| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/ATRAPS.GEN - TR/ATRAPS.Gen2 lassen sich nicht entfernen.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
25.07.2012, 13:29
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  TR/ATRAPS.GEN - TR/ATRAPS.Gen2 lassen sich nicht entfernen. Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.07.2012, 14:54
| #2 |
 | TR/ATRAPS.GEN - TR/ATRAPS.Gen2 lassen sich nicht entfernen.Code:
ATTFilter 15:50:26.0281 0424 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:50:26.0593 0424 ============================================================
15:50:26.0593 0424 Current date / time: 2012/07/25 15:50:26.0593
15:50:26.0593 0424 SystemInfo:
15:50:26.0593 0424
15:50:26.0593 0424 OS Version: 5.1.2600 ServicePack: 3.0
15:50:26.0593 0424 Product type: Workstation
15:50:26.0593 0424 ComputerName: LABECKA
15:50:26.0593 0424 UserName: rebecca
15:50:26.0593 0424 Windows directory: C:\WINDOWS
15:50:26.0593 0424 System windows directory: C:\WINDOWS
15:50:26.0593 0424 Processor architecture: Intel x86
15:50:26.0593 0424 Number of processors: 2
15:50:26.0593 0424 Page size: 0x1000
15:50:26.0593 0424 Boot type: Normal boot
15:50:26.0593 0424 ============================================================
15:50:28.0031 0424 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
15:50:28.0031 0424 ============================================================
15:50:28.0031 0424 \Device\Harddisk0\DR0:
15:50:28.0031 0424 MBR partitions:
15:50:28.0031 0424 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC350151
15:50:28.0046 0424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC3501CF, BlocksNum 0x2E0346C1
15:50:28.0046 0424 ============================================================
15:50:28.0093 0424 D: <-> \Device\Harddisk0\DR0\Partition1
15:50:28.0140 0424 C: <-> \Device\Harddisk0\DR0\Partition0
15:50:28.0140 0424 ============================================================
15:50:28.0140 0424 Initialize success
15:50:28.0140 0424 ============================================================
15:51:20.0546 2520 ============================================================
15:51:20.0546 2520 Scan started
15:51:20.0546 2520 Mode: Manual; SigCheck; TDLFS;
15:51:20.0546 2520 ============================================================
15:51:20.0937 2520 Abiosdsk - ok
15:51:20.0937 2520 abp480n5 - ok
15:51:20.0984 2520 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:51:22.0156 2520 ACPI - ok
15:51:22.0187 2520 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:51:22.0328 2520 ACPIEC - ok
15:51:22.0359 2520 ADIHdAudAddService (beee84a79710f705864685b05f1bb172) C:\WINDOWS\system32\drivers\ADIHdAud.sys
15:51:22.0406 2520 ADIHdAudAddService - ok
15:51:22.0484 2520 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:51:22.0500 2520 AdobeFlashPlayerUpdateSvc - ok
15:51:22.0515 2520 adpu160m - ok
15:51:22.0531 2520 AEAudioService (358063ab6c1c4173b735525cdfa65f94) C:\WINDOWS\system32\drivers\AEAudio.sys
15:51:22.0562 2520 AEAudioService - ok
15:51:22.0578 2520 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:51:22.0703 2520 aec - ok
15:51:22.0750 2520 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:51:22.0796 2520 AFD - ok
15:51:22.0812 2520 Aha154x - ok
15:51:22.0812 2520 aic78u2 - ok
15:51:22.0812 2520 aic78xx - ok
15:51:22.0843 2520 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
15:51:22.0968 2520 Alerter - ok
15:51:22.0984 2520 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
15:51:23.0109 2520 ALG - ok
15:51:23.0109 2520 AliIde - ok
15:51:23.0125 2520 amsint - ok
15:51:23.0203 2520 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
15:51:23.0218 2520 AntiVirSchedulerService - ok
15:51:23.0234 2520 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
15:51:23.0250 2520 AntiVirService - ok
15:51:23.0296 2520 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:51:23.0312 2520 Apple Mobile Device - ok
15:51:23.0343 2520 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
15:51:23.0468 2520 AppMgmt - ok
15:51:23.0500 2520 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:51:23.0625 2520 Arp1394 - ok
15:51:23.0625 2520 asc - ok
15:51:23.0625 2520 asc3350p - ok
15:51:23.0640 2520 asc3550 - ok
15:51:23.0703 2520 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:51:23.0765 2520 aspnet_state - ok
