:24.0134 2716	\Device\Harddisk0\DR0 - ok
00:29:24.0166 2716	MBR (0x1B8)     (672d49b92adfa952c7ad0fb98d4ad10b) \Device\Harddisk1\DR1
00:29:26.0150 2716	\Device\Harddisk1\DR1 - ok
00:29:26.0166 2716	Boot (0x1200)   (ab4fc60439735b5e605b431d684929ce) \Device\Harddisk0\DR0\Partition0
00:29:26.0166 2716	\Device\Harddisk0\DR0\Partition0 - ok
00:29:26.0213 2716	Boot (0x1200)   (08a5f8063296affba09d99ec332eaefa) \Device\Harddisk0\DR0\Partition1
00:29:26.0228 2716	\Device\Harddisk0\DR0\Partition1 - ok
00:29:26.0260 2716	Boot (0x1200)   (8596dc2f1ffbde405285adfb8f432d16) \Device\Harddisk1\DR1\Partition0
00:29:26.0260 2716	\Device\Harddisk1\DR1\Partition0 - ok
00:29:26.0275 2716	============================================================
00:29:26.0275 2716	Scan finished
00:29:26.0275 2716	============================================================
00:29:26.0681 0348	Detected object count: 7
00:29:26.0681 0348	Actual detected object count: 7
00:30:06.0465 0348	aspnet_state ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0465 0348	aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:30:06.0465 0348	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0465 0348	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:30:06.0480 0348	PCANDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0480 0348	PCANDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:30:06.0480 0348	PortTalk ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0480 0348	PortTalk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:30:06.0496 0348	swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0496 0348	swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:30:06.0511 0348	TNPacket ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0511 0348	TNPacket ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:30:06.0511 0348	TSMService ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0511 0348	TSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:30:18.0715 1076	Deinitialize success
         
ich hoffe das ist besser.
Gruß
Harry

Alt 04.05.2012, 23:44   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Na gut ok, sry für den Rüffel
Ich habs jetzt aber schon ein paar mal erlebt, dass sich manche dann trotzdem was weggefixt haben und man den Kram nicht mehr wiederhergestellt bekam