15:51:23.0781 2520 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:51:23.0906 2520 AsyncMac - ok
15:51:23.0953 2520 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:51:24.0062 2520 atapi - ok
15:51:24.0078 2520 Atdisk - ok
15:51:24.0125 2520 Ati HotKey Poller (b921d1790a8ef84b2dbdeeef4909fba1) C:\WINDOWS\system32\Ati2evxx.exe
15:51:24.0218 2520 Ati HotKey Poller - ok
15:51:24.0421 2520 ati2mtag (5a13723fb8bfdd2090defb2d0cb98a27) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:51:24.0546 2520 ati2mtag - ok
15:51:24.0656 2520 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:51:24.0765 2520 Atmarpc - ok
15:51:24.0796 2520 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
15:51:24.0921 2520 AudioSrv - ok
15:51:24.0953 2520 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:51:25.0046 2520 audstub - ok
15:51:25.0093 2520 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:51:25.0156 2520 avgntflt - ok
15:51:25.0171 2520 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:51:25.0187 2520 avipbb - ok
15:51:25.0203 2520 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:51:25.0218 2520 avkmgr - ok
15:51:25.0265 2520 b57w2k (66dd574749c38153c6067ebba929befc) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
15:51:25.0328 2520 b57w2k - ok
15:51:25.0375 2520 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:51:25.0468 2520 Beep - ok
15:51:25.0531 2520 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
15:51:25.0671 2520 BITS - ok
15:51:25.0750 2520 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
15:51:25.0765 2520 Bonjour Service - ok
15:51:25.0828 2520 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
15:51:25.0953 2520 Browser - ok
15:51:25.0968 2520 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:51:26.0093 2520 cbidf2k - ok
15:51:26.0109 2520 cd20xrnt - ok
15:51:26.0140 2520 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:51:26.0265 2520 Cdaudio - ok
15:51:26.0296 2520 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:51:26.0406 2520 Cdfs - ok
15:51:26.0406 2520 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:51:26.0515 2520 Cdrom - ok
15:51:26.0562 2520 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
15:51:26.0562 2520 cercsr6 ( UnsignedFile.Multi.Generic ) - warning
15:51:26.0562 2520 cercsr6 - detected UnsignedFile.Multi.Generic (1)
15:51:26.0578 2520 Changer - ok
15:51:26.0609 2520 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
15:51:26.0718 2520 CiSvc - ok
15:51:26.0718 2520 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
15:51:26.0828 2520 ClipSrv - ok
15:51:26.0906 2520 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:51:26.0968 2520 clr_optimization_v2.0.50727_32 - ok
15:51:27.0000 2520 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:51:27.0109 2520 CmBatt - ok
15:51:27.0109 2520 CmdIde - ok
15:51:27.0125 2520 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:51:27.0250 2520 Compbatt - ok
15:51:27.0250 2520 COMSysApp - ok
15:51:27.0250 2520 Cpqarray - ok
15:51:27.0296 2520 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
15:51:27.0406 2520 CryptSvc - ok
15:51:27.0406 2520 dac2w2k - ok
15:51:27.0421 2520 dac960nt - ok
15:51:27.0468 2520 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
15:51:27.0515 2520 DcomLaunch - ok
15:51:27.0562 2520 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
15:51:27.0671 2520 Dhcp - ok
15:51:27.0687 2520 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:51:27.0812 2520 Disk - ok
15:51:27.0812 2520 dmadmin - ok
15:51:27.0875 2520 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
15:51:28.0015 2520 dmboot - ok
15:51:28.0046 2520 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
15:51:28.0156 2520 dmio - ok
15:51:28.0187 2520 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:51:28.0312 2520 dmload - ok
15:51:28.0343 2520 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
15:51:28.0453 2520 dmserver - ok
15:51:28.0500 2520 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:51:28.0609 2520 DMusic - ok
15:51:28.0640 2520 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
15:51:28.0734 2520 Dnscache - ok
15:51:28.0765 2520 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
15:51:28.0890 2520 Dot3svc - ok
15:51:28.0921 2520 DozeHDD (6d279bb0de1d8e34f454e1b353f4d738) C:\WINDOWS\system32\DRIVERS\DozeHDD.sys