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.05.2012, 16:36   #23
fharry
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Hallo Arne,
hier der Text.
Code:
ATTFilter
ComboFix 12-05-05.05 - Admin 05.05.2012  16:47:33.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.479.137 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Admin\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Norton Internet Security 2006 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security 2006 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Sunbelt Kerio Personal Firewall *Enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Admin\4.0
c:\dokumente und einstellungen\Admin\Favoriten\locked-DFBnet - Das Servicenetz des deutschen Fußballs.url.geky
c:\dokumente und einstellungen\Admin\Favoriten\locked-Hördter Auwald-Lauf 2011 (20 km), Deutschland - Termine & Ergebnisse.url.sfxn
c:\dokumente und einstellungen\Admin\Favoriten\locked-KiK Textilien & Non-Food GmbH.url.qtkc
c:\dokumente und einstellungen\Admin\Favoriten\locked-Verlag + Druck Linus Wittich - Ihr Mitteilungsblatt online lesen & bestellen.url.rehz
c:\windows\system\comdlg32.ocx
c:\windows\system\dbgrid32.ocx
c:\windows\system\dblist32.ocx
c:\windows\system\msrdc32.ocx
c:\windows\system\richtx32.ocx
c:\windows\system\tabctl32.ocx
c:\windows\system\threed32.ocx
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-04-05 bis 2012-05-05  ))))))))))))))))))))))))))))))
.
.
2012-05-04 22:12 . 2012-05-04 22:12	--------	d-----w-	c:\windows\system32\wbem\Repository
2012-05-04 17:30 . 2012-05-04 17:30	--------	dc----w-	C:\TDSSKiller_Quarantine
2012-05-02 18:23 . 2012-05-03 18:39	--------	dc----w-	C:\_OTL
2012-04-28 17:24 . 2012-04-28 17:24	--------	d-----w-	c:\programme\ESET
2012-04-28 17:14 . 2012-04-28 17:14	40776	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2012-04-28 16:29 . 2012-04-28 16:29	--------	dc----w-	c:\dokumente und einstellungen\Admin\Anwendungsdaten\Malwarebytes
2012-04-28 16:29 . 2012-04-28 16:29	--------	dc----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-04-25 09:22 . 2012-04-25 09:26	--------	dc----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\MFAData
2012-04-25 08:59 . 2012-04-25 08:59	--------	dcsh--w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-04-25 08:59 . 2012-04-25 08:59	--------	dc-h--w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Common Files
2012-04-24 19:37 . 2012-04-28 16:19	--------	dc----w-	c:\dokumente und einstellungen\Admin\Anwendungsdaten\Realtec
2012-04-17 18:50 . 2012-04-17 18:50	--------	d-----w-	c:\programme\Microsoft
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-29 14:09 . 2004-08-04 12:00	177664	----a-w-	c:\windows\system32\wintrust.dll
2012-02-29 14:09 . 2004-08-04 12:00	148480	----a-w-	c:\windows\system32\imagehlp.dll
2012-02-28 18:49 . 2004-08-04 12:00	672768	----a-w-	c:\windows\system32\wininet.dll
2012-02-28 18:49 . 2004-08-04 12:00	61952	----a-w-	c:\windows\system32\tdc.ocx
2012-02-28 18:49 . 2004-08-04 12:00	81920	----a-w-	c:\windows\system32\ieencode.dll
2012-02-28 18:47 . 2004-08-04 12:00	371200	----a-w-	c:\windows\system32\html.iec
2012-02-22 19:34 . 2007-04-10 17:30	73728	----a-w-	c:\windows\system32\javacpl.cpl
2012-02-22 19:34 . 2010-05-22 08:03	472808	----a-w-	c:\windows\system32\deployJava1.dll
2012-03-22 22:21 . 2012-02-17 21:24	97208	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-20 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 77824]
"SiSPower"="SiSPower.dll" [2005-08-25 49152]
"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\programme\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\programme\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"SetDefPrt"="c:\programme\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152]
"ControlCenter2.0"="c:\programme\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 933888]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-11-07 281768]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
Adobe Reader - Schnellstart.lnk - c:\programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
McAfee Security Scan Plus.lnk - c:\programme\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
OnlineControl.lnk - c:\programme\OnlineControl\ocontrol.exe [2004-7-19 94208]
Status Monitor.lnk - c:\programme\Brother\Brmfcmon\BrMfcWnd.exe [2007-8-6 802816]
Zahlungserinnerung.lnk - c:\programme\Profi cash\wzed.exe [2007-7-10 147456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:22	1695232	----a-w-	c:\programme\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTBSync]
2006-11-15 16:57	318976	----a-w-	c:\programme\PTBSync\PTBSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-DSL SpeedMgr]
2004-07-14 14:01	397312	----a-w-	c:\progra~1\T-DSLS~1\SpeedMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [18.07.2006 12:02 284184]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [18.07.2006 12:02 91672]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\programme\Avira\AntiVir Desktop\sched.exe [22.08.2010 17:42 136360]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [01.07.2011 18:43 428200]
R2 PortTalk;PortTalk;c:\windows\system32\drivers\ptbtalk.sys [15.11.2006 18:57 3567]
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;"c:\programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe" --> c:\programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [30.03.2012 17:33 135664]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys --> c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [?]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [30.03.2012 17:33 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [28.04.2012 19:14 40776]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\programme\McAfee Security Scan\2.0.181\McCHSvc.exe [15.01.2010 14:49 227232]
S3 TNPacket;T-Systems Nova Packet Capture Driver;c:\programme\T-DSL SpeedManager\TNPACKET.SYS [11.03.2004 17:44 9696]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ANTIVIRWEBSERVICE
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-03-30 15:31]
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-03-30 15:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\programme\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\dokumente und einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\iyyti28e.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-05-05 17:00
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
"7040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Zeit der Fertigstellung: 2012-05-05  17:05:40
ComboFix-quarantined-files.txt  2012-05-05 15:05
.
Vor Suchlauf: 1.196.625.920 Bytes frei
Nach Suchlauf: 1.164.247.040 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - DCC2F0AA8C950FD2BE4B4245FF0CAAD3
         
ich hoffe zu deiner Zufriedenheit!
Gruß
Harry

Alt 06.05.2012, 18:30   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Zitat:
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Norton Internet Security 2006 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security 2006 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Sunbelt Kerio Personal Firewall *Enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
.
Ist das tatsächlich noch alles installiert oder sind das nur Überbleibst und wie werden fälschlicherweise als aktiv im System noch angezeigt?
Ich würde die Finger von jeder Suite und PersonalFirewall lassen! Nimm immer nur einen reinen Virenscanner plus Windows-Firewall!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.05.2012, 19:28   #25
fharry
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Hallo Arne,
wie schon zu anfang gesagt das ist ein Vereins PC
und ich habe den erst im Novembert 2010 übernommen.
Ich denke das das alles noch drauf ist!
ist alles noch von meinem Vorgänger.
Soll ich den ganzen Kram runter schmeißen?
wie soll ich jetzt vorgehen?
wenn der Gram weg ist soll ich dann ComboFix
nochmal Starten?
Gruß
Harry