15:51:28.0937 2520 DozeHDD - ok
15:51:29.0015 2520 DozeSvc (21b364856ddbc03d1afcf348528e5b49) C:\Programme\ThinkPad\Utilities\DOZESVC.EXE
15:51:29.0031 2520 DozeSvc - ok
15:51:29.0031 2520 dpti2o - ok
15:51:29.0062 2520 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:51:29.0187 2520 drmkaud - ok
15:51:29.0218 2520 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
15:51:29.0328 2520 EapHost - ok
15:51:29.0359 2520 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
15:51:29.0468 2520 ERSvc - ok
15:51:29.0515 2520 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:51:29.0546 2520 Eventlog - ok
15:51:29.0562 2520 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
15:51:29.0609 2520 EventSystem - ok
15:51:29.0687 2520 EvtEng (9d6a019dea917f305af23209fedd5f16) C:\Programme\Intel\WiFi\bin\EvtEng.exe
15:51:29.0750 2520 EvtEng - ok
15:51:29.0796 2520 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:51:29.0906 2520 Fastfat - ok
15:51:29.0953 2520 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:51:30.0015 2520 FastUserSwitchingCompatibility - ok
15:51:30.0031 2520 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:51:30.0125 2520 Fdc - ok
15:51:30.0156 2520 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
15:51:30.0265 2520 Fips - ok
15:51:30.0265 2520 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:51:30.0375 2520 Flpydisk - ok
15:51:30.0406 2520 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:51:30.0500 2520 FltMgr - ok
15:51:30.0625 2520 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:51:30.0640 2520 FontCache3.0.0.0 - ok
15:51:30.0687 2520 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:51:30.0796 2520 Fs_Rec - ok
15:51:30.0812 2520 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:51:30.0937 2520 Ftdisk - ok
15:51:30.0968 2520 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:51:30.0984 2520 GEARAspiWDM - ok
15:51:31.0000 2520 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:51:31.0125 2520 Gpc - ok
15:51:31.0265 2520 Guard.Mail.ru (e859ca020ed61899f3c74a8d0032d05c) C:\Programme\Guard-ICQ\GuardICQ.exe
15:51:31.0359 2520 Guard.Mail.ru - ok
15:51:31.0453 2520 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:51:31.0562 2520 HDAudBus - ok
15:51:31.0609 2520 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:51:31.0718 2520 helpsvc - ok
15:51:31.0734 2520 HidServ - ok
15:51:31.0765 2520 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
15:51:31.0875 2520 hkmsvc - ok
15:51:31.0875 2520 hpn - ok
15:51:31.0921 2520 HSFHWAZL (6a5c4732d6803f84e2987edd8e4359ce) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
15:51:31.0953 2520 HSFHWAZL - ok
15:51:32.0078 2520 HSF_DPV (21c31273c6cc4826e74be8ae3b09d4a8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
15:51:32.0171 2520 HSF_DPV - ok
15:51:32.0218 2520 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:51:32.0250 2520 HTTP - ok
15:51:32.0281 2520 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
15:51:32.0406 2520 HTTPFilter - ok
15:51:32.0406 2520 i2omgmt - ok
15:51:32.0406 2520 i2omp - ok
15:51:32.0453 2520 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:51:32.0562 2520 i8042prt - ok
15:51:32.0593 2520 IBMPMDRV (293131c1da5f53cb05f75d637739d79c) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
15:51:32.0625 2520 IBMPMDRV - ok
15:51:32.0640 2520 IBMPMSVC (91fa023c5203503776bccc9cf96a0c59) C:\WINDOWS\system32\ibmpmsvc.exe
15:51:32.0671 2520 IBMPMSVC - ok
15:51:32.0703 2520 ICQ Service - ok
15:51:32.0890 2520 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:51:32.0953 2520 idsvc - ok
15:51:32.0984 2520 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:51:33.0093 2520 Imapi - ok
15:51:33.0156 2520 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
15:51:33.0265 2520 ImapiService - ok
15:51:33.0265 2520 ini910u - ok
15:51:33.0281 2520 IntelIde - ok
15:51:33.0312 2520 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:51:33.0421 2520 intelppm - ok
15:51:33.0453 2520 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:51:33.0578 2520 Ip6Fw - ok
15:51:33.0593 2520 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:51:33.0718 2520 IpFilterDriver - ok
15:51:33.0734 2520 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:51:33.0843 2520 IpInIp - ok
15:51:33.0875 2520 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:51:33.0984 2520 IpNat - ok
15:51:34.0109 2520 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Programme\iPod\bin\iPodService.exe
15:51:34.0187 2520 iPod Service - ok
15:51:34.0218 2520 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:51:34.0328 2520 IPSec - ok
15:51:34.0359 2520 IPSSVC (00d8e9daebe72a5df3986fd418a995eb) C:\WINDOWS\system32\IPSSVC.EXE
15:51:34.0375 2520 IPSSVC - ok
15:51:34.0406 2520 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:51:34.0515 2520 IRENUM - ok
15:51:34.0546 2520 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:51:34.0656 2520 isapnp - ok
15:51:34.0734 2520 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
15:51:34.0750 2520 JavaQuickStarterService - ok
15:51:34.0765 2520 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:51:34.0890 2520 Kbdclass - ok
15:51:35.0062 2520 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:51:35.0218 2520 kmixer - ok
15:51:35.0250 2520 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:51:35.0281 2520 KSecDD - ok
15:51:35.0328 2520 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
15:51:35.0390 2520 lanmanserver - ok
15:51:35.0437 2520 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
15:51:35.0468 2520 lanmanworkstation - ok
15:51:35.0468 2520 lbrtfdc - ok
15:51:35.0531 2520 LENOVO.MICMUTE (fce735941da27929dbfc1918f286ffd8) C:\Programme\LENOVO\HOTKEY\MICMUTE.exe
15:51:35.0546 2520 LENOVO.MICMUTE - ok
15:51:35.0562 2520 lenovo.smi (9aac267a225f3caebb9e633f7eb16e4b) C:\WINDOWS\system32\DRIVERS\smiif32.sys
15:51:35.0578 2520 lenovo.smi - ok
15:51:35.0609 2520 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
15:51:35.0734 2520 LmHosts - ok
15:51:35.0796 2520 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
15:51:35.0812 2520 McComponentHostService - ok
15:51:35.0843 2520 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:51:35.0875 2520 mdmxsdk - ok
15:51:35.0906 2520 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
15:51:36.0015 2520 Messenger - ok
15:51:36.0093 2520 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
15:51:36.0109 2520 Microsoft Office Groove Audit Service - ok
15:51:36.0140 2520 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:51:36.0250 2520 mnmdd - ok
15:51:36.0281 2520 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
15:51:36.0390 2520 mnmsrvc - ok
15:51:36.0421 2520 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
15:51:36.0531 2520 Modem - ok
15:51:36.0546 2520 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:51:36.0656 2520 Mouclass - ok
15:51:36.0671 2520 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:51:36.0781 2520 MountMgr - ok
15:51:36.0890 2520 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
15:51:36.0906 2520 MozillaMaintenance - ok
15:51:36.0906 2520 mraid35x - ok
15:51:36.0968 2520 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:51:37.0078 2520 MRxDAV - ok
15:51:37.0140 2520 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:51:37.0218 2520 MRxSmb - ok
15:51:37.0234 2520 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
15:51:37.0343 2520 MSDTC - ok
15:51:37.0359 2520 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:51:37.0468 2520 Msfs - ok
15:51:37.0468 2520 MSIServer - ok
15:51:37.0515 2520 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:51:37.0625 2520 MSKSSRV - ok
15:51:37.0640 2520 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:51:37.0750 2520 MSPCLOCK - ok
15:51:37.0765 2520 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:51:37.0875 2520 MSPQM - ok
15:51:37.0921 2520 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:51:38.0015 2520 mssmbios - ok
15:51:38.0062 2520 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:51:38.0093 2520 Mup - ok
15:51:38.0140 2520 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
15:51:38.0265 2520 napagent - ok
15:51:38.0312 2520 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:51:38.0421 2520 NDIS - ok
15:51:38.0453 2520 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:51:38.0484 2520 NdisTapi - ok
15:51:38.0484 2520 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:51:38.0609 2520 Ndisuio - ok
15:51:38.0640 2520 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:51:38.0750 2520 NdisWan - ok
15:51:38.0781 2520 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:51:38.0812 2520 NDProxy - ok