Alt 06.05.2012, 19:39   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Ja deinstalliere bitte alles, meintwegen kann aber AntiVir draufbleiben
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.05.2012, 19:41   #27
fharry
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Und dann ComboFix
nochmal Starten?
Gruß
Harry

Alt 06.05.2012, 19:42   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Nein, erstmal nur die Programme deinstallieren
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.05.2012, 19:44   #29
fharry
 
Trojaner: 2048 bit pgp-rsa - Standard

Trojaner: 2048 bit pgp-rsa



Mach ich Morgen
dann melde ich mich wieder.
Gruß
Harry

Hallo Arne,
habe diese Programme deinstalliert
AntiVir Desktop
Norton Internet Security 2006
Norton Internet Security 2006
Norton Internet Worm Protection
Sunbelt Kerio Personal Firewall
Gruß
Harry

Antwort

Themen zu Trojaner: 2048 bit pgp-rsa
abgesicherten, automatisch, bildschirm, bildschirm schwarz, computerverschlüsselungstrojaner, festplatte, folge, gesendet, infizierte, karte, nicht mehr, nutzen, problem, schadprogramme, seite, seiten, sperrt, trojaner, unsignedfile.multi.generic, update, verhindert, virus, virus verschlüsselt, wichtig, wickel



Ähnliche Themen: Trojaner: 2048 bit pgp-rsa


  1. RSA 2048 Virus mit Verschlüsselungen
    Log-Analyse und Auswertung - 11.11.2015 (20)
  2. RSA-2048, Dateien verschlüsselt, Win7
    Log-Analyse und Auswertung - 16.10.2015 (7)
  3. Dateien mit RSA 2048 Verschlüsselung
    Plagegeister aller Art und deren Bekämpfung - 18.08.2015 (3)
  4. RSA-2048 Trojaner unter Windows7 - Wie entschlüsselt man die Dateien ?
    Plagegeister aller Art und deren Bekämpfung - 09.08.2015 (5)
  5. Erpresservirus RSA-2048 Virus, Endung .exx
    Plagegeister aller Art und deren Bekämpfung - 27.05.2015 (5)
  6. Win XP: RSA-2048 Verschlüsselungstrojaner mit Endung exx
    Plagegeister aller Art und deren Bekämpfung - 22.05.2015 (7)
  7. Trojaner RSA 2048-Bit Gibt es Hoffung ?
    Plagegeister aller Art und deren Bekämpfung - 04.05.2015 (3)
  8. Bitcrypt II RSA-2048
    Plagegeister aller Art und deren Bekämpfung - 26.09.2014 (9)
  9. Neuer Erpressungs-Trojaner verschlüsselt mit RSA-2048
    Nachrichten - 30.04.2014 (0)
  10. Trojaner bit 2048 sowie Verlangsamung des Computers
    Log-Analyse und Auswertung - 14.05.2012 (20)
  11. Windows Verschlüsselungs Trojaner 2048 Bit PGP-RSA
    Plagegeister aller Art und deren Bekämpfung - 04.05.2012 (14)
  12. 2048 bit PGP - RSA Trojaner verschlüsselung
    Plagegeister aller Art und deren Bekämpfung - 01.05.2012 (11)
  13. Windows Verschlüsselungs Trojaner 2048 Bit PGP-RSA
    Log-Analyse und Auswertung - 01.05.2012 (5)
  14. Verschluesselungstrojaner 2048 Bit PGP-RSA
    Plagegeister aller Art und deren Bekämpfung - 27.04.2012 (7)
  15. Verschluesselungstrojaner 2048 Bit PGP-RSA
    Plagegeister aller Art und deren Bekämpfung - 25.04.2012 (1)
  16. w32.valla.2048
    Plagegeister aller Art und deren Bekämpfung - 10.09.2003 (4)
  17. W32.Valla.2048 aka w32.xorala aka w32.Rox.A
    Plagegeister aller Art und deren Bekämpfung - 11.08.2003 (3)

Zum Thema Trojaner: 2048 bit pgp-rsa - Zitat: Dateien sind noch verschlüsselt Ja was denn sonst? Wie die entschlüsselt werden dazu gibt es hier genug Hinweise!! Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen: 1.) GANZ - Trojaner: 2048 bit pgp-rsa...
Archiv
Du betrachtest: Trojaner: 2048 bit pgp-rsa auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.