15:51:38.0843 2520 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:51:38.0953 2520 NetBIOS - ok
15:51:38.0968 2520 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:51:39.0078 2520 NetBT - ok
15:51:39.0109 2520 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:51:39.0234 2520 NetDDE - ok
15:51:39.0234 2520 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:51:39.0343 2520 NetDDEdsdm - ok
15:51:39.0375 2520 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:51:39.0468 2520 Netlogon - ok
15:51:39.0515 2520 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
15:51:39.0625 2520 Netman - ok
15:51:39.0750 2520 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:51:39.0765 2520 NetTcpPortSharing - ok
15:51:40.0140 2520 NETwLx32 (72062b53186e4a3f5fcbc41ebb62b905) C:\WINDOWS\system32\DRIVERS\NETwLx32.sys
15:51:40.0484 2520 NETwLx32 - ok
15:51:40.0593 2520 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:51:40.0703 2520 NIC1394 - ok
15:51:41.0156 2520 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
15:51:41.0218 2520 Nla - ok
15:51:41.0234 2520 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:51:41.0328 2520 Npfs - ok
15:51:41.0906 2520 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:51:42.0046 2520 Ntfs - ok
15:51:42.0093 2520 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:51:42.0187 2520 NtLmSsp - ok
15:51:42.0250 2520 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
15:51:42.0390 2520 NtmsSvc - ok
15:51:42.0421 2520 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:51:42.0546 2520 Null - ok
15:51:42.0593 2520 NWCWorkstation (c34a6a72dec2c317d67355dc18f87090) C:\WINDOWS\System32\nwwks.dll
15:51:42.0703 2520 NWCWorkstation - ok
15:51:42.0765 2520 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:51:42.0890 2520 NwlnkFlt - ok
15:51:42.0906 2520 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:51:43.0031 2520 NwlnkFwd - ok
15:51:43.0062 2520 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
15:51:43.0187 2520 NwlnkIpx - ok
15:51:43.0203 2520 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
15:51:43.0312 2520 NwlnkNb - ok
15:51:43.0328 2520 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
15:51:43.0437 2520 NwlnkSpx - ok
15:51:43.0468 2520 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
15:51:43.0593 2520 NWRDR - ok
15:51:43.0703 2520 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
15:51:43.0750 2520 odserv - ok
15:51:43.0828 2520 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:51:43.0937 2520 ohci1394 - ok
15:51:43.0968 2520 ose (5a432a042dae460abe7199b758e8606c) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
15:51:44.0000 2520 ose - ok
15:51:44.0015 2520 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
15:51:44.0125 2520 Parport - ok
15:51:44.0171 2520 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:51:44.0281 2520 PartMgr - ok
15:51:44.0312 2520 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
15:51:44.0421 2520 ParVdm - ok
15:51:44.0437 2520 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
15:51:44.0546 2520 PCI - ok
15:51:44.0562 2520 PCIDump - ok
15:51:44.0578 2520 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:51:44.0703 2520 PCIIde - ok
15:51:44.0718 2520 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
15:51:44.0828 2520 Pcmcia - ok
15:51:44.0828 2520 PDCOMP - ok
15:51:44.0828 2520 PDFRAME - ok
15:51:44.0843 2520 PDRELI - ok
15:51:44.0843 2520 PDRFRAME - ok
15:51:44.0843 2520 perc2 - ok
15:51:44.0843 2520 perc2hib - ok
15:51:44.0890 2520 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:51:44.0921 2520 PlugPlay - ok
15:51:44.0937 2520 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:51:45.0046 2520 PolicyAgent - ok
15:51:45.0109 2520 Power Manager DBC Service (dd1e98d635f5e12064f3b2792b53d4ab) C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
15:51:45.0109 2520 Power Manager DBC Service ( UnsignedFile.Multi.Generic ) - warning
15:51:45.0109 2520 Power Manager DBC Service - detected UnsignedFile.Multi.Generic (1)
15:51:45.0140 2520 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:51:45.0265 2520 PptpMiniport - ok
15:51:45.0296 2520 PROCDD (1d80309fed4babf8ea9e7b84a394348b) C:\WINDOWS\system32\DRIVERS\PROCDD.SYS
15:51:45.0312 2520 PROCDD - ok
15:51:45.0312 2520 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:51:45.0421 2520 ProtectedStorage - ok
15:51:45.0421 2520 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:51:45.0531 2520 PSched - ok
15:51:45.0546 2520 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:51:45.0671 2520 Ptilink - ok
15:51:45.0718 2520 PwmEWSvc (3409ce13565b76790cfe13f00ad8c67d) C:\Programme\ThinkPad\Utilities\PWMEWSVC.exe
15:51:45.0734 2520 PwmEWSvc - ok
15:51:45.0734 2520 ql1080 - ok
15:51:45.0734 2520 Ql10wnt - ok
15:51:45.0750 2520 ql12160 - ok
15:51:45.0750 2520 ql1240 - ok
15:51:45.0750 2520 ql1280 - ok
15:51:45.0765 2520 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:51:45.0890 2520 RasAcd - ok
15:51:45.0921 2520 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
15:51:46.0031 2520 RasAuto - ok
15:51:46.0062 2520 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:51:46.0187 2520 Rasl2tp - ok
15:51:46.0218 2520 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
15:51:46.0343 2520 RasMan - ok
15:51:46.0343 2520 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:51:46.0468 2520 RasPppoe - ok
15:51:46.0500 2520 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:51:46.0625 2520 Raspti - ok
15:51:46.0656 2520 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:51:46.0765 2520 Rdbss - ok
15:51:46.0781 2520 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:51:46.0890 2520 RDPCDD - ok
15:51:46.0921 2520 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:51:47.0015 2520 rdpdr - ok
15:51:47.0062 2520 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
15:51:47.0125 2520 RDPWD - ok
15:51:47.0171 2520 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
15:51:47.0281 2520 RDSessMgr - ok
15:51:47.0312 2520 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:51:47.0421 2520 redbook - ok
15:51:47.0500 2520 RegSrvc (6987dc1dd7a7159752dfb1f6aabae062) C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe
15:51:47.0531 2520 RegSrvc - ok
15:51:47.0578 2520 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
15:51:47.0703 2520 RemoteAccess - ok
15:51:47.0718 2520 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
15:51:47.0843 2520 RemoteRegistry - ok
15:51:47.0875 2520 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
15:51:48.0000 2520 RpcLocator - ok
15:51:48.0062 2520 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
15:51:48.0109 2520 RpcSs - ok
15:51:48.0140 2520 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
15:51:48.0250 2520 RSVP - ok
15:51:48.0359 2520 S24EventMonitor (662973c942738d4b2fe8147e63de66b3) C:\Programme\Intel\WiFi\bin\S24EvMon.exe
15:51:48.0453 2520 S24EventMonitor - ok
15:51:48.0531 2520 s24trans (27fc71da659305e260acbda15a318399) C:\WINDOWS\system32\DRIVERS\s24trans.sys
15:51:48.0578 2520 s24trans - ok
15:51:48.0609 2520 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:51:48.0718 2520 SamSs - ok
15:51:48.0781 2520 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
15:51:48.0890 2520 SCardSvr - ok
15:51:48.0921 2520 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
15:51:49.0046 2520 Schedule - ok
15:51:49.0062 2520 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:51:49.0171 2520 Secdrv - ok
15:51:49.0203 2520 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
15:51:49.0312 2520 seclogon - ok
15:51:49.0343 2520 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
15:51:49.0453 2520 SENS - ok
15:51:49.0468 2520 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
15:51:49.0578 2520 Serial - ok
15:51:49.0609 2520 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:51:49.0703 2520 Sfloppy - ok
15:51:49.0765 2520 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
15:51:49.0890 2520 SharedAccess - ok
15:51:49.0921 2520 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:51:49.0953 2520 ShellHWDetection - ok
15:51:50.0000 2520 Shockprf (df6a84dd19d3c0858d707b5e64938d60) C:\WINDOWS\system32\DRIVERS\Apsx86.sys
15:51:50.0015 2520 Shockprf - ok
15:51:50.0015 2520 Simbad - ok
15:51:50.0109 2520 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Programme\Sony\Sony PC Companion\PCCService.exe
15:51:50.0125 2520 Sony PC Companion - ok
15:51:50.0140 2520 Sparrow - ok
15:51:50.0171 2520 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:51:50.0281 2520 splitter - ok
15:51:50.0328 2520 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:51:50.0359 2520 Spooler - ok
15:51:50.0390 2520 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
15:51:50.0500 2520 sr - ok
15:51:50.0515 2520 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
15:51:50.0625 2520 srservice - ok
15:51:50.0687 2520 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:51:50.0750 2520 Srv - ok
15:51:50.0781 2520 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
15:51:50.0890 2520 SSDPSRV - ok
15:51:50.0937 2520 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:51:50.0953 2520 ssmdrv - ok
15:51:51.0000 2520 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
15:51:51.0140 2520 stisvc - ok
15:51:51.0187 2520 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:51:51.0296 2520 swenum - ok
15:51:51.0343 2520 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:51:51.0437 2520 swmidi - ok
15:51:51.0437 2520 SwPrv - ok
15:51:51.0453 2520 symc810 - ok
15:51:51.0453 2520 symc8xx - ok
15:51:51.0453 2520 sym_hi - ok
15:51:51.0453 2520 sym_u3 - ok
15:51:51.0562 2520 SynTP (d73b0d08effcf0349680f32282b4d6f0) C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:51:51.0625 2520 SynTP - ok
15:51:51.0671 2520 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:51:51.0781 2520 sysaudio - ok
15:51:51.0859 2520 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
15:51:51.0984 2520 SysmonLog - ok
15:51:52.0031 2520 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
15:51:52.0156 2520 TapiSrv - ok
15:51:52.0218 2520 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:51:52.0296 2520 Tcpip - ok
15:51:52.0328 2520 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:51:52.0453 2520 TDPIPE - ok
15:51:52.0468 2520 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:51:52.0593 2520 TDTCP - ok
15:51:52.0625 2520 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:51:52.0734 2520 TermDD - ok
15:51:52.0796 2520 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
15:51:52.0906 2520 TermService - ok
15:51:52.0953 2520 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:51:52.0968 2520 Themes - ok
15:51:53.0000 2520 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
15:51:53.0125 2520 TlntSvr - ok
15:51:53.0125 2520 TosIde - ok
15:51:53.0156 2520 TPDIGIMN (50b570e4209f6d401893720fc8ddce46) C:\WINDOWS\system32\DRIVERS\ApsHM86.sys
15:51:53.0171 2520 TPDIGIMN - ok
15:51:53.0218 2520 TPHDEXLGSVC (1f98a2433555dd854cb4e2edc819deb4) C:\WINDOWS\system32\TPHDEXLG.exe
15:51:53.0234 2520 TPHDEXLGSVC - ok
15:51:53.0265 2520 TPHKDRV (8aef2188630f5ecd79ad9abba630630b) C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys
15:51:53.0296 2520 TPHKDRV - ok
15:51:53.0375 2520 TPHKLOAD (88d609bfdeb7e013e9e491434190ba43) C:\Programme\LENOVO\HOTKEY\TPHKLOAD.exe
15:51:53.0390 2520 TPHKLOAD ( UnsignedFile.Multi.Generic ) - warning
15:51:53.0390 2520 TPHKLOAD - detected UnsignedFile.Multi.Generic (1)
15:51:53.0390 2520 TPHKSVC (9e6e4a9789f76593cc5a6a5af8fc5929) C:\Programme\LENOVO\HOTKEY\TPHKSVC.exe
15:51:53.0406 2520 TPHKSVC - ok
15:51:53.0437 2520 TPPWRIF (c037817e2498d9db736e4ba355b1f4e7) C:\WINDOWS\system32\drivers\Tppwrif.sys
15:51:53.0453 2520 TPPWRIF - ok
15:51:53.0484 2520 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
15:51:53.0593 2520 TrkWks - ok
15:51:53.0625 2520 TSMAPIP (f10f36e20448a5500a5f83f67ee4aad4) C:\WINDOWS\system32\drivers\TSMAPIP.SYS
15:51:53.0640 2520 TSMAPIP ( UnsignedFile.Multi.Generic ) - warning
15:51:53.0640 2520 TSMAPIP - detected UnsignedFile.Multi.Generic (1)
15:51:53.0687 2520 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:51:53.0796 2520 Udfs - ok
15:51:53.0812 2520 ultra - ok
15:51:53.0859 2520 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:51:54.0000 2520 Update - ok
15:51:54.0031 2520 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
15:51:54.0156 2520 upnphost - ok
15:51:54.0187 2520 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
15:51:54.0296 2520 UPS - ok
15:51:54.0328 2520 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
15:51:54.0375 2520 USBAAPL - ok
15:51:54.0406 2520 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:51:54.0531 2520 usbehci - ok
15:51:54.0578 2520 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:51:54.0687 2520 usbhub - ok
15:51:54.0718 2520 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:51:54.0828 2520 usbscan - ok
15:51:54.0859 2520 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:51:54.0984 2520 USBSTOR - ok
15:51:55.0031 2520 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:51:55.0156 2520 usbuhci - ok
15:51:55.0187 2520 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:51:55.0296 2520 VgaSave - ok
15:51:55.0296 2520 ViaIde - ok
15:51:55.0343 2520 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
15:51:55.0453 2520 VolSnap - ok
15:51:55.0500 2520 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
15:51:55.0640 2520 VSS - ok
15:51:55.0671 2520 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
15:51:55.0796 2520 W32Time - ok
15:51:55.0812 2520 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:51:55.0921 2520 Wanarp - ok
15:51:55.0984 2520 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
15:51:56.0000 2520 Wdf01000 - ok
15:51:56.0015 2520 WDICA - ok
15:51:56.0062 2520 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:51:56.0171 2520 wdmaud - ok
15:51:56.0218 2520 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
15:51:56.0328 2520 WebClient - ok
15:51:56.0406 2520 winachsf (307d248f97835b6879bdd361086924fe) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:51:56.0515 2520 winachsf - ok
15:51:56.0593 2520 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:51:56.0703 2520 winmgmt - ok
15:51:56.0734 2520 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:51:56.0765 2520 WmdmPmSN - ok
15:51:56.0828 2520 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
15:51:56.0906 2520 Wmi - ok
15:51:56.0953 2520 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:51:57.0062 2520 WmiApSrv - ok
15:51:57.0093 2520 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
15:51:57.0234 2520 wuauserv - ok
15:51:57.0312 2520 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:51:57.0343 2520 WudfPf - ok
15:51:57.0375 2520 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:51:57.0390 2520 WudfRd - ok
15:51:57.0421 2520 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:51:57.0453 2520 WudfSvc - ok
15:51:57.0515 2520 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
15:51:57.0640 2520 WZCSVC - ok
15:51:57.0671 2520 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
15:51:57.0781 2520 xmlprov - ok
15:51:57.0812 2520 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
15:51:57.0859 2520 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
15:51:57.0859 2520 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
15:51:58.0031 2520 Boot (0x1200) (03fdd5cb582ecdc970256582356ab8cd) \Device\Harddisk0\DR0\Partition0
15:51:58.0031 2520 \Device\Harddisk0\DR0\Partition0 - ok
15:51:58.0046 2520 Boot (0x1200) (6269672d4205f1b533b1ba8c349bf5b2) \Device\Harddisk0\DR0\Partition1
15:51:58.0046 2520 \Device\Harddisk0\DR0\Partition1 - ok
15:51:58.0046 2520 ============================================================
15:51:58.0046 2520 Scan finished
15:51:58.0046 2520 ============================================================
15:51:58.0171 3180 Detected object count: 5
15:51:58.0171 3180 Actual detected object count: 5
15:52:21.0921 3180 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user
15:52:21.0921 3180 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:52:21.0921 3180 Power Manager DBC Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:52:21.0921 3180 Power Manager DBC Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:52:21.0937 3180 TPHKLOAD ( UnsignedFile.Multi.Generic ) - skipped by user
15:52:21.0937 3180 TPHKLOAD ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:52:21.0937 3180 TSMAPIP ( UnsignedFile.Multi.Generic ) - skipped by user
15:52:21.0937 3180 TSMAPIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:52:21.0937 3180 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - skipped by user
15:52:21.0937 3180 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Skip
|
|
| Themen zu TR/ATRAPS.GEN - TR/ATRAPS.Gen2 lassen sich nicht entfernen. |
| 0xc0000001, 800000cb.@, avira, bho, bonjour, branding, ccc.exe, desktop, dllhost.exe, entfernen, error, excel, festplatte, flash player, fontcache, heuristiks/extra, heuristiks/shuriken, homepage, internet, internet explorer, juli 2012, langs, logfile, microsoft office word, mom.exe, nt.dll, object, plug-in, problem, prozesse, registry, rundll, searchscopes, security, software, svchost.exe, updates, verweise, warnung, wbemess.dll, windows, windows internet |
Hybrid-Darstellung